Fighting back against cyber attacks

By Nick Nguyen | Evergreen reporter

With its recent commitment to participation in a five-year Department of Energy initiative, Washington State University is staying proactive in the fight against cyber-attacks.

Titled the Cyber Resilient Energy Delivery Consortium (CREDC), WSU will work toward improving the resilience and security of networks that monitor and control energy delivery systems across the U.S.

“WSU’s focus in the CREDC project is electrical, for the power grid,” said Carl Hauser, associate professor at the School of Electrical Engineering and Computer Science.

A far cry from the way old systems operated, modern energy delivery systems use smart meters to control the flow of gas and oil. These meters, which regulate pressure and delivery, are vulnerable to errors, and are part of the focus of the CREDC.

“Of the reported incidents of 2014, 80 of them (one-quarter of the total incidents) were related to energy delivery,” said Hauser, citing a publication from the U.S. Department of Homeland Security.

The project seeks to make these systems more secure by keeping the data confidential and uncorrupted, and more resilient to attacks that would seek to damage the systems.

WSU has previously and continuously participated in projects like the CREDC on smaller scales as a result of these concerns. Beginning with the Trustworthy Cyber Infrastructure for the Power Grid projects (TCIP and TCIPG), WSU has contributed to cybersecurity research since 2005, with the CREDC project being the most recent iteration of the research.

Anurag K. Srivastava, assistant professor at the School of Electrical Engineering and Computer Science, is the lead for the SmartGrid technology portion of the project.

“The SmartGrid increases the efficiency and response times for the current power grid by adding technologies, such as communications and monitoring systems, to the current grid,” Srivastava said. “The vulnerabilities of this system are the main concern, which is where CREDC comes in.”

Srivastava’s role in the project is to address security solutions and to troubleshoot how these solutions would impact the power grid.

CREDC will focus on techniques designed for meters and systems protection, risk assessment, and the impact of technologies like cloud computing that could disrupt these systems.

In addition to the technical specifications, the project will look into the practical aspects of cybersecurity, including the costs and long-term goals and investments that will come into effect with the implementation of these technologies.

“Society has come to rely heavily on the power grid, it’s central to our way of life. CREDC’s main goal, ultimately, is to keep the lights on. How different would society be if we couldn’t rely on electricity to consistently function?” Hauser said. “That is the long term goal of the CREDC project, and projects like it. Society as we know it depends on the power grid, and if cybersecurity incidents disrupt our ability to manage that, then it presents a very real problem.”