Security Experts:

Connect with us

Hi, what are you looking for?


Security Infrastructure

Department of Energy Awards Georgia Tech Contract to Detect Cyber Attacks on Utilities

Atlanta – The Department of Energy has awarded the Georgia Tech Research Institute (GTRI) $1.7 million to help detect cyber attacks on our nation’s utility companies.

Atlanta – The Department of Energy has awarded the Georgia Tech Research Institute (GTRI) $1.7 million to help detect cyber attacks on our nation’s utility companies.

“By partnering with the Georgia Tech School of Electrical and Computer Engineering’s National Electric Energy Testing, Research and Applications Center (NEETRAC) and the Strategic Energy Institute (SEI), GTRI will work together with experts in smart grid technology to develop protocols and tools to detect such attacks.

“Utilities and energy delivery systems are unique in several ways,” said GTRI researcher Seth Walters, one of the principal investigators on the project. “They provide distribution over a large geographic area and are composed of disparate components which must work together as the system’s operating state evolves. Relevant security technologies need to work within the bandwidth limitations of these systems in order to see broad adoption and they need to account for the varying security profiles of the components within these power systems.”

To detect adversarial manipulation of the power grid, the cyber security tool suite will consist of advanced modeling and simulation technologies and a network of advanced security sensors capable of acting to protect the power system in real-time on the basis of this modeling and simulation.

Georgia Tech Research Institute Security Researchers
From front to back are School of Electrical and Computer Engineering Associate Professor Raheem Beyah, Georgia Power Distinguished Professor A. P. “Sakis” Meliopoulos, National Electric Energy Research, Testing and Applications Center Research Engineer Carson Day and Georgia Tech Research Institute Research Scientist Seth Walters. (Image Credit: Georgia Tech Research Institute)

Rather than attempting to identify the source of an attack, the system will evaluate the content of information sent to the power system.

“It is impossible to predict what a clever cyber attacker can devise in the future,” said A.P. “Sakis” Meliopoulos, a Georgia Power Distinguished Professor in the School of Electrical and Computer Engineering (ECE), who is part of the team. “A command to the control and operation infrastructure of the system can be evaluated on the basis of its content and the effect on the power system.”

The system will build on past Georgia Tech research into the monitoring, protection, control and operation of electric power utilities and their automation infrastructure, as well as work on information security. Georgia Tech’s power system control and automation laboratory will be used to develop methods to detect intrusion and malicious commands before the system is field demonstrated in an actual utility environment.

“This project is particularly exciting as it integrates GTRI’s cyber security expertise, with the expertise in grid and electrical power of NEETRAC and ECE,” said SEI Executive Director Tim Lieuwen. “A key piece of our energy strategy is promoting certain signature energy areas where Georgia Tech combines unique breadth and depth into best of class capabilities – the area of electrical power is one of those, and this project further demonstrates Georgia Tech’s commitment to this space.”

You May LikeInside Georgia Tech’s ‘Titan’ Malware Intelligence System

The project will consist of three phases, which include research and development, test and validation at Georgia Tech, and technology demonstration at operational utility sites with the assistance of multiple utility company partners.

“GTRI’s expertise in systems engineering and cyber security will be a great advantage for execution on this award,” Walters said. “We also have the singular advantage in being able to collaborate with professors from Georgia Tech. The School of Electrical and Computer Engineering was instrumental in bringing emerging research ideas to the proposal narrative.” GTRI worked with Meliopoulos, ECE Associate Professor Santiago Grijalva and NEETRAC engineer Carson Day, who are experts in power grid and smart grid technology, and Raheem Beyah, an ECE associate professor and an expert in cyber security.

“My group, the Communications Assurance and Performance [CAP] Group, will work with GTRI researchers to develop, test and deploy a context-aware network-based intrusion detection system [NIDS],” Beyah said. “Working with a power grid simulator, the NIDS will have the ability to prevent network packets containing application-layer commands that render the power grid unstable from entering the network.”

A Georgia Power Distinguished Professor and SEI Associate Director, Grijalva will integrate a cyber-power co-simulator where numerous cyber-attack mechanisms can be simulated, including their effects in the physical power infrastructure. He will also develop real-time decision-making algorithms that evaluate the impact of potential cyber-induced power infrastructure malfunction.

“The proposed cybersecurity system is complex, so a disciplined approach to delivering a system of systems which embodies this complexity will be required,” Walters said. “Furthermore, as part of research and development, we will be working to ensure that the tool suite, as conceptualized by the team, remains relevant to current and emerging industry needs.”

Andrew Howard, who heads GTRI’s research on emerging threats and countermeasures, noted that this is a unique part of this proposal. “This proposal isn’t just about the research,” Howard said. “In addition to the extensive modeling and simulation, it’s also about developing a commercialization plan for other utilities to benefit.”

Source: Georgia Institute of Technology

Related Reading: Energy Sector Faces Rocky Cyber-Threat Landscape: Report

Related ReadingInside Georgia Tech’s ‘Titan’ Malware Intelligence System

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content


Identity and access governance vendor Saviynt has closed a $205 million financing round.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.


Security orchestration, automation and response (SOAR) provider Swimlane on Monday announced the launch of a security automation solution ecosystem for operational technology (OT) environments.


The White House announced on Wednesday that the Industrial Control Systems (ICS) Cybersecurity Initiative has been expanded to include the chemical sector.

Incident Response

Created and maintained by MITRE, MITRE D3FEND is a framework that provides a library of defensive cybersecurity countermeasures and technical components to help organizations...