Survey on synchrophasor data quality and cybersecurity challenges, and evaluation of their interdependencies

Synchrophasor devices guarantee situation awareness for real-time monitoring and operational visibility of smart grid. With their widespread implementation, significant challenges have emerged, especially in communication, data quality and cybersecurity. The existing literature treats these challenges as separate problems, when in reality, they have a complex interplay. This paper conducts a comprehensive review of quality and cybersecurity challenges for synchrophasors, and identifies the interdependencies between them. It also summarizes different methods used to evaluate the dependency and surveys how quality checking methods can be used to detect potential cyberattacks. This paper serves as a starting point for researchers entering the fields of synchrophasor data analytics and security

Common Mechanism for Detecting Multiple DDoS Attacks

An important principle of an internet-based system is information security. Information security is a very important aspect of distributed systems and IoT (Internet of Things) based wireless systems. The attack which is more harmful to the distributed system and IoT-based wireless system is a DDoS (Distributed Denial of Service) attack since in this attack, an attacker can stop the work of all other connected devices or users to the network. For securing distributed applications, various intrusion detection mechanisms are used. But most existing mechanisms are only concentrated on one kind of DDoS attack. This paper focuses on the basic architecture of IoT systems and an overview of single intrusion detection systems. This paper presents a single detection method for different DDoS attacks on distributed systems with an IoT interface. In the future, the system will provide support for detecting and preventing different DDoS attacks in IoT-based systems

GNSS Related Threats to Power Grid Applications

As power grid environments are moving towards the smart grid vision of the future, the traditional schemes for power grid protection and control are making way for new applications. The advancements in this field have made the requirements for power grid’s time synchronization accuracy and precision considerably more demanding. So far, the signals provided by Global Navigation Satellite Systems have generally addressed the need for highly accurate and stable reference time in power grid applications. These signals however are highly susceptible to tampering as they are being transmitted. Since electrical power transmission and distribution are critical functions for any modern society, the risks and impacts affiliated with satellite-based time synchronization in power grids ought to be examined. This thesis aims to address the matter. The objective is to examine how Global Navigation Satellite Systems are utilized in the power grids, how different attacks would potentially be carried out by employing interference and disturbance to GNSS signals and receivers and how the potential threats can be mitigated. A major part of the research is done through literature review, and the core concepts and different implementations of Global Navigation Satellite Systems are firstly introduced. The literature review also involves the introduction of different power grid components and subsystems, that utilize Global Positioning System for time synchronization. Threat modeling techniques traditionally practiced in software development are applied to power grid components and subsystems to gain insight about the possible threats and their impacts. The threats recognized through this process are evaluated and potential techniques for mitigating the most notable threats are presented.Sähköverkot ovat siirtymässä kohti tulevaisuuden älykkäitä sähköverkkoja ja perinteiset sähköverkon suojaus- ja ohjausmenetelmät tekevät tilaa uusille sovelluksille. Alan kehitys on tehnyt aikasynkronoinnin tarkkuusvaatimuksista huomattavasti aikaisempaa vaativampia. Tarkka aikareferenssi sähköverkoissa on tähän saakka saavutettu satelliittinavigointijärjestelmien tarjoamien signaalien avulla. Nämä signaalit ovat kuitenkin erittäin alttiita erilaisille hyökkäyksille. Sähkönjakelujärjestelmät ovat kriittinen osa nykyaikaista yhteiskuntaa ja riskejä sekä seuraamuksia, jotka liittyvät satelliittipohjaisten aikasynkronointimenetelmien hyödyntämiseen sähköverkoissa, tulisi tarkastella. Tämä tutkielma pyrkii vastaamaan tähän tarpeeseen. Päämääränä on selvittää, miten satelliittinavigointijärjestelmiä hyödynnetään sähköverkoissa, kuinka erilaisia hyökkäyksiä voidaan toteuttaa satelliittisignaaleja häiritsemällä ja satelliittisignaalivastaanottimia harhauttamalla ja kuinka näiden muodostamia uhkia voidaan lieventää. Valtaosa tästä tutkimuksesta on toteutettu kirjallisuuskatselmoinnin pohjalta. Työ kattaa satelliittinavigointijärjestelmien perusteet ja esittelee erilaisia tapoja, kuinka satelliittisignaaleja hyödynnetään sähköverkoissa erityisesti aikasynkronoinnin näkökulmasta. Työssä hyödynnettiin perinteisesti ohjelmistokehityksessä käytettyjä uhkamallinnusmenetelmiä mahdollisten uhkien ja seurausten analysointiin. Lopputuloksena esitellään riskiarviot uhkamallinnuksen pohjalta tunnistetuista uhkista, sekä esitellään erilaisia menettelytapoja uhkien lieventämiseksi

A Comprehensive Survey on the Cyber-Security of Smart Grids: Cyber-Attacks, Detection, Countermeasure Techniques, and Future Directions

One of the significant challenges that smart grid networks face is cyber-security. Several studies have been conducted to highlight those security challenges. However, the majority of these surveys classify attacks based on the security requirements, confidentiality, integrity, and availability, without taking into consideration the accountability requirement. In addition, some of these surveys focused on the Transmission Control Protocol/Internet Protocol (TCP/IP) model, which does not differentiate between the application, session, and presentation and the data link and physical layers of the Open System Interconnection (OSI) model. In this survey paper, we provide a classification of attacks based on the OSI model and discuss in more detail the cyber-attacks that can target the different layers of smart grid networks communication. We also propose new classifications for the detection and countermeasure techniques and describe existing techniques under each category. Finally, we discuss challenges and future research directions

An open virtual testbed for industrial control system security research

ICS security has been a topic of scrutiny and research for several years, and many security issues are well known. However, research efforts are impeded by a lack of an open virtual industrial control system testbed for security research. This thesis describes a virtual testbed framework using Python to create discrete testbed components (including virtual devices and process simulators). This testbed is designed such that the testbeds are interoperable with real ICS devices and that the virtual testbeds can provide comparable ICS network behavior to a laboratory testbed. Two testbeds based on laboratory testbeds have been developed and have been shown to be interoperable with real industrial control systemequipment and vulnerable to attacks in the samemanner as a real system. Additionally, these testbeds have been quantitatively shown to produce traffic close to laboratory systems (within 90% similarity on most metrics)

Modelo de ciberseguridad en las Unidades de medición fasorial (PMU) del nuevo sistema inteligente de supervisión y control avanzado de tiempo real (ISAAC) del sistema eléctrico Nacional

El mapa de implementación del proyecto Sistema Inteligente de Supervisión y Control Avanzado (ISAAC) desarrollado por la compañía XM SA ESP, está basado en dispositivos PMU (Unidades de medición fasorial) los cuales hacen parte de la infraestructura eléctrica colombiana, éstos, son la base para el control de la frecuencia, sirven para dar respuesta efectiva de la oferta y demanda de energía. Éste proyecto ha definido un modelo de ciberseguridad del proyecto ISAAC, para lo cual, se estableció (i) Una estimación de los riesgos asociados a ciberataques sobre dispositivos de supervisión PMU, (II) se definió un modelo para la implementación de controles, que reduzcan los niveles de riesgos sobre los dispositivos de supervisión PMU y (III) se implementó un ambiente de prueba que permita valorar los resultados del modelo propuesto y el impacto de los controles de seguridad sobre las funcionalidades de los equipos. Este proyecto no contempla la implementación de elementos de seguridad en su diseño ni controles complementarios sobre las PMU, Los ciberataques cada vez más complejos y elaborados (ataques de hombre en el medio, alteración de datos, ataques de denegación de servicios distribuidos, suplantación, inserción de código, botnet, entre otros), el surgimiento de grupos especializados en construir software malicioso (malware, troyanos, APTS -amenazas persistentes en el tiempo, secuestro de información), el ciberespionaje y la situación compleja de nuestro país hacen que sea necesario la implementación de controles y modelos de ciberseguridad para proteger la infraestructura que soporta el sistema eléctrico Dado lo anterior en éste trabajo de maestría, se diseñó un modelo de ciberseguridad para los elementos PMU en el proyecto ISAAC asociado al sistema eléctrico colombiano, que permite realizar una operación confiable y segura, mitigando con ello riesgos y mejorando la resiliencia ante posibles eventos de ciberseguridad sobre dichas PMU.The implementation map of the Intelligent Advanced Monitoring and Control System (ISAAC) project developed by the company XM SA ESP, is based on PMU devices (Fasorial measurement units) which are part of the Colombian electrical infrastructure, these are the basis for frequency control, they serve to effectively respond to the supply and demand of energy. This project has defined a cybersecurity model of the ISAAC project, for which, it was established (i) An estimate of the risks associated with cyber attacks on PMU monitoring devices, (II) a model for the implementation of controls was defined, which reduce the risk levels on the PMU monitoring devices and (III) a test environment was implemented to assess the results of the proposed model and the impact of safety controls on the functionalities of the equipment. This project does not include the implementation of security elements in its design or complementary controls on PMUs, The increasingly complex and elaborate cyberattacks (man-in-the-middle attacks, data alteration, attacks on denial of distributed services, impersonation, code insertion, botnet, among others), the emergence of groups specialized in building malicious software (malware , Trojans, APTS - persistent threats over time, kidnapping of information), cyber espionage and the complex situation of our country make it necessary to implement controls and cybersecurity models to protect the infrastructure that supports the electrical system Given the above in this master's work, a cybersecurity model was designed for the PMU elements in the ISAAC project associated with the Colombian electricity system, which allows a reliable and safe operation, thereby mitigating risks and improving resilience to possible events cybersecurity about these PMU

Secure Control and Operation of Energy Cyber-Physical Systems Through Intelligent Agents

The operation of the smart grid is expected to be heavily reliant on microprocessor-based control. Thus, there is a strong need for interoperability standards to address the heterogeneous nature of the data in the smart grid. In this research, we analyzed in detail the security threats of the Generic Object Oriented Substation Events (GOOSE) and Sampled Measured Values (SMV) protocol mappings of the IEC 61850 data modeling standard, which is the most widely industry-accepted standard for power system automation and control. We found that there is a strong need for security solutions that are capable of defending the grid against cyber-attacks, minimizing the damage in case a cyber-incident occurs, and restoring services within minimal time. To address these risks, we focused on correlating cyber security algorithms with physical characteristics of the power system by developing intelligent agents that use this knowledge as an important second line of defense in detecting malicious activity. This will complement the cyber security methods, including encryption and authentication. Firstly, we developed a physical-model-checking algorithm, which uses artificial neural networks to identify switching-related attacks on power systems based on load flow characteristics. Secondly, the feasibility of using neural network forecasters to detect spoofed sampled values was investigated. We showed that although such forecasters have high spoofed-data-detection accuracy, they are prone to the accumulation of forecasting error. In this research, we proposed an algorithm to detect the accumulation of the forecasting error based on lightweight statistical indicators. The effectiveness of the proposed algorithms was experimentally verified on the Smart Grid testbed at FIU. The test results showed that the proposed techniques have a minimal detection latency, in the range of microseconds. Also, in this research we developed a network-in-the-loop co-simulation platform that seamlessly integrates the components of the smart grid together, especially since they are governed by different regulations and owned by different entities. Power system simulation software, microcontrollers, and a real communication infrastructure were combined together to provide a cohesive smart grid platform. A data-centric communication scheme was selected to provide an interoperability layer between multi-vendor devices, software packages, and to bridge different protocols together

Optimal and Secure Electricity Market Framework for Market Operation of Multi-Microgrid Systems

Traditional power systems were typically based on bulk energy services by large utility companies. However, microgrids and distributed generations have changed the structure of modern power systems as well as electricity markets. Therefore, restructured electricity markets are needed to address energy transactions in modern power systems. In this dissertation, we developed a hierarchical and decentralized electricity market framework for multi-microgrid systems, which clears energy transactions through three market levels; Day-Ahead-Market (DAM), Hour-Ahead-Market (HAM) and Real-Time-Market (RTM). In this market, energy trades are possible between all participants within the microgrids as well as inter-microgrids transactions. In this approach, we developed a game-theoretic-based double auction mechanism for energy transactions in the DAM, while HAM and RTM are cleared by an optimization algorithm and reverse action mechanism, respectively. For data exchange among market players, we developed a secure data-centric communication approach using the Data Distribution Service. Results demonstrated that this electricity market could significantly reduce the energy price and dependency of the multi-microgrid area on the external grid. Furthermore, we developed and verified a hierarchical blockchain-based energy transaction framework for a multi-microgrid system. This framework has a unique structure, which makes it possible to check the feasibility of energy transactions from the power system point of view by evaluating transmission system constraints. The blockchain ledger summarization, microgrid equivalent model development, and market players’ security and privacy enhancement are new approaches to this framework. The research in this dissertation also addresses some ancillary services in power markets such as an optimal power routing in unbalanced microgrids, where we developed a multi-objective optimization model and verified its ability to minimize the power imbalance factor, active power losses and voltage deviation in an unbalanced microgrid. Moreover, we developed an adaptive real-time congestion management algorithm to mitigate congestions in transmission systems using dynamic thermal ratings of transmission lines. Results indicated that the developed algorithm is cost-effective, fast, and reliable for real-time congestion management cases. Finally, we completed research about the communication framework and security algorithm for IEC 61850 Routable GOOSE messages and developed an advanced protection scheme as its application in modern power systems