Smart Grid Security: Threats, Challenges, and Solutions

The cyber-physical nature of the smart grid has rendered it vulnerable to a multitude of attacks that can occur at its communication, networking, and physical entry points. Such cyber-physical attacks can have detrimental effects on the operation of the grid as exemplified by the recent attack which caused a blackout of the Ukranian power grid. Thus, to properly secure the smart grid, it is of utmost importance to: a) understand its underlying vulnerabilities and associated threats, b) quantify their effects, and c) devise appropriate security solutions. In this paper, the key threats targeting the smart grid are first exposed while assessing their effects on the operation and stability of the grid. Then, the challenges involved in understanding these attacks and devising defense strategies against them are identified. Potential solution approaches that can help mitigate these threats are then discussed. Last, a number of mathematical tools that can help in analyzing and implementing security solutions are introduced. As such, this paper will provide the first comprehensive overview on smart grid security

Jamming aided Generalized Data Attacks: Exposing Vulnerabilities in Secure Estimation

Jamming refers to the deletion, corruption or damage of meter measurements that prevents their further usage. This is distinct from adversarial data injection that changes meter readings while preserving their utility in state estimation. This paper presents a generalized attack regime that uses jamming of secure and insecure measurements to greatly expand the scope of common 'hidden' and 'detectable' data injection attacks in literature. For 'hidden' attacks, it is shown that with jamming, the optimal attack is given by the minimum feasible cut in a specific weighted graph. More importantly, for 'detectable' data attacks, this paper shows that the entire range of relative costs for adversarial jamming and data injection can be divided into three separate regions, with distinct graph-cut based constructions for the optimal attack. Approximate algorithms for attack design are developed and their performances are demonstrated by simulations on IEEE test cases. Further, it is proved that prevention of such attacks require security of all grid measurements. This work comprehensively quantifies the dual adversarial benefits of jamming: (a) reduced attack cost and (b) increased resilience to secure measurements, that strengthen the potency of data attacks.Comment: 11 pages, 8 figures, A version of this will appear in HICSS 201

Optimal Attack against Cyber-Physical Control Systems with Reactive Attack Mitigation

This paper studies the performance and resilience of a cyber-physical control system (CPCS) with attack detection and reactive attack mitigation. It addresses the problem of deriving an optimal sequence of false data injection attacks that maximizes the state estimation error of the system. The results provide basic understanding about the limit of the attack impact. The design of the optimal attack is based on a Markov decision process (MDP) formulation, which is solved efficiently using the value iteration method. Using the proposed framework, we quantify the effect of false positives and mis-detections on the system performance, which can help the joint design of the attack detection and mitigation. To demonstrate the use of the proposed framework in a real-world CPCS, we consider the voltage control system of power grids, and run extensive simulations using PowerWorld, a high-fidelity power system simulator, to validate our analysis. The results show that by carefully designing the attack sequence using our proposed approach, the attacker can cause a large deviation of the bus voltages from the desired setpoint. Further, the results verify the optimality of the derived attack sequence and show that, to cause maximum impact, the attacker must carefully craft his attack to strike a balance between the attack magnitude and stealthiness, due to the simultaneous presence of attack detection and mitigation