Statistical Methods for Detection and Mitigation of the Effect of Different Types of Cyber-Attacks and Inconsistencies in Electrical Design Parameters in a Real World Distribution System (original) (raw)

Model-Free Detection of Cyberattacks on Voltage Control in Distribution Grids

2019 15th European Dependable Computing Conference (EDCC)

Incorporating information and communication technology in the operation of the electricity grid is undoubtedly contributing to a more cost-efficient, controllable, and flexible power grid. Although this technology is promoting flexibility and convenience, its integration with the electricity grid is rendering this critical infrastructure inherently vulnerable to cyberattacks that have potential to cause large-scale and farreaching damage. In light of the growing need for a resilient smart grid, developing suitable security mechanisms has become a pressing matter. In this work, we investigate the effectiveness of a model-free state-of-the-art attack-detection method recently proposed by the cybersecurity community in detecting common types of cyberattacks on voltage control in distribution grids. Experimental results show that, by monitoring raw controller and smart-meter data in real time, it is possible to detect denial of service, replay, and integrity attacks, thus contributing to a resilient and more secure grid.

Modelling for Improved Cyber Security in Smart Distribution System

—Information technology is the backbone of the smart grid, where all networks like generation, transmission, distribution, and customer components are connected to each other. Connectivity between these components offers many advantages including consumer's ability to manage their electricity consumption rates and electricity bills etc. Smart grid also provides operators great extent of system visibility and control over electricity services, supervision and control of generating units, power quality improvements and reduced fuel cost etc. Highly connected infrastructure in smart grid threats the reliable operation of grid, especially in terms of cyber security. In automated system, where control actions can be generated by a single command even from a great distance may lead complete shutdown of the whole system. Failure/disoperation of power service suspends all critical services. Therefore, the electrical grid becomes the most significant target for acts of vandalism and terrorism. So an extensive security against the cyber-attacks is required in smart grid environment as compare to traditional electricity grid, where almost all control actions were taken manually or with little use of local controllers. Therefore, with control atomization modulation of traditional energy supply system into a smart network requires a huge investment to develop security strategies as a safeguard for this critical infrastructure.

Cyber security of the electric power production and distribution infrastructure

In this paper an attempt was made to introduce the concept of cyber security as applied in the electric power production and distribution infrastructure. Initially, the relevant control systems, threats to their continued safe operation and potential consequences are identified for both individual power plants and the power grid as a whole. Subsequently, the quantitative risk assessment of the aforementioned critical infrastructures is demonstrated by means of a methodology utilising attack trees. Here, is was established that introducing a package of relatively simple countermeasures may improve the overall system vulnerability of a power control system by as much as 45%.

Electric Power Grid Resilience to Cyber Adversaries: State of the Art

IEEE Access

The smart electricity grids have been evolving to a more complex cyber-physical ecosystem of infrastructures with integrated communication networks, new carbon-free sources of power generation, advanced monitoring and control systems, and a myriad of emerging modern physical hardware technologies. With the unprecedented complexity and heterogeneity in dynamic smart grid networks comes additional vulnerability to emerging threats such as cyber attacks. Rapid development and deployment of advanced network monitoring and communication systems on one hand, and the growing interdependence of the electric power grids to a multitude of lifeline critical infrastructures on the other, calls for holistic defense strategies to safeguard the power grids against cyber adversaries. In order to improve the resilience of the power grid against adversarial attacks and cyber intrusions, advancements should be sought on detection techniques, protection plans, and mitigation practices in all electricity generation, transmission, and distribution sectors. This survey discusses such major directions and recent advancements from a lens of different detection techniques, equipment protection plans, and mitigation strategies to enhance the energy delivery infrastructure resilience and operational endurance against cyber attacks. This undertaking is essential since even modest improvements in resilience of the power grid against cyber threats could lead to sizeable monetary savings and an enriched overall social welfare. INDEX TERMS Cyber physical systems (CPS), cyber attack, intrusion detection system (IDS), false data injection attack (FDIA), energy management system (EMS), power grid resilience.

Security Assessment for Cyber Physical Distribution Power System Under Intrusion Attacks

IEEE Access, 2019

A cyber physical distribution power system (CPDS) is a large and complex infrastructure that coordinates the cyber communication system and the physical distribution power system. Because of the increasingly advanced information communication technology, the development of cyber physical distribution power system has caused key cyber security issues related to system operation. This paper is focused on realizing a unified system attack modeling and security assessment of an active distribution power system. In this paper, first we present an overview of the system operation from the fusion system perspective. The significant effects of network intrusion attacks on operational security are evaluated. A new unified cyber physical network model is established using a limited stochastic Petri net graph theory that considers refined firewalls and password components. Then, a security effectiveness evaluation method is proposed to analyze channel throughput variation and system robustness. Overall CPDS security risk values are determined based on physical influence coefficients. Finally, simulations of an improved IEEE-33 bus distribution power system and security assessment under intrusion attacks are described. The research work could raise awareness of the cyber intrusion threats and provide the basis for security defense. INDEX TERMS Cyber physical distribution system, cyber intrusion attacks, information security indices, limited stochastic Petri net theory.

Effective Detection of Cyber Attack in a Cyber-Physical Power Grid System

2021

Advancement in technology and the adoption of smart devices in the operation of power grid systems have made it imperative to ensure adequate protection for the cyber-physical power grid system against cyber-attacks. This is because, contemporary cyber-attack landscapes have made devices' first line of defense (i.e. authentication and authorization) hardly enough to withstand the attacks. To detect these attacks, this paper proposes a detection methodology based on Machine Learning techniques. The dataset used in this experiment was obtained from the synchrophasor measurements of data logs from snort, simulated control panels and relays of a smart power grid transmission system. After the preprocessing of the dataset, it was then scaled and analyzed before the fitting of-Random Forest, Support Vector Machine, Linear Discriminant Analysis and K-Nearest Neighbor algorithms. The fitting of the different classifiers was done in order to find the algorithm with the best output. Upon the completion of the experiment, the results of classifiers were tabulated and the result of the Random Forest model was the most effective with an accuracy of 92% and a significantly low rate of misclassification. The Random Forest model also shows a high percentage of the true positive rate that is critical to the security issue. .

Power system effects and mitigation recommendations for DER cyberattacks

IET Cyber-Physical Systems: Theory & Applications, 2019

Extensive deployment of interoperable distributed energy resources (DER) is increasing the power system cyber security attack surface. National and jurisdictional interconnection standards require DER to include a range of autonomous and commanded grid-support functions, which can drastically influence power quality, voltage, and bulk system frequency. Here, the authors investigate the impact to the cyber-physical power system in scenarios where communications and operations of DER are controlled by an adversary. The findings show that each grid-support function exposes the power system to distinct types and magnitudes of risk. The physical impact from cyber actions was analysed in cases of DER providing distribution system voltage regulation and transmission system support. Finally, recommendations are presented for minimising the risk using engineered parameter limits and segmenting the control network to minimise common-mode vulnerabilities.

A Hybrid Framework for Detecting and Eliminating Cyber-Attacks in Power Grids

Energies

The work described in this paper aims to detect and eliminate cyber-attacks in smart grids that disrupt the process of dynamic state estimation. This work makes use of an unsupervised learning method, called hierarchical clustering, in an attempt to create an artificial sensor to detect two different cyber-sabotage cases, known as false data injection and denial-of-service, during the dynamic behavior of the power system. The detection process is conducted by using an unsupervised learning-enhanced approach, and a decision tree regressor is then employed for removing the threat. The dynamic state estimation of the power system is done by Kalman filters, which provide benefits in terms of the speed and accuracy of the process. Measurement devices in utilities and buses are vulnerable to communication interruptions between phasor measurement units and operators, who can be easily manipulated by false data. While Kalman filters are incapable of detecting the majority of such cyber-atta...

Cyber-vulnerability of power grid monitoring and control systems

Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead, 2008

In this paper, a methodology is proposed for the evaluation of the impact of cyber attacks on the power grid. This is a systematical approach to evaluate the vulnerabilities of SCADA system at three levels, i.e., system, scenario, and access points. The impact of potential intrusion is evaluated based on the power flow solution. The cause-effect on the proposed method determines the likelihood of the consequence, which can be evaluated based on a substation outage. An IEEE 30 bus system is used to build a test case for the proposed method.

Cyber-Physical Attacks on Power Distribution Systems

IET Cyber-Physical Systems: Theory & Applications

This study investigates the impacts of stealthy false data injection (FDI) attacks that corrupt the state estimation operation of power distribution systems (PDS). In particular, the authors analyse FDI attacks that target the integrity of distribution systems optimal power flow (DSOPF) in order to maximise the system operator losses. The branch current state estimation method is implemented to accurately model the PDS, and convex relaxations are applied to the DSOPF model. The effects of the FDI attacks are analysed on the IEEE 34-bus unbalanced radial distribution system, with distributed energy resources (DERs) along the feeder. A 24 h DSPOF is performed, and the results depict the changes in the voltage profile and the additional power injection from the DERs, which consequently lead to the increase of the DSOPF cost. IET Cyber-Phys. Syst., Theory Appl. This is an open access article published by the IET under the Creative Commons Attribution License (http://creativecommons.org/licenses/by/3.0/) 1 8 IET Cyber-Phys. Syst., Theory Appl. This is an open access article published by the IET under the Creative Commons Attribution License