U of T researcher leads effort to protect power utilities from quantum attacks

A researcher from the University of Toronto is leading a multidisciplinary research group that aims develop quantum-based technology solutions to defend power utilities against future cyberattacks.

With the support of a first-of-its-kind NSERC Alliance-Mitacs Accelerate grant worth $1.45 million, the group is working at the intersection of quantum, cybersecurity and critical infrastructure.

“We have to stay ahead of the game,” says group lead Deepa Kundur, professor and chair of U of T’s Edward S. Rogers Sr. department of electrical and computer engineering in the Faculty of Applied Science & Engineering. 

“Technology is always changing the threat landscape. And quantum computing, which is becoming more feasible and practical, is a powerful tool that will make our classical defences obsolete.”

Kundur’s project is a collaboration between academia, Hydro-Québec and Xanadu, one of Canada’s most successful quantum computer startups. A second team – headed by Associate Professor Atefeh Mashatan of Toronto Metropolitan University and involving quantum solution leaders Crypto4A and evolutionQ – will build a road map for the classical-to-quantum migration for power grids in preparation for a future transition.

Quantum enhancement is the next stage in the evolution of today’s smart grids, so-named because they incorporate information-communication technology (ICT) into their operations. ICT has allowed smart grids to adapt to changing conditions and electricity load, as well respond more efficiently to natural disasters in order to meet society’s increasing power needs in an intelligent, sustainable way.

“ICT and its advanced sensors generate more data than before,” says Kundur. “We transport this data to different parts of the grid to start co-ordinating information to make decisions based on synchronized information and enhanced situational awareness.”

One potential downside of a data-driven smart grid, however, is the introduction of new vulnerabilities since attackers can now target not just the physical infrastructure, but the information that flows through it.

That’s because a smart grid’s connectivity increases opportunities for access. Also, ICT adds a level of complexity that results in emergent properties that are difficult to predict and can be challenging to safeguard. And the standards and policies put in place to mitigate operational variations mean there’s a level of interoperability between working grids that hackers can use to their advantage.

While cybersecurity experts have so far incorporated layers of defences into our smart grids, Kundur warns that those safeguards are not ready for quantum technologies.

“Algorithms and cryptography that are incredibly difficult for classical computers to crack become solvable with a quantum computer,” she says. “And then other questions arise. For example, when the power utilities themselves start to use quantum sensors, is this quantum-enhanced information better for attack detection or does it give attackers an ability to hide themselves?”

The question is tough to answer when you consider that quantum sensors of this nature – and the quantum data they would generate – don’t exist yet.

“We’ll take classical data, use models to predict what quantum versions of the information would appear to be, and then perform anomaly and attack detection on it,” says Kundur.

“We’ll be experimenting with quantum machine learning for better pattern recognition to detect a cyberattack. This is a highly exploratory project.”

Even if it’s decades before manufacturers integrate quantum attack-detection algorithms in their devices, Kundur says foundational research that she and her team will carry out in the next few years is a valuable endeavour.

“Security is a process. It’s very much a dynamic interaction,” she says. “And though we can never get to 100-per-cent protection, it’s something we have to continually try to achieve.”