Cyber Security Evaluation of Smart Electric Meters

In this thesis, effect of intermediate network systems on power usage data collection from Smart Electric Meter in Smart Grid was evaluated. Security integrity of remote data collection from GE’s Power Quality Smart Electric Meter EPM 6100 and EPM 7000 under cyber-attacks were evaluated. Experimental security evaluations of Smart Electric Meters were conducted to understand their operation under cyber-attacks. Integrity of data communication between the GE’s smart meters and remote monitoring computer was evaluated under different types of cyber security attacks. Performance comparison was done for security integrity of EPM 6100 and EPM 7000 power quality meter under various cyber-attacks

On Cyber-Physical Security of Smart Grid: Data Integrity Attacks and Experiment Platform

A Smart Grid is a digitally enabled electric power grid that integrates the computation and communication technologies from cyber world with the sensors and actuators from physical world. Due to the system complexity, typically the high cohesion of communication and power system, the Smart Grid innovation introduces new and fundamentally different security vulnerabilities and risks. In this work, two important research aspects about cyber-physical security of Smart Grid are addressed: (i) The construction, impact and countermeasure of data integrity attacks; and (ii) The design and implementation of general cyber-physical security experiment platform. For data integrity attacks: based on the system model of state estimation process in Smart Grid, firstly, a data integrity attack model is formulated, such that the attackers can generate financial benefits from the real-time electrical market operations. Then, to reduce the required knowledge about the targeted power system when launching attacks, an online attack approach is proposed, such that the attacker is able to construct the desired attacks without the network information of power system. Furthermore, a network information attacking strategy is proposed, in which the most vulnerable meters can be directly identified and the desired measurement perturbations can be achieved by strategically manipulating the network information. Besides the attacking strategies, corresponding countermeasures based on the sparsity of attack vectors and robust state estimator are provided respectively. For the experiment platform: ScorePlus, a software-hardware hybrid and federated experiment environment for Smart Grid is presented. ScorePlus incorporates both software emulator and hardware testbed, such that they all follow the same architecture, and the same Smart Grid application program can be tested on either of them without any modification; ScorePlus provides a federated environment such that multiple software emulators and hardware testbeds at different locations are able to connect and form a unified Smart Grid system; ScorePlus software is encapsulated as a resource plugin in OpenStack cloud computing platform, such that it supports massive deployments with large scale test cases in cloud infrastructure

Vulnerability Assessment and Privacy-preserving Computations in Smart Grid

Modern advances in sensor, computing, and communication technologies enable various smart grid applications which highlight the vulnerability that requires novel approaches to the field of cybersecurity. While substantial numbers of technologies have been adopted to protect cyber attacks in smart grid, there lacks a comprehensive review of the implementations, impacts, and solutions of cyber attacks specific to the smart grid.In this dissertation, we are motivated to evaluate the security requirements for the smart grid which include three main properties: confidentiality, integrity, and availability. First, we review the cyber-physical security of the synchrophasor network, which highlights all three aspects of security issues. Taking the synchrophasor network as an example, we give an overview of how to attack a smart grid network. We test three types of attacks and show the impact of each attack consisting of denial-of-service attack, sniffing attack, and false data injection attack.Next, we discuss how to protect against each attack. For protecting availability, we examine possible defense strategies for the associated vulnerabilities.For protecting data integrity, a small-scale prototype of secure synchrophasor network is presented with different cryptosystems. Besides, a deep learning based time-series anomaly detector is proposed to detect injected measurement. Our approach observes both data measurements and network traffic features to jointly learn system states and can detect attacks when state vector estimator fails.For protecting data confidentiality, we propose privacy-preserving algorithms for two important smart grid applications. 1) A distributed privacy-preserving quadratic optimization algorithm to solve Security Constrained Optimal Power Flow (SCOPF) problem. The SCOPF problem is decomposed into small subproblems using the Alternating Direction Method of Multipliers (ADMM) and gradient projection algorithms. 2) We use Paillier cryptosystem to secure the computation of the power system dynamic simulation. The IEEE 3-Machine 9-Bus System is used to implement and demonstrate the proposed scheme. The security and performance analysis of our implementations demonstrate that our algorithms can prevent chosen-ciphertext attacks at a reasonable cost

Intrusion Detection for Smart Grid Communication Systems

Transformation of the traditional power grid into a smart grid hosts an array of vulnerabilities associated with communication networks. Furthermore, wireless mediums used throughout the smart grid promote an environment where Denial of Service (DoS) attacks are very effective. In wireless mediums, jamming and spoofing attack techniques diminish system operations thus affecting smart grid stability and posing an immediate threat to Confidentiality, Integrity, and Availability (CIA) of the smart grid. Intrusion detection systems (IDS) serve as a primary defense in mitigating network vulnerabilities. In IDS, signatures created from historical data are compared to incoming network traffic to identify abnormalities. In this thesis, intrusion detection algorithms are proposed for attack detection in smart grid networks by means of physical, data link, network, and session layer analysis. Irregularities in these layers provide insight to whether the network is experiencing genuine or malicious activity

Power Injection Measurements are more Vulnerable to Data Integrity Attacks than Power Flow Measurements

A novel metric that describes the vulnerability of the measurements in power system to data integrity attacks is proposed. The new metric, coined vulnerability index (VuIx), leverages information theoretic measures to assess the attack effect on the fundamental limits of the disruption and detection tradeoff. The result of computing the VuIx of the measurements in the system yields an ordering of the measurements vulnerability based on the level of exposure to data integrity attacks. This new framework is used to assess the measurements vulnerability of IEEE test systems and it is observed that power injection measurements are overwhelmingly more vulnerable to data integrity attacks than power flow measurements. A detailed numerical evaluation of the VuIx values for IEEE test systems is provided.Comment: 6 pages, 9 figures, Submitted to IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grid

An information theoretic vulnerability metric for data integrity attacks on smart grids

A novel metric that describes the vulnerability of the measurements in power systems to data integrity attacks is proposed. The new metric, coined vulnerability index (VuIx), leverages information theoretic measures to assess the attack effect on the fundamental limits of the disruption and detection tradeoff. The result of computing the VuIx of the measurements in the system yields an ordering of their vulnerability based on the level of exposure to data integrity attacks. This new framework is used to assess the measurement vulnerability of IEEE 9-bus and 30-bus test systems and it is observed that power injection measurements are overwhelmingly more vulnerable to data integrity attacks than power flow measurements. A detailed numerical evaluation of the VuIx values for IEEE test systems is provided.Comment: 7 pages, 10 figures, submitted to IET Smart Grid. arXiv admin note: substantial text overlap with arXiv:2207.0697

Design of a Secure Architecture for Last Mile Communication in Smart Grid Systems

AbstractEver increasing need of electricity has paved the need for Smart Grids. Smart Meters, digitalized networks and fault tolerant systems are the basic infrastructure which supports Smart Grid. Security in Smart Grid has become a major concern in the present scenario. In this paper we have proposed security architecture at the last mile distribution in Home Area Networks. A Secure communication architecture has been modeled which focuses on secure data transmission between the Smart Meters at home and Central Gateway at the utility centre. Hybrid Encryption algorithms and Digital Signature has been used to provide data integrity. The strength of the model has been verified with the help of an attacker and the model is found to resist attacks. The Encryption time and Decryption time of the cyptostack is lower when compared with other encryption algorithms

A Comprehensive Survey on the Cyber-Security of Smart Grids: Cyber-Attacks, Detection, Countermeasure Techniques, and Future Directions

One of the significant challenges that smart grid networks face is cyber-security. Several studies have been conducted to highlight those security challenges. However, the majority of these surveys classify attacks based on the security requirements, confidentiality, integrity, and availability, without taking into consideration the accountability requirement. In addition, some of these surveys focused on the Transmission Control Protocol/Internet Protocol (TCP/IP) model, which does not differentiate between the application, session, and presentation and the data link and physical layers of the Open System Interconnection (OSI) model. In this survey paper, we provide a classification of attacks based on the OSI model and discuss in more detail the cyber-attacks that can target the different layers of smart grid networks communication. We also propose new classifications for the detection and countermeasure techniques and describe existing techniques under each category. Finally, we discuss challenges and future research directions

Performance Analysis Of Data-Driven Algorithms In Detecting Intrusions On Smart Grid

The traditional power grid is no longer a practical solution for power delivery due to several shortcomings, including chronic blackouts, energy storage issues, high cost of assets, and high carbon emissions. Therefore, there is a serious need for better, cheaper, and cleaner power grid technology that addresses the limitations of traditional power grids. A smart grid is a holistic solution to these issues that consists of a variety of operations and energy measures. This technology can deliver energy to end-users through a two-way flow of communication. It is expected to generate reliable, efficient, and clean power by integrating multiple technologies. It promises reliability, improved functionality, and economical means of power transmission and distribution. This technology also decreases greenhouse emissions by transferring clean, affordable, and efficient energy to users. Smart grid provides several benefits, such as increasing grid resilience, self-healing, and improving system performance. Despite these benefits, this network has been the target of a number of cyber-attacks that violate the availability, integrity, confidentiality, and accountability of the network. For instance, in 2021, a cyber-attack targeted a U.S. power system that shut down the power grid, leaving approximately 100,000 people without power. Another threat on U.S. Smart Grids happened in March 2018 which targeted multiple nuclear power plants and water equipment. These instances represent the obvious reasons why a high level of security approaches is needed in Smart Grids to detect and mitigate sophisticated cyber-attacks. For this purpose, the US National Electric Sector Cybersecurity Organization and the Department of Energy have joined their efforts with other federal agencies, including the Cybersecurity for Energy Delivery Systems and the Federal Energy Regulatory Commission, to investigate the security risks of smart grid networks. Their investigation shows that smart grid requires reliable solutions to defend and prevent cyber-attacks and vulnerability issues. This investigation also shows that with the emerging technologies, including 5G and 6G, smart grid may become more vulnerable to multistage cyber-attacks. A number of studies have been done to identify, detect, and investigate the vulnerabilities of smart grid networks. However, the existing techniques have fundamental limitations, such as low detection rates, high rates of false positives, high rates of misdetection, data poisoning, data quality and processing, lack of scalability, and issues regarding handling huge volumes of data. Therefore, these techniques cannot ensure safe, efficient, and dependable communication for smart grid networks. Therefore, the goal of this dissertation is to investigate the efficiency of machine learning in detecting cyber-attacks on smart grids. The proposed methods are based on supervised, unsupervised machine and deep learning, reinforcement learning, and online learning models. These models have to be trained, tested, and validated, using a reliable dataset. In this dissertation, CICDDoS 2019 was used to train, test, and validate the efficiency of the proposed models. The results show that, for supervised machine learning models, the ensemble models outperform other traditional models. Among the deep learning models, densely neural network family provides satisfactory results for detecting and classifying intrusions on smart grid. Among unsupervised models, variational auto-encoder, provides the highest performance compared to the other unsupervised models. In reinforcement learning, the proposed Capsule Q-learning provides higher detection and lower misdetection rates, compared to the other model in literature. In online learning, the Online Sequential Euclidean Distance Routing Capsule Network model provides significantly better results in detecting intrusion attacks on smart grid, compared to the other deep online models