Reliability Evaluation and Defense Strategy Development for Cyber-physical Power Systems

With the smart grid initiatives in recent years, the electric power grid is rapidly evolving into a complicated and interconnected cyber-physical system. Unfortunately, the wide deployment of cutting-edge communication, control and computer technologies in the power system, as well as the increasing terrorism activities, make the power system at great risk of attacks from both cyber and physical domains. It is pressing and meaningful to investigate the plausible attack scenarios and develop efficient methods for defending the power system against them. To defend the power grid, it is critical to first study how the attacks could happen and affect the power system, which are the basis for the defense strategy development. Thus, this dissertation quantifies the influence of several typical attacks on power system reliability. Specifically, three representative attack are considered, i.e., intrusion against substations, regional LR attack, and coordinated attacks. For the intrusion against substations, the occurrence frequency of the attack events is modeled based on statistical data and human dynamics; game-theoretical approaches are adopted to model induvial and consecutive attack cases; Monte Carlo simulation is deployed to obtain the desired reliability indices, which incorporates both the attacks and the random failures. For the false data injection attack, a practical regional load redistribution (LR) attack strategy is proposed; the man-in-the-middle (MITM) intrusion process is modeled with a semi-Markov process method; the reliability indices are obtained based on the regional LR attack strategy and the MITM intrusion process using Monte Carlo simulation. For the coordinated attacks, a few typical coordination strategies are proposed considering attacking the current-carrying elements as well as attacking the measurements; a bilevel optimization method is applied to develop the optimal coordination strategy. Further, efficient and effective defense strategies are proposed from the perspectives of power system operation strategy and identification of critical elements. Specially, a robustness-oriented power grid operation strategy is proposed considering the element random failures and the risk of man-made attacks. Using this operation strategy, the power system operation is robust, and can minimize the load loss in case of malicious man-made attacks. Also, a multiple-attack-scenario (MAS) defender-attack-defender model is proposed to identify the critical branches that should be defended when an attack is anticipated but the defender has uncertainty about the capability of the attacker. If those identified critical branches are protected, the expected load loss will be minimal

Evaluación de la vulnerabilidad de sistemas eléctricos por medio de programación multinivel: una revisión bibliográfica

Vulnerability studies can identify critical elements in electric power systems in order to take protective measures against possible scenarios that may result in load shedding, which can be caused by natural events or deliberate attacks. This article is a literature review on the latter kind, i.e., the interdiction problem, which assumes there is a disruptive agent whose objective is to maximize the damage to the system, while the network operator acts as a defensive agent. The non-simultaneous interaction of these two agents creates a multilevel optimization problem, and the literature has reported several interdiction models and solution methods to address it. The main contribution of this paper is presenting the considerations that should be taken into account to analyze, model, and solve the interdiction problem, including the most common solution techniques, applied methodologies, and future studies. This literature review found that most research in this area is focused on the analysis of transmission systems considering linear approximations of the network, and a few interdiction studies use an AC model of the network or directly treat distribution networks from a multilevel standpoint. Future challenges in this field include modeling and incorporating new defense options for the network operator, such as distributed generation, demand response, and the topological reconfiguration of the system.f the system.Los estudios de vulnerabilidad pueden identificar elementos críticos en los sistemas de distribución de potencia eléctrica con el fin de tomar medidas de protección contra posibles escenarios que pueden resultar en desconexión de carga (también llamado deslastre de carga), que puede ser ocasionada por eventos naturales o ataques deliberados. Este artículo es una reseña bibliográfica sobre el segundo tipo de casos, es decir, los del problema de interdicción, en el que se asume la existencia de un agente disruptivo cuyo objetivo es maximizar los daños ocasionados al sistema mientras el operador de red actúa como agente de defensa del mismo. La interacción no simultánea de estos dos agentes crea un problema de optimización multinivel y en la bibliografía se reportan varios modelos de interdicción y soluciones para abordar el problema. La contribución principal de este artículo es la presentación de consideraciones que deben tomarse en cuenta para analizar, modelar y resolver el problema de la interdicción, incluyendo las soluciones, métodos y técnicas más comunes para solucionarlo, así como futuros estudios al respecto. Esta revisión encontró que la mayoría de la investigación en el tema se enfoca en el análisis de los sistemas de transmisión, considerando las aproximaciones lineales de la red; algunos estudios en interdicción usan un modelo AC de la red o tratan las redes de distribución directamente desde un enfoque multinivel. Algunos retos en este campo son el modelado y la inclusión de nuevas opciones de defensa para el operador de la red, como la generación distribuida, la respuesta a la demanda y la reconfiguración topológica del sistema.&nbsp

Un modelo Binivel de Ataque-Defensa para mejorar la resiliencia de los sistemas de potencia con generación distribuida

Electric transmission and distribution systems are subject not only to natural occurring outages but also to intentional attacks. These lasts performed by malicious agents that aim at maximizing the load shedding of the system. Intentional attacks are counteracted by the reaction of the system operator which deploys strategies to minimize the damage caused by such attacks. This paper presents a bilevel modeling approach for enhancing resilience of power systems with high participation of distributed generation (DG). The model describes the interaction of a disruptive agent that aims at maximizing damage to a power system and the system operator that resorts to different strategies to minimize system damage. The proposed mixed integer nonlinear programming model is solved with a hybrid genetic algorithm. Results are presented on a benchmark power system showing the optimal responses of the system operator for a set of deliberate attacks. It was observed that the higher the participation of DG the lower the impact of the attacks was. The presence of DG also influenced the optimal strategies of the attacker which in some cases deviated from optimal attack plans to suboptimal solutions. This allows concluding that the presence of DG benefits the power system in terms of less expected load shedding under intentional attacks.     Los sistemas de transmisión y distribución están sujetos no solo a fallas naturales sino también a fallas causadas por ataques intencionales. Estos últimos llevados a cabo por agentes maliciosos que tienen como objetivo maximizar el deslastre de carga del sistema. Los ataques intencionales son contrarrestados por la reacción del operador del sistema que lleva a cabo estrategias para minimizar el daño causado por los ataques. Este artículo presenta un modelo de programación binivel para mejorar la resiliencia de los sistemas de potencia con alta participación de generación distribuida (GD). El modelo describe la interacción de un agente disruptivo que pretende maximizar el daño al sistema de potencia y el operador de red que recurre a diferentes estrategias para minimizar el daño. El modelo propuesto es no lineal entero mixto y se soluciona mediante un algoritmo genético híbrido.  Se pudo observar que a mayor participación de la GD el impacto de los ataques era menor. La presencia de GD también tuvo influencia en las estrategias del atacante, el cual, en algunos casos, se desviaba de los ataques óptimos a soluciones sub-óptimas. Lo anterior permite concluir que la presencia de GD beneficia al sistema de potencia en términos de menor deslastre de carga esperado ante ataques intencionales.     &nbsp

Un modelo Binivel de Ataque-Defensa para mejorar la resiliencia de los sistemas de potencia con generación distribuida

Electric transmission and distribution systems are subject not only to natural occurring outages but also to intentional attacks. These lasts performed by malicious agents that aim at maximizing the load shedding of the system. Intentional attacks are counteracted by the reaction of the system operator which deploys strategies to minimize the damage caused by such attacks. This paper presents a bilevel modeling approach for enhancing resilience of power systems with high participation of distributed generation (DG). The model describes the interaction of a disruptive agent that aims at maximizing damage to a power system and the system operator that resorts to different strategies to minimize system damage. The proposed mixed integer nonlinear programming model is solved with a hybrid genetic algorithm. Results are presented on a benchmark power system showing the optimal responses of the system operator for a set of deliberate attacks. It was observed that the higher the participation of DG the lower the impact of the attacks was. The presence of DG also influenced the optimal strategies of the attacker which in some cases deviated from optimal attack plans to suboptimal solutions. This allows concluding that the presence of DG benefits the power system in terms of less expected load shedding under intentional attacks.     Los sistemas de transmisión y distribución están sujetos no solo a fallas naturales sino también a fallas causadas por ataques intencionales. Estos últimos llevados a cabo por agentes maliciosos que tienen como objetivo maximizar el deslastre de carga del sistema. Los ataques intencionales son contrarrestados por la reacción del operador del sistema que lleva a cabo estrategias para minimizar el daño causado por los ataques. Este artículo presenta un modelo de programación binivel para mejorar la resiliencia de los sistemas de potencia con alta participación de generación distribuida (GD). El modelo describe la interacción de un agente disruptivo que pretende maximizar el daño al sistema de potencia y el operador de red que recurre a diferentes estrategias para minimizar el daño. El modelo propuesto es no lineal entero mixto y se soluciona mediante un algoritmo genético híbrido.  Se pudo observar que a mayor participación de la GD el impacto de los ataques era menor. La presencia de GD también tuvo influencia en las estrategias del atacante, el cual, en algunos casos, se desviaba de los ataques óptimos a soluciones sub-óptimas. Lo anterior permite concluir que la presencia de GD beneficia al sistema de potencia en términos de menor deslastre de carga esperado ante ataques intencionales.     &nbsp

Power Market Cybersecurity and Profit-targeting Cyberattacks

The COVID-19 pandemic has forced many companies and business to operate through remote platforms, which has made everyday life and everyone more digitally connected than ever before. The cybersecurity has become a bigger priority in all aspects of life. A few real-world cases have demonstrated the current capability of cyberattacks as in [1], [2], and [3]. These cases invalidate the traditional belief that cyberattacks are unable to penetrate real-world industrial systems. Beyond the physical damage, some attackers target financial arbitrage advantages brought by false data injection attacks (FDIAs) [4]. Malicious breaches into power market operations could induce catastrophic consequences on fair financial settlements and reliable transmission services. In this dissertation, an in-depth study is conducted to investigate power market cybersecurity and profit-targeting cyberattacks. In the first work, we demonstrate the importance of market-level behavior in defending cyberattacks and designing cyberattacks. A market-level defense analysis is developed to help operators identify cyberattacks, and an LMP-disguising attack strategy is developed to disguise the abnormal LMPs, which can bypass both the bad data detection and market-level detection. In the second work, we propose a comprehensive CVA model for delivering a detailed analysis of four aspects of vulnerability: highly probable cyberattack targets, devastating attack targets, risky load levels, and mitigation ability under different degrees of defense. In the third work, we identify that revenue adequacy, a fundamental power market operation criterion, has not been analyzed under the context of cybersecurity, and we explore the impact of FDIAs targeting real-time (RT) market operations on ISO revenue adequacy analytically and numerically. In the last work, we extend the power system cybersecurity analysis to multi-energy system (MES) framework. An optimally coordinated (OC-FDIA) targeting MES is proposed. Then, we show that the OC-FDIA cause much more severe damages than single-system FDIA and uncoordinated FDIAs. Further, an effective countermeasure is developed against the proposed OCFDIA based on deep learning technique (DL)