SBIR-STTR Award

Cyber hacking of critical infrastructure is a concern for our national security, especially in the power/electric utility sector where utilities loose $13.2M per attack. Given the vulnerabilities within the value-chain of electric delivery, the distribution network is an enormous blind-spot and highly susceptible to cyber intrusion. This project looks to address this issue, as sought by the DoE, by investigating effective tools and methodologies that can detect cyber intrusion within a utility’s critical distribution assets. This investigation will determine whether using low-cost grid edge devices are effective in detecting cyber intrusion. Work will be completed to develop specific algorithms through research in signature and metric analysis using current/load flow data from grid edge devices. These algorithms will be programed into the grid edge devices to detect abnormal grid behavior on the edge of the network at a utility field test site. The investigation will first explore/learn normal “distribution load signatures” using advanced analytics (neural networks, Kohonen self-organizing map) between grid transformers using load data acquired from grid edge sensors. Next, distance metrics (Euclidian distance, Pearson correlation coefficients) will be implemented to quantize the “deviation from normal”. Ultimately, these ‘signature distance’ algorithms and ‘normal signature’ patterns will be loaded into the grid edge devices to provide “Cyber Security Detection at the Edge of the Grid”. By moving these calculations close to the actual grid edge devices, the ability to rapidly detect abnormal energy flows. This approach will be tested in a real-world field demonstration with a large investor owned utility (IOU). There is a strong belief that commercial opportunities will be potentially viable on the software side. Initially, it is believed that the developed algorithms utilized by grid edge devices can be created in an automated fashion (through potential back-end software) and pushed (over-the-air) to the millions of grid edge devices (mini-PMU’s, FCI’s, etc.) being installed on the network of grid operators. Such a software would allow for complete automation of these tailored algorithms being pushed to their respective devices, which would allow for ‘Cyber Security at the Edge of the Grid’. This potential software could be further investigated and pursued commercially through a Phase II application. The electrical grid is exposed to hackers looking to do harm on the network and since utilities don’t have systems that constantly monitor for compromised systems until it’s too late, the costs are significant to utilities and the general public. The project serves as a means to better monitor electrical networks from the edge of the grid and provide better tools that can limit the downside of compromised systems. The plan would be to immediately begin the investigation in July. The first (2) months would be used to gather data from our partner utilities. The next (2) months would be used to create tailored algorithms. The following (2) months would be used to program the sensors with the algorithms and perform lab testing. The final (3) months would be used to install the devices at a live utility site and capture the results and determine effectiveness of the approach in enhancing grid security. The results will then be shar