Power grids are very large, so it is difficult to secure each point of the network and establish a trusted relationship between each device. In order to be able to track events as they are happening, monitoring solutions are used. However, an attacker can compromise the system and send false information, which has already happened before (in Ukraine). A team of researchers at Georgia Tech has developed a new radio frequency-based monitoring technique to verify the authenticity of information from the power station. The solution is called RFDIDS, for Radio Frequency-based Distributed Intrusion Detection System.
To do so, they use physical phenomena taking place at the station, specifically by capturing the radio frequencies produced by the devices via a dedicated antenna. Those signals are then authenticated using lightning bolts:
- On average, lightning strikes forty times per second worldwide
- Each bolt creates a very low-frequency signal
- It is possible to observe that signal a great distance away from where it was emitted. For instance, the researchers explain that from the United States, they can observe the signals of lightning bolts in South America
- The bolts are recorded by more than 70,000 stations in the United States, and there are also international bases that log them
- The data collected using the antenna is analyzed to identify the lightning signals
- If any discrepancy with the lightning databases is detected, this may mean that an attack is underway
For now, the method has only been used and tested in the energy industry, but it could be applied to other fields, such as railroads to verify that a train is running.