An IoT realization in an interdepartmental real time simulation lab for distribution system control and management studies

Modern electric distribution systems with emerging operation methods and advanced metering systems bring new challenges to the system analysis, control and management. Interdependency of cyber and physical layers and interoperability of various control and management strategies require wide and accurate test and analysis before field implementation. Real-time simulation is known as a precise and reliable method to support new system/device development from initial design to implementation. However, for the study of different application algorithms, considering the various expertise requirements, the interconnection of multiple development laboratories to a real-time simulation lab, which constitutes the core of an interdepartmental real-time simulation platform, is needed. This paper presents the implemented architecture of such an integrated lab, which serves real-time simulations to different application fields within electric distribution system domain. The architecture is an implementation of an Internet-of-Things to facilitate software in-the-loop (SIL) and hardware in-the-loop (HIL) tests. A demo of the proposed architecture is presented, applied to the testing of a fault location algorithm in a portion of a realistic distribution system model. The implemented platform is flexible to integrate different algorithms in a plug-and-play fashion through a designed communication interface

Protecting the power grid: strategies against distributed controller compromise

The electric power grid is a complex, interconnected cyber-physical system comprised of collaborating elements for monitoring and control. Distributed controllers play a prominent role in deploying this cohesive execution and are ubiquitous in the grid. As global information is shared and acted upon, faster response to system changes is achieved. However, failure or malfunction of a few or even one distributed controller in the entire system can cause cascading, detrimental effects. In the worst case, widespread blackouts can result, as exemplified by several historic cases. Furthermore, if controllers are maliciously compromised by an adversary, they can be manipulated to drive the power system to an unsafe state. Due to the shift from proprietary control protocols to popular, accessible network protocols and other modernization factors, the power system is extremely vulnerable to cyber attacks. Cyber attacks against the grid have increased significantly in recent years and can cause severe, physical consequences. Attack vectors for distributed controllers range from execution of malicious commands that can cause sensitive equipment damage to forced system topology changes creating instability. These vulnerabilities and risks need to be fully understood, and greater technical capabilities are necessary to create resilient and dynamic defenses. Proactive strategies must be developed to protect the power grid from distributed controller compromise or failure. This research investigates the role distributed controllers play in the grid and how their loss or compromise impacts the system. Specifically, an analytic method based on controllability analysis is derived using clustering and factorization techniques on controller sensitivities. In this manner, insight into the control support groups and sets of critical, essential, and redundant controllers for distributed controllers in the power system is achieved. Subsequently, we introduce proactive strategies that utilize these roles and grouping results for responding to controller compromise using the remaining set. These actions can be taken immediately to reduce system stress and mitigate compromise consequences as the compromise itself is investigated and eliminated by appropriate security mechanisms. These strategies are demonstrated with several compromise scenarios, and an overall framework is presented. Additionally, the controller role and group insights are applied to aid in developing an analytic corrective control selection for fast and automated remedial action scheme (RAS) design. Techniques to aid the verification of control commands and the detection of abnormal control action behavior are also presented. In particular, an augmented DC power flow algorithm using real-time measurements is developed that obtains both faster speed and higher accuracy than existing linear methods. For detecting abnormal behavior, a generator control action classification framework is presented that leverages known power system behaviors to enhance the use of data mining tools. Finally, the importance of incorporating power system knowledge into machine learning applications is emphasized with a study that improves power system neural network construction using modal analysis. This dissertation details these methodologies and their roles in realizing a more cohesive and resilient power system in the increasingly cyber-physical world

From Security Enforcement to Supervisory Control in Discrete Event Systems: Qualitative and Quantitative Analyses

Cyber-physical systems are technological systems that involve physical components that are monitored and controlled by multiple computational units that exchange information through a communication network. Examples of cyber-physical systems arise in transportation, power, smart manufacturing, and other classes of systems that have a large degree of automation. Analysis and control of cyber-physical systems is an active area of research. The increasing demands for safety, security and performance improvement of cyber-physical systems put stringent constraints on their design and necessitate the use of formal model-based methods to synthesize control strategies that provably enforce required properties. This dissertation focuses on the higher level control logic in cyber-physical systems using the framework of discrete event systems. It tackles two classes of problems for discrete event systems. The first class of problems is related to system security. This problem is formulated in terms of the information flow property of opacity. In this part of the dissertation, an interface-based approach called insertion/edit function is developed to enforce opacity under the potential inference of malicious intruders that may or may not know the implementation of the insertion/edit function. The focus is the synthesis of insertion/edit functions that solve the opacity enforcement problem in the framework of qualitative and quantitative games on finite graphs. The second problem treated in the dissertation is that of performance optimization in the context of supervisory control under partial observation. This problem is transformed to a two-player quantitative game and an information structure where the game is played is constructed. A novel approach to synthesize supervisors by solving the game is developed. The main contributions of this dissertation are grouped into the following five categories. (i) The transformation of the formulated opacity enforcement and supervisory control problems to games on finite graphs provides a systematic way of performing worst case analysis in design of discrete event systems. (ii) These games have state spaces that are as compact as possible using the notion of information states in each corresponding problem. (iii) A formal model-based approach is employed in the entire dissertation, which results in provably correct solutions. (iv) The approaches developed in this dissertation reveal the interconnection between control theory and formal methods. (v) The results in this dissertation are applicable to many types of cyber-physical systems with security-critical and performance-aware requirements.PHDElectrical and Computer EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttps://deepblue.lib.umich.edu/bitstream/2027.42/150002/1/jiyiding_1.pd

Game Theory Meets Network Security: A Tutorial at ACM CCS

The increasingly pervasive connectivity of today's information systems brings up new challenges to security. Traditional security has accomplished a long way toward protecting well-defined goals such as confidentiality, integrity, availability, and authenticity. However, with the growing sophistication of the attacks and the complexity of the system, the protection using traditional methods could be cost-prohibitive. A new perspective and a new theoretical foundation are needed to understand security from a strategic and decision-making perspective. Game theory provides a natural framework to capture the adversarial and defensive interactions between an attacker and a defender. It provides a quantitative assessment of security, prediction of security outcomes, and a mechanism design tool that can enable security-by-design and reverse the attacker's advantage. This tutorial provides an overview of diverse methodologies from game theory that includes games of incomplete information, dynamic games, mechanism design theory to offer a modern theoretic underpinning of a science of cybersecurity. The tutorial will also discuss open problems and research challenges that the CCS community can address and contribute with an objective to build a multidisciplinary bridge between cybersecurity, economics, game and decision theory

Methodology for Designing Decision Support Systems for Visualising and Mitigating Supply Chain Cyber Risk from IoT Technologies

This paper proposes a methodology for designing decision support systems for visualising and mitigating the Internet of Things cyber risks. Digital technologies present new cyber risk in the supply chain which are often not visible to companies participating in the supply chains. This study investigates how the Internet of Things cyber risks can be visualised and mitigated in the process of designing business and supply chain strategies. The emerging DSS methodology present new findings on how digital technologies affect business and supply chain systems. Through epistemological analysis, the article derives with a decision support system for visualising supply chain cyber risk from Internet of Things digital technologies. Such methods do not exist at present and this represents the first attempt to devise a decision support system that would enable practitioners to develop a step by step process for visualising, assessing and mitigating the emerging cyber risk from IoT technologies on shared infrastructure in legacy supply chain systems