Detection and Mitigation of Cyber Attacks on Time Synchronization Protocols for the Smart Grid

The current electric grid is considered as one of the greatest engineering achievements of the twentieth century. It has been successful in delivering power to consumers for decades. Nevertheless, the electric grid has recently experienced several blackouts that raised several concerns related to its availability and reliability. The aspiration to provide reliable and efficient energy, and contribute to environment protection through the increasing utilization of renewable energies are driving the need to deploy the grid of the future, the smart grid. It is expected that this grid will be self-healing from power disturbance events, operating resiliently against physical and cyber attack, operating efficiently, and enabling new products and services. All these call for a grid with more Information and Communication Technologies (ICT). As such, power grids are increasingly absorbing ICT technologies to provide efficient, secure and reliable two-way communication to better manage, operate, maintain and control electric grid components. On the other hand, the successful deployment of the smart grid is predicated on the ability to secure its operations. Such a requirement is of paramount importance especially in the presence of recent cyber security incidents. Furthermore, those incidents are subject to an augment with the increasing integration of ICT technologies and the vulnerabilities they introduce to the grid. The exploitation of these vulnerabilities might lead to attacks that can, for instance, mask the system observability and initiate cascading failures resulting in undesirable and severe consequences. In this thesis, we explore the security aspects of a key enabling technology in the smart grid, accurate time synchronization. Time synchronization is an immense requirement across the domains of the grid, from generation to transmission, distribution, and consumer premises. We focus on the substation, a basic block of the smart grid system, along with its recommended time synchronization mechanism - the Precision Time Protocol (PTP) - in order to address threats associated with PTP, and propose practical and efficient detection, prevention, mitigation techniques and methodologies that will harden and enhance the security and usability of PTP in a substation. In this respect, we start this thesis with a security assessment of PTP that identifies PTP security concerns, and then address those concerns in the subsequent chapters. We tackle the following main threats associated with PTP: 1) PTP vulnerability to fake timestamp injection through a compromised component 2) PTP vulnerability to the delay attack and 3) The lack of a mechanism that secures the PTP network. Next, and as a direct consequence of the importance of time synchronization in the smart grid, we consider the wide area system to demonstrate the vulnerability of relative data alignment in Phasor Data Concentrators to time synchronization attacks. These problems will be extensively studied throughout this thesis, followed by discussions that highlight open research directions worth further investigations

Synchrophasors: Multilevel Assessment and Data Quality Improvement for Enhanced System Reliability

. This study presents a comprehensive framework for testing and evaluation of Phasor Measurement Units (PMUs) and synchrophasor systems under normal power system operating conditions, as well as during disturbances such as faults and transients. The proposed framework suggests a performance assessment to be conducted in three steps: (a) type testing: conducted in the synchrophasor calibration laboratory according to accepted industrial standards; (b) application testing: conducted to evaluate the performance of the PMUs under faults, transients, and other disturbances in power systems; (c) end-to-end system testing: conducted to assess the risk and quantify the impact of measurement errors on the applications of interest. The suggested calibration toolset (type testing) enables performance characterization of different design alternatives in a standalone PMU (e.g., length of phasor estimation windows, filtering windows, reporting rates, etc.). In conjunction with the standard performance requirements, this work defines new metrics for PMU performance evaluations under any static and dynamic conditions that may unfold in the grid. The new metrics offer a more realistic understanding of the overall PMU performance and help users choose the appropriate device/settings for the target applications. Furthermore, the proposed probabilistic techniques quantify the PMU accuracy to various test performance thresholds specified by corresponding IEEE standards, rather than having only the pass/fail test outcome, as well as the probability of specific failures to meet the standard requirements defined in terms of the phasor, frequency, and rate of change of frequency accuracy. Application testing analysis encompasses PMU performance evaluation under faults and other prevailing conditions, and offers a realistic assessment of the PMU measurement errors in real-world field scenarios and reveals additional performance characteristics that are crucial for the overall application evaluation. End-to-end system tests quantify the impact of synchrophasor estimation errors and their propagation from the PMU towards the end-use applications and evaluate the associated risk. In this work, extensive experimental results demonstrate the advantages of the proposed framework and its applicability is verified through two synchrophasor applications, namely: Fault Location and Modal Analysis. Finally, a data-driven technique (Principal Component Pursuit) is proposed for the correction and completion of the synchrophasor data blocks, and its application and effectiveness is validated in modal analyzes

Synchrophasors: Multilevel Assessment and Data Quality Improvement for Enhanced System Reliability

. This study presents a comprehensive framework for testing and evaluation of Phasor Measurement Units (PMUs) and synchrophasor systems under normal power system operating conditions, as well as during disturbances such as faults and transients. The proposed framework suggests a performance assessment to be conducted in three steps: (a) type testing: conducted in the synchrophasor calibration laboratory according to accepted industrial standards; (b) application testing: conducted to evaluate the performance of the PMUs under faults, transients, and other disturbances in power systems; (c) end-to-end system testing: conducted to assess the risk and quantify the impact of measurement errors on the applications of interest. The suggested calibration toolset (type testing) enables performance characterization of different design alternatives in a standalone PMU (e.g., length of phasor estimation windows, filtering windows, reporting rates, etc.). In conjunction with the standard performance requirements, this work defines new metrics for PMU performance evaluations under any static and dynamic conditions that may unfold in the grid. The new metrics offer a more realistic understanding of the overall PMU performance and help users choose the appropriate device/settings for the target applications. Furthermore, the proposed probabilistic techniques quantify the PMU accuracy to various test performance thresholds specified by corresponding IEEE standards, rather than having only the pass/fail test outcome, as well as the probability of specific failures to meet the standard requirements defined in terms of the phasor, frequency, and rate of change of frequency accuracy. Application testing analysis encompasses PMU performance evaluation under faults and other prevailing conditions, and offers a realistic assessment of the PMU measurement errors in real-world field scenarios and reveals additional performance characteristics that are crucial for the overall application evaluation. End-to-end system tests quantify the impact of synchrophasor estimation errors and their propagation from the PMU towards the end-use applications and evaluate the associated risk. In this work, extensive experimental results demonstrate the advantages of the proposed framework and its applicability is verified through two synchrophasor applications, namely: Fault Location and Modal Analysis. Finally, a data-driven technique (Principal Component Pursuit) is proposed for the correction and completion of the synchrophasor data blocks, and its application and effectiveness is validated in modal analyzes

Survey in Smart Grid and Smart Home Security: Issues, Challenges and Countermeasures

The electricity industry is now at the verge of a new era. An era that promises, through the evolution of the existing electrical grids to Smart Grids, more efficient and effective power management, better reliability, reduced production costs and more environmentally friendly energy generation. Numerous initiatives across the globe, led by both industry and academia, reflect the mounting interest around the enormous benefits but also the great risks introduced by this evolution. This paper focuses on issues related to the security of the Smart Grid and the Smart Home, which we present as an integral part of the Smart Grid. Based on several scenarios we aim to present some of the most representative threats to the Smart Home / Smart Grid environment. The threats detected are categorized according to specific security goals set for the Smart Home/Smart Grid environment and their impact on the overall system security is evaluated. A review of contemporary literature is then conducted with the aim of presenting promising security countermeasures with respect to the identified specific security goals for each presented scenario. An effort to shed light on open issues and future research directions concludes the paper

Cyber-Physical Threat Intelligence for Critical Infrastructures Security

Modern critical infrastructures comprise of many interconnected cyber and physical assets, and as such are large scale cyber-physical systems. Hence, the conventional approach of securing these infrastructures by addressing cyber security and physical security separately is no longer effective. Rather more integrated approaches that address the security of cyber and physical assets at the same time are required. This book presents integrated (i.e. cyber and physical) security approaches and technologies for the critical infrastructures that underpin our societies. Specifically, it introduces advanced techniques for threat detection, risk assessment and security information sharing, based on leading edge technologies like machine learning, security knowledge modelling, IoT security and distributed ledger infrastructures. Likewise, it presets how established security technologies like Security Information and Event Management (SIEM), pen-testing, vulnerability assessment and security data analytics can be used in the context of integrated Critical Infrastructure Protection. The novel methods and techniques of the book are exemplified in case studies involving critical infrastructures in four industrial sectors, namely finance, healthcare, energy and communications. The peculiarities of critical infrastructure protection in each one of these sectors is discussed and addressed based on sector-specific solutions. The advent of the fourth industrial revolution (Industry 4.0) is expected to increase the cyber-physical nature of critical infrastructures as well as their interconnection in the scope of sectorial and cross-sector value chains. Therefore, the demand for solutions that foster the interplay between cyber and physical security, and enable Cyber-Physical Threat Intelligence is likely to explode. In this book, we have shed light on the structure of such integrated security systems, as well as on the technologies that will underpin their operation. We hope that Security and Critical Infrastructure Protection stakeholders will find the book useful when planning their future security strategies

Protecting Systems From Exploits Using Language-Theoretic Security

Any computer program processing input from the user or network must validate the input. Input-handling vulnerabilities occur in programs when the software component responsible for filtering malicious input---the parser---does not perform validation adequately. Consequently, parsers are among the most targeted components since they defend the rest of the program from malicious input. This thesis adopts the Language-Theoretic Security (LangSec) principle to understand what tools and research are needed to prevent exploits that target parsers. LangSec proposes specifying the syntactic structure of the input format as a formal grammar. We then build a recognizer for this formal grammar to validate any input before the rest of the program acts on it. To ensure that these recognizers represent the data format, programmers often rely on parser generators or parser combinators tools to build the parsers. This thesis propels several sub-fields in LangSec by proposing new techniques to find bugs in implementations, novel categorizations of vulnerabilities, and new parsing algorithms and tools to handle practical data formats. To this end, this thesis comprises five parts that tackle various tenets of LangSec. First, I categorize various input-handling vulnerabilities and exploits using two frameworks. First, I use the mismorphisms framework to reason about vulnerabilities. This framework helps us reason about the root causes leading to various vulnerabilities. Next, we built a categorization framework using various LangSec anti-patterns, such as parser differentials and insufficient input validation. Finally, we built a catalog of more than 30 popular vulnerabilities to demonstrate the categorization frameworks. Second, I built parsers for various Internet of Things and power grid network protocols and the iccMAX file format using parser combinator libraries. The parsers I built for power grid protocols were deployed and tested on power grid substation networks as an intrusion detection tool. The parser I built for the iccMAX file format led to several corrections and modifications to the iccMAX specifications and reference implementations. Third, I present SPARTA, a novel tool I built that generates Rust code that type checks Portable Data Format (PDF) files. The type checker I helped build strictly enforces the constraints in the PDF specification to find deviations. Our checker has contributed to at least four significant clarifications and corrections to the PDF 2.0 specification and various open-source PDF tools. In addition to our checker, we also built a practical tool, PDFFixer, to dynamically patch type errors in PDF files. Fourth, I present ParseSmith, a tool to build verified parsers for real-world data formats. Most parsing tools available for data formats are insufficient to handle practical formats or have not been verified for their correctness. I built a verified parsing tool in Dafny that builds on ideas from attribute grammars, data-dependent grammars, and parsing expression grammars to tackle various constructs commonly seen in network formats. I prove that our parsers run in linear time and always terminate for well-formed grammars. Finally, I provide the earliest systematic comparison of various data description languages (DDLs) and their parser generation tools. DDLs are used to describe and parse commonly used data formats, such as image formats. Next, I conducted an expert elicitation qualitative study to derive various metrics that I use to compare the DDLs. I also systematically compare these DDLs based on sample data descriptions available with the DDLs---checking for correctness and resilience

Abstracts on Radio Direction Finding (1899 - 1995)

The files on this record represent the various databases that originally composed the CD-ROM issue of "Abstracts on Radio Direction Finding" database, which is now part of the Dudley Knox Library's Abstracts and Selected Full Text Documents on Radio Direction Finding (1899 - 1995) Collection. (See Calhoun record https://calhoun.nps.edu/handle/10945/57364 for further information on this collection and the bibliography). Due to issues of technological obsolescence preventing current and future audiences from accessing the bibliography, DKL exported and converted into the three files on this record the various databases contained in the CD-ROM. The contents of these files are: 1) RDFA_CompleteBibliography_xls.zip [RDFA_CompleteBibliography.xls: Metadata for the complete bibliography, in Excel 97-2003 Workbook format; RDFA_Glossary.xls: Glossary of terms, in Excel 97-2003 Workbookformat; RDFA_Biographies.xls: Biographies of leading figures, in Excel 97-2003 Workbook format]; 2) RDFA_CompleteBibliography_csv.zip [RDFA_CompleteBibliography.TXT: Metadata for the complete bibliography, in CSV format; RDFA_Glossary.TXT: Glossary of terms, in CSV format; RDFA_Biographies.TXT: Biographies of leading figures, in CSV format]; 3) RDFA_CompleteBibliography.pdf: A human readable display of the bibliographic data, as a means of double-checking any possible deviations due to conversion

LIPIcs, Volume 274, ESA 2023, Complete Volume

LIPIcs, Volume 274, ESA 2023, Complete Volum