Testing the Fault Tolerance of a Wide Area Backup Protection System using SPIN

Cyber-physical systems are increasingly prevalent in daily life. Smart grids in particular are becoming more interconnected and autonomously operated. Despite the advantages, new challenges arise in the form of defending these assets. Recent studies reveal that small-scale, coordinated cyber-attacks on only a few substations across the U.S. could result in cascading failures affecting the entire nation. In support of defending critical infrastructure, this thesis tests the fault tolerance of a backup protection system. Each transmission line in the system incorporates autonomous agents which monitor the status of the line and make decisions regarding the safety of the grid. Various malfunctions that could occur from real-life attacks are simulated in the grid with the intent of determining its ability to successfully respond to faults despite adversity. The SPIN model checker is used to execute all combinations of fault location and malfunctions to determine which types can occur, and how many, before the system is unable to properly clear a fault. With results analyzed, the decision making process of the model is revised to increase its fault tolerance

Current challenges and future trends in the field of communication architectures for microgrids

[EN] The concept of microgrid has emerged as a feasible answer to cope with the increasing number of distributed renewable energy sources which are being introduced into the electrical grid. The microgrid communication network should guarantee a complete and bidirectional connectivity among the microgrid resources, a high reliability and a feasible interoperability. This is in a contrast to the current electrical grid structure which is characterized by the lack of connectivity, being a centralized-unidirectional system. In this paper a review of the microgrids information and communication technologies (ICT) is shown. In addition, a guideline for the transition from the current communication systems to the future generation of microgrid communications is provided. This paper contains a systematic review of the most suitable communication network topologies, technologies and protocols for smart microgrids. It is concluded that a new generation of peer-to-peer communication systems is required towards a dynamic smart microgrid. Potential future research about communications of the next microgrid generation is also identified.This work is supported by the Spanish Ministry of Economy and Competitiveness (MINECO) and the European Regional Development Fund (ERDF) under Grant ENE2015-64087-C2-2. This work is supported by the Spanish Ministry of Economy and Competitiveness (MINECO) under grant BES-2013-064539.Marzal-Romeu, S.; Salas-Puente, RA.; González Medina, R.; Garcerá, G.; Figueres Amorós, E. (2018). Current challenges and future trends in the field of communication architectures for microgrids. Renewable and Sustainable Energy Reviews. 82(2):3610-3622. https://doi.org/10.1016/j.rser.2017.10.101S3610362282

Unattended network operations technology assessment study. Technical support for defining advanced satellite systems concepts

The results are summarized of an unattended network operations technology assessment study for the Space Exploration Initiative (SEI). The scope of the work included: (1) identified possible enhancements due to the proposed Mars communications network; (2) identified network operations on Mars; (3) performed a technology assessment of possible supporting technologies based on current and future approaches to network operations; and (4) developed a plan for the testing and development of these technologies. The most important results obtained are as follows: (1) addition of a third Mars Relay Satellite (MRS) and MRS cross link capabilities will enhance the network's fault tolerance capabilities through improved connectivity; (2) network functions can be divided into the six basic ISO network functional groups; (3) distributed artificial intelligence technologies will augment more traditional network management technologies to form the technological infrastructure of a virtually unattended network; and (4) a great effort is required to bring the current network technology levels for manned space communications up to the level needed for an automated fault tolerance Mars communications network

Evaluation of Resiliency in a Wide-area Backup Protection System via Model Checking

Modern civilization relies heavily on having access to reliable power sources. Recent history has shown that present day protection systems are not adequate. Numerous backup protection (BP) systems have been proposed to mitigate the impact of primary protection system failures. Many of these novel BP systems rely on autonomous agents communicating via wide-area networks. These systems are highly complex and their control logic is based on distributed computing. Model checking has been shown to be a powerful tool in analyzing the behavior of distributed systems. In this research the model checker SPIN is used to evaluate the resiliency of an agent based wide-area backup protection (WABP) system. All combinations of WABP system component malfunctions that lead to system failure are identified and classified. The results of this research indicate that the WABP system evaluated is more resilient to component malfunctions than previously reported. Possible WABP system improvements are introduced as well

Data-driven cyber attack detection and mitigation for decentralized wide-area protection and control in smart grids

Modern power systems have already evolved into complicated cyber physical systems (CPS), often referred to as smart grids, due to the continuous expansion of the electrical infrastructure, the augmentation of the number of heterogeneous system components and players, and the consequential application of a diversity of information and telecommunication technologies to facilitate the Wide Area Monitoring, Protection and Control (WAMPAC) of the day-to-day power system operation. Because of the reliance on cyber technologies, WAMPAC, among other critical functions, is prone to various malicious cyber attacks. Successful cyber attacks, especially those sabotage the operation of Bulk Electric System (BES), can cause great financial losses and social panics. Application of conventional IT security solutions is indispensable, but it often turns out to be insufficient to mitigate sophisticated attacks that deploy zero-day vulnerabilities or social engineering tactics. To further improve the resilience of the operation of smart grids when facing cyber attacks, it is desirable to make the WAMPAC functions per se capable of detecting various anomalies automatically, carrying out adaptive activity adjustments in time and thus staying unimpaired even under attack. Most of the existing research efforts attempt to achieve this by adding novel functional modules, such as model-based anomaly detectors, to the legacy centralized WAMPAC functions. In contrast, this dissertation investigates the application of data-driven algorithms in cyber attack detection and mitigation within a decentralized architecture aiming at improving the situational awareness and self-adaptiveness of WAMPAC. First part of the research focuses on the decentralization of System Integrity Protection Scheme (SIPS) with Multi-Agent System (MAS), within which the data-driven anomaly detection and optimal adaptive load shedding are further explored. An algorithm named as Support Vector Machine embedded Layered Decision Tree (SVMLDT) is proposed for the anomaly detection, which provides satisfactory detection accuracy as well as decision-making interpretability. The adaptive load shedding is carried out by every agent individually with dynamic programming. The load shedding relies on the load profile propagation among peer agents and the attack adaptiveness is accomplished by maintaining the historical mean of load shedding proportion. Load shedding only takes place after the consensus pertaining to the anomaly detection is achieved among all interconnected agents and it serves the purpose of mitigating certain cyber attacks. The attack resilience of the decentralized SIPS is evaluated using IEEE 39 bus model. It is shown that, unlike the traditional centralized SIPS, the proposed solution is able to carry out the remedial actions under most Denial of Service (DoS) attacks. The second part investigates the clustering based anomalous behavior detection and peer-assisted mitigation for power system generation control. To reduce the dimensionality of the data, three metrics are designed to interpret the behavior conformity of generator within the same balancing area. Semi-supervised K-means clustering and a density sensitive clustering algorithm based on Hieararchical DBSCAN (HDBSCAN) are both applied in clustering in the 3D feature space. Aiming to mitigate the cyber attacks targeting the generation control commands, a peer-assisted strategy is proposed. When the control commands from control center is detected as anomalous, i.e. either missing or the payload of which have been manipulated, the generating unit utilizes the peer data to infer and estimate a new generation adjustment value as replacement. Linear regression is utilized to obtain the relation of control values received by different generating units, Moving Target Defense (MTD) is adopted during the peer selection and 1-dimensional clustering is performed with the inferred control values, which are followed by the final control value estimation. The mitigation strategy proposed requires that generating units can communicate with each other in a peer-to-peer manner. Evaluation results suggest the efficacy of the proposed solution in counteracting data availability and data integrity attacks targeting the generation controls. However, the strategy stays effective only if less than half of the generating units are compromised and it is not able to mitigate cyber attacks targeting the measurements involved in the generation control

Improving the Cybersecurity of Cyber-Physical Systems Through Behavioral Game Theory and Model Checking in Practice and in Education

This dissertation presents automated methods based on behavioral game theory and model checking to improve the cybersecurity of cyber-physical systems (CPSs) and advocates teaching certain foundational principles of these methods to cybersecurity students. First, it encodes behavioral game theory\u27s concept of level-k reasoning into an integer linear program that models a newly defined security Colonel Blotto game. This approach is designed to achieve an efficient allocation of scarce protection resources by anticipating attack allocations. A human subjects experiment based on a CPS infrastructure demonstrates its effectiveness. Next, it rigorously defines the term adversarial thinking, one of cybersecurity educations most important and elusive learning objectives, but for which no proper definition exists. It spells out what it means to think like a hacker by examining the characteristic thought processes of hackers through the lens of Sternberg\u27s triarchic theory of intelligence. Next, a classroom experiment demonstrates that teaching basic game theory concepts to cybersecurity students significantly improves their strategic reasoning abilities. Finally, this dissertation applies the SPIN model checker to an electric power protection system and demonstrates a straightforward and effective technique for rigorously characterizing the degree of fault tolerance of complex CPSs, a key step in improving their defensive posture

Local energy markets - an IT-architecture design

In recent years, local energy markets have become an important concept in more decentralized energy systems. Implementations in pilot projects provide first insights into different hypotheses and approaches. From a technical perspective, the requirements for the IT infrastructure of a local energy market are diverse, and a holistic view of its architecture is therefore necessary. This article presents an IT-architecture, which enables all basic local energy market functionalities, processes and modules based on the available literature. The proposed IT-architecture can serve as a blueprint for future local market projects as it covers the basic processes and is at the same time extendable. Furthermore, we give a detailed description of a real-world implementation of a local energy market using the described IT-architecture and discuss the advantages and disadvantages of the utilized technologies along with this case study