Name
Title | ||
|---|---|---|
Grid Shock: Coordinated Load-Changing Attacks on Power Grids: The Non-Smart Power Grid is Vulnerable to Cyber Attacks as Well. |
Abstract | ||
|---|---|---|
Electric power grids are among the largest human-made control structures and are considered as critical infrastructure due to their importance for daily life. When operating a power grid, providers have to continuously maintain a balance between supply (i.e., production in power plants) and demand (i.e., power consumption) to keep the power grid's nominal frequency of 50 Hz or alternatively 60 Hz. Power consumption is forecast by elaborated models including multiple parameters like weather, season, and time of the day; they are based on the premise of many small consumers averaging out their energy consumption spikes. In this paper, we develop attacks violating this assumption, investigate their impact on power grid operation, and assess their feasibility for today's adversaries. In our scenario, an adversary builds (or rents) a botnet of zombie computers and modulates their power consumption, e.g., by utilizing CPU, GPU, hard disks, screen brightness, and laser printers in a coordinated way over the Internet. Outperforming the grid's countervailing mechanisms in time, the grid is pushed into unstable states triggering automated load shedding or tie-line tripping. We show that an adversary does not have to rely on smart grid features to modulate power consumption given that an adequate communication infrastructure for striking the (legacy) power grid is currently nearly omnipresent: the Internet to whom more and more power-consuming devices are connected. Our simulations estimate that between 2.5 and 9.8 million infections arc sufficient to attack the European synchronous grid depending on the mix of infected devices, the current mix of active power plant types, and the current overall produced power. However, the herein described attack mechanisms are not limited to the European grid. |
Year | DOI | Venue |
|---|---|---|
2017 | 10.1145/3134600.3134639 | 33RD ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE (ACSAC 2017) |
Field | DocType | ISSN |
Electric power,Smart grid,Botnet,Computer science,Critical infrastructure,AC power,Real-time computing,Energy consumption,Grid,The Internet,Distributed computing | Conference | 1063-9527 |
Citations | PageRank | References |
1 | 0.36 | 13 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Adrian Dabrowski | 1 | 60 | 8.51 |
| Johanna Ullrich | 2 | 61 | 8.51 |
| Edgar Weippl | 3 | 20 | 10.62 |