11/15/2017 August Schiess, CSL
Written by August Schiess, CSL
When there’s an active shooter attack, determining where the person with the gun is the first step in stopping the threat. The same concept applies to cyberattacks on our power grid: if you can pinpoint the location of the perpetrator accurately and quickly, you can stop the attack before significant damage occurs.
Using GPS signals to determine the location of spoofers—someone sending fake signals that disrupt the power grid—is the motivation behind PhD student Sriramya Bhamidipati and CSL Assistant Professor Grace Gao’s research. Bhamidipati and Gao won the best presentation award for this work at the 2017 ION GNSS+ conference.
Using GPS signals to locate the spoofer during an attack is a novel concept that Bhamidipati has been developing, with the goal of providing real-world solutions to timing attacks on our critical infrastructure. Their technique is unique in that it both raises an alarm to an attack and then quickly and accurately locates the spoofer in real-time.
“If there is an attack, we want to determine where the attack is coming from,” said Bhamidipati, a PhD student in aerospace engineering. “We can do that using the geometry and timing analysis of GPS signals and the satellite connection to the power grid.”
In previous work, Bhamidipati and Gao developed a method that uses multiple GPS signals to track power grid activity by recording and analyzing the timing and flow for phasor measurement units (PMUs), which regulate and control power systems. To find where spoofers are located, they took the work a step further.
If the GPS receivers detect a delay in the timing of the electricity, they can utilize the positioning of satellites orbiting Earth to find the source of the delay.
“GPS systems communicate with satellites, and spoofer signals will disrupt those signals,” said Bhamidipati. “If we can calculate the difference in distances between the GPS receivers on the ground, in relation to the satellites, we can determine the location of the spoofer.”
In case of an attack, if the timing in the power substation is off by even 1 PMU from a spoofer signal, this method will be able to use that timing difference to locate the spoofer and then take action to stop the disruption the before the difference exceeds 26 microseconds, a critical threshold in maintaining the power grid reliability.
The spoofer location can be caught in less than second, allowing for a quick response from the authorities to stop the attack so that there is no effect on the power grid operations.
GPS timing is becoming a powerful tool—it can be operated from everywhere, and can help control everything from the power grid to the stock market on Wall Street. But if there’s a tweak of even a few microseconds, it could have dire consequences.
“GPS is powerful, but civil GPS manipulation can be stealthy and relatively easy to do,” said Bhamidipati. “It’s important that we find ways to deal with the inevitable attacks to systems that use GPS.”
To help with this work, Bhamidipati and Gao used the Information Trust Institute Power Grid Lab, located in the CSL Studio. The lab is set up to simulate a real power grid, and researchers can send in malicious attacks that simulate real attackers, giving them the opportunity to find the best solution.
“We want to make the power grid as secure and resilient as possible against attackers,” said Grace Gao, CSL assistant professor of aerospace engineering. “Our work—and our ability to test it in a simulated environment—allows us to build robust techniques for timing analysis and spoofer localization.”