Demonstration of hacking a protective relay and taking control of a motor – the grid is at risk

by Bill Fester on September 21, 2016

in DCS, PLC, Systems

From Control Global

Submitted by Joe Weiss on Thu, 09/15/2016 – 00:39


Protective relays are critical to the operation of the electric grid and the protection of large electric equipment in many industries including electric, nuclear, manufacturing, etc. Protective relays were originally electro-mechanical switches but have progressed to complex networked digital devices with enormous computing capabilities making them intelligent electronic devices (IEDs). Consequently, IEDs are now cyber vulnerable from both IT network and control system issues. In March 2007, the Idaho National Laboratory (INL) demonstrated the Aurora vulnerability by using IEDs to damage large rotating equipment, in this case a generator. The test assumed that the IEDs could be accessed. DOE has spent considerable sums of money to improve the cyber security of protective relays. However, it took less than a day for cyber security researchers (Mission Secure, Inc.-MSI) with NO power industry experience to compromise a very common industry IED – the SEL-751A (see 7/22/16 blog). The purpose of this exercise was not to single out Schweitzer but to demonstrate the generic vulnerabilities of IEDs and the lack of external security around them. Not every IED is critical but some are very critical and must be protected. A typical mid-sized utility may have hundreds or even thousands of substations and many thousands of IEDs but only a small percentage of the IEDs are protecting critical loads. These critical loads may be in transmission or distribution applications.

Previous post:

Next post: