WE ARE ALL GONNA DIE: HOW THE WEAK POINTS OF THE POWER GRID LEAVE THE UNITED STATES WITH AN UNACCEPTABLE RISK

Federal regulations aim to ensure grid reliability and harden it against outages; however, widespread outages continue. This thesis examines the spectrum of regulations to evaluate them. It outlines their structure, the regulations’ intent, and weighs them against evolving cyber and physical threats and natural disaster risks. Currently, the regulatory structure is incapable of providing uniform security. Federal standards protect only the transmission portion of the grid, leaving the distribution section vulnerable to attack due to varying regulations from state to state, or county to county. The regulations cannot adapt quickly enough to meet dynamic threats, rendering them less effective. Cyber threats can be so agile that protectors are unaware of vulnerabilities, and patching requirements are too lengthy, which increases the risk exposure. No current weather mitigation or standard is capable of protecting the grid despite regular natural disasters that cause power shutdowns. The thesis concludes that bridging these gaps requires not increasing protection standards, but redundancy. Redundancy, mirrored after the UK's infrastructure policy, is more likely to reduce failure risk through layered components and systems. Microgrids are proven effective in disasters to successfully deliver such redundancy and should be implemented across all critical infrastructure sectors.Civilian, Department of Homeland SecurityApproved for public release. Distribution is unlimited

Attributes of Big Data Analytics for Data-Driven Decision Making in Cyber-Physical Power Systems

Big data analytics is a virtually new term in power system terminology. This concept delves into the way a massive volume of data is acquired, processed, analyzed to extract insight from available data. In particular, big data analytics alludes to applications of artificial intelligence, machine learning techniques, data mining techniques, time-series forecasting methods. Decision-makers in power systems have been long plagued by incapability and weakness of classical methods in dealing with large-scale real practical cases due to the existence of thousands or millions of variables, being time-consuming, the requirement of a high computation burden, divergence of results, unjustifiable errors, and poor accuracy of the model. Big data analytics is an ongoing topic, which pinpoints how to extract insights from these large data sets. The extant article has enumerated the applications of big data analytics in future power systems through several layers from grid-scale to local-scale. Big data analytics has many applications in the areas of smart grid implementation, electricity markets, execution of collaborative operation schemes, enhancement of microgrid operation autonomy, management of electric vehicle operations in smart grids, active distribution network control, district hub system management, multi-agent energy systems, electricity theft detection, stability and security assessment by PMUs, and better exploitation of renewable energy sources. The employment of big data analytics entails some prerequisites, such as the proliferation of IoT-enabled devices, easily-accessible cloud space, blockchain, etc. This paper has comprehensively conducted an extensive review of the applications of big data analytics along with the prevailing challenges and solutions

On the assessment of cyber risks and attack surfaces in a real-time co-simulation cybersecurity testbed for inverter-based microgrids

The integration of variable distributed generations (DGs) and loads in microgrids (MGs) has made the reliance on communication systems inevitable for information exchange in both control and protection architectures to enhance the overall system reliability, resiliency and sustainability. This communication backbone in turn also exposes MGs to potential malicious cyber attacks. To study these vulnerabilities and impacts of various cyber attacks, testbeds play a crucial role in managing their complexity. This research work presents a detailed study of the development of a real-time co-simulation testbed for inverter-based MGs. It consists of a OP5700 real-time simulator, which is used to emulate both the physical and cyber layer of an AC MG in real time through HYPERSIM software; and SEL-3530 Real-Time Automation Controller (RTAC) hardware configured with ACSELERATOR RTAC SEL-5033 software. A human–machine interface (HMI) is used for local/remote monitoring and control. The creation and management of HMI is carried out in ACSELERATOR Diagram Builder SEL-5035 software. Furthermore, communication protocols such as Modbus, sampled measured values (SMVs), generic object-oriented substation event (GOOSE) and distributed network protocol 3 (DNP3) on an Ethernet-based interface were established, which map the interaction among the corresponding nodes of cyber-physical layers and also synchronizes data transmission between the systems. The testbed not only provides a real-time co-simulation environment for the validation of the control and protection algorithms but also extends to the verification of various detection and mitigation algorithms. Moreover, an attack scenario is also presented to demonstrate the ability of the testbed. Finally, challenges and future research directions are recognized and discussed

Enhancing Cyber-Resiliency of DER-based SmartGrid: A Survey

The rapid development of information and communications technology has enabled the use of digital-controlled and software-driven distributed energy resources (DERs) to improve the flexibility and efficiency of power supply, and support grid operations. However, this evolution also exposes geographically-dispersed DERs to cyber threats, including hardware and software vulnerabilities, communication issues, and personnel errors, etc. Therefore, enhancing the cyber-resiliency of DER-based smart grid - the ability to survive successful cyber intrusions - is becoming increasingly vital and has garnered significant attention from both industry and academia. In this survey, we aim to provide a systematical and comprehensive review regarding the cyber-resiliency enhancement (CRE) of DER-based smart grid. Firstly, an integrated threat modeling method is tailored for the hierarchical DER-based smart grid with special emphasis on vulnerability identification and impact analysis. Then, the defense-in-depth strategies encompassing prevention, detection, mitigation, and recovery are comprehensively surveyed, systematically classified, and rigorously compared. A CRE framework is subsequently proposed to incorporate the five key resiliency enablers. Finally, challenges and future directions are discussed in details. The overall aim of this survey is to demonstrate the development trend of CRE methods and motivate further efforts to improve the cyber-resiliency of DER-based smart grid.Comment: Submitted to IEEE Transactions on Smart Grid for Publication Consideratio

Lost at Sea: Assessment and Evaluation of Rootkit Attacks on Shipboard Microgrids

Increased dependence of the maritime industry on information and communication networks has made shipboard power systems vulnerable to stealthy cyber-attacks. One such attack variant, called rootkit, can leverage system knowledge to hide its presence and allow remotely located malware handlers to gain complete control of infected subsystems. This paper presents a comprehensive evaluation of the threat landscape imposed by such attack variants on Medium Voltage DC (MVDC) shipboard microgrids, including a discussion of their impact on the overall maritime sector in general, and provides several simulation results to demonstrate the same. It also analyzes and presents the actions of possible defense mechanisms, with specific emphasis on evasion, deception, and detection frameworks, that will help ship operators and maritime cybersecurity professionals protect their systems from such attacks.Comment: 2023 IEEE Electric Ship Technologies Symposium (ESTS

Investing in Cyber Defense: A Value-Focused Analysis of Investment Decisions for Microgrids

To mitigate disruptions to commercial power grids, and to achieve operational efficiencies by managing energy use, many organizations are fielding smaller, local, self-contained microgrids. The computer control systems that operate the microgrids create new vulnerabilities to a rapidly-escalating array of cyber attacks. This creates a tension between the need to improve energy assurance and efficiency through microgrids, and the need to protect against cyber attacks that can disrupt and damage the organization\u27s energy systems. Through a series of interviews with subject matter experts and end-users, this exploratory study surfaces the decision-makers\u27 important values in this decision space and develops a network of those values to guide decision-makers to make better decisions in balancing these competing needs

Powerhouses: A Comparative Analysis of Blockchain-Enabled Smart Microgrids

For over a century, electricity in the United States has been generated and sold mainly by centralized powerplants. Although this model of power collection and distribution has many advantages, resiliency is a growing problem. Brittle infrastructure and growing complexity have made the nation’s power grid less reliable over the past twenty years. Some technologists believe the solution is to go small. In the past five years, small communities in the United States and overseas have built “micro-grids”—networks of roof-top solar panels that store electricity in communal banks of batteries, combined with software that allows homeowners and businesses to buy and sell this electricity from one another. The designers of these systems believe that the private sale of electricity among neighbors will carry substantial benefits for the public, including the potential to make electricity more reliable, resilient, and renewable. A challenge stands in the way, however: how to effectively and securely govern electricity as a shared resource among neighbors. This symposium Article examines how well blockchain—the technology that brought the world Bitcoin—might help solve this problem by tracking electricity production and sales in a neighborhood. This Article examines this question through three case studies of blockchain-enabled microgrids in the United States, Europe, and Australia. We conclude that some types of blockchain technologies could help make the dream of a peer-to-peer energy commons a reality. Widespread adoption of this technology will require the support and cooperation of local, state, and federal regulators and lawmakers, however