Impact of firmware modification attacks on power systems field devices

The coupling between cyber and physical components makes cyber-security an area of growing interest in the power industry. Sensing, communications, and intelligent control technologies are being integrated with field devices, changing the traditional structure of power systems and transforming power infrastructure into a more interactive, dynamic and controllable system. As a result, the developed smart grid environment increases the chances of being maliciously attacked. Monitoring and control decision equipment such as microprocessor-based protection relays, offer an ideal exploitation candidate for attackers. This paper presents how an adversary is able to disrupt the operation of Circuit Breakers (CBs) by injecting malicious tripping commands to the relay controller. We formulate an attack strategy by reverse engineering the firmware of an existing commercial protection relay. The impact of the developed attacks is studied on the IEEE 14 bus test case system.