"How Can We Make the Electric Grid More Resilient to Cyberattacks?"
Junho Hong, Assistant Professor of Electrical and Computer Engineering at the University of Michigan-Dearborn, and his colleague Professor Wencong Su are leading a new project funded with a grant from the US Department of Energy (DOE). They are teaming up with Virginia Tech, GE, and Atlanta-based utility Southern Company. They will develop an innovative cybersecurity solution to help utilities detect and mitigate cyberattacks on substations with minimal service impact. This "minimal disruption" aspect is crucial and one of the reasons why the project poses a difficult cybersecurity challenge. When operators notice a threat with many other types of systems, they can typically shut down the system to limit further damage while deploying a solution. The solution of shutting down a power grid for a few days every time there is an attack is undesirable, which is why the researchers' system will try detecting threats in real-time and performing mitigation techniques automatically. This may keep the grid operational, with disruptions measured in minutes as opposed to days. Due to security concerns, the researchers are unable to elaborate on how their technology would accomplish this. As with many next-generation cybersecurity solutions, the plan is to deploy a Machine Learning (ML)-based threat detection system. The ML system will continuously monitor the substation's computer network, allowing it to gain an understanding of typical network activities over time. Once it has established a baseline of what "normal" is, it can spot potentially dangerous abnormal activities. If the system senses an attack, it can launch automated mitigation methods in real-time to maintain the grid's steady power flow. This article continues to discuss the new project aimed at making the power grid more resilient to cyberattacks.