Talks and Poster Presentations (with Proceedings-Entry):

A. Dabrowski, J. Ullrich, E. Weippl:
"Grid Shock: Coordinated Load-Changing Attacks on Power Grids";
Talk: Annual Computer Security Applications Conference (ACSAC), Orlando, Florida, USA; 2017-12-04 - 2017-12-08; in: "Proceedings of the 2017 Annual Computer Security Applications Conference", (2017).

English abstract:
Electric power grids are among the largest human-made control
structures and are considered as critical infrastructure due to their
importance for daily life. When operating a power grid, providers
have to continuously maintain a balance between supply (i.e., pro-
duction in power plants) and demand (i.e., power consumption) to
keep the power grid´s nominal frequency of 50 Hz or alternatively
60 Hz. Power consumption is forecast by elaborated models includ-
ing multiple parameters like weather, season, and time of the day;
they are based on the premise of many small consumers averaging
out their energy consumption spikes.
In this paper, we develop attacks violating this assumption, in-
vestigate their impact on power grid operation, and assess their
feasibility for today´s adversaries. In our scenario, an adversary
builds (or rents) a botnet of zombie computers and modulates their
power consumption, e.g., by utilizing CPU, GPU, hard disks, screen
brightness, and laser printers in a coordinated way over the In-
ternet. Outperforming the grid´s countervailing mechanisms in
time, the grid is pushed into unstable states triggering automated
load shedding or tie-line tripping. We show that an adversary does
not have to rely on smart grid features to modulate power con-
sumption given that an adequate communication infrastructure for
striking the (legacy) power grid is currently nearly omnipresent:
the Internet to whom more and more power-consuming devices
are connected.
Our simulations estimate that between 2.5 and 9.8 million in-
fections are sufficient to attack the European synchronous grid -
depending on the mix of infected devices, the current mix of active
power plant types, and the current overall produced power. How-
ever, the herein described attack mechanisms are not limited to the
European grid.

Created from the Publication Database of the Vienna University of Technology.