Yinan Wang,Gangfeng Yan,Ronghao Zheng

DOI: https://doi.org/10.3390/app8050768

2018-01-01

Applied Sciences

Abstract:The integration of modern computing and advanced communication with power grids has led to the emergence of electrical cyber-physical systems (ECPSs). However, the massive application of communication technologies makes the power grids become more vulnerable to cyber attacks. In this paper, we study the vulnerability of ECPSs and develop defence strategies against cyber attacks. Detection and protection algorithms are proposed to deal with the emergency of cascading failures. Moreover, we propose a weight adjustment strategy to solve the unbalanced power flows problem which is caused by splitting incidents. A MATLAB-based platform with advantages of easy programming, fast calculation, and no damage to systems is built for the offline simulation and analysis of the vulnerability of ECPSs. We also propose a five-aspect method of vulnerability assessment which includes the robustness, economic costs, degree of damage, vulnerable equipment, and trip point. The study is of significance to decision makers as they can get specific advice and defence strategies about a special power system.

Peng Huang,Yinan Wang,Gangfeng Yan

DOI: https://doi.org/10.1109/iecon.2017.8216086

2017-01-01

Abstract:This paper considers a framework of electrical cyber-physical systems (ECPSs) in which each bus and branch in a power grid is equipped with a controller and a sensor. By means of measuring the damages of cyber attacks in terms of cutting off transmission lines, three solution approaches are proposed to assess and deal with the damages caused by faults or cyber attacks. Splitting incident is treated as a special situation in cascading failure propagation. A new simulation platform is built for simulating the protection procedure of ECPSs under faults. The vulnerability of ECPSs under faults is analyzed by experimental results based on IEEE 39-bus system.

Haicheng Tu,Hui-Liang Shen,Yongxiang Xia

DOI: https://doi.org/10.1109/iscas45731.2020.9180816

2020-01-01

Abstract:Under the variety of information and communication technologies, the control center can securely and reliably operate power grid during the system disturbances and natural events. Specifically, when the initial failures are detected by cyber monitoring, the system will timely take emergency protecting operations to restrain the spreading of failures. Although cyber network makes the system more robust, they also increase the risk from the cyber network. In this paper, we firstly consider a control strategy into the cascading failures model. Then, we study how the cyber attack - False negatives attack confuses the control center, and makes the control center can not take emergency operation timely, causing the failure continue spreading. We propose an optimization problem to model the above assumptions and, by solving the optimization problem, study the impact of different attack scenarios on power system.

Qiang Lan,Shuyu Jia,Qinglai Guo,Li He,Peng Yang

DOI: https://doi.org/10.1109/ei252483.2021.9713104

2021-01-01

Abstract:Modern power system is a typical cyber-physical system due to the coupling of primary and secondary systems. The development of renewable energy and smart grids make many new application scenarios. Various new communication technologies make the system complex. Cyber systems and complex network environments have introduced a series of security issues. All of which make them easy to become ideal targets for cyberattacks. Therefore, it is of great significance to the research of cyber security in cyber-physical systems. This paper selects a scenario of centralized LFC, considers the linearized discrete system model under partial observation with Gaussian disturbance. Based on the known and un-changed characteristics of the physical model of the control system, dynamic watermarking is used to detect data integrity attacks from malicious sensors.

Yinan Wang,Wei Li,Gangfeng Yan,Sumian Song

DOI: https://doi.org/10.1109/icit.2017.7915433

2017-01-01

Abstract:This paper proposes an unified framework for electrical cyber physical systems (ECPSs) and studies the mechanism of cyber attacks and cyber security. Communication networks are designed by characteristics of power grids. This model is universal to both transmission and distribution grids. The fragility of ECPSs under cyber attacks (DoS attacks and false data injection attacks) is analyzed in three scenarios based on different types and attackers' acknowledgments of the ECPSs. It has been proved that attacks happen at information uploading routers or control strategy downloading routers will influence the system differently. The effectiveness of relay protection policies and cyber security policies are verified by experimental results.

Ruiwen He,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/ei250167.2020.9346835

2020-01-01

Abstract:With the development of information technology and Power Internet of Things, the increasing number of networked terminals presents new network security threats. Industrial control equipment and systems have vulnerabilities in hardware, software and firmware, and advanced persistent threat against ICS has become more complex and diverse. However, most of the research are aimed at the detection of single vulnerability, and lack attack mechanism analysis and threat assessment for attack chain. We proposed a threat assessment method based on vulnerability descriptive text and described the attributes of attack samples according to the classification results in attack targets, methods and consequences. We constructed attack graphs based on attack sample attributes and cyber-physical topology to quantitatively evaluate the feasibility and benefits of each attack path from vulnerability capabilities and the impact of devices in the physical world. Finally, we took the substation device status monitoring system as an example to verify the feasibility of this method.

Keren CHEN,Fushuan WEN,Junhua ZHAO,Li LI,Yinguo YANG,Yan TAN

DOI: https://doi.org/10.16081/j.issn.1006-6047.2017.12.009

2018-01-01

Abstract:The wide applications of the ever-developing automation and communication technologies have significantly enhanced the operation level of modem power system,while the interactions between the power information system and the power physical system are becoming more extensively and more in-depth,and hence the cyber-physical power system is formed.In the cyber-physical power system,the failure of information equipment has impacts on the security and reliability of power physical system,while attacks from outsiders against either physical or information equipment may result in power supply interruptions.On this background,the cyber-physical power system is simulated as five elements:physical node,physical-physical link,cyber-node,cyber-cyber link and cyber-physical link,to analyze the interactive influence between physical equipment and information equipment,based on which,the influence of information system failure on the operation of physical system is assessed.A bi-level mathematic programming model under the game theory framework is established for distributing defending resources on information and power modules,to quantify the importance degrees of modules under given attacks.The modified IEEE 14-bus power system is simulated and calculated,whose results verify the feasibility and effectiveness of the proposed method.

Yubin Shen,Minrui Fei,Dajun Du,Wenjun Zhang,Srdjan Stankovic,Aleksandar Rakic

DOI: https://doi.org/10.1007/978-981-10-6364-0_44

2017-01-01

Abstract:While open communication infrastructures are embedded into multi-area power systems to support data transmittion, it make communication channels vulnerable to cyber attacks, reliability of power systems is affected. This paper studies the load frequency control (LFC) of multi-area power systems under DoS attacks. The state space model of power systems under DoS attacks is formulated, where event-triggered control scheme is integrated for the multi-area power systems under DoS attacks. By utilizing average dwell time design approach, exponential stability and L-2-gain of the multi-area power systems can be obtained for event-triggered LFC scheme under DoS attacks, if choosing an unavailability rate of communication channels for DoS attacks properly. Finally, the example shows that the convergences of frequency deviation of three-area power systems are compared under different DoS attack scenarios, when the proportion of the total time of DoS attacks can obtain the result properly.

LI Peikai,LIU Yun,XIN Huanhai,QI Donglian

DOI: https://doi.org/10.7500/AEPS20170705002

2018-01-01

Abstract:Distributed cooperative control mode is an effective approach to overcome the problem of integrating multiple and strongly random distributed generators (DGs) into cyber physical system in distribution network.However,due to the integration between cyber and physical layers,cyber attacks could threat the safe and stable operation of power system through invading the cyber system.A dynamic attack-defense game model based vulnerability assessment of cyber-physical system (CPS)in distribution network is proposed.Firstly,a cooperative control strategy of DGs is described,and its convergence property is analyzed and summarized.Then,a risk assessment of CPS in distribution network is developed,which integrates the risk assessment method,the cooperative control strategy of DGs and strategies of attacker and defender.After that,the dynamic attack-defense game function and its solving steps are designed,which achieves the vulnerability assessment of CPS in distribution network with distributed cooperative control mode.Finally,the effectiveness of the proposed method is verified through simulations involving the IEEE 34-bus distribution network.

Meng Zhang,Shanling Dong,Peng Shi,Guanrong Chen,Xiaohong Guan

DOI: https://doi.org/10.1109/tase.2022.3208016

IF: 6.636

2022-01-01

IEEE Transactions on Automation Science and Engineering

Abstract:Information and communication technology tremendously facilitates the operation efficiency and economy of modern power systems in recent years. However, risks such as bandwidth constraints and malicious attacks threaten the secure load frequency control (LFC) of power systems. To mitigate such risks, this paper proposes distributed observer-based event-triggered LFC schemes for multi-area power systems under cyber attacks. Considering the practical situation that only local system output information may be available, distributed observer-based LFC schemes are designed. Meanwhile, to reduce the communication burden, an event-triggered mechanism is adopted to design control laws, where both static and dynamic event-triggered approaches are taken and the dynamic one is proved to be more economical in terms of control cost. Verifiable sufficient conditions are established to guarantee the stability of the closed-loop system in the presence of cyber attacks and the controller gains are explicitly derived. Finally, validation studies on a three-area interconnected power system are carried out to demonstrate the proposed control schemes. Note to Practitioners—Load frequency is a crucial index for evaluating the quality of electric energy and thus LFC has brought considerable attention in the area of power systems control. Although many achievements have been made on the LFC of multi-area power systems, the risks such as bandwidth constraints and malicious attacks affect the normal operation of LFC due to the interconnection between different power systems. To deal with these risks, this paper focuses on designing event-triggered LFC to guarantee the stability of the frequency deviation while reducing the communication burden and mitigating cyber attacks. More importantly, the proposed event-triggered LFC is designed based on an observer and can be implemented in a distributed manner, which is relatively practical in real applications. The results presented in this paper aim to provide a helpful reference for stable and secure LFC design of multi-area power systems, such that the corresponding application research can be promoted.

automation & control systems

Qiwei Zhang,Fangxing Li

DOI: https://doi.org/10.1109/tsg.2021.3066398

IF: 10.275

2021-07-01

IEEE Transactions on Smart Grid

Abstract:With the rapid advancement and integration of communication and sensor technologies, power system operation is becoming more vulnerable to cyberattacks, particularly attacks in which malicious data could induce catastrophic consequences on market operations. Financial risks, as well as the potential physical damages, raise growing concerns about the reliable operation of the electricity market. Existing market-targeting cybersecurity research has focused on developing attack strategies or detection schemes. However, the lack of cyber-vulnerability analysis (CVA) hinders operators from systematically evaluating the real-time (RT) market-clearing model and identifying potential threats from a cybersecurity perspective. This article proposes a comprehensive CVA model for delivering a detailed analysis of four aspects of vulnerability: highly probable cyberattack targets, devastating attack targets, risky load levels, and mitigation ability under different degrees of defense. Users can simulate interactions between attackers and defending operators under different attack events, and the corresponding market settlements are also obtained. The proposed bilevel model is recast into mixed-integer linear programming through Karush–Kuhn–Tucker (KKT) conditions. A simulation study on an IEEE-30 bus system demonstrates the accuracy and effectiveness of the proposed CVA model.

engineering, electrical & electronic

Xindong Liu,Mohammad Shahidehpour,Zuyi Li,Xuan Liu,Yijia Cao,Zhiyi Li

DOI: https://doi.org/10.1109/tsg.2016.2545683

IF: 10.275

2017-01-01

IEEE Transactions on Smart Grid

Abstract:This paper presents a risk assessment method for evaluating the cyber security of power systems considering the role of protection systems. This paper considers the impact of bus and transmission line protection systems located in substations on the cyber-physical performance of power systems. The proposed method simulates the physical response of power systems to malicious attacks on protection system settings and parameters. The relationship among settings of protection devices, protection logics, and circuit breaker logics is analyzed. The expected load curtailment (ELC) index is used in this paper to quantify potential system losses due to cyber attacks. The Monte Carlo simulation is applied to calculate ELC for assessing attackers’ capabilities as bus arrangements are altered. The effectiveness of the proposed risk assessment method is demonstrated using a 9-bus system and the IEEE 68-bus system.

Weihua Chen,JIANG Quan-yuan,CAO Yi-jia

2005-01-01

Abstract:This paper summarizes the defects of traditional assessment methods for voltage security and points out the necessity of voltage security vulnerability assessment in the power market environment.A concept of voltage vulnerability is introduced as a framework for power system voltage security assessment.This concept combines information on the level of voltage security and its trend with changing system conditions.An approach is presented to calculate the voltage vulnerability for power systems based on risk theory and fuzzy reasoning.Voltage risk index and its trend to load level are calculated to deal with both the level of security and its trend with changing system conditions.Fuzzy reasoning is used to obtain the voltage vulnerability from the voltage risk index and its trend based on the system operators' experiences.It supports system operators effectively.A software has been implemented based the proposed approach.At last,the approach and the software are illustrated with New England 39-bus system.The results show the effectiveness of the approach.

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tpwrs.2022.3229667

IF: 7.326

2022-01-01

IEEE Transactions on Power Systems

Abstract:In cyber-physical power systems (CPPSs), additional control as the compensating control plays a very important part in load frequency control (LFC) systems. The additional control in the LFC system is constrained by limited communication resources and cyber-attacks, which may cause performance degradation or destabilize the system. Accordingly, this paper proposes resilient event-triggered LFC for CPPSs with an additional control loop under denial-of-service (DoS) attacks. Firstly, a resilient event-triggered communication scheme is presented to reduce the occupation of communication resources under DoS attacks in the additional control loop. Then, different from existing event-triggered LFC systems, this paper establishes a novel switched LFC system model, where the resilient event generator is integrated into an additional control loop when suffering from DoS attacks. It is the first time that the additional control loop of the LFC system simultaneously considers communication resources and cyber-security. Furthermore, we derive exponential stabilization criteria by applying the Lyapunov stability theory based on the established model. Criteria are derived to obtain the weighting matrix and controller gain simultaneously by applying the linear matrix inequality technique. Finally, a one-area and two multi-area CPPSs with the additional control loop under DoS attacks are used to testify the availability of the proposed resilient event-triggered LFC scheme.

Yize Chen,Yushi Tan,Ling Zhang,Baosen Zhang

DOI: https://doi.org/10.1109/smartgridcomm51999.2021.9631987

2021-10-25

Abstract:We study the security threats of power system operations from a class of data injection attacks on load forecasting algorithms. In particular, we design an attack strategy on input features for load forecasting algorithms which can be implemented by an attacker with minimal system knowledge. System operators can be oblivious of such wrong load forecasts, which lead to uneconomical or even insecure decisions in commitment and dispatch. This paper brings up the security issues of load forecasting algorithms and shows that accurate load forecasting algorithm is not necessarily robust to malicious attacks. If power grid topology information is exploited, more severe attacks can be designed. We demonstrate the impact of load forecasting attacks on two IEEE test cases. We show our attack strategy is able to cause load shedding with high probability under various settings in the 14-bus test case, and also demonstrate system-wide threats in the 118-bus test case with limited local attacks.

Zhenyong Zhang,Ke Zuo,Ruilong Deng,Fei Teng,Mingyang Sun

DOI: https://doi.org/10.1109/jiot.2023.3264492

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Machine learning-based intelligent systems enhanced with Internet of Things (IoT) technologies have been widely developed and exploited to enable the real-time stability assessment of a large-scale electricity grid. However, it has been extensively recognized that the IoT-enabled communication network of power systems is vulnerable to cyberattacks. In particular, system operating states, critical attributes that act as input to the data-driven stability assessment, can be manipulated by malicious actors to mislead the system operator into making disastrous decisions and thus cause major blackouts and cascading events. In this article, we explore the vulnerability of the data-driven power system stability assessment, with a special emphasis on decision tree-based stability assessment (DTSA) approaches, and investigate the feasibility of constructing a physics-constrained adversarial attack (PCAA) to undermine the DTSA. The PCAA is formulated as a nonlinear programming problem considering the misclassification constraint, power limits, and bad data detection, computing potential adversarial perturbations that reverse the “stable/unstable” prediction of the real-time input while remaining invisible/stealthy. Extensive experiments based on the IEEE 68-bus system are conducted to evaluate the impact of PCAAs on predictions of DTSA and their transferability.

Chunyu Chen,Mingjian Cui,Xin Fang,Bixing Ren,Yang Chen

DOI: https://doi.org/10.1016/j.apenergy.2020.116015

IF: 11.2

2020-12-01

Applied Energy

Abstract:<p>Cyber attacks become emerging threats to every information-oriented energy management system. By violating the cyber systems, the hacker can disrupt the security and stability due to the strong coupling between the cyber and physical facilities. In this paper, one type of cyber attacks designated as the load altering attack is studied for the power system frequency control, and corresponding defense strategies are proposed to improve the frequency control performance. Considering the difficulty of the application of model-based controller into large-scale power systems, a novel model-free defense framework is for the first time presented. Under this framework, both active defense and passive defense strategies are designed. The former assumes that the defender has the initiative to learn different attack scenarios. Adaptive defense strategies are implemented using the online attack identification information and off-line trained strategy pool. The latter assumes that the defender passively tolerates various attack scenarios via the pre-trained off-line strategy. Both approaches prove to be effective through validation based on the IEEE benchmark systems. The proposed defense framework and defense strategies can be extended to other energy control systems to enhance their attack tolerance capability.</p>

energy & fuels,engineering, chemical

Zhenyong Zhang,Ruilong Deng,David K. Y. Yau

DOI: https://doi.org/10.1109/tsg.2023.3275988

IF: 10.275

2024-01-01

IEEE Transactions on Smart Grid

Abstract:By integrating the communication-enabled high-voltage electronic devices into the supervisory control and data acquisition (SCADA) system, the smart grid achieves flexible, economic, controllable operations of remote and real-time electricity transmission and distribution. However, it has been widely recognized that the SCADA system is vulnerable to unprecedented cyberattacks. In this paper, we propose a novel attack, namely, a network parameter attack (NPA), on the physical parameter of the branch to affect the load frequency control. The idea is to modify the control signal sent to the thyristor-controlled series compensator (TCSC) device to change the reactance of the transmission line, thus, inflicting the grid frequency stability. We first provide a sufficient condition for NPA to cause frequency instability. To further provide more insights, we analyze the impact of NPA on frequency stability based on the eigenvalue sensitivity. The vulnerable transmission lines are screened out based on the error caused by the NPA on the eigenvalues. Furthermore, we develop a least-effort but maximum-impact attack strategy considering the attacker’s limited resources. Finally, we conduct extensive simulations to validate the effectiveness of the attack and evaluate its impact on the system’s operation.

engineering, electrical & electronic

Jun'e Li,Jiaqi Liang,Quanying Liu,Donglian Qi,Jianliang Zhang,Yangrong Chen

DOI: https://doi.org/10.3389/fenrg.2022.971725

IF: 3.4

2022-01-01

Frontiers in Energy Research

Abstract:With the rapid development of integrated energy system, the large-scale and high-permeability access of distributed generations (DGs) is making the distribution networks develop into active distribution networks (ADNs). The increased complexity of ADNs also increases the vulnerabilities for cyberattacks. It is a new challenge how to evaluate the situation of an ADN so as to support the decision-making of grid control policies in the condition of cyberattacks probably occur. Hence, in this paper, we proposed a method of situation assessment for ADNs considering cyberattacks. This method is aggregated by two parts. 1) An index system is presented, which includes the indexes of DGs stability, the indexes of security risk considering cyberattacks along with the traditional safety indexes. 2) The entropy weight method is used to assign weights to each index, and taking the normal operation status of ADNs as the reference scenario, an operating situation assessment method for ADNs is proposed based on grey correlation analysis method. Finally, in order to verify the effectiveness of the proposed index system and assessment method, 12 attack scenarios are established from three categories: attacks on DGs, attacks on controllable loads and attacks on both of them, and the situation of the ADN, a case based on IEEE 33-node standard distribution system, is evaluated under each scenario.

Ying Wan,Cheng Long,Ruilong Deng,Guanghui Wen,Xinghuo Yu,Tingwen Huang

DOI: https://doi.org/10.1109/tcyb.2020.2978274

IF: 11.8

2021-01-01

IEEE Transactions on Cybernetics

Abstract:In building-microgrid communities, renewable generation and time-varying load usually cause power fluctuations, which influence the ancillary support to the main grid. Thermostatically controlled loads (TCLs) can be utilized to compensate such power variations due to their aggregated and controllable power consumptions. Meanwhile, one basic requirement for the users' side of TCLs is to realize the fair sharing of power states and comfort states. This article proposes a distributed event-based control strategy, where information of neighboring TCLs is exchanged only when a dynamic event-triggered condition is satisfied, and thus it intelligently determines the necessary transmission frequency to save communication resources. From a cybersecurity perspective, the communication network of TCLs may be subject to hybrid attacks, for example, denial-of-service (DoS) and false data-injection (FDI) attacks. During DoS attack intervals, no information can be communicated even through the event-triggered condition is satisfied. Furthermore, the control inputs may also be tampered by FDI attacks. By utilizing the Lyapunov stability and hybrid control theories, sufficient conditions regarding the attack parameters are derived such that fair sharing of power states and comfort states of all involved TCLs can be achieved exponentially. The exclusion of Zeno behaviors is proved and a corollary for ideal communication situations is also deduced. Finally, simulation examples with various attack parameters are conducted to verify the effectiveness of the main results.