Evaluation of the vulnerability of phasor measurement units to GPS spoofing attacks

Abstract Results of Global Positioning System (GPS) spoofing tests against phasor measurement units (PMUs) are presented, which demonstrate that PMUs are vulnerable to spoofing attacks. A GPS spoofer can manipulate PMU time stamps by injecting a counterfeit ensemble of GPS signals into the antenna of the PMU's time reference receiver. A spoofer-induced timing error of only a few tens of microseconds causes a PMU to violate the maximum phase error allowed by the applicable standard. These and other larger errors can give automated or human power grid controllers a false perception of the state of the grid, leading to unnecessary, and possibly destabilizing, remedial control actions. To emphasize this threat, this paper shows that a particular PMU-based automatic control scheme currently implemented in Mexico whose control architecture and setpoints have been published in the open literature could be induced by a GPS spoofing attack to trip a primary generator.

[1]  Todd E. Humphreys,et al.  GPS Spoofing Detection via Dual-Receiver Correlation of Military Signals , 2013, IEEE Transactions on Aerospace and Electronic Systems.

[2]  Todd E. Humphreys,et al.  Going up against time: The power grid's vulnerability to gps spoofing attacks , 2012 .

[3]  J. A. Volpe Vulnerability Assessment of the Transportation Infrastructure Relying on the Global Positioning Syst , 2001 .

[4]  T. Humphreys,et al.  Assessing the Spoofing Threat: Development of a Portable GPS Civilian Spoofer , 2008 .

[5]  Todd E. Humphreys,et al.  Receiver-Autonomous Spoofing Detection: Experimental Results of a Multi-Antenna Receiver Defense against a Portable Civil GPS Spoofer , 2009 .

[6]  Mladen Kezunovic,et al.  Synchronized sampling and phasor measurements for relaying and control , 1994 .

[7]  J. Giri,et al.  Wanted: A more intelligent grid , 2009, IEEE Power and Energy Magazine.

[8]  Todd E. Humphreys,et al.  Characterization of Receiver Response to Spoofing Attacks , 2011 .

[9]  Todd E. Humphreys,et al.  Detection Strategy for Cryptographic GNSS Anti-Spoofing , 2013, IEEE Transactions on Aerospace and Electronic Systems.

[10]  James S. Thorp,et al.  IEEE Standard for Synchrophasors for Power Systems , 1998 .

[11]  Arun G. Phadke,et al.  Synchronized Phasor Measurements and Their Applications , 2008 .

[12]  Daniel P. Shepard,et al.  Straight Talk on Anti-Spoofing Securing the Future of PNT Disruption , 2012 .

[13]  L. Scott,et al.  Anti-Spoofing & Authenticated Signal Architectures for Civil Navigation Systems , 2003 .

[14]  Todd E. Humphreys,et al.  A Proposed Navigation Message Authentication Implementation for Civil GPS Anti-Spoofing , 2011 .

[15]  T. Humphreys STATEMENT ON THE VULNERABILITY OF CIVIL UNMANNED AERIAL VEHICLES AND OTHER SYSTEMS TO CIVIL GPS , 2012 .

[16]  A.G. Phadke,et al.  Exploring the IEEE Standard C37.118–2005 Synchrophasors for Power Systems , 2008, IEEE Transactions on Power Delivery.

[17]  Todd E. Humphreys,et al.  Practical cryptographic civil GPS signal authentication , 2011 .

[18]  Todd E. Humphreys,et al.  A Testbed for Developing and Evaluating GNSS Signal Authentication Techniques , 2014 .