Cyber-physical systems security researchers at the University of California at Irvine can disrupt the operation of a power grid with about $ 50 worth of equipment tucked away in a disposable coffee mug.
Mohammad Al Faruque, Associate Professor of Electrical Engineering and Computer Science at UCI, and his team showed in a presentation at the recent Usenix Security 2020 conference that the spoofing mechanism would change the output voltage by 32% and increase the bottom by 200% can cause -frequent harmonic power and a 250% increase in the effective power of a solar inverter.
Al Faruque's group at the UCI's Henry Samueli School of Engineering has made it a habit in recent years to find exploitable loopholes in systems that combine computer hardware and software with machines and other infrastructure. Not only are they raising awareness of these vulnerabilities, but they are also inventing new technologies that are better protected against attacks.
For this project, Al Faruque and his team used a remote spoofing device to detect electromagnetic components in many grid-tied solar inverters.
"Without touching the solar inverter, without going anywhere, I can just put a coffee mug nearby and then go and go anywhere in the world that I can destabilize the grid from," said Al Faruque. "In extreme cases, I can even cause a power failure."
Solar inverters convert the electricity collected by roof panels from direct current to alternating current for use in households and businesses. The sustainably generated electricity is often fed into microgrids and main power grids. Many inverters rely on Hall sensors, devices that measure the strength of a magnetic field and are based on a technology that originated in 1879.
It is this relatively old gizmo that makes many cyber-physical properties vulnerable to attack, said Al Faruque. In addition to solar inverters, Hall sensors can be found in cars, freight and passenger trains as well as medical devices.
The spoofing device put together by Al Faruque's team consists of an electromagnet, an Arduino Uno microprocessor and an ultrasonic sensor to measure the distance between the device and the solar inverter. A ZigBee network appliance is used to control the mechanism within a range of approximately 100 meters. However, this can be replaced by a WLAN router, which enables remote operation from anywhere in the world.
Anomadarshi Barua, Ph.D. sophomore An electrical engineering and computer science student who led the development of this technique said the components of the spoofing device are so simple and straightforward that a student could design them.
"Schools around the world are teaching children how to program an Arduino processor," he said. “Even the UCI has camps that teach this technology. However, you would need a little more advanced knowledge to figure out the control part of the system. "
Barua noted that such an attack could target a single house or an entire grid. "You could use the device to close a mall, airport, or military facility," he said.
For Al Faruque, this endeavor – supported by a smart grid security program under the Office of the President of the University of California – points to gaps in legacy technology that even seasoned experts may have overlooked. His group recently received funding from the National Science Foundation to launch a project in September that will focus on building new, safe Hall sensors that cannot be thwarted by a cleverly placed coffee cup.
Message from UCI
Comments are closed.