Ognjen Vukovic - Academia.edu (original) (raw)
Papers by Ognjen Vukovic
IEEE Journal on Selected Areas in Communications, 2014
ABSTRACT State estimation (SE) plays an essential role in the monitoring and supervision of power... more ABSTRACT State estimation (SE) plays an essential role in the monitoring and supervision of power systems. In today's power systems, SE is typically done in a centralized or in a hierarchical way, but as power systems will be increasingly interconnected in the future smart grid, distributed SE will become an important alternative to centralized and hierarchical solutions. As the future smart grid may rely on distributed SE, it is essential to understand the potential vulnerabilities that distributed SE may have. In this paper, we show that an attacker that compromises the communication infrastructure of a single control center in an interconnected power system can successfully perform a denial-of-service attack against state-of-the-art distributed SE, and consequently, it can blind the system operators of every region. As a solution to mitigate such a denial-of-service attack, we propose a fully distributed algorithm for attack detection. Furthermore, we propose a fully distributed algorithm that identifies the most likely attack location based on the individual regions' beliefs about the attack location, isolates the identified region, and then reruns the distributed SE. We validate the proposed algorithms on the IEEE 118 bus benchmark power system.
Proceedings of the 28th Annual ACM Symposium on Applied Computing - SAC '13, 2013
ABSTRACT State estimation plays an essential role in the monitoring and control of power transmis... more ABSTRACT State estimation plays an essential role in the monitoring and control of power transmission systems. In modern, highly inter-connected power systems the state estimation should be performed in a distributed fashion and requires information exchange between the control centers of directly connected systems. Motivated by recent reports on trojans targeting industrial control systems, in this paper we investigate how a single compromised control center can affect the outcome of distributed state estimation. We describe five attack strategies, and evaluate their impact on the IEEE 118 benchmark power system. We show that that even if the state estimation converges despite the attack, the estimate can have up to 30% of error, and bad data detection cannot locate the attack. We also show that if powerful enough, the attack can impede the convergence of the state estimation, and thus it can blind the system operators. Our results show that it is important to provide confidentiality for the measurement data in order to prevent the most powerful attacks. Finally, we discuss a possible way to detect and to mitigate these attacks.
2011 IEEE International Conference on Smart Grid Communications (SmartGridComm), 2011
The power system state estimator is an important application used to calculate optimal power flow... more The power system state estimator is an important application used to calculate optimal power flows, to maintain the system in a secure state, and to detect faulty equipment. Its importance in the operation of the smart grid is expected to increase, and therefore its security is an important concern. Based on a realistic model of the communication infrastructure used to deliver measurement data from the substations to the state estimator, in this paper we investigate the vulnerability of the power system state estimator to attacks performed against the communication infrastructure. We define security metrics that quantify the importance of individual substations and the cost of attacking individual measurements. We provide efficient algorithms to calculate these metrics, and use the metrics to show how various network layer and application layer mitigation strategies can be used to decrease the vulnerability of the state estimator. We illustrate the efficiency of the algorithms on the IEEE 118 and 300 bus benchmark power systems.
2013 IEEE International Conference on Smart Grid Communications (SmartGridComm), 2013
ABSTRACT Distributed state estimation will play a central role in the efficient and reliable oper... more ABSTRACT Distributed state estimation will play a central role in the efficient and reliable operation of interconnected power systems. Therefore, its security is of major concern. In this work we show that an attacker that compromises a single control center in an interconnected system could launch a denial of service attack against state-of-the-art distributed state estimation by injecting false data, and consequently, it could blind the entire system. We propose a fully distributed attack detection scheme based on local measurements to detect such a denial of service attack. We then propose a fully distributed attack localization scheme that relies on the regions' beliefs about the attack location, and performs inference on the power system topology to identify the most likely attack location. We validate both algorithms on the IEEE 118 bus power system.
2014 IEEE International Conference on Smart Grid Communications (SmartGridComm), 2014
2013 IEEE International Conference on Smart Grid Communications (SmartGridComm), 2013
ABSTRACT Power system operators are looking to adopt and migrate to cloud technologies and third-... more ABSTRACT Power system operators are looking to adopt and migrate to cloud technologies and third-party cloud services for customer facing and enterprise IT applications. Security and reliability are major barriers for adopting cloud technologies and services for power system operational applications. In this work we focus on the use of cloud computing for Contingency Analysis and propose an approach to obfuscate information regarding power flows and the presence of a contingency violation while allowing the operator to analyze contingencies with the needed accuracy in the cloud. Our empirical evaluation shows, that the errors introduced into power flows due to the obfuscation approach are small, and that the RMS errors introduced grow linearly with the magnitude of obfuscation.
2011 IEEE International Conference on Communications (ICC), 2011
Motivated by protection and privacy in industrial communication networks, in this paper we consid... more Motivated by protection and privacy in industrial communication networks, in this paper we consider the trade- off between relationship anonymity and communication over- head. We consider two anonymity networks: Crowds, which has unbounded communication delay and Minstrels, proposed in this paper, which provides bounded communication delay. While Crowds hides the sender's identity only, Minstrels aims at hiding the receiver's identity as well. However, to achieve bounded communication delay it has to expose the sender's identity to a greater extent than Crowds. We derive exact and approximate analytical expressions for the relationship anonymity for these systems. While Minstrels achieves close to optimal anonymity under certain conditions, our results show that, contrary to expec- tations, increased overhead does not always improve anonymity.
IEEE Journal on Selected Areas in Communications, 2000
Critical power system applications like contingency analysis and optimal power flow calculation r... more Critical power system applications like contingency analysis and optimal power flow calculation rely on the power system state estimator. Hence the security of the state estimator is essential for the proper operation of the power system. In the future more applications are expected to rely on it, so that its importance will increase. Based on realistic models of the communication
IEEE Journal on Selected Areas in Communications, 2014
ABSTRACT State estimation (SE) plays an essential role in the monitoring and supervision of power... more ABSTRACT State estimation (SE) plays an essential role in the monitoring and supervision of power systems. In today's power systems, SE is typically done in a centralized or in a hierarchical way, but as power systems will be increasingly interconnected in the future smart grid, distributed SE will become an important alternative to centralized and hierarchical solutions. As the future smart grid may rely on distributed SE, it is essential to understand the potential vulnerabilities that distributed SE may have. In this paper, we show that an attacker that compromises the communication infrastructure of a single control center in an interconnected power system can successfully perform a denial-of-service attack against state-of-the-art distributed SE, and consequently, it can blind the system operators of every region. As a solution to mitigate such a denial-of-service attack, we propose a fully distributed algorithm for attack detection. Furthermore, we propose a fully distributed algorithm that identifies the most likely attack location based on the individual regions' beliefs about the attack location, isolates the identified region, and then reruns the distributed SE. We validate the proposed algorithms on the IEEE 118 bus benchmark power system.
Proceedings of the 28th Annual ACM Symposium on Applied Computing - SAC '13, 2013
ABSTRACT State estimation plays an essential role in the monitoring and control of power transmis... more ABSTRACT State estimation plays an essential role in the monitoring and control of power transmission systems. In modern, highly inter-connected power systems the state estimation should be performed in a distributed fashion and requires information exchange between the control centers of directly connected systems. Motivated by recent reports on trojans targeting industrial control systems, in this paper we investigate how a single compromised control center can affect the outcome of distributed state estimation. We describe five attack strategies, and evaluate their impact on the IEEE 118 benchmark power system. We show that that even if the state estimation converges despite the attack, the estimate can have up to 30% of error, and bad data detection cannot locate the attack. We also show that if powerful enough, the attack can impede the convergence of the state estimation, and thus it can blind the system operators. Our results show that it is important to provide confidentiality for the measurement data in order to prevent the most powerful attacks. Finally, we discuss a possible way to detect and to mitigate these attacks.
2011 IEEE International Conference on Smart Grid Communications (SmartGridComm), 2011
The power system state estimator is an important application used to calculate optimal power flow... more The power system state estimator is an important application used to calculate optimal power flows, to maintain the system in a secure state, and to detect faulty equipment. Its importance in the operation of the smart grid is expected to increase, and therefore its security is an important concern. Based on a realistic model of the communication infrastructure used to deliver measurement data from the substations to the state estimator, in this paper we investigate the vulnerability of the power system state estimator to attacks performed against the communication infrastructure. We define security metrics that quantify the importance of individual substations and the cost of attacking individual measurements. We provide efficient algorithms to calculate these metrics, and use the metrics to show how various network layer and application layer mitigation strategies can be used to decrease the vulnerability of the state estimator. We illustrate the efficiency of the algorithms on the IEEE 118 and 300 bus benchmark power systems.
2013 IEEE International Conference on Smart Grid Communications (SmartGridComm), 2013
ABSTRACT Distributed state estimation will play a central role in the efficient and reliable oper... more ABSTRACT Distributed state estimation will play a central role in the efficient and reliable operation of interconnected power systems. Therefore, its security is of major concern. In this work we show that an attacker that compromises a single control center in an interconnected system could launch a denial of service attack against state-of-the-art distributed state estimation by injecting false data, and consequently, it could blind the entire system. We propose a fully distributed attack detection scheme based on local measurements to detect such a denial of service attack. We then propose a fully distributed attack localization scheme that relies on the regions' beliefs about the attack location, and performs inference on the power system topology to identify the most likely attack location. We validate both algorithms on the IEEE 118 bus power system.
2014 IEEE International Conference on Smart Grid Communications (SmartGridComm), 2014
2013 IEEE International Conference on Smart Grid Communications (SmartGridComm), 2013
ABSTRACT Power system operators are looking to adopt and migrate to cloud technologies and third-... more ABSTRACT Power system operators are looking to adopt and migrate to cloud technologies and third-party cloud services for customer facing and enterprise IT applications. Security and reliability are major barriers for adopting cloud technologies and services for power system operational applications. In this work we focus on the use of cloud computing for Contingency Analysis and propose an approach to obfuscate information regarding power flows and the presence of a contingency violation while allowing the operator to analyze contingencies with the needed accuracy in the cloud. Our empirical evaluation shows, that the errors introduced into power flows due to the obfuscation approach are small, and that the RMS errors introduced grow linearly with the magnitude of obfuscation.
2011 IEEE International Conference on Communications (ICC), 2011
Motivated by protection and privacy in industrial communication networks, in this paper we consid... more Motivated by protection and privacy in industrial communication networks, in this paper we consider the trade- off between relationship anonymity and communication over- head. We consider two anonymity networks: Crowds, which has unbounded communication delay and Minstrels, proposed in this paper, which provides bounded communication delay. While Crowds hides the sender's identity only, Minstrels aims at hiding the receiver's identity as well. However, to achieve bounded communication delay it has to expose the sender's identity to a greater extent than Crowds. We derive exact and approximate analytical expressions for the relationship anonymity for these systems. While Minstrels achieves close to optimal anonymity under certain conditions, our results show that, contrary to expec- tations, increased overhead does not always improve anonymity.
IEEE Journal on Selected Areas in Communications, 2000
Critical power system applications like contingency analysis and optimal power flow calculation r... more Critical power system applications like contingency analysis and optimal power flow calculation rely on the power system state estimator. Hence the security of the state estimator is essential for the proper operation of the power system. In the future more applications are expected to rely on it, so that its importance will increase. Based on realistic models of the communication