The Buzz

DARPA Research Leads Grid Security Solutions

The U.S. electric grid is vulnerable to a cyber-attack that could take electricity offline if successful. Protecting against cyber threats requires staying ahead of technology, maintaining transparency and sharing information. The Defense Advanced Research Projects Agency (DARPA) is one government organization that has awarded several contracts to develop emerging technologies. These innovations could then be used to prevent and respond to cyber-attacks. Since DARPA is responsible for some of the world's most significant scientific and technological breakthroughs, it is crucial that President-elect Donald Trump funds the agency’s efforts. These public-private partnerships demonstrate why it is essential that the government and private sector work together to protect against such threats.

Proposals are being sought by DARPA to detect cyber-attacks on the U.S. electric grid early, and to reduce the time required for restoration of electricity in the event of a successful attack.  According to John Everett, DARPA program manager, if a cyber-attack on the nation’s power grid were to occur today, the time it would take to restore power would pose national security challenges such as hindering military mobilization and impeding force projection

DARPA has created a four year program in which automated systems would help restore power if a successful cyber-attack caused electricity to be unavailable. The program to develop technologies is called Rapid Attack Detection, Isolation and Characterization Systems (RADICS). Innovations developed as a result of RADICS could be shared with other partners such as Cyber Command, Industrial Control Systems Cyber Emergency Response Team, National Guard Cyber Protection Units, the Army Corps of Engineers and commercial cybersecurity firms to boost protection of the U.S. electric grid.

One of the most concerning aspects of cyber security are threats to industrial control systems, which run on code and are programmable. Industrial control computers provide remote control of machinery, such as opening and shutting water pipes, regulating the flow of gas, managing the production of chemicals, running data centers, powering plant turbines and commuter trains, by collecting data from electronic sensors and sending the information to users on their desktop computers. Remote control of such equipment has allowed the private sector to save money by reducing the number of workers in the field. Siemens, a leader in the automation industry, has noted that remote control devices are important to international competition.

Industrial control systems were initially built on an infrastructure immune to cyber threats, but this changed over the past two decades as information technologies and industrial control systems converged. Since industrial control systems are linked to other systems, they are exposed to cyber vulnerabilities through Internet connections. In fact, Shodan is a search engine that reveals industrial control computers, and shows how some are open to exploitation by moderately talented hackers. The most powerful industrial control architecture is supervisory control and data acquisition (SCADA). If SCADA systems in particular were to be compromised by a cyber-attack, significant physical consequences could result.

An early warning capability could prevent a cyber-attack or minimize damage effects to industrial control systems and other equipment. Because the U.S. electric grid is so large, it may be difficult to differentiate a routine power outage from an actual cyber-attack as a number of systems are likely to be in an abnormal state at any given time. RADICS aims to develop advanced anomaly-detection systems with high sensitivity and low false positive rates to make such a distinction.