Secure Distributed Dynamic State Estimation in Wide-Area Smart Grids

Smart grid is a large complex network with a myriad of vulnerabilities, usually operated in adversarial settings and regulated based on estimated system states. In this study, we propose a novel highly secure distributed dynamic state estimation mechanism for wide-area (multi-area) smart grids, composed of geographically separated subregions, each supervised by a local control center. We firstly propose a distributed state estimator assuming regular system operation, that achieves near-optimal performance based on the local Kalman filters and with the exchange of necessary information between local centers. To enhance the security, we further propose to (i) protect the network database and the network communication channels against attacks and data manipulations via a blockchain (BC)-based system design, where the BC operates on the peer-to-peer network of local centers, (ii) locally detect the measurement anomalies in real-time to eliminate their effects on the state estimation process, and (iii) detect misbehaving (hacked/faulty) local centers in real-time via a distributed trust management scheme over the network. We provide theoretical guarantees regarding the false alarm rates of the proposed detection schemes, where the false alarms can be easily controlled. Numerical studies illustrate that the proposed mechanism offers reliable state estimation under regular system operation, timely and accurate detection of anomalies, and good state recovery performance in case of anomalies

Advanced Wide-Area Monitoring System Design, Implementation, and Application

Wide-area monitoring systems (WAMSs) provide an unprecedented way to collect, store and analyze ultra-high-resolution synchrophasor measurements to improve the dynamic observability in power grids. This dissertation focuses on designing and implementing a wide-area monitoring system and a series of applications to assist grid operators with various functionalities. The contributions of this dissertation are below: First, a synchrophasor data collection system is developed to collect, store, and forward GPS-synchronized, high-resolution, rich-type, and massive-volume synchrophasor data. a distributed data storage system is developed to store the synchrophasor data. A memory-based cache system is discussed to improve the efficiency of real-time situation awareness. In addition, a synchronization system is developed to synchronize the configurations among the cloud nodes. Reliability and Fault-Tolerance of the developed system are discussed. Second, a novel lossy synchrophasor data compression approach is proposed. This section first introduces the synchrophasor data compression problem, then proposes a methodology for lossy data compression, and finally presents the evaluation results. The feasibility of the proposed approach is discussed. Third, a novel intelligent system, SynchroService, is developed to provide critical functionalities for a synchrophasor system. Functionalities including data query, event query, device management, and system authentication are discussed. Finally, the resiliency and the security of the developed system are evaluated. Fourth, a series of synchrophasor-based applications are developed to utilize the high-resolution synchrophasor data to assist power system engineers to monitor the performance of the grid as well as investigate the root cause of large power system disturbances. Lastly, a deep learning-based event detection and verification system is developed to provide accurate event detection functionality. This section introduces the data preprocessing, model design, and performance evaluation. Lastly, the implementation of the developed system is discussed

Web Operating System

computing and the area of operating system is Web Operating System (WOS). The objective of WOS is to deliver the full benefit of the World Wide Web. The WOS will support geographically distributed, highly available, incrementally scalable, and dynamically reconfiguring applications. WOS will include mechanisms for resource discovery, resource collaboration, persistent storage, remote process execution, resource management, authentication and security. This paper presents an overview of a typical WOS. It describes the WOS process, components, communication protocols, and resources. Additionally, the paper discusses all the resolved and unresolved issues and difficulties surrounding the implementation and design of WO

Web Operating System

computing and the area of operating system is Web Operating System (WOS). The objective of WOS is to deliver the full benefit of the World Wide Web. The WOS will support geographically distributed, highly available, incrementally scalable, and dynamically reconfiguring applications. WOS will include mechanisms for resource discovery, resource collaboration, persistent storage, remote process execution, resource management, authentication and security. This paper presents an overview of a typical WOS. It describes the WOS process, components, communication protocols, and resources. Additionally, the paper discusses all the resolved and unresolved issues and difficulties surrounding the implementation and design of WO

Web Operating System

computing and the area of operating system is Web Operating System (WOS). The objective of WOS is to deliver the full benefit of the World Wide Web. The WOS will support geographically distributed, highly available, incrementally scalable, and dynamically reconfiguring applications. WOS will include mechanisms for resource discovery, resource collaboration, persistent storage, remote process execution, resource management, authentication and security. This paper presents an overview of a typical WOS. It describes the WOS process, components, communication protocols, and resources. Additionally, the paper discusses all the resolved and unresolved issues and difficulties surrounding the implementation and design of WO

Area & Perimeter Surveillance in SAFEST using Sensors and the Internet of Things

International audienceSAFEST is a project aiming to provide a comprehensive solution to ensure the safety and security of the general public and critical infrastructures. The approach of the project is to design a lightweight, distributed system using heterogeneous, networked sensors, able to aggregate the input of a wide variety of signals (e.g. camera, PIR, radar, magnetic, seismic, acoustic). The project aims for a proof-of-concept demonstration focusing on a concrete scenario: crowd monitoring, area and perimeter surveillance in an airport, realized with a prototype of the system, which must be deployable and foldable overnight, and leverage autoconfiguration based on wireless communications and Internet of Things. This paper reviews the progress towards reaching this goal, which is planned for 2015

Self-organising smart grid architectures for cyber-security

PhD ThesisCurrent conventional power systems consist of large-scale centralised generation and unidirectional power flow from generation to demand. This vision for power system design is being challenged by the need to satisfy the energy trilemma, as the system is required to be sustainable, available and secure. Emerging technologies are restructuring the power system; the addition of distributed generation, energy storage and active participation of customers are changing the roles and requirements of the distribution network. Increased controllability and monitoring requirements combined with an increase in controllable technologies has played a pivotal role in the transition towards smart grids. The smart grid concept features a large amount of sensing and monitoring equipment sharing large volumes of information. This increased reliance on the ICT infrastructure, raises the importance of cyber-security due to the number of vulnerabilities which can be exploited by an adversary. The aim of this research was to address the issue of cyber-security within a smart grid context through the application of self-organising communication architectures. The work examined the relevance and potential for self-organisation when performing voltage control in the presence of a denial of service attack event. The devised self-organising architecture used techniques adapted from a range of research domains including underwater sensor networks, wireless communications and smart-vehicle tracking applications. These components were redesigned for a smart grid application and supported by the development of a fuzzy based decision making engine. A multi-agent system was selected as the source platform for delivering the self-organising architecture The application of self-organisation for cyber-security within a smart grid context is a novel research area and one which presents a wide range of potential benefits for a future power system. The results indicated that the developed self-organising architecture was able to avoid control deterioration during an attack event involving up to 24% of the customer population. Furthermore, the system also reduces the communication load on the agents involved in the architecture and demonstrated wider reaching benefits beyond performing voltage control

Tennison: A Distributed SDN Framework for Scalable Network Security

Despite the relative maturity of the Internet, the computer networks of today are still susceptible to attack. The necessary distributed nature of networks for wide area connectivity has traditionally led to high cost and complexity in designing and implementing secure networks. With the introduction of software-defined networks (SDNs) and network functions virtualization, there are opportunities for efficient network threat detection and protection. SDN's global view provides a means of monitoring and defense across the entire network. However, current SDN-based security systems are limited by a centralized framework that introduces significant control plane overhead, leading to the saturation of vital control links. In this paper, we introduce TENNISON, a novel distributed SDN security framework that combines the efficiency of SDN control and monitoring with the resilience and scalability of a distributed system. TENNISON offers effective and proportionate monitoring and remediation, compatibility with widely available networking hardware, support for legacy networks, and a modular and extensible distributed design. We demonstrate the effectiveness and capabilities of the TENNISON framework through the use of four attack scenarios. These highlight multiple levels of monitoring, rapid detection, and remediation, and provide a unique insight into the impact of multiple controllers on network attack detection at scale

A hybrid and cross-protocol architecture with semantics and syntax awareness to improve intrusion detection efficiency in Voice over IP environments

Includes abstract.Includes bibliographical references (leaves 134-140).Voice and data have been traditionally carried on different types of networks based on different technologies, namely, circuit switching and packet switching respectively. Convergence in networks enables carrying voice, video, and other data on the same packet-switched infrastructure, and provides various services related to these kinds of data in a unified way. Voice over Internet Protocol (VoIP) stands out as the standard that benefits from convergence by carrying voice calls over the packet-switched infrastructure of the Internet. Although sharing the same physical infrastructure with data networks makes convergence attractive in terms of cost and management, it also makes VoIP environments inherit all the security weaknesses of Internet Protocol (IP). In addition, VoIP networks come with their own set of security concerns. Voice traffic on converged networks is packet-switched and vulnerable to interception with the same techniques used to sniff other traffic on a Local Area Network (LAN) or Wide Area Network (WAN). Denial of Service attacks (DoS) are among the most critical threats to VoIP due to the disruption of service and loss of revenue they cause. VoIP systems are supposed to provide the same level of security provided by traditional Public Switched Telephone Networks (PSTNs), although more functionality and intelligence are distributed to the endpoints, and more protocols are involved to provide better service. A new design taking into consideration all the above factors with better techniques in Intrusion Detection are therefore needed. This thesis describes the design and implementation of a host-based Intrusion Detection System (IDS) that targets VoIP environments. Our intrusion detection system combines two types of modules for better detection capabilities, namely, a specification-based and a signaturebased module. Our specification-based module takes the specifications of VoIP applications and protocols as the detection baseline. Any deviation from the protocol’s proper behavior described by its specifications is considered anomaly. The Communicating Extended Finite State Machines model (CEFSMs) is used to trace the behavior of the protocols involved in VoIP, and to help exchange detection results among protocols in a stateful and cross-protocol manner. The signature-based module is built in part upon State Transition Analysis Techniques which are used to model and detect computer penetrations. Both detection modules allow for protocol-syntax and protocol-semantics awareness. Our intrusion detection uses the aforementioned techniques to cover the threats propagated via low-level protocols such as IP, ICMP, UDP, and TCP

An Anomaly Detection Scheme for DDoS Attack in Grid Computing

The demand for computing power and storage is increasing continuously and there are applications like scientific research and industrial need, whose computational demand even exceeds the available fastest technologies. As a result it is an economically feasible mean to look into efficiently aggregate existing distributed resources. To achieving this goal makes it possible to build a shared large scale wide-area distributed computing infrastructure, a concept which has been named the Grid computing. The primary objective of Grid computing is to support the sharing of resources and service spanning across multiple administrative domains. Due to the inherently dynamic and multi organizational nature maintaining security of both users and resources is the challenging aspect of Grid. Grid uses internet as an infrastructure to build communication, with the fusion of web services and grid technologies further increases the security concerns for their complex nature. This thesis takes a look at the vulnerability of Grid environment on denial of service attack. We found that deploying an efficient intrusion detection system to Grid can significantly improve its security and it can detect denial of service attack before it affects the victim. But due to the special characteristics and requirement of Grids, the existing traditional intrusion detection system can not work properly in that environment. The focus of this thesis is to investigate and design an anomaly detection system which can detect DoS and DDoS attack with high attack detection and low false alarm rate to achieve high performance. We have extensively surveyed the current literatures in this area; the main stress is put on feature selection for the Grid based anomaly detection system. An entropy based anomaly detection system has been proposed; also we have discussed the advantage of taking entropy as the metric. Finally the performance of the system has been analyzed using NS2 network simulator. For shake of continuity each chapter has its relevant introduction and theory. The work is also supported by list of necessary references. Attempt is made to make the thesis self-content