Protecting the power grid: strategies against distributed controller compromise

The electric power grid is a complex, interconnected cyber-physical system comprised of collaborating elements for monitoring and control. Distributed controllers play a prominent role in deploying this cohesive execution and are ubiquitous in the grid. As global information is shared and acted upon, faster response to system changes is achieved. However, failure or malfunction of a few or even one distributed controller in the entire system can cause cascading, detrimental effects. In the worst case, widespread blackouts can result, as exemplified by several historic cases. Furthermore, if controllers are maliciously compromised by an adversary, they can be manipulated to drive the power system to an unsafe state. Due to the shift from proprietary control protocols to popular, accessible network protocols and other modernization factors, the power system is extremely vulnerable to cyber attacks. Cyber attacks against the grid have increased significantly in recent years and can cause severe, physical consequences. Attack vectors for distributed controllers range from execution of malicious commands that can cause sensitive equipment damage to forced system topology changes creating instability. These vulnerabilities and risks need to be fully understood, and greater technical capabilities are necessary to create resilient and dynamic defenses. Proactive strategies must be developed to protect the power grid from distributed controller compromise or failure. This research investigates the role distributed controllers play in the grid and how their loss or compromise impacts the system. Specifically, an analytic method based on controllability analysis is derived using clustering and factorization techniques on controller sensitivities. In this manner, insight into the control support groups and sets of critical, essential, and redundant controllers for distributed controllers in the power system is achieved. Subsequently, we introduce proactive strategies that utilize these roles and grouping results for responding to controller compromise using the remaining set. These actions can be taken immediately to reduce system stress and mitigate compromise consequences as the compromise itself is investigated and eliminated by appropriate security mechanisms. These strategies are demonstrated with several compromise scenarios, and an overall framework is presented. Additionally, the controller role and group insights are applied to aid in developing an analytic corrective control selection for fast and automated remedial action scheme (RAS) design. Techniques to aid the verification of control commands and the detection of abnormal control action behavior are also presented. In particular, an augmented DC power flow algorithm using real-time measurements is developed that obtains both faster speed and higher accuracy than existing linear methods. For detecting abnormal behavior, a generator control action classification framework is presented that leverages known power system behaviors to enhance the use of data mining tools. Finally, the importance of incorporating power system knowledge into machine learning applications is emphasized with a study that improves power system neural network construction using modal analysis. This dissertation details these methodologies and their roles in realizing a more cohesive and resilient power system in the increasingly cyber-physical world

A control theoretic approach for security of cyber-physical systems

In this dissertation, several novel defense methodologies for cyber-physical systems have been proposed. First, a special type of cyber-physical system, the RFID system, is considered for which a lightweight mutual authentication and ownership management protocol is proposed in order to protect the data confidentiality and integrity. Then considering the fact that the protection of the data confidentiality and integrity is insufficient to guarantee the security in cyber-physical systems, we turn to the development of a general framework for developing security schemes for cyber-physical systems wherein the cyber system states affect the physical system and vice versa. After that, we apply this general framework by selecting the traffic flow as the cyber system state and a novel attack detection scheme that is capable of capturing the abnormality in the traffic flow in those communication links due to a class of attacks has been proposed. On the other hand, an attack detection scheme that is capable of detecting both sensor and actuator attacks is proposed for the physical system in the presence of network induced delays and packet losses. Next, an attack detection scheme is proposed when the network parameters are unknown by using an optimal Q-learning approach. Finally, this attack detection and accommodation scheme has been further extended to the case where the network is modeled as a nonlinear system with unknown system dynamics --Abstract, page iv

Comprehensive Survey and Taxonomies of False Injection Attacks in Smart Grid: Attack Models, Targets, and Impacts

Smart Grid has rapidly transformed the centrally controlled power system into a massively interconnected cyber-physical system that benefits from the revolutions happening in the communications (e.g. 5G) and the growing proliferation of the Internet of Things devices (such as smart metres and intelligent electronic devices). While the convergence of a significant number of cyber-physical elements has enabled the Smart Grid to be far more efficient and competitive in addressing the growing global energy challenges, it has also introduced a large number of vulnerabilities culminating in violations of data availability, integrity, and confidentiality. Recently, false data injection (FDI) has become one of the most critical cyberattacks, and appears to be a focal point of interest for both research and industry. To this end, this paper presents a comprehensive review in the recent advances of the FDI attacks, with particular emphasis on 1) adversarial models, 2) attack targets, and 3) impacts in the Smart Grid infrastructure. This review paper aims to provide a thorough understanding of the incumbent threats affecting the entire spectrum of the Smart Grid. Related literature are analysed and compared in terms of their theoretical and practical implications to the Smart Grid cybersecurity. In conclusion, a range of technical limitations of existing false data attack research is identified, and a number of future research directions is recommended.Comment: Double-column of 24 pages, prepared based on IEEE Transaction articl

Cyber-Based Contingency Analysis and Insurance Implications of Power Grid

Cybersecurity for power communication infrastructure is a serious subject that has been discussed for a decade since the first North American Electric Reliability Corporation (NERC) critical infrastructure protection (CIP) initiative in 2006. Its credibility on plausibility has been evidenced by attack events in the recent past. Although this is a very high impact, rare probability event, the establishment of quantitative measures would help asset owners in making a series of investment decisions. First, this dissertation tackles attackers\u27 strategies based on the current communication architecture between remote IP-based (unmanned) power substations and energy control centers. Hypothetically, the identification of intrusion paths will lead to the worst-case scenarios that the attackers could do harm to the grid, e.g., how this switching attack may perturb to future cascading outages within a control area when an IP-based substation is compromised. Systematic approaches are proposed in this dissertation on how to systematically determine pivotal substations and how investment can be prioritized to maintain and appropriate a reasonable investment in protecting their existing cyberinfrastructure. More specifically, the second essay of this dissertation focuses on digital protecting relaying, which could have similar detrimental effects on the overall grid\u27s stability. The R-k contingency analyses are proposed to verify with steady-state and dynamic simulations to ensure consistencies of simulation outcome in the proposed modeling in a power system. This is under the assumption that attackers are able to enumerate all electronic devices and computers within a compromised substation network. The essay also assists stakeholders (the defenders) in planning out exhaustively to identify the critical digital relays to be deployed in substations. The systematic methods are the combinatorial evaluation to incorporate the simulated statistics in the proposed metrics that are used based on the physics and simulation studies using existing power system tools. Finally, a risk transfer mechanism of cyber insurance against disruptive switching attacks is studied comprehensively based on the aforementioned two attackers\u27 tactics. The evaluation hypothetically assesses the occurrence of anomalies and how these footprints of attackers can lead to a potential cascading blackout as well as to restore the power back to normal stage. The research proposes a framework of cyber insurance premium calculation based on the ruin probability theory, by modeling potential electronic intrusion and its direct impacts. This preliminary actuarial model can further improve the security of the protective parameters of the critical infrastructure via incentivizing investment in security technologies