Our Platform

    Protect and safeguard your OT network and operations with the industry's most advanced, most capable cybersecurity platform.

    Learn More

      icon for visibility

      Asset and Network Visibility

      Discover and visualize every asset and every network connection in your OT environment.

      icon for policy enforcement

      Policy Enforcement

      Segment your network and enforce granular policies for true Zero Trust cybersecurity.

        icon-alert

        Anomaly and Threat Detection

        Identify unexpected or unauthorized activity, from Level 0 signals to cloud connections.

        icon for signal integrity

        Signal Integrity Validation

        Monitor physical process signals to detect threats and prevent system damage.

          Mission Secure Platform Overview

          Learn More

            Industries

            Keep your organization secure against cyber threats and take control of your OT network.

            View All Industries

              A Comprehensive Guide to Maritime Cybersecurity

              Learn More

                Resources

                Find helpful OT and ICS cybersecurity resources, guides, and downloads.

                View All Resources

                  eBook: A Comprehensive Guide to OT Cybersecurity

                  Read More

                    About Us

                    Our team of world-class OT, IT, and cybersecurity experts are setting the standard in OT cyber-protection.

                    Learn More

                      Cyber Risk: From a Hacker's Point of View

                      Listen Now
                        3 Min Read

                        Control | Blog Outlines Cyber Risks to Protective Relays in Power Grids

                        Written by Mission Secure News Desk

                        July 26, 2016


                        Digital Protective Relays Play Crucial Role in Power Grids & Other Industrial Applications

                        MSi Demonstrates Industry Leading Relay Easily Compromised by Cyber Attack

                        Joe Weiss, a cyber security and controls systems veteran of the power industry and MSi Advisory Board member, recently published a blog highlighting the vulnerabilities of protective relays within the electric grid. The blog appears in Control Global, a control systems industry trade publication, and features recent work conducted by MSi to address the risks to protective relays.

                        As many of you know, MSi has been working with control systems in defense and energy for several years. Since the Ukraine attacks in December, we’ve accelerated our research efforts around power industry components, placing particular emphasis on protective relays. These important physical assets play a critical role in utility operations. They also support the operations of a host of other industries that rely on power to run various processes, equipment and more.

                        Our research involves hands-on work to help us:

                        • Fully understand the fundamental systems and components of the asset;

                        • Determine potential cyber vulnerabilities;

                        • Develop and implement realistic cyber attacks within controlled test environments; and,

                        • Develop potential protective measures against cyber attacks using the MSi Secure Sentinel Platform.

                        Based on this research, MSi is developing various solutions to help shield protective relays and the operations they support from cyber attacks. Joe touches on some of our work in his blog below. We believe Joe’s insights regarding the current risks to protective relays are important for control system and security leaders in the power industry to read and fully consider. However, the information contained also applies to operations in oil and gas, chemicals, defense and a wealth of other industries that depend on safe and reliable performance.

                        We encourage you to look for us at upcoming events throughout the remainder of year, including the 2016 ICS Cyber Security Conference in October. The MSi Team will showcase the attacks we’ve identified as well as the protection measures we’ve created to shield protective relays. You can also contact us directly for a demonstration of our next generation cyber defense solutions.

                        We look forward to hearing from you soon!

                        David Drescher

                        Chief Executive Officer


                        The use of protective relays as an attack vector – the cyber vulnerability of the electric grid

                        Submitted by Joe Weiss on Fri, 07/22/2016 - 14:58

                        Protective relays are used to protect electric equipment such as motors and generators from electric faults. As an analogy, they are the circuit breakers in your house. Digital protective relays provide a higher level of reliability, more functionality, and the ability to provide direct integration into multiple devices including SCADA compared to the older mechanical protective relays. Consequently, digital protective relays are an integral part of Smart Grid, grid modernization, use of renewables, etc.

                        When a relay fails to operate as designed, major equipment damage or failure can occur with little opportunity to prevent the event because it was the protection that was compromised. Aurora was an example of using the relays as the attack vector to damage all alternating current (AC) equipment connected to the substation using those relays. Because of the importance of digital protective relays, DOE has spent large sums of money on R&D to make digital protective relays more cyber secure.

                        Mission Secure, Inc (MSI) is working with a number of control systems and devices to understand their cyber vulnerabilities in order to develop appropriate mitigation. When looking at the electric grid, MSI recognized that a weak link was the protective relays. Consequently, MSI procured a modern digital protective relay to analyze. They chose an SEL relay (in this case, the SEL751A) as SEL relays are prevalent throughout the US electric system and other industries and the SEL relays have very powerful computational capability including the ability to program the relays. The SEL 751A is a feeder protection relay that is also used for Aurora protection. While the SEL is a well-designed piece of equipment and important across the power sector and beyond, it was not designed to defend against a cyber attack. The members of the MSI attack team were neither nation-state actors nor even familiar with electric grid operations or protective relays. Yet, within a short period of time, MSI was able to take complete control of the HMI, the box, etc. MSI developed a variety of attack scenarios including locking out the operators and administrators, removing the ability to trip, removing the ability to use any of the buttons as a manual override and more. MSI did this to show how these devices, as with most all control devices, are not designed for cyber threats and can be easily compromised. MSI demonstrated these various attacks at an electric industry conference in early July. It garnered great interest from various people in the utility space.

                        Relays

                        The implications of the cyber vulnerabilities of digital protective relays have great importance for Smart Grid, grid modernization, NERC CIP, large plant electric equipment protection, and even nuclear plant safety. There will be a discussion of the ease of hacking relays and potential mitigation at the October ICS Cyber Security Conference in Atlanta. Full disclosure- I am on MSI’s Technical Advisory Board.

                        Joe Weiss

                        Interested in learning more? Send us a message.