Optimal Attack against Cyber-Physical Control Systems with Reactive Attack Mitigation

This paper studies the performance and resilience of a cyber-physical control system (CPCS) with attack detection and reactive attack mitigation. It addresses the problem of deriving an optimal sequence of false data injection attacks that maximizes the state estimation error of the system. The results provide basic understanding about the limit of the attack impact. The design of the optimal attack is based on a Markov decision process (MDP) formulation, which is solved efficiently using the value iteration method. Using the proposed framework, we quantify the effect of false positives and mis-detections on the system performance, which can help the joint design of the attack detection and mitigation. To demonstrate the use of the proposed framework in a real-world CPCS, we consider the voltage control system of power grids, and run extensive simulations using PowerWorld, a high-fidelity power system simulator, to validate our analysis. The results show that by carefully designing the attack sequence using our proposed approach, the attacker can cause a large deviation of the bus voltages from the desired setpoint. Further, the results verify the optimality of the derived attack sequence and show that, to cause maximum impact, the attacker must carefully craft his attack to strike a balance between the attack magnitude and stealthiness, due to the simultaneous presence of attack detection and mitigation

Smart Grid Security: Threats, Challenges, and Solutions

The cyber-physical nature of the smart grid has rendered it vulnerable to a multitude of attacks that can occur at its communication, networking, and physical entry points. Such cyber-physical attacks can have detrimental effects on the operation of the grid as exemplified by the recent attack which caused a blackout of the Ukranian power grid. Thus, to properly secure the smart grid, it is of utmost importance to: a) understand its underlying vulnerabilities and associated threats, b) quantify their effects, and c) devise appropriate security solutions. In this paper, the key threats targeting the smart grid are first exposed while assessing their effects on the operation and stability of the grid. Then, the challenges involved in understanding these attacks and devising defense strategies against them are identified. Potential solution approaches that can help mitigate these threats are then discussed. Last, a number of mathematical tools that can help in analyzing and implementing security solutions are introduced. As such, this paper will provide the first comprehensive overview on smart grid security

Impact Assessment of Hypothesized Cyberattacks on Interconnected Bulk Power Systems

The first-ever Ukraine cyberattack on power grid has proven its devastation by hacking into their critical cyber assets. With administrative privileges accessing substation networks/local control centers, one intelligent way of coordinated cyberattacks is to execute a series of disruptive switching executions on multiple substations using compromised supervisory control and data acquisition (SCADA) systems. These actions can cause significant impacts to an interconnected power grid. Unlike the previous power blackouts, such high-impact initiating events can aggravate operating conditions, initiating instability that may lead to system-wide cascading failure. A systemic evaluation of "nightmare" scenarios is highly desirable for asset owners to manage and prioritize the maintenance and investment in protecting their cyberinfrastructure. This survey paper is a conceptual expansion of real-time monitoring, anomaly detection, impact analyses, and mitigation (RAIM) framework that emphasizes on the resulting impacts, both on steady-state and dynamic aspects of power system stability. Hypothetically, we associate the combinatorial analyses of steady state on substations/components outages and dynamics of the sequential switching orders as part of the permutation. The expanded framework includes (1) critical/noncritical combination verification, (2) cascade confirmation, and (3) combination re-evaluation. This paper ends with a discussion of the open issues for metrics and future design pertaining the impact quantification of cyber-related contingencies

Managing cyber risk in supply chains:A review and research agenda

Purpose: Despite growing research interest in cyber security, inter-firm based cyber risk studies are rare. Therefore, this study investigates cyber risk management in supply chain contexts. Methodology: Adapting a systematic literature review process, papers from interdisciplinary areas published between 1990 and 2017 were selected. Different typologies, developed for conducting descriptive and thematic analysis were established using data mining techniques to conduct a comprehensive, replicable and transparent review. Findings: The review identifies multiple future research directions for cyber security/resilience in supply chains. A conceptual model is developed, which indicates a strong link between IT, organisational and supply chain security systems. The human/behavioural elements within cyber security risk are found to be critical; however, behavioural risks have attracted less attention due to a perceived bias towards technical (data, application and network) risks. There is a need for raising risk awareness, standardised policies, collaborative strategies and empirical models for creating supply chain cyber-resilience. Research implications: Different type of cyber risks and their points of penetration, propagation levels, consequences and mitigation measures are identified. The conceptual model developed in this study drives an agenda for future research on supply chain cyber security/resilience. Practical implications: A multi-perspective, systematic study provides a holistic guide for practitioners in understanding cyber-physical systems. The cyber risk challenges and the mitigation strategies identified support supply chain managers in making informed decisions. Originality: This is the first systematic literature review on managing cyber risks in supply chains. The review defines supply chain cyber risk and develops a conceptual model for supply chain cyber security systems and an agenda for future studies

POWER DISTRIBUTION SYSTEM RELIABILITY AND RESILIENCY AGAINST EXTREME EVENTS

The objective of a power system is to provide electricity to its customers as economically as possible with an acceptable level of reliability while safeguarding the environment. Power system reliability has well-established quantitative metrics, regulatory standards, compliance incentives and jurisdictions of responsibilities. The increase in occurrence of extreme events like hurricane/tornadoes, floods, wildfires, storms, cyber-attacks etc. which are not considered in routine reliability evaluation has raised concern over the potential economic losses due to prolonged and large-scale power outages, and the overall sustainability and adaptability of power systems. This concern has motivated the utility planners, operators, and policy makers to acknowledge the importance of system resiliency against such events. However, power system resiliency evaluation is comparatively new, and lacks widely accepted standards, assessment methods and metrics. The thesis presents comparative review and analysis of power system resilience models, methodologies, and metrics in present literature and utility applications. It presents studies on two very different types of extreme events, (i) man-made and (ii) natural disaster, and analyzes their impacts on the resiliency of a distribution system. It draws conclusions on assessing and improving power system resiliency based on the impact of the extreme event, response from the distribution system, and effectiveness of the mitigating measures to tackle the extreme event. The advancement in technologies has seen an increasing integration of cyber and physical layer of the distribution system. The distribution system operators avails from the symbiotic relation of the cyber-physical layer, but the interdependency has also been its Achilles heel. The evolving infrastructure is being exposed to increase in cyber-attacks. It is of paramount importance to address the aforementioned issue by developing holistic approaches to comprehensibly upgrade the distribution system preventing huge financial loss and societal repercussions. The thesis models a type of cyber-attack using false data injection and evaluates its impact on the distribution system. It does so by developing a resilience assessment methodology accompanied by quantitative metrics. It also performs reliability evaluation to present the underlying principle and differences between reliability and resiliency. The thesis also introduces new indices to demonstrate the effectiveness of a bad-data detection strategy against such cyber-attacks. Extreme events like hurricane/tornadoes, floods, wildfires, storm, cyber-attack etc. are responsible for catastrophic damage to critical infrastructure and huge financial loss. Power distribution system is an important critical infrastructure driving the socio-economic growth of the country. High winds are one of the most common form of extreme events that are responsible for outages due to failure of poles, equipment damage etc. The thesis models effective extreme wind events with the help of fragility curves, and presents an analysis of their impacts on the distribution system. It also presents infrastructural and operational resiliency enhancement strategies and quantifies the effectiveness of the strategy with the metrics developed. It also demonstrates the dependency of resiliency of distribution system on the structural strength of transmission lines and presents measures to ensure the independency of the distribution system. The thesis presents effective resilience assessment methodology that can be valuable for distribution system utility planners, and operators to plan and ensure a resilient distribution system

CPS Attacks Mitigation Approaches on Power Electronic Systems with Security Challenges for Smart Grid Applications: A Review

This paper presents an inclusive review of the cyber-physical (CP) attacks, vulnerabilities, mitigation approaches on the power electronics and the security challenges for the smart grid applications. With the rapid evolution of the physical systems in the power electronics applications for interfacing renewable energy sources that incorporate with cyber frameworks, the cyber threats have a critical impact on the smart grid performance. Due to the existence of electronic devices in the smart grid applications, which are interconnected through communication networks, these networks may be subjected to severe cyber-attacks by hackers. If this occurs, the digital controllers can be physically isolated from the control loop. Therefore, the cyber-physical systems (CPSs) in the power electronic systems employed in the smart grid need special treatment and security. In this paper, an overview of the power electronics systems security on the networked smart grid from the CP perception, as well as then emphases on prominent CP attack patterns with substantial influence on the power electronics components operation along with analogous defense solutions. Furthermore, appraisal of the CPS threats attacks mitigation approaches, and encounters along the smart grid applications are discussed. Finally, the paper concludes with upcoming trends and challenges in CP security in the smart grid applications