Substation equipment and cyber issues
Much has been written about what did, didn’t, or could have happened with the recent Florida blackout. Any potential terrorism issues would be physical and/or cyber. Physical terrorism is generally visible and can be ruled in or out fairly quickly. Unfortunately, the same cannot be said for cyber.
There are several interesting cyber considerations in electric substations:
- It is a recognized fact that substations with remotely accessible digital relays require cyber protection that often does not exist.
- DOE national laboratory tests and demonstrations have clearly shown the vulnerability of substation relays to intentional and unintentional cyber threats.
- Relays can be remotely misconfigured without SCADA acknowledging or logging the setpoint changes.
- Misconfigured relays have shutdown equipment including nuclear plants.
- Most relays (and for that matter other control systems) do not have logging capabilities for identifying cyber events. Consequently, it is often not possible to know if relays have been electronically compromised.
- Transformers and other large substation equipment can be damaged by cyber events.
There will be a session on cyber vulnerabilities of substation devices and associated IEEE standards at the August Control System Cyber Security Conference in Chicago in August.
Joe Weiss
Leaders relevant to this article: