Real-time data operations and causal security analysis for edge-cloud-based Smart Grid infrastructure

The electric power grids are one of the fundamental infrastructures of modern society and are among the most complex networks ever made. Recent development in communications, sensing and measurement techniques has completely changed the traditional electric power grid and has brought us the intelligent electric power grid known as Smart Grid. As a critical cyber-physical system (CPS), Smart Grid is an integration of physical components, sensors, actuators, control centers, and communication networks. The key to orchestrate large scale Smart Grid is to provide situational awareness of the system. And situational awareness is based on large-scale, real-time, accurate collection and analysis of the monitoring and measurement data of the system. However, it is challenging to guarantee situational awareness of Smart Grid. On the one hand, connecting a growing number of heterogeneous programmable devices together introduces new security risks and increases the attack surface of the system. On the other hand, the tremendous amount of measurements from sensors spanning a large geographical area can result in a reduction of available bandwidth and increasing network latency. Both the lack of security protection and the delayed sensor data impede the situational awareness of the system and thus limit the ability to efficiently control and protect large scale Smart Grids in time-critical scenarios. To target the aforementioned challenge, in this thesis, I propose a series of frameworks to provide and guarantee situational awareness in Smart Grid. Taking an integrated approach of edge-cloud design, real-time data operations, and causal security analysis, the proposed frameworks enhance security protection by anomaly detection and managing as well as causal reasoning of alerts, and reduce traffic volume by online data compression. Extensive experiments by real or synthetic traffic demonstrate that the proposed frameworks achieve satisfactory performance and bear great potential practical value

Electric System Vulnerabilities: a State of the Art of Defense Technologies

Vulnerability of the European electrical infrastructure appears to be growing due to several factors: - demand is always growing, and, although this growth may be forecast, it cannot be anytime easily faced; - transactions increase, following electrical system liberalisation, and this involves operating the whole infrastructure closer to the system capacity and security limits; - an increased control systems complexity, required for secure system operation, may in turn raise system vulnerability, due both to accidental faults and malicious attacks; - critical infrastructures, and the electrical system primarily, are well known to be a privileged target in warfare, as well as terrorist attacks. In recent years, both Europe and America have experienced a significant number of huge blackouts, whose frequency and impact looks progressively growing. These events had common roots in the fact that current risk assessment methodologies and current system controls appear to be no longer adequate. Beyond the growing complexity of the electrical system as a whole, two main reasons can be listed: - system analysis procedures based on these methodologies did not identify security threats emerging from failures of critical physical components; - on-line controls were not able to avoid system collapse. This report provides a state-of-the-art of the technology on both regards: - as far as risk assessment methodologies are concerned, an overview of the conceptual power system reliability framework is provided, and the current N-1 principle for risk assessment in power systems is introduced, together with off-the-shelf enforcement methodologies, like optimal power flow. Emerging methodologies for dynamic security assessment are also discussed. The power system reliability approach is compared with the global approach to dependability introduced by computer scientists, and the conceptual clashes pointed out. Ways ahead to conciliate both views are outlined. - concerning power system controls, the report overviews the existing defense plans, making specific reference to the current Italian situation. The two major recent blackout events in the American North East and Italy are analysed, and the drawbacks of the existing arrangements and the installed control systems are discussed. Emerging technologies, such as phasor measurement units and wide area protection are introduced. Their likely impact on the existing control room is discussed. Finally, potential cyber vulnerabilities of the new control systems are introduced, the role of communication standards in that context is discussed, and an overview of the current state of the art is presented.JRC.G.6-Sensors, radar technologies and cybersecurit

Scenarios for the development of smart grids in the UK: literature review

Smart grids are expected to play a central role in any transition to a low-carbon energy future, and much research is currently underway on practically every area of smart grids. However, it is evident that even basic aspects such as theoretical and operational definitions, are yet to be agreed upon and be clearly defined. Some aspects (efficient management of supply, including intermittent supply, two-way communication between the producer and user of electricity, use of IT technology to respond to and manage demand, and ensuring safe and secure electricity distribution) are more commonly accepted than others (such as smart meters) in defining what comprises a smart grid. It is clear that smart grid developments enjoy political and financial support both at UK and EU levels, and from the majority of related industries. The reasons for this vary and include the hope that smart grids will facilitate the achievement of carbon reduction targets, create new employment opportunities, and reduce costs relevant to energy generation (fewer power stations) and distribution (fewer losses and better stability). However, smart grid development depends on additional factors, beyond the energy industry. These relate to issues of public acceptability of relevant technologies and associated risks (e.g. data safety, privacy, cyber security), pricing, competition, and regulation; implying the involvement of a wide range of players such as the industry, regulators and consumers. The above constitute a complex set of variables and actors, and interactions between them. In order to best explore ways of possible deployment of smart grids, the use of scenarios is most adequate, as they can incorporate several parameters and variables into a coherent storyline. Scenarios have been previously used in the context of smart grids, but have traditionally focused on factors such as economic growth or policy evolution. Important additional socio-technical aspects of smart grids emerge from the literature review in this report and therefore need to be incorporated in our scenarios. These can be grouped into four (interlinked) main categories: supply side aspects, demand side aspects, policy and regulation, and technical aspects.

Cyber-Physical Security of Wide-Area Frequency-based Applications in Power Systems

Modern power systems are continuously developing into large and interconnected ones. However, at the same time, restructuring within the power industry and reduced investment in transmission system expansions mean that power systems are operating closer and closer to their limits, leaving them more vulnerable to fault outages than before. The aspects of protection and control within power systems have thus become increasingly important as well as complicated. Concurrently, the continuous technological development in communication and measurement has accelerated the occurrence and application of Wide-Area Monitoring, Protection and Control (WAMPAC), a new kind of advanced scheme based on wide-area measurements. The blackouts happening in North America as well as in other countries over the past few years are also providing more incentives to scientists and engineers to study wide-area protection and control systems. Communication networks in smart grids bring increased connectivity at the cost of increased security vulnerabilities and challenges. A smart grid can be a prime target for cyber terrorism because of its critical nature. As a result, smart grid security has already attracted significant attention from governments, the energy industry, and consumers, leading to several important studies. WAMPAC is the concept of using system-wide information via a centralized control center or Energy Management System (EMS) to monitor and control the whole system. Based on the situation and the required control action, the control center shares selected data with specific remote locations that are in need of the data. The utilization of system-wide information makes it easier to monitor the entire system and make better control and protection decisions by the EMS. Although the communication system is the backbone of these recent schemes, it makes them vulnerable to different types of cyber attacks. This thesis aims to investigate the problem of cyber security in frequency-related WAMPAC schemes. Two main schemes are considered as case studies: Automatic Generation Control(AGC) and Wide-Area Under-Frequency Load Shedding (WAUFLS) protection schemes. In addition, the cyber security of Power System State Estimation (PSSE), as a Wide-Area Monitoring (WAM) scheme, has been revisited. As WAMPAC schemes are so varied in their purpose and implementation, there is no general analysis to illustrate the potential impact of a cyber attack on all such schemes. However, some general types of system responses are considered in this work. First, with regard to AGC systems, a Kalman filter-based approach is proposed to detect False Data Injection (FDI) in AGC systems. Because detecting FDI and removing the compromised measurements are not enough in practical situations, the use of a simultaneous input and state estimation-based algorithm to detect and concurrently compensate for FDI attacks against the measurements of AGC systems is investigated. Throughout the use of this algorithm, the FDI attack signal is dealt with as an unknown input and its value is estimated accordingly. Then, the estimated value for the FDI is used to compensate for the effect of the attack so that the control center makes its decisions based on the corrected sensor signals, not the manipulated ones. Unlike other approaches, and as an extension to this work, the effect of AGC nonlinearities is studied during the attack time. Recurrent Neural Networks (RNN)-based approach is proposed to detect FDI during a time where any of the nonlinearities is affecting the system. The RNN-based approach is used to classify and identify the attacks according to their behavior. Second, with regard to WAUFLS protection schemes, this thesis investigates the problem of cyber attacks on WAUFLS. This is followed by a detailed analysis showing that an adversary can launch an FDI attack against existing WAUFLS schemes in three different ways depending on they access level to system data, which may lead to equipment damage and/or system-wide blackout. To address this issue, a new mitigation scheme, that is ro-bust against cyber attacks, is proposed to mitigate the effect of FDI attacks on WAUFLS. The proposed scheme depends on trusted system states to run power flow, so the power mismatch in the system is calculated. Finally, the calculated magnitude of disturbance is used to decide on the amount and locations of the load shedding. All proposed detection and mitigation methods in the thesis are tested using simulations of practical systems. In addition, sensitivity analysis is given after each method