© 2024 KLCC

KLCC
136 W 8th Ave
Eugene OR 97401
541-463-6000
klcc@klcc.org

Contact Us

FCC Applications
Play Live Radio
Next Up:
0:00
0:00
0:00 0:00
Available On Air Stations

OSU researchers: smart meters can be hacked for power grid sabotage

Electrical substation.
Brian Bull
/
KLCC
Electrical substation.

With power grids being increasingly targeted by domestic extremists in the U.S., researchers at Oregon State University are warning that a basic utility device can be corrupted.

Digital devices called “smart meters” are commonly used by utility companies. They can measure customers’ electricity data or remotely shut off power to those with unpaid bills.

But Eduardo Cotilla-Sanchez, an associate professor of electrical engineering and computer science at OSU, told KLCC that hackers can use smart meters to cause variations in demand, for what’s known as a “load oscillation attack.”

“If some bad actor essentially were able to coordinate hijacking some residential or commercial meters, they could actually propagate this cyberattack into causing some physical instabilities on the grid.”

An OSU release detailed how the study was conducted, which also involved OSU College of Engineering associate professor Jinsub Kim. Researchers used a model known as a time-domain grid protection simulator to demonstrate how causing load to vary back and forth in a regular pattern – the load oscillation attack – can compromise transmission.

Two people standing in front of research equipment. They are holding "caution tape."
Photo provided by Eduardo Cotilla-Sanchez, OSU.
Oregon State University doctorate student Thabiso Mabote (left,) and College of Engineering faculty member Eduardo Cotilla-Sanchez (right) put caution tape around a machine testbed. Machine testbeds are useful to validate machine dynamics in a time-domain simulation such as was used in the smart meter research.

“New technologies have been introduced to make our aging electricity infrastructure more efficient and more reliable,” Cotilla-Sanchez said. “At the distribution level, upgrades have included communication systems, distribution automation, local control and protection systems, and advanced metering infrastructure.

“The bad news is, the upgrades also introduce new dimensions for attacking the power grid.”

One type of attacks enabled by the new technologies involves hacking into the advanced metering infrastructure (AMI) and controlling the smart meter switches to cause load oscillations.

“Imagine calling everyone you know and saying, ‘OK, at 6 p.m. we are all going to turn the lights on,” Cotilla-Sanchez said. “Even if you got a couple thousand people to do that, it would be unlikely to cause much instability because the grid is able to absorb fairly big changes in supply and demand – for example solar panels at the end of the day do not produce electricity and we are able to anticipate and compensate for that.

“But if a person were to remotely coordinate a large number of smart meters to switch customers on and off at a particular frequency, that would be a problem.”

That type of incident would start with someone performing reconnaissance by “poking” a couple of locations in a grid and using the information gained to estimate the grid’s destabilizing oscillation frequency, he said. After determining which customer meters to turn on and off at that frequency – less than 1 Hertz or cycle per second – the attacker would be ready to launch an assault.

And comparatively speaking, an attack doesn’t need to involve that many meters.

“We juxtaposed our work with related recent grid studies and found that a well-crafted attack can cause grid instability while involving less than 2% of the system’s load,” Cotilla-Sanchez said.

Cotilla-Sanchez led the project with graduate student Falah Alanazi. He said this research is to help utilities and security officials prepare against such attacks. The research has been published in the journal, IEEE Access.

Brian Bull is an assistant professor of journalism at the University of Oregon, and remains a contributor to the KLCC news department. He began working with KLCC in June 2016.   In his 27+ years as a public media journalist, he's worked at NPR, Twin Cities Public Television, South Dakota Public Broadcasting, Wisconsin Public Radio, and ideastream in Cleveland. His reporting has netted dozens of accolades, including four national Edward R. Murrow Awards (22 regional),  the Ohio Associated Press' Best Reporter Award, Best Radio Reporter from  the Native American Journalists Association, and the PRNDI/NEFE Award for Excellence in Consumer Finance Reporting.
Related Content