The Collaborative Defense (CODEF) research team is developing a distributed security domain layer that enables transmission and protection devices to collaboratively defend against cyber attacks in an IEC 61850 environment. As IEC 61850 is increasingly adopted for advanced substation designs, our results will be widely applicable in the sector and “future proof” in the sense of addressing current and emerging threats.
CODEF research is developing algorithms to defend against insider attacks that aim to disrupt electric power service by maliciously changing device set points, spoofing spurious power system data, or altering a device configuration, even if commands and data are compliant with respect to syntax, protocol, and targeted device. Detection is based not on conventional cyber network defense, but on devices’ collaborating and assessing correctness in the context of a physical power system state, with application of physical laws and engineering principles.
The effort has been demonstrated through a small scale prototype of ABB IEDs and computing platforms using IEC 61850 in an electrical substation.
Technology advances include:
- Cyber security layer based on electrical system domain based principles
- Smart IEDs collaboratively monitoring and blocking cyber attacks
- Substation automation computing platform with cyber attack monitoring and mitigation functions
- Distributed agreement algorithm demonstrated in simulation
- “Lightweight scan detector”: Self-defense for IEC 61850 environments
The University of Illinois team at the Information Trust Institute is supporting this effort as an academic subcontractor to the ABB US Corporate Research Center, under ship by the US Department of Energy.