POWER DISTRIBUTION SYSTEM RELIABILITY AND RESILIENCY AGAINST EXTREME EVENTS

The objective of a power system is to provide electricity to its customers as economically as possible with an acceptable level of reliability while safeguarding the environment. Power system reliability has well-established quantitative metrics, regulatory standards, compliance incentives and jurisdictions of responsibilities. The increase in occurrence of extreme events like hurricane/tornadoes, floods, wildfires, storms, cyber-attacks etc. which are not considered in routine reliability evaluation has raised concern over the potential economic losses due to prolonged and large-scale power outages, and the overall sustainability and adaptability of power systems. This concern has motivated the utility planners, operators, and policy makers to acknowledge the importance of system resiliency against such events. However, power system resiliency evaluation is comparatively new, and lacks widely accepted standards, assessment methods and metrics. The thesis presents comparative review and analysis of power system resilience models, methodologies, and metrics in present literature and utility applications. It presents studies on two very different types of extreme events, (i) man-made and (ii) natural disaster, and analyzes their impacts on the resiliency of a distribution system. It draws conclusions on assessing and improving power system resiliency based on the impact of the extreme event, response from the distribution system, and effectiveness of the mitigating measures to tackle the extreme event. The advancement in technologies has seen an increasing integration of cyber and physical layer of the distribution system. The distribution system operators avails from the symbiotic relation of the cyber-physical layer, but the interdependency has also been its Achilles heel. The evolving infrastructure is being exposed to increase in cyber-attacks. It is of paramount importance to address the aforementioned issue by developing holistic approaches to comprehensibly upgrade the distribution system preventing huge financial loss and societal repercussions. The thesis models a type of cyber-attack using false data injection and evaluates its impact on the distribution system. It does so by developing a resilience assessment methodology accompanied by quantitative metrics. It also performs reliability evaluation to present the underlying principle and differences between reliability and resiliency. The thesis also introduces new indices to demonstrate the effectiveness of a bad-data detection strategy against such cyber-attacks. Extreme events like hurricane/tornadoes, floods, wildfires, storm, cyber-attack etc. are responsible for catastrophic damage to critical infrastructure and huge financial loss. Power distribution system is an important critical infrastructure driving the socio-economic growth of the country. High winds are one of the most common form of extreme events that are responsible for outages due to failure of poles, equipment damage etc. The thesis models effective extreme wind events with the help of fragility curves, and presents an analysis of their impacts on the distribution system. It also presents infrastructural and operational resiliency enhancement strategies and quantifies the effectiveness of the strategy with the metrics developed. It also demonstrates the dependency of resiliency of distribution system on the structural strength of transmission lines and presents measures to ensure the independency of the distribution system. The thesis presents effective resilience assessment methodology that can be valuable for distribution system utility planners, and operators to plan and ensure a resilient distribution system

Testimony of Dr. George H. Baker, Senior Advisor to the Congressional EMP Commission

This is the script of testimony before the Federal Energy Regulatory Commission. It offers a vision for a future in which our electric power systems will be able to operate through or quickly recover from catastrophic failure due to electromagnetic pulse (EMP), cyber, and physical attacks. The scope of the term ‘EMP’ used in this testimony includes both naturally occurring solar storms and the more energetic man-made EMP hazards. The vision has been discussed with members of the electric power industry, and prominent EMP/cyber/physical protection advocates who find it to be supportable and actionable. The nature of EMP, cyber, and physical threats to the United States’ electric power grid are severe, to be sure. Bounding consequences could include risk measurement units of millions of casualties (EMP Commission), trillions of dollars (Lloyds of London), and, dents in the history of civilization (Center for Policy on Emerging Technology). The good news is that well-known engineering solutions are available to counter these threats

Evaluating Resilience of Cyber-Physical-Social Systems

Nowadays, protecting the network is not the only security concern. Still, in cyber security, websites and servers are becoming more popular as targets due to the ease with which they can be accessed when compared to communication networks. Another threat in cyber physical social systems with human interactions is that they can be attacked and manipulated not only by technical hacking through networks, but also by manipulating people and stealing users’ credentials. Therefore, systems should be evaluated beyond cy- ber security, which means measuring their resilience as a piece of evidence that a system works properly under cyber-attacks or incidents. In that way, cyber resilience is increas- ingly discussed and described as the capacity of a system to maintain state awareness for detecting cyber-attacks. All the tasks for making a system resilient should proactively maintain a safe level of operational normalcy through rapid system reconfiguration to detect attacks that would impact system performance. In this work, we broadly studied a new paradigm of cyber physical social systems and defined a uniform definition of it. To overcome the complexity of evaluating cyber resilience, especially in these inhomo- geneous systems, we proposed a framework including applying Attack Tree refinements and Hierarchical Timed Coloured Petri Nets to model intruder and defender behaviors and evaluate the impact of each action on the behavior and performance of the system.Hoje em dia, proteger a rede não é a única preocupação de segurança. Ainda assim, na segurança cibernética, sites e servidores estão se tornando mais populares como alvos devido à facilidade com que podem ser acessados quando comparados às redes de comu- nicação. Outra ameaça em sistemas sociais ciberfisicos com interações humanas é que eles podem ser atacados e manipulados não apenas por hackers técnicos através de redes, mas também pela manipulação de pessoas e roubo de credenciais de utilizadores. Portanto, os sistemas devem ser avaliados para além da segurança cibernética, o que significa medir sua resiliência como uma evidência de que um sistema funciona adequadamente sob ataques ou incidentes cibernéticos. Dessa forma, a resiliência cibernética é cada vez mais discutida e descrita como a capacidade de um sistema manter a consciência do estado para detectar ataques cibernéticos. Todas as tarefas para tornar um sistema resiliente devem manter proativamente um nível seguro de normalidade operacional por meio da reconfi- guração rápida do sistema para detectar ataques que afetariam o desempenho do sistema. Neste trabalho, um novo paradigma de sistemas sociais ciberfisicos é amplamente estu- dado e uma definição uniforme é proposta. Para superar a complexidade de avaliar a resiliência cibernética, especialmente nesses sistemas não homogéneos, é proposta uma estrutura que inclui a aplicação de refinamentos de Árvores de Ataque e Redes de Petri Coloridas Temporizadas Hierárquicas para modelar comportamentos de invasores e de- fensores e avaliar o impacto de cada ação no comportamento e desempenho do sistema

Fundamental Concepts of Cyber Resilience: Introduction and Overview

Given the rapid evolution of threats to cyber systems, new management approaches are needed that address risk across all interdependent domains (i.e., physical, information, cognitive, and social) of cyber systems. Further, the traditional approach of hardening of cyber systems against identified threats has proven to be impossible. Therefore, in the same way that biological systems develop immunity as a way to respond to infections and other attacks, so too must cyber systems adapt to ever-changing threats that continue to attack vital system functions, and to bounce back from the effects of the attacks. Here, we explain the basic concepts of resilience in the context of systems, discuss related properties, and make business case of cyber resilience. We also offer a brief summary of ways to assess cyber resilience of a system, and approaches to improving cyber resilience.Comment: This is a preprint version of a chapter that appears in the book "Cyber Resilience of Systems and Networks," Springer 201

Enhancing Cyber-Resiliency of DER-based SmartGrid: A Survey

The rapid development of information and communications technology has enabled the use of digital-controlled and software-driven distributed energy resources (DERs) to improve the flexibility and efficiency of power supply, and support grid operations. However, this evolution also exposes geographically-dispersed DERs to cyber threats, including hardware and software vulnerabilities, communication issues, and personnel errors, etc. Therefore, enhancing the cyber-resiliency of DER-based smart grid - the ability to survive successful cyber intrusions - is becoming increasingly vital and has garnered significant attention from both industry and academia. In this survey, we aim to provide a systematical and comprehensive review regarding the cyber-resiliency enhancement (CRE) of DER-based smart grid. Firstly, an integrated threat modeling method is tailored for the hierarchical DER-based smart grid with special emphasis on vulnerability identification and impact analysis. Then, the defense-in-depth strategies encompassing prevention, detection, mitigation, and recovery are comprehensively surveyed, systematically classified, and rigorously compared. A CRE framework is subsequently proposed to incorporate the five key resiliency enablers. Finally, challenges and future directions are discussed in details. The overall aim of this survey is to demonstrate the development trend of CRE methods and motivate further efforts to improve the cyber-resiliency of DER-based smart grid.Comment: Submitted to IEEE Transactions on Smart Grid for Publication Consideratio

Advancements in Enhancing Resilience of Electrical Distribution Systems: A Review on Frameworks, Metrics, and Technological Innovations

This comprehensive review paper explores power system resilience, emphasizing its evolution, comparison with reliability, and conducting a thorough analysis of the definition and characteristics of resilience. The paper presents the resilience frameworks and the application of quantitative power system resilience metrics to assess and quantify resilience. Additionally, it investigates the relevance of complex network theory in the context of power system resilience. An integral part of this review involves examining the incorporation of data-driven techniques in enhancing power system resilience. This includes the role of data-driven methods in enhancing power system resilience and predictive analytics. Further, the paper explores the recent techniques employed for resilience enhancement, which includes planning and operational techniques. Also, a detailed explanation of microgrid (MG) deployment, renewable energy integration, and peer-to-peer (P2P) energy trading in fortifying power systems against disruptions is provided. An analysis of existing research gaps and challenges is discussed for future directions toward improvements in power system resilience. Thus, a comprehensive understanding of power system resilience is provided, which helps in improving the ability of distribution systems to withstand and recover from extreme events and disruptions

A resiliency framework for an enterprise cloud

This paper presents a systematic approach to develop a resilient software system which can be developed as emerging services and analytics for resiliency. While using the resiliency as a good example for enterprise cloud security, all resilient characteristics should be blended together to produce greater impacts. A framework, Cloud Computing Adoption Framework (CCAF), is presented in details. CCAF has four major types of emerging services and each one has been explained in details with regard to the individual function and how each one can be integrated. CCAF is an architectural framework that blends software resilience, service components and guidelines together and provides real case studies to produce greater impacts to the organizations adopting Cloud Computing and security. CCAF provides business alignments and provides agility, efficiency and integration for business competitive edge. In order to validate user requirements and system designs, a large scale survey has been conducted with detailed analysis provided for each major question. We present our discussion and conclude that the use of CCAF framework can illustrate software resilience and security improvement for enterprise security. CCAF framework itself is validated as an emerging service for Enterprise Cloud Computing with analytics showing survey analysi