Power grids increasingly rely on GPS to stay in sync, which makes them potentially vulnerable to attacks that broadcast false GPS signals. Now researchers have developed algorithms they say could help defend against such assaults, even if a third of a power grid's GPS signals were disrupted.
In order to deal with potentially damaging fluctuations, a power grid operator needs to know what the voltages and currents are at specific points in time, and at widely dispersed points along the grid. For instance, summer temperatures can influence how many of a city's residents turn their air conditioners on or off, generating disturbances that propagate along the power grid and across the continent. Other power stations can attempt to counteract these changes by generating more or less power.
To make the high-precision, high-resolution measurements they need in order to control power grids, electric companies employ phasor measurement units (PMUs), devices aligned with the atomic clocks used in GPS. As power grids rely less on centralized power plants and more on rooftop solar power and other distributed sources of energy, PMUs are growing increasingly more important.
However, PMUs are vulnerable to GPS spoofing attacks, wherein a hacker would place transmitters near a station to broadcast counterfeit GPS signals, which would be picked up by the PMUs. Fooling the PMUs of one or more power stations could lead to disruptions that could cascade throughout an entire power grid.
“Spoofing GPS is very easy, with off-the-shelf hardware and software that you can download from the Internet,” says study coauthor João Hespanha, a control engineer at the University of California, Santa Barbara. “This means that compromising the measurement of a single PMU is very easy, even without having physical contact with the unit.”
It is virtually impossible to prevent a hacker from getting close enough to a node in a power grid to carry out a GPS spoofing attack. Instead, scientists investigated ways to help power grids deduce what PMU data might be real and what might be spoofed.
The researchers developed algorithms that analyzed the past data that PMUs generated. This approach not only helped the algorithms detect when discrepancies occurred that might signal a GPS spoofing attack, but also helped them estimate what data PMUs should provide.
“Essentially, we try to make sure the network of PMUs exhibits a behavior that is consistent across time and across sensors,” Hespanha says. “We actually do not require a single PMU to be perfectly consistent across time, but a group of PMUs must exhibit a consistent behavior across time.”
In addition, the researchers noted their strategy does not need extra hardware to recognize such attacks. In contrast, many existing strategies to detect GPS spoofing require electronics such as dedicated GPS receivers, “which makes their large-scale practical application extremely costly and difficult,” says study lead author Yongqiang Wang at Clemson University, in South Carolina.
In computer simulations of power grids, the scientists found their algorithms could detect GPS spoofing attacks and help power grids run even if these attacks compromised up to a third of their nodes.
“Even if a significant number of PMUs become compromised, it is still possible to monitor oscillations in power networks reliably,” Hespanha says. “The trick is to check for consistency across the whole network of PMUs.”
One next step for this research is to develop control systems that can defend against GPS spoofing attacks in a more agile manner, Hespanha says. All in all, the researchers suggested their approach could one day help lead to autonomous distributed power grids.
The scientists detailed their findings in the July issue of IEEE Transactions on Instrumentation and Measurement.