Georgia Tech inventors developed an air-gapped distributed intrusion detection system (ADIDS) for power system substations, where the entire SCADA system is considered untrusted. For clarification, an air-gapped system is one that is isolated from unsecured networks and is not in any way connected directly to the internet or any other system. The proposed solution is to utilize a radio receiver as a diagnostic tool to provide air-gapped, independent, and verifiable information about the radio emissions from substation components, particularly at low frequencies. At least four types of diagnostic information can be extracted from radio emissions of power system substation components. ADIDS consists of two independent algorithms; the local method, which can use all of the four diagnostics, and the remote method, which can only utilize one diagnostic tool. The nature of the encoding is infeasible to synthesize the resulting signal, making this process a one-way function. This property greatly reduces the possibility that data can be falsified, and the overall security for power grids and components increases greatly.
- Safer – provides an extra layer of security via a remotely monitored power grid diagnostic
- Power outage prevention – the impulsive signal can be detected non-invasively
- Transformer protection – detect and prevent widespread damages by monitoring the transformer current
- Power grids/ Power Systems
- Securely monitoring substation components (e.g., circuit breakers and transformers)
Securely monitoring power lines- checking for possible power theft
- Circuit breakers
- Electric Train System
- Monitoring system of electric trains for possible cyber attacks
- Any system that used in outdoor areas and generates electromagnetic signals
The power grid, as a critical cyber-physical system, is continuously being transformed into the “Smart Grid,” with the goal to monitor and track diagnostic and operational information for a more flexible and resilient system. However, the number of power outages due to cyberattacks has recently increased dramatically. There has been a significant effort in the research community, ultimately contributing to the industrial control system market of $13B, to develop effective intrusion detection systems (IDSs) to reliably detect malicious activities in power systems. However, all of these techniques require some level of trust from components on the supervisory control and data acquisition (SCADA) network; hence, they are still vulnerable to sophisticated attacks that target the SCADA system itself.