Blockchain technology puts paid to US energy data attacks

Researchers in the United States are employing blockchain technology to increase electric grid resilience and eliminate threats including data manipulation

Researchers at the Department of Energy’s Oak Ridge National Laboratory are using blockchain technology to track and validate communication among devices on an electric grid, the first time the tech has been used in this way.

The project is part of the ORNL-led Darknet initiative, funded by the DOE Office of Electricity, to secure the nation’s electricity infrastructure by shifting its communications to increasingly secure methods.

Cyber risks have increased with two-way communication between grid power electronics equipment and new edge devices ranging from solar panels to electric car chargers and intelligent home electronics. By providing a trust framework for communication among electrical devices, an ORNL research team led by Raymond Borges Hink has developed a framework to detect unusual activity, including data manipulation, spoofing and illicit changes to device settings. 

“This framework gives us a totally new capability to rapidly respond to anomalies,” says Borges Hink. “In the long run, we could more quickly identify an unauthorised system change, find its source and provide more trustworthy failure analysis. The goal is to limit the damage caused by a cyberattack or equipment failure.”

Blockchain allows rapid recognition and response

The approach uses a tamper-resistant blockchain to spread configuration and operational data redundantly across multiple servers. The data and equipment settings are constantly verified against a statistical baseline of normal voltage, frequency, breaker status and power quality. Equipment settings are collected at frequent intervals and compared to the last good configuration saved in the blockchain. This allows rapid recognition of when and how settings were changed, whether those changes were authorised, and what caused them.

“Our system helps determine in near real-time whether a fault was triggered by a cyberattack or induced by natural events,” says Borges Hink. “This is the first implementation of blockchain enabling this kind of data validation between a substation, a control centre and metering infrastructure.”

This kind of monitoring requires processing a vast amount of information. The blockchain uses a cryptographic method called hashing, where a mathematical computation is performed on the bulk data to represent it as numbers in the blockchain. This saves energy and reduces the space needed to store data. The blockchain processes thousands of transactions per second for each intelligent grid device, validating the contents.

Researchers demonstrated the framework in a test bed within DOE’s Grid Research Integration and Deployment Center, or GRID-C, at ORNL. Built under the leadership of ORNL’s Emilio Piesciorovsky, the advanced protection lab uses commercial-grade hardware in a closed electrical loop to mimic the architecture of a real substation. 

This provides a low-risk way to simulate cyberattacks or accidental misconfigurations. The team’s validation framework can detect both. Researchers are extending the approach to incorporate communications among renewable energy sources and multiple utilities.

Share

Featured Articles

Altered Egos: Digital twins hold up a mirror for machines

Digital doppelgangers can help the heaviest of industries save time and money with technology that twins real-world hardware with virtual counterparts

Cybersecurity response costs up in light of new cloud risks

Global businesses are paying thousands each year to meet the expanding threats against email, browsers, and emerging cloud-based channels in the enterprise

Multi-million 6G investment to build digital infrastructure

Ericsson has announced a multi-million investment to drive 6G development, from cognitive networks and artificial intelligence (AI) to energy efficiency

Outdated cybersecurity tech “betrays the trust of consumers”

Cloud & Cybersecurity

Top 10 DevSecOps tools for 2022

Cloud & Cybersecurity

Big business suffers global surge in cybersecurity attacks

Cloud & Cybersecurity