In this session we will demonstrate live cyberattacks against a Schweitzer SEL-751A feeder protection relay and the related impact to end devices and operator interfaces.
While the demonstration is not meant to single out any particular vendor or piece of equipment, it will highlight the lack of cyber security built into widely deployed intelligent electronic devices (IED), how these IEDs can be attacked and the physical impact they can have when compromised.
The cyberattack demonstration will highlight a loss of control of the relay, how such loss impacts an end device like a motor and how this can all be hidden from the operator. The attacks include an adversary gaining access to the relay, taking control, locking out administrators, and changing the relay’s configuration. In addition, the attacks will be masked to leave no trace, making it difficult for an operator to trouble shoot the disruption was caused by a cyberattack, let alone prevent it from happening again.
The SEL-751A is an important piece of equipment performing many critical functions, and such attacks could be repeated across the same or different relays from different manufacturers.
