CPS Attacks Mitigation Approaches on Power Electronic Systems with Security Challenges for Smart Grid Applications: A Review

This paper presents an inclusive review of the cyber-physical (CP) attacks, vulnerabilities, mitigation approaches on the power electronics and the security challenges for the smart grid applications. With the rapid evolution of the physical systems in the power electronics applications for interfacing renewable energy sources that incorporate with cyber frameworks, the cyber threats have a critical impact on the smart grid performance. Due to the existence of electronic devices in the smart grid applications, which are interconnected through communication networks, these networks may be subjected to severe cyber-attacks by hackers. If this occurs, the digital controllers can be physically isolated from the control loop. Therefore, the cyber-physical systems (CPSs) in the power electronic systems employed in the smart grid need special treatment and security. In this paper, an overview of the power electronics systems security on the networked smart grid from the CP perception, as well as then emphases on prominent CP attack patterns with substantial influence on the power electronics components operation along with analogous defense solutions. Furthermore, appraisal of the CPS threats attacks mitigation approaches, and encounters along the smart grid applications are discussed. Finally, the paper concludes with upcoming trends and challenges in CP security in the smart grid applications

A Comprehensive Survey on the Cyber-Security of Smart Grids: Cyber-Attacks, Detection, Countermeasure Techniques, and Future Directions

One of the significant challenges that smart grid networks face is cyber-security. Several studies have been conducted to highlight those security challenges. However, the majority of these surveys classify attacks based on the security requirements, confidentiality, integrity, and availability, without taking into consideration the accountability requirement. In addition, some of these surveys focused on the Transmission Control Protocol/Internet Protocol (TCP/IP) model, which does not differentiate between the application, session, and presentation and the data link and physical layers of the Open System Interconnection (OSI) model. In this survey paper, we provide a classification of attacks based on the OSI model and discuss in more detail the cyber-attacks that can target the different layers of smart grid networks communication. We also propose new classifications for the detection and countermeasure techniques and describe existing techniques under each category. Finally, we discuss challenges and future research directions

Game-Theoretic and Machine-Learning Techniques for Cyber-Physical Security and Resilience in Smart Grid

The smart grid is the next-generation electrical infrastructure utilizing Information and Communication Technologies (ICTs), whose architecture is evolving from a utility-centric structure to a distributed Cyber-Physical System (CPS) integrated with a large-scale of renewable energy resources. However, meeting reliability objectives in the smart grid becomes increasingly challenging owing to the high penetration of renewable resources and changing weather conditions. Moreover, the cyber-physical attack targeted at the smart grid has become a major threat because millions of electronic devices interconnected via communication networks expose unprecedented vulnerabilities, thereby increasing the potential attack surface. This dissertation is aimed at developing novel game-theoretic and machine-learning techniques for addressing the reliability and security issues residing at multiple layers of the smart grid, including power distribution system reliability forecasting, risk assessment of cyber-physical attacks targeted at the grid, and cyber attack detection in the Advanced Metering Infrastructure (AMI) and renewable resources. This dissertation first comprehensively investigates the combined effect of various weather parameters on the reliability performance of the smart grid, and proposes a multilayer perceptron (MLP)-based framework to forecast the daily number of power interruptions in the distribution system using time series of common weather data. Regarding evaluating the risk of cyber-physical attacks faced by the smart grid, a stochastic budget allocation game is proposed to analyze the strategic interactions between a malicious attacker and the grid defender. A reinforcement learning algorithm is developed to enable the two players to reach a game equilibrium, where the optimal budget allocation strategies of the two players, in terms of attacking/protecting the critical elements of the grid, can be obtained. In addition, the risk of the cyber-physical attack can be derived based on the successful attack probability to various grid elements. Furthermore, this dissertation develops a multimodal data-driven framework for the cyber attack detection in the power distribution system integrated with renewable resources. This approach introduces the spare feature learning into an ensemble classifier for improving the detection efficiency, and implements the spatiotemporal correlation analysis for differentiating the attacked renewable energy measurements from fault scenarios. Numerical results based on the IEEE 34-bus system show that the proposed framework achieves the most accurate detection of cyber attacks reported in the literature. To address the electricity theft in the AMI, a Distributed Intelligent Framework for Electricity Theft Detection (DIFETD) is proposed, which is equipped with Benford’s analysis for initial diagnostics on large smart meter data. A Stackelberg game between utility and multiple electricity thieves is then formulated to model the electricity theft actions. Finally, a Likelihood Ratio Test (LRT) is utilized to detect potentially fraudulent meters

Lost at Sea: Assessment and Evaluation of Rootkit Attacks on Shipboard Microgrids

Increased dependence of the maritime industry on information and communication networks has made shipboard power systems vulnerable to stealthy cyber-attacks. One such attack variant, called rootkit, can leverage system knowledge to hide its presence and allow remotely located malware handlers to gain complete control of infected subsystems. This paper presents a comprehensive evaluation of the threat landscape imposed by such attack variants on Medium Voltage DC (MVDC) shipboard microgrids, including a discussion of their impact on the overall maritime sector in general, and provides several simulation results to demonstrate the same. It also analyzes and presents the actions of possible defense mechanisms, with specific emphasis on evasion, deception, and detection frameworks, that will help ship operators and maritime cybersecurity professionals protect their systems from such attacks.Comment: 2023 IEEE Electric Ship Technologies Symposium (ESTS

State of the art of cyber-physical systems security: An automatic control perspective

Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds light on how security is actually addressed when dealing with cyber-physical systems from an automatic control perspective. The provided map of 138 selected studies is defined empirically and is based on, for instance, application fields, various system components, related algorithms and models, attacks characteristics and defense strategies. It presents a powerful comparison framework for existing and future research on this hot topic, important for both industry and academia

Proactive defense strategies against net load redistribution attacks in cyber-physical smart grids

Doctor of PhilosophyDepartment of Electrical and Computer EngineeringHongyu WuRecent advances in the cyber-physical smart grid (CPSG) have enabled a broad range of new devices based on information and communication technology (ICT). An open network environment in CPSG provides frequent interaction between information and physical components. However, this interaction also exposes the ICT-enabled devices to a growing threat of cyberattacks. Such threats have been alerted by recent cybersecurity incidents, and the security issues have strongly restricted the development of CPSG. Among various CPS cybersecurity incidents, cyber data attacks invade the cyber layer to destroy data integrity. Through elaborately eavesdropping on the transferred measurement data, the attacks can mislead the state estimation (SE) while keeping stealthy to conventional bad data detection (BDD). Due to the SE being the critical function of CPSG control, the cyber data attacks may cause massive economic loss, power system instability, or even cascading failures. Therefore, this dissertation focuses on the detection of stealthy data integrity attacks. This dissertation first performs a thorough review of the state-of-the-art cyber-physical security of the smart grid. By focusing on the physical layer of the CPSG, this work provides an abstracted and unified state-space model in which cyber-physical attack and defense models can be effectively generalized. The existing cyber-physical attacks are categorized in terms of their target components. In addition, this work discusses several operational and informational defense approaches that present the current state-of-the-art in the field, including moving target defense (MTD), watermarking, and data-driven strategies. The challenges and future opportunities associated with the smart grid cyber-physical security is also discussed. Further, a real-time digital simulator, namely Typhoon HIL, is utilized to visualize the random MTD against false data injection (FDI) attacks. Given the review section as a background, a hidden, coordinated net load redistribution attack (NLRA) in an AC distribution system is proposed. The attacker's goal is to create violations in nodal voltage magnitude estimation. An attacker can implement the NLRA strategy by using the local information of an attack region and power flow enhanced deep learning (PFEDL) state estimators. The NLRA is modeled as an attacker's modified AC optimal power flow problem to maximize the attack impact. Case study results indicate the PFEDL-based SE can provide the attacker with accurate system states in a low observable distribution system where conventional lease square-based SE cannot converge. The stealthiness of the hidden NLRA is validated in multiple attack cases. The influence of NLRA on the distribution system is assessed, and the impact of attack regions, attack timing, and attack area size are also revealed. Next, this dissertation highlights that current MTD strategies myopically perturb the reactance of D-FACTS lines without considering the system voltage stability. Voltage instability induced by MTDs is illustrated in a three-bus system and two more complicated systems with real-world load profiles. Further, a novel MTD framework that explicitly considers system voltage stability using continuation power flow and voltage stability indices is proposed to avoid MTD-induced voltage instability. In addition, this dissertation mathematically derives the sensitivity matrix of voltage stability index to line impedance, on which an optimization problem for maximizing voltage stability index is formulated. This framework is tested on the IEEE 14-bus and the IEEE 118-bus transmission systems, in which sophisticated attackers launch NLRAs. The simulation results show the effectiveness of the proposed framework in circumventing voltage instability while maintaining the detection effectiveness of MTD. Case studies are conducted with and without the proposed framework under different MTD planning and operational methods. The impacts of the proposed two methods on attack detection effectiveness and system economic metrics are also revealed. Finally, this dissertation proposes utilizing smart inverters to implement a novel meter encoding scheme in distribution systems. The proposed meter encoding scheme is a software-based active detection method, which neither requires additional hardware devices nor causes system instability, compared with MTD and watermarking. By elaborately constructing the encoding vector, the proposed smart-inverter-based meter encoding can mislead the attacker's SE while being hidden from alert attackers. In addition, by utilizing the topology of radial distribution systems, the proposed encoding scheme encodes fewer meters than current schemes when protecting the same number of buses, which decreases the encoding cost. Simulation results from the IEEE 69-bus distribution system demonstrate that the proposed meter encoding scheme can mislead the attacker's state estimation on all the downstream buses of an encoded bus without arousing the attacker's suspicion. FDI attacks constructed based on the misled estimated states are highly possible to trigger the defender's BDD alarm