Multi-Layer Cyber-Physical Security and Resilience for Smart Grid

The smart grid is a large-scale complex system that integrates communication technologies with the physical layer operation of the energy systems. Security and resilience mechanisms by design are important to provide guarantee operations for the system. This chapter provides a layered perspective of the smart grid security and discusses game and decision theory as a tool to model the interactions among system components and the interaction between attackers and the system. We discuss game-theoretic applications and challenges in the design of cross-layer robust and resilient controller, secure network routing protocol at the data communication and networking layers, and the challenges of the information security at the management layer of the grid. The chapter will discuss the future directions of using game-theoretic tools in addressing multi-layer security issues in the smart grid.Comment: 16 page

Smart Grid Security: Threats, Challenges, and Solutions

The cyber-physical nature of the smart grid has rendered it vulnerable to a multitude of attacks that can occur at its communication, networking, and physical entry points. Such cyber-physical attacks can have detrimental effects on the operation of the grid as exemplified by the recent attack which caused a blackout of the Ukranian power grid. Thus, to properly secure the smart grid, it is of utmost importance to: a) understand its underlying vulnerabilities and associated threats, b) quantify their effects, and c) devise appropriate security solutions. In this paper, the key threats targeting the smart grid are first exposed while assessing their effects on the operation and stability of the grid. Then, the challenges involved in understanding these attacks and devising defense strategies against them are identified. Potential solution approaches that can help mitigate these threats are then discussed. Last, a number of mathematical tools that can help in analyzing and implementing security solutions are introduced. As such, this paper will provide the first comprehensive overview on smart grid security

Reliability Analysis of Electric Power Systems Considering Cyber Security

The new generation of the electric power system is the modern smart grid which is essentially a cyber and physical system (CPS). Supervisory control and data acquisition (SCADA)/energy management system (EMS) is the key component of CPS, which is becoming the main target of both external and insider cyberattacks. Cybersecurity of the SCADA/EMS system is facing big challenges and influences the reliability of the electric power system. Characteristics of cyber threats will impact the system reliability. System reliability can be influenced by various cyber threats with different attack skill levels and attack paths. Additionally, the change of structure of the target system may also result in the change of the system reliability. However, very limited research is related to the reliability analysis of the electric power system considering cybersecurity issue. A large amount of mathematical methods can be used to quantify the cyber threats and simulation processes can be applied to build the reliability analysis model. For instance, to analyze the vulnerabilities of the SCADA/EMS system in the electric power system, Bayesian Networks (BNs) can be used to model the attack paths of cyberattacks on the exploited vulnerabilities. The mean time-to-compromise (MTTC) and mean time-to-failure (MTTF) based on the Common Vulnerability Scoring System (CVSS) can be applied to characterize the properties of cyberattacks. What’s more, simulation approaches like non-sequential or sequential Monte Carlo Simulation (MCS) is able to simulate the system reliability analysis and calculate the reliability indexes. In this thesis, reliability of the SCADA/EMS system in the electric power system considering different cybersecurity issues is analyzed. The Bayesian attack path models of cyberattacks on the SCADA/EMS components are built by Bayesian Networks (BNs), and cyberattacks are quantified by its mean time-to-compromise (MTTC) by applying a modified Semi-Markov Process (SMP) and MTTC models. Based on the IEEE Reliability Test System (RTS) 96, the system reliability is analyzed by calculating the electric power system reliability indexes like LOLP and EENS through MCS. What’s more, cyberattacks with different lurking strategies are considered and analyzed. According to the simulation results, it shows that the system reliability of the SCADA/EMS system in the electric power system considering cyber security is closely related to the MTTC of cyberattacks, which is influenced by the attack paths, attacking skill levels, and the complexity of the target structure. With the increase of the MTTC values of cyberattacks, LOLP values decrease, which means that the reliability of the system is better, and the system is safer. In addition, with the difficulty level of lurking strategies of cyberattacks getting higher and higher, though the LOLP values of scenarios don’t increase a lot, the EENS values of the corresponding scenarios increase dramatically, which indicates that the system reliability is more unpredictable, and the cyber security is worse. Finally, insider attacks are discussed and corresponding LOLP values and EENS values considering lurking behavior are estimated and compared. Both LOLP and EENS values dramatically increase owing to the insider attacks that result in the lower MTTCs. This indicates that insider attacks can lead to worse impact on system reliability than external cyber attacks. The results of this thesis may contribute to the establishment of perfect countermeasures against with cyber attacks on the electric power system

Guest Editorial Special Issue on: Big Data Analytics in Intelligent Systems

The amount of information that is being created, every day, is quickly growing. As such, it is now more common than ever to deal with extremely large datasets. As systems develop and become more intelligent and adaptive, analysing their behaviour is a challenge. The heterogeneity, volume and speed of data generation are increasing rapidly. This is further exacerbated by the use of wireless networks, sensors, smartphones and the Internet. Such systems are capable of generating a phenomenal amount of information and the need to analyse their behaviour, to detect security anomalies or predict future demands for example, is becoming harder. Furthermore, securing such systems is a challenge. As threats evolve, so should security measures develop and adopt increasingly intelligent security techniques. Adaptive systems must be employed and existing methods built upon to provide well-structured defence in depth. Despite the clear need to develop effective protection methods, the task is a difficult one, as there are significant weaknesses in the existing security currently in place. Consequently, this special issue of the Journal of Computer Sciences and Applications discusses big data analytics in intelligent systems. The specific topics of discussion include the Internet of Things, Web Services, Cloud Computing, Security and Interconnected Systems

Cybersecurity in Power Grids: Challenges and Opportunities

Increasing volatilities within power transmission and distribution force power grid operators to amplify their use of communication infrastructure to monitor and control their grid. The resulting increase in communication creates a larger attack surface for malicious actors. Indeed, cyber attacks on power grids have already succeeded in causing temporary, large-scale blackouts in the recent past. In this paper, we analyze the communication infrastructure of power grids to derive resulting fundamental challenges of power grids with respect to cybersecurity. Based on these challenges, we identify a broad set of resulting attack vectors and attack scenarios that threaten the security of power grids. To address these challenges, we propose to rely on a defense-in-depth strategy, which encompasses measures for (i) device and application security, (ii) network security, and (iii) physical security, as well as (iv) policies, procedures, and awareness. For each of these categories, we distill and discuss a comprehensive set of state-of-the art approaches, as well as identify further opportunities to strengthen cybersecurity in interconnected power grids

Autonomic computing architecture for SCADA cyber security

Cognitive computing relates to intelligent computing platforms that are based on the disciplines of artificial intelligence, machine learning, and other innovative technologies. These technologies can be used to design systems that mimic the human brain to learn about their environment and can autonomously predict an impending anomalous situation. IBM first used the term ‘Autonomic Computing’ in 2001 to combat the looming complexity crisis (Ganek and Corbi, 2003). The concept has been inspired by the human biological autonomic system. An autonomic system is self-healing, self-regulating, self-optimising and self-protecting (Ganek and Corbi, 2003). Therefore, the system should be able to protect itself against both malicious attacks and unintended mistakes by the operator

Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability