Analysis of Bulk Power System Resilience Using Vulnerability Graph

Critical infrastructure such as a Bulk Power System (BPS) should have some quantifiable measure of resiliency and definite rule-sets to achieve a certain resilience value. Industrial Control System (ICS) and Supervisory Control and Data Acquisition (SCADA) networks are integral parts of BPS. BPS or ICS are themselves not vulnerable because of their proprietary technology, but when the control network and the corporate network need to have communications for performance measurements and reporting, the ICS or BPS become vulnerable to cyber-attacks. Thus, a systematic way of quantifying resiliency and identifying crucial nodes in the network is critical for addressing the cyber resiliency measurement process. This can help security analysts and power system operators in the decision-making process. This thesis focuses on the resilience analysis of BPS and proposes a ranking algorithm to identify critical nodes in the network. Although there are some ranking algorithms already in place, but they lack comprehensive inclusion of the factors that are critical in the cyber domain. This thesis has analyzed a range of factors which are critical from the point of view of cyber-attacks and come up with a MADM (Multi-Attribute Decision Making) based ranking method. The node ranking process will not only help improve the resilience but also facilitate hardening the network from vulnerabilities and threats. The proposed method is called MVNRank which stands for Multiple Vulnerability Node Rank. MVNRank algorithm takes into account the asset value of the hosts, the exploitability and impact scores of vulnerabilities as quantified by CVSS (Common Vulnerability Scoring System). It also considers the total number of vulnerabilities and severity level of each vulnerability, degree centrality of the nodes in vulnerability graph and the attacker’s distance from the target node. We are using a multi-layered directed acyclic graph (DAG) model and ranking the critical nodes in the corporate and control network which falls in the paths to the target ICS. We don\u27t rank the ICS nodes but use them to calculate the potential power loss capability of the control center nodes using the assumed ICS connectivity to BPS. Unlike most of the works, we have considered multiple vulnerabilities for each node in the network while generating the rank by using a weighted average method. The resilience computation is highly time consuming as it considers all the possible attack paths from the source to the target node which increases in a multiplicative manner based on the number of nodes and vulnerabilities. Thus, one of the goals of this thesis is to reduce the simulation time to compute resilience which is achieved as illustrated in the simulation results

A framework for assessing robustness of water networks and computational evaluation of resilience.

Arid regions tend to take careful measures to ensure water supplies are secured to consumers, to help provide the basis for further development. Water distribution network is the most expensive part of the water supply infrastructure and it must maintain performance during unexpected incidents. Many aspects of performance have previously been discussed separately, including reliability, vulnerability, flexibility and resilience. This study aimed to develop a framework to bring together these aspects as found in the literature and industry practice, and bridge the gap between them. Semi-structured interviews with water industry experts were used to examine the presence and understanding of robustness factors. Thematic analysis was applied to investigate these and inform a conceptual framework including the component and topological levels. Robustness was described by incorporating network reliability and resiliency. The research focused on resiliency as a network-level concept derived from flexibility and vulnerability. To utilise this new framework, the study explored graph theory to formulate metrics for flexibility and vulnerability that combine network topology and hydraulics. The flexibility metric combines hydraulic edge betweenness centrality, representing hydraulic connectivity, and hydraulic edge load, measuring utilised capacity. Vulnerability captures the impact of failures on the ability of the network to supply consumers, and their sensitivity to disruptions, by utilising node characteristics, such as demand, population and alternative supplies. These measures together cover both edge (pipe) centric and node (demand) centric perspectives. The resiliency assessment was applied to several literature benchmark networks prior to using a real case network. The results show the benefits of combining hydraulics with topology in robustness analysis. The assessment helps to identify components or sections of importance for future expansion plans or maintenance purposes. The study provides a novel viewpoint overarching the gap between literature and practice, incorporating different critical factors for robust performance

Graph Theoretic Approaches to Understand Resilience of Complex Systems

Modern society is critically dependent on a network of complex systems for almost every social and economic function. While increasing complexity in large-scale engineered systems offer many advantages including high efficiency, performance and robustness, it inadvertently makes them vulnerable to unanticipated perturbations. A disruption affecting even one component may result in large cascading impacts on the entire system due to high interconnectedness. Large direct and indirect impacts across national and international boundaries of natural disasters like Hurricane Katrina, infrastructure failures like the Northeast blackout, epidemics like the H1N1 influenza, terrorist attacks like the 9/11, and social unrests like the Arab Spring are indicative of the vulnerability associated with growing complexity. There is an urgent need for a quantitative framework to understand resilience of complex systems with different system architectures. In this work, a novel framework is developed that integrates graph theory with statistical and modeling techniques for understanding interconnectedness, interdependencies, and resilience of distinct large-scale systems while remaining cognizant of domain specific details. The framework is applied to three diverse complex systems, 1) Critical Infrastructure Sectors (CIS) of the U.S economy, 2) the Kalundborg Industrial Symbiosis (KIS), Denmark and 3) the London metro-rail infrastructure. These three systems are strategically chosen as they represent complex systems of distinct sizes and span different spatial scales. The framework is utilized for understanding the influence of both network structure level properties and local node and edge level properties on resilience of diverse complex systems. At the national scale, application of this framework on the U.S. economic network reveals that excessive interconnectedness and interdependencies among CIS significantly amplify impacts of targeted disruptions, and negatively influence its resilience. At the regional scale, analysis of KIS reveals that increasing diversity, redundancy, and multi-functionality is imperative for developing resilient and sustainable IS systems. At the urban scale, application of this framework on the London Metro system identifies stations and rail connections that are sources of functional and structural vulnerability, and must be secured for improving resilience. This framework provides a holistic perspective to understand and propose data-driven recommendations to strengthen resilience of large-scale complex engineered systems

Resilience assessment for interdependent urban infrastructure systems using dynamic network flow models

Critical infrastructure systems are becoming increasingly interdependent, which can exacerbate the impacts of disruptive events through cascading failures, hindered asset repairs and network congestion. Current resilience assessment methods fall short of fully capturing such interdependency effects as they tend to model asset reliability and network flows separately and often rely on static flow assignment methods. In this paper, we develop an integrated, dynamic modelling and simulation framework that combines network and asset representations of infrastructure systems and models the optimal response to disruptions using a rolling planning horizon. The framework considers dependencies pertaining to failure propagation, system-of-systems architecture and resources required for operating and repairing assets. Stochastic asset failure is captured by a scenario tree generation algorithm whereas the redistribution of network flows and the optimal deployment of repair resources are modelled using a minimum cost flow approach. A case study on London’s metro and electric power networks shows how the proposed methodology can be used to assess the resilience of city-scale infrastructure systems to a local flooding incident and estimate the value of the resilience loss triangle for different levels of hazard exposure and repair capabilities

Characterising the security of power system topologies through a combined assessment of reliability, robustness, and resilience

Electricity has a prominent role in modern economies; therefore, ensuring the availability of electricity supply should be a top priority for policymakers. The joint assessment of reliability, robustness, and resilience can be a useful criterion to characterise different topologies and improve the security of supply. This paper proposes a novel integrated analysis of these three attributes to quantify the security of power grid topologies. Hence, eight case studies with different topologies created using the IEEE 24-bus reliability test system were analysed. Reliability was evaluated by applying the sequential Monte Carlo approach, robustness was evaluated by simulating cascading failures, and resilience was evaluated by analysing recovery curves. The different indicators associated with each of the three evaluations were then calculated. The results obtained were discussed both graphically and quantitatively in a novel three-dimensional representation, where the importance of joint analysis was also highlighted. The proposed method can serve as an additional tool for planners to identify possible investments or improvements in power system topologies

Electric Power Grid Resilience to Cyber Adversaries: State of the Art

© 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. The smart electricity grids have been evolving to a more complex cyber-physical ecosystem of infrastructures with integrated communication networks, new carbon-free sources of powergeneratio n, advanced monitoring and control systems, and a myriad of emerging modern physical hardware technologies. With the unprecedented complexity and heterogeneity in dynamic smart grid networks comes additional vulnerability to emerging threats such as cyber attacks. Rapid development and deployment of advanced network monitoring and communication systems on one hand, and the growing interdependence of the electric power grids to a multitude of lifeline critical infrastructures on the other, calls for holistic defense strategies to safeguard the power grids against cyber adversaries. In order to improve the resilience of the power grid against adversarial attacks and cyber intrusions, advancements should be sought on detection techniques, protection plans, and mitigation practices in all electricity generation, transmission, and distribution sectors. This survey discusses such major directions and recent advancements from a lens of different detection techniques, equipment protection plans, and mitigation strategies to enhance the energy delivery infrastructure resilience and operational endurance against cyber attacks. This undertaking is essential since even modest improvements in resilience of the power grid against cyber threats could lead to sizeable monetary savings and an enriched overall social welfare

Cyber-Based Contingency Analysis and Insurance Implications of Power Grid

Cybersecurity for power communication infrastructure is a serious subject that has been discussed for a decade since the first North American Electric Reliability Corporation (NERC) critical infrastructure protection (CIP) initiative in 2006. Its credibility on plausibility has been evidenced by attack events in the recent past. Although this is a very high impact, rare probability event, the establishment of quantitative measures would help asset owners in making a series of investment decisions. First, this dissertation tackles attackers\u27 strategies based on the current communication architecture between remote IP-based (unmanned) power substations and energy control centers. Hypothetically, the identification of intrusion paths will lead to the worst-case scenarios that the attackers could do harm to the grid, e.g., how this switching attack may perturb to future cascading outages within a control area when an IP-based substation is compromised. Systematic approaches are proposed in this dissertation on how to systematically determine pivotal substations and how investment can be prioritized to maintain and appropriate a reasonable investment in protecting their existing cyberinfrastructure. More specifically, the second essay of this dissertation focuses on digital protecting relaying, which could have similar detrimental effects on the overall grid\u27s stability. The R-k contingency analyses are proposed to verify with steady-state and dynamic simulations to ensure consistencies of simulation outcome in the proposed modeling in a power system. This is under the assumption that attackers are able to enumerate all electronic devices and computers within a compromised substation network. The essay also assists stakeholders (the defenders) in planning out exhaustively to identify the critical digital relays to be deployed in substations. The systematic methods are the combinatorial evaluation to incorporate the simulated statistics in the proposed metrics that are used based on the physics and simulation studies using existing power system tools. Finally, a risk transfer mechanism of cyber insurance against disruptive switching attacks is studied comprehensively based on the aforementioned two attackers\u27 tactics. The evaluation hypothetically assesses the occurrence of anomalies and how these footprints of attackers can lead to a potential cascading blackout as well as to restore the power back to normal stage. The research proposes a framework of cyber insurance premium calculation based on the ruin probability theory, by modeling potential electronic intrusion and its direct impacts. This preliminary actuarial model can further improve the security of the protective parameters of the critical infrastructure via incentivizing investment in security technologies

Impact Assessment of Hypothesized Cyberattacks on Interconnected Bulk Power Systems

The first-ever Ukraine cyberattack on power grid has proven its devastation by hacking into their critical cyber assets. With administrative privileges accessing substation networks/local control centers, one intelligent way of coordinated cyberattacks is to execute a series of disruptive switching executions on multiple substations using compromised supervisory control and data acquisition (SCADA) systems. These actions can cause significant impacts to an interconnected power grid. Unlike the previous power blackouts, such high-impact initiating events can aggravate operating conditions, initiating instability that may lead to system-wide cascading failure. A systemic evaluation of "nightmare" scenarios is highly desirable for asset owners to manage and prioritize the maintenance and investment in protecting their cyberinfrastructure. This survey paper is a conceptual expansion of real-time monitoring, anomaly detection, impact analyses, and mitigation (RAIM) framework that emphasizes on the resulting impacts, both on steady-state and dynamic aspects of power system stability. Hypothetically, we associate the combinatorial analyses of steady state on substations/components outages and dynamics of the sequential switching orders as part of the permutation. The expanded framework includes (1) critical/noncritical combination verification, (2) cascade confirmation, and (3) combination re-evaluation. This paper ends with a discussion of the open issues for metrics and future design pertaining the impact quantification of cyber-related contingencies