Smart grid architecture for rural distribution networks: application to a Spanish pilot network

This paper presents a novel architecture for rural distribution grids. This architecture is designed to modernize traditional rural networks into new Smart Grid ones. The architecture tackles innovation actions on both the power plane and the management plane of the system. In the power plane, the architecture focuses on exploiting the synergies between telecommunications and innovative technologies based on power electronics managing low scale electrical storage. In the management plane, a decentralized management system is proposed based on the addition of two new agents assisting the typical Supervisory Control And Data Acquisition (SCADA) system of distribution system operators. Altogether, the proposed architecture enables operators to use more effectively—in an automated and decentralized way—weak rural distribution systems, increasing the capability to integrate new distributed energy resources. This architecture is being implemented in a real Pilot Network located in Spain, in the frame of the European Smart Rural Grid project. The paper also includes a study case showing one of the potentialities of one of the principal technologies developed in the project and underpinning the realization of the new architecture: the so-called Intelligent Distribution Power Router.Postprint (published version

Reliability Analysis of Electric Power Systems Considering Cyber Security

The new generation of the electric power system is the modern smart grid which is essentially a cyber and physical system (CPS). Supervisory control and data acquisition (SCADA)/energy management system (EMS) is the key component of CPS, which is becoming the main target of both external and insider cyberattacks. Cybersecurity of the SCADA/EMS system is facing big challenges and influences the reliability of the electric power system. Characteristics of cyber threats will impact the system reliability. System reliability can be influenced by various cyber threats with different attack skill levels and attack paths. Additionally, the change of structure of the target system may also result in the change of the system reliability. However, very limited research is related to the reliability analysis of the electric power system considering cybersecurity issue. A large amount of mathematical methods can be used to quantify the cyber threats and simulation processes can be applied to build the reliability analysis model. For instance, to analyze the vulnerabilities of the SCADA/EMS system in the electric power system, Bayesian Networks (BNs) can be used to model the attack paths of cyberattacks on the exploited vulnerabilities. The mean time-to-compromise (MTTC) and mean time-to-failure (MTTF) based on the Common Vulnerability Scoring System (CVSS) can be applied to characterize the properties of cyberattacks. What’s more, simulation approaches like non-sequential or sequential Monte Carlo Simulation (MCS) is able to simulate the system reliability analysis and calculate the reliability indexes. In this thesis, reliability of the SCADA/EMS system in the electric power system considering different cybersecurity issues is analyzed. The Bayesian attack path models of cyberattacks on the SCADA/EMS components are built by Bayesian Networks (BNs), and cyberattacks are quantified by its mean time-to-compromise (MTTC) by applying a modified Semi-Markov Process (SMP) and MTTC models. Based on the IEEE Reliability Test System (RTS) 96, the system reliability is analyzed by calculating the electric power system reliability indexes like LOLP and EENS through MCS. What’s more, cyberattacks with different lurking strategies are considered and analyzed. According to the simulation results, it shows that the system reliability of the SCADA/EMS system in the electric power system considering cyber security is closely related to the MTTC of cyberattacks, which is influenced by the attack paths, attacking skill levels, and the complexity of the target structure. With the increase of the MTTC values of cyberattacks, LOLP values decrease, which means that the reliability of the system is better, and the system is safer. In addition, with the difficulty level of lurking strategies of cyberattacks getting higher and higher, though the LOLP values of scenarios don’t increase a lot, the EENS values of the corresponding scenarios increase dramatically, which indicates that the system reliability is more unpredictable, and the cyber security is worse. Finally, insider attacks are discussed and corresponding LOLP values and EENS values considering lurking behavior are estimated and compared. Both LOLP and EENS values dramatically increase owing to the insider attacks that result in the lower MTTCs. This indicates that insider attacks can lead to worse impact on system reliability than external cyber attacks. The results of this thesis may contribute to the establishment of perfect countermeasures against with cyber attacks on the electric power system

Cyber Security and Critical Infrastructures 2nd Volume

The second volume of the book contains the manuscripts that were accepted for publication in the MDPI Special Topic "Cyber Security and Critical Infrastructure" after a rigorous peer-review process. Authors from academia, government and industry contributed their innovative solutions, consistent with the interdisciplinary nature of cybersecurity. The book contains 16 articles, including an editorial that explains the current challenges, innovative solutions and real-world experiences that include critical infrastructure and 15 original papers that present state-of-the-art innovative solutions to attacks on critical systems

Deep Learning -Powered Computational Intelligence for Cyber-Attacks Detection and Mitigation in 5G-Enabled Electric Vehicle Charging Station

An electric vehicle charging station (EVCS) infrastructure is the backbone of transportation electrification. However, the EVCS has various cyber-attack vulnerabilities in software, hardware, supply chain, and incumbent legacy technologies such as network, communication, and control. Therefore, proactively monitoring, detecting, and defending against these attacks is very important. The state-of-the-art approaches are not agile and intelligent enough to detect, mitigate, and defend against various cyber-physical attacks in the EVCS system. To overcome these limitations, this dissertation primarily designs, develops, implements, and tests the data-driven deep learning-powered computational intelligence to detect and mitigate cyber-physical attacks at the network and physical layers of 5G-enabled EVCS infrastructure. Also, the 5G slicing application to ensure the security and service level agreement (SLA) in the EVCS ecosystem has been studied. Various cyber-attacks such as distributed denial of services (DDoS), False data injection (FDI), advanced persistent threats (APT), and ransomware attacks on the network in a standalone 5G-enabled EVCS environment have been considered. Mathematical models for the mentioned cyber-attacks have been developed. The impact of cyber-attacks on the EVCS operation has been analyzed. Various deep learning-powered intrusion detection systems have been proposed to detect attacks using local electrical and network fingerprints. Furthermore, a novel detection framework has been designed and developed to deal with ransomware threats in high-speed, high-dimensional, multimodal data and assets from eccentric stakeholders of the connected automated vehicle (CAV) ecosystem. To mitigate the adverse effects of cyber-attacks on EVCS controllers, novel data-driven digital clones based on Twin Delayed Deep Deterministic Policy Gradient (TD3) Deep Reinforcement Learning (DRL) has been developed. Also, various Bruteforce, Controller clones-based methods have been devised and tested to aid the defense and mitigation of the impact of the attacks of the EVCS operation. The performance of the proposed mitigation method has been compared with that of a benchmark Deep Deterministic Policy Gradient (DDPG)-based digital clones approach. Simulation results obtained from the Python, Matlab/Simulink, and NetSim software demonstrate that the cyber-attacks are disruptive and detrimental to the operation of EVCS. The proposed detection and mitigation methods are effective and perform better than the conventional and benchmark techniques for the 5G-enabled EVCS

Cyber Defense Remediation in Energy Delivery Systems

The integration of Information Technology (IT) and Operational Technology (OT) in Cyber-Physical Systems (CPS) has resulted in increased efficiency and facilitated real-time information acquisition, processing, and decision making. However, the increase in automation technology and the use of the internet for connecting, remote controlling, and supervising systems and facilities has also increased the likelihood of cybersecurity threats that can impact safety of humans and property. There is a need to assess cybersecurity risks in the power grid, nuclear plants, chemical factories, etc. to gain insight into the likelihood of safety hazards. Quantitative cybersecurity risk assessment will lead to informed cyber defense remediation and will ensure the presence of a mitigation plan to prevent safety hazards. In this dissertation, using Energy Delivery Systems (EDS) as a use case to contextualize a CPS, we address key research challenges in managing cyber risk for cyber defense remediation. First, we developed a platform for modeling and analyzing the effect of cyber threats and random system faults on EDS\u27s safety that could lead to catastrophic damages. We developed a data-driven attack graph and fault graph-based model to characterize the exploitability and impact of threats in EDS. We created an operational impact assessment to quantify the damages. Finally, we developed a strategic response decision capability that presents optimal mitigation actions and policies that balance the tradeoff between operational resilience (tactical risk) and strategic risk. Next, we addressed the challenge of management of tactical risk based on a prioritized cyber defense remediation plan. A prioritized cyber defense remediation plan is critical for effective risk management in EDS. Due to EDS\u27s complexity in terms of the heterogeneous nature of blending IT and OT and Industrial Control System (ICS), scale, and critical processes tasks, prioritized remediation should be applied gradually to protect critical assets. We proposed a methodology for prioritizing cyber risk remediation plans by detecting and evaluating critical EDS nodes\u27 paths. We conducted evaluation of critical nodes characteristics based on nodes\u27 architectural positions, measure of centrality based on nodes\u27 connectivity and frequency of network traffic, as well as the controlled amount of electrical power. The model also examines the relationship between cost models of budget allocation for removing vulnerabilities on critical nodes and their impact on gradual readiness. The proposed cost models were empirically validated in an existing network ICS test-bed computing nodes criticality. Two cost models were examined, and although varied, we concluded the lack of correlation between types of cost models to most damageable attack path and critical nodes readiness. Finally, we proposed a time-varying dynamical model for the cyber defense remediation in EDS. We utilize the stochastic evolutionary game model to simulate the dynamic adversary of cyber-attack-defense. We leveraged the Logit Quantal Response Dynamics (LQRD) model to quantify real-world players\u27 cognitive differences. We proposed the optimal decision making approach by calculating the stable evolutionary equilibrium and balancing defense costs and benefits. Case studies on EDS indicate that the proposed method can help the defender predict possible attack action, select the related optimal defense strategy over time, and gain the maximum defense payoffs. We also leveraged software-defined networking (SDN) in EDS for dynamical cyber defense remediation. We presented an approach to aid the selection security controls dynamically in an SDN-enabled EDS and achieve tradeoffs between providing security and Quality of Service (QoS). We modeled the security costs based on end-to-end packet delay and throughput. We proposed a non-dominated sorting based multi-objective optimization framework which can be implemented within an SDN controller to address the joint problem of optimizing between security and QoS parameters by alleviating time complexity at O(MN2). The M is the number of objective functions, and N is the population for each generation, respectively. We presented simulation results that illustrate how data availability and data integrity can be achieved while maintaining QoS constraints

Micro Smart Micro-grid and Its Cyber Security Aspects in a Port Infrastructure

Maritime ports are intensive energy areas with a plenty of electrical systems that require an average power of many tens of megawatts (MW). Competitiveness, profits, reduction of pollution, reliability of operations, carbon emission trading are important energy related considerations for any port authority. Current technology allows the deployment of a local micro-grid of the size of tenths of MW, capable of islanded operation in case of emergency and to grant an increasing energy independency. Ownership of the grid permits a large flexibility on prices of energy sold inside the port, trading on local electric market and reduction of pollution. Renewable energy generation has a large impact on costs since features a low marginal cost. Unfortunately the smart grid is a critical asset within the port infrastructure and its intelligence is a high-level target for cyberattacks. Such attacks are often based on malicious software (malware), which makes use of a controlling entity on the network to coordinate and propagate. In this document, we will outline some features of a port smart grid and typical characteristics of cyber-attacks including potential ways to recognize it and suggestion for effective countermeasures