Yinan Wang,Wei Li,Gangfeng Yan,Sumian Song

DOI: https://doi.org/10.1109/icit.2017.7915433

2017-01-01

Abstract:This paper proposes an unified framework for electrical cyber physical systems (ECPSs) and studies the mechanism of cyber attacks and cyber security. Communication networks are designed by characteristics of power grids. This model is universal to both transmission and distribution grids. The fragility of ECPSs under cyber attacks (DoS attacks and false data injection attacks) is analyzed in three scenarios based on different types and attackers' acknowledgments of the ECPSs. It has been proved that attacks happen at information uploading routers or control strategy downloading routers will influence the system differently. The effectiveness of relay protection policies and cyber security policies are verified by experimental results.

Yinan Wang,Gangfeng Yan,Ronghao Zheng

DOI: https://doi.org/10.3390/app8050768

2018-01-01

Applied Sciences

Abstract:The integration of modern computing and advanced communication with power grids has led to the emergence of electrical cyber-physical systems (ECPSs). However, the massive application of communication technologies makes the power grids become more vulnerable to cyber attacks. In this paper, we study the vulnerability of ECPSs and develop defence strategies against cyber attacks. Detection and protection algorithms are proposed to deal with the emergency of cascading failures. Moreover, we propose a weight adjustment strategy to solve the unbalanced power flows problem which is caused by splitting incidents. A MATLAB-based platform with advantages of easy programming, fast calculation, and no damage to systems is built for the offline simulation and analysis of the vulnerability of ECPSs. We also propose a five-aspect method of vulnerability assessment which includes the robustness, economic costs, degree of damage, vulnerable equipment, and trip point. The study is of significance to decision makers as they can get specific advice and defence strategies about a special power system.

Wei Gu,Shixing Ding,Shuai Lu,Pengfei Zhao,Dehu Zou,Yue Qiu,Ruizhi Yu,Lina Sheng

DOI: https://doi.org/10.1109/tsg.2023.3273710

IF: 10.275

2023-07-01

IEEE Transactions on Smart Grid

Abstract:The integration of information and communication infrastructures has dramatically increased the cyber vulnerability of integrated energy systems (IES). Due to the coupling among various energy systems, cyber-attacks on one sub-energy system may transmit to and affect other sub-energy systems, subsequently threatening the security of the whole IES. This paper develops a destructive coordinated heat and power cyber-attack for the first time, analyzes its risk on the heat and electric integrated energy systems, and reveals its potential consequences. In the developed coordinated attack, a bi-level attacker-operator model is formulated to identify the worst-case scenario caused by the coordinated attack. Two types of false data injection attacks are considered in this coordinated attack strategy: the improved load redistribution attack on the power system and the false heat load attack on the heating system. In order to accurately characterize the stealthiness and adverse effect of the coordinated attack, a time window matching strategy that handles the delay characteristics of the heating system and the latency property of the false heat load attack is proposed, along with the matching of attack parameters in different attacks. Simulation results show that the proposed coordinated attack significantly impacts the system in economic losses, load shedding, renewable power curtailment, and line overload.

engineering, electrical & electronic

Sheng Xu,Yongxiang Xia,Hui-Liang Shen

DOI: https://doi.org/10.1109/tcsii.2020.2999875

2020-01-01

Abstract:In this brief, we analyze the damage caused by malware-induced cyber attacks in Cyber-Physical Power Systems (CPPSs). Incubation period and detection probability of the malware are considered in our analytical framework. From attacker's perspective, the trade-off between attack effectiveness and detection risk is studied to help choose the best attack timing and obtain the maximum payoff. Moreover, we conduct case studies in CPPSs formed by coupling IEEE 118-Bus System with scale-free communication networks. Simulation results reveal that the maximum expected payoff for the attacker is affected by the coupling pattern and the structure of communication network in CPPSs.

Chensheng Liu,Wangli He,Ruilong Deng,Yu-Chu Tian,Wenli Du

DOI: https://doi.org/10.1109/tii.2022.3172688

IF: 12.3

2023-01-01

IEEE Transactions on Industrial Informatics

Abstract:Due to the close relevance to the reliability and efficiency of power systems, network parameters such as branch admittance have been the target of various cyberattacks. However, existing attack models are generally based on the impractical assumption that attackers can directly modify the data of network parameter stored in well-secured control centers. This article proposes a practical attack model and designs an optimal strategy to detect malicious modification of critical network parameters. Specifically, the vulnerability of network parameter error processing is discovered and exploited to indirectly modify the data of network parameter without accessing to the well-secured control center. A model of false-data-injection-enabled network parameter modification is proposed, which significantly reduces the requirements on attackers’ capability and system information. An optimal detection strategy is designed based on the analysis of the minimal protection set at a single branch, which can significantly reduce the number of protected measurements in detecting malicious modification of critical network parameters. Finally, numerical simulations are carried out on the PJM 5-bus and the IEEE 118-bus test systems to validate the theoretical results.

Ying Wan,Cheng Long,Ruilong Deng,Guanghui Wen,Xinghuo Yu,Tingwen Huang

DOI: https://doi.org/10.1109/tcyb.2020.2978274

IF: 11.8

2021-01-01

IEEE Transactions on Cybernetics

Abstract:In building-microgrid communities, renewable generation and time-varying load usually cause power fluctuations, which influence the ancillary support to the main grid. Thermostatically controlled loads (TCLs) can be utilized to compensate such power variations due to their aggregated and controllable power consumptions. Meanwhile, one basic requirement for the users' side of TCLs is to realize the fair sharing of power states and comfort states. This article proposes a distributed event-based control strategy, where information of neighboring TCLs is exchanged only when a dynamic event-triggered condition is satisfied, and thus it intelligently determines the necessary transmission frequency to save communication resources. From a cybersecurity perspective, the communication network of TCLs may be subject to hybrid attacks, for example, denial-of-service (DoS) and false data-injection (FDI) attacks. During DoS attack intervals, no information can be communicated even through the event-triggered condition is satisfied. Furthermore, the control inputs may also be tampered by FDI attacks. By utilizing the Lyapunov stability and hybrid control theories, sufficient conditions regarding the attack parameters are derived such that fair sharing of power states and comfort states of all involved TCLs can be achieved exponentially. The exclusion of Zeno behaviors is proved and a corollary for ideal communication situations is also deduced. Finally, simulation examples with various attack parameters are conducted to verify the effectiveness of the main results.

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tcsii.2022.3181827

2022-01-01

Abstract:In cyber-physical power systems (CPPSs), false data injection attack (FDIA) has drawn much attention due to its stealthiness. It is of great importance to investigate the potential behaviors of attackers to improve the cyber-security of CPPSs. However, most FDIA models are often constructed separately on the effect of attackers or the impact of attacks. Accordingly, this brief proposes a multi-objective stealthy FDIA scheme in AC grid model. The attack model is described as a multi-objective optimization problem, where minimization of contaminated measurements and maximization of the attack impact are considered as two objectives while remaining stealthy. To deal with the established attack model, a non-dominated sorting genetic algorithm II (NSGAII) is introduced as the solver. To improve the efficiency of generating attack vector, a new representation mechanism is proposed to describe locations and values of injected states. Additionally, during the evolutionary process, we propose a mutation operation to balance the sparsity and impact of FDIA. Simulation results on the IEEE 14-bus, 30-bus, and 118-bus systems demonstrate the feasibility of the NSGAII-based FDIA model.

Guanyu Tian,Qun Zhou Sun,Yiyuan Qiao

2023-10-24

Abstract:The power flexibility from smart buildings makes them suitable candidates for providing grid services. The building automation system (BAS) that employs model predictive control (MPC) for grid services relies heavily on sensor data gathered from IoT-based HVAC systems through communication networks. However, cyber-attacks that tamper sensor values can compromise the accuracy and flexibility of HVAC system power adjustment. Existing studies on grid-interactive buildings mainly focus on the efficiency and flexibility of buildings' participation in grid operations, while the security aspect is lacking. In this paper, we investigate the effects of cyber-attacks on HVAC systems in grid-interactive buildings, specifically their power-tracking performance. We design a stochastic optimization-based stealthy sensor attack and a corresponding defense strategy using a resilient control framework. The attack and its defense are tested in a physical model of a test building with a single-chiller HVAC system. Simulation results demonstrate that minor falsifications caused by a stealthy sensor attack can significantly alter the power profile, leading to large power tracking errors. However, the resilient control framework can reduce the power tracking error by over 70% under such attacks without filtering out compromised data.

Systems and Control

Kang-Di Lu,Zheng-Guang Wu,Tingwen Huang

DOI: https://doi.org/10.1109/tmech.2022.3214314

2023-01-01

Abstract:With the rapid development of communication, control, and computer technology, traditional power systems have evolved into cyber-physical power system (CPPS). However, CPPS not only affords convenience but also introduces more cyber-attacks. Among many types of cyber-attacks, false data injection attacks (FDIAs) have drawn much attention in the CPPS security domain due to their stealthiness. Most FDIAs are based on the static model on a single snapshot and often ignore the reality of dynamically time-evolving CPPS. Accordingly, this article proposes a novel three-stage dynamic false data injection attack (DFDIA) model in CPPS by considering potential dynamic behaviors. To consider both attack location and attack amplitude, the designing DFDIA is formulated as two constrained single-objective optimization problems. Two versions of constrained differential evolution are presented as the solver to determine the attack location and optimize the attack vector for collaboratively altering the meter measurements. Then, an interval state forecasting-based countermeasure is proposed to detect the established DFDIA. In this detector, the variation bounds of state values are determined via ensemble deep learning-based state forecasting method. Finally, extensive simulation results on several IEEE bus systems demonstrate the feasibility of DFDIA and the effectiveness of the defense mechanism.

Xiaojie Lin,Sibin Liu,Shuowei Lu,Zhongbo Li,Yi Zhou,Zitao Yu,Wei Zhong

DOI: https://doi.org/10.1016/j.energy.2019.116569

IF: 9

2020-01-01

Energy

Abstract:Intelligent and efficient operation of large-scale urban centralized heating system (UCHS) is a hot topic in urban energy system field. This study develops an intelligent operation control platform for China’s UCHS via “cyber-physical systems” (CPS). The platform is based on graph theory and thermal-hydraulic modeling and has been validated against measured data collected from the substations. 88.5% of the modeled substation supply pressure has an error of less than 5%, and 82.1% of the modeled substation return pressure has an error of less than 5%. The platform carries out “model-based prediction” and “prediction-based decision-making” by incorporating state sensing, load forecasting, modeling, and model-based operation optimization. The platform is further applied to a target UCHS using coal-based combined heat and power (CHP) units and gas-fired boilers as heating sources and covering an area of 15 million m2. To ensure the accuracy, this study carries out online calibration with real-time operation data and tests the load distribution feature during the pilot heating season. During a two-day operation, the optimized heating sources load distribution scheme could reduce natural gas consumption by up to 31.2% when compared with existing experience-based operation. The operation cost during that operation period is also reduced by 2.6%, accordingly.

Suhan Zhang,Wei Gu,Shuai Lu,Shuai Yao,Suyang Zhou,Xiaogang Chen

DOI: https://doi.org/10.1109/tsg.2021.3102057

IF: 10.275

2021-11-01

IEEE Transactions on Smart Grid

Abstract:Intensified interaction between electric power system (EPS) and district heating network (DHN) has raised an urgent requirement of security control to ensure the regular operation of the heat and electricity integrated energy system (HE-IES). However, the implicit expressions of thermal dynamics remain an obstacle to building the quantitative relationships between the EPS and the DHN. To solve this, this paper proposes a novel dynamic model of the district heating network, which contains the equivalent pipe model and the analytical thermal source-load function (TSLF). Then, the interaction between EPS and DHN is divided into the energy flow calculation at the control points and the dynamic simulation during the control intervals to investigate the coupling effect. On this basis, the dynamic characteristics in HE-IES are employed to quantitatively establish the security control strategy using the combined sensitivity analysis. Case studies verify the accuracy and efficiency of the proposed method.

engineering, electrical & electronic

Zihan Zhao,Yongqi Wang,Mengmeng Jiang,Xinrui Liu

DOI: https://doi.org/10.3389/fenrg.2022.1049920

IF: 3.4

2022-11-10

Frontiers in Energy Research

Abstract:While the coupling between various energy systems is deepening as integrated energy develops quickly, security risks in the information network system will be introduced into the physical system, and the interaction between the systems causes the security risks to increase. It is essential to maintain the multi-energy coupling integrated energy system's safe and reliable operation. Therefore, this paper first constructs the cyber physics system (CPS) model based on the electricity-gas integrated energy system (EGIES), the fault propagation mechanism of the system caused by the cyber attack is analyzed, and the cyber attack scenario simulation method based on the N-n predicted fault set is proposed. Secondly, based on the optimal load shedding model and the reliability assessment index, the reliability assessment method of the electricity-gas integrated system under cyber attack is proposed. Then, on the basis of system reliability assessment, a multi-time scale reliability improvement strategy based on branch power and pipeline flow optimization of EGIES under cyber attack is proposed. Finally, the simulation results of the IEEE57-NGS20 electricity-gas integrated system verified the effectiveness of the proposed method. The proposed optimization strategy reduces the out-of-limit range of power transmission lines and natural gas pipelines, reduces the probability of cascading failure in the system under information attacks, and improves the resistance and energy supply reliability of the system against cyber attacks.

energy & fuels

Huaizhi Wang,Jiaqi Ruan,Bin Zhou,Canbing Li,Qiuwei Wu,Muhammad Qamar Raza,Guang-Zhong Cao

DOI: https://doi.org/10.1109/tii.2019.2902163

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:Understanding potential behaviors of attackers is of paramount importance for improving the cybersecurity of power systems. However, the attack behaviors in existing studies are often modeled statically on a single snapshot, which neglects the reality of a dynamically time-evolving power system. Accordingly, a dynamic cyber-attack model with local network information is proposed to characterize the typical data injection attack with the integration of potential dynamic behaviors of an attacker. The proposed model collaboratively alters the meter measurement in a stealthy way to illegally contaminate the system state, thus posing severe threats to cyber physical power systems. We then develop a novel anomaly detection countermeasure from the perspective of state estimation to effectively recognize the dynamic injection attack. In this countermeasure, an interval state forecasting method is proposed to approximate the possible largest variation bounds of each state variable based on a worst-case analysis considering the forecasting uncertainties of renewable energy sources, electric loads, and network parameter perturbations. In addition, the kernel quantile regression is introduced and implemented to formulate the uncertainties in renewable energy and electric load forecast as a series of confidence intervals. When any state variable falls outside its preforecasted intervals, the proposed countermeasure detects the anomaly and sets an alarm condition indicating the possibility of data contamination. Finally, the results from our extensive studies on several IEEE standard test systems have been presented to demonstrate the feasibility of the dynamic attack and the effectiveness of the detection countermeasure.

Yiyuan Qiao,Dongyu Chen,Qun Zhou Sun,Guanyu Tian,Wenyi Wang

DOI: https://doi.org/10.1016/j.enconman.2024.118949

IF: 10.4

2024-08-26

Energy Conversion and Management

Abstract:Grid-interactive smart buildings integrated with building automation systems (BAS) have gained increasing attention in recent years because of their ability to enable timely data communication that links physical and cyber-based control systems. However, the increasing integration has made both buildings and power grids more vulnerable to cyber-attacks. This study highlights the critical importance of cyber security considering negative energy impacts on grid-interactive buildings, which can severely jeopardize the safety and stability of power grids. This paper first proposes a novel man-in-the-middle (MITM) cyber-attack with specific malicious intent to manipulate the building power demand from the heating, ventilation, and air conditioning (HVAC) systems. The model predictive control (MPC) strategy is implemented to maximize power consumption or load ramp rate while simultaneously ensuring optimal building thermal comfort and evading detection by building occupants. Furthermore, the expert rules, i.e., air handling unit performance assessment rules (APAR), are incorporated as critical constraints in the MPC algorithm to bypass the fault detection alarms. The results demonstrate the capabilities of the proposed MITM cyber-attack scenarios in achieving predetermined objectives without triggering any fault detection alarms. In attack Scenario 1, the total power consumption is increased by up to 55%, and in attack Scenario 2, the load ramp rate is increased by 19 times compared with the fault-free BAS. The comparison between DoS (denial of service), FDI (false data injection), and the proposed cyber-attack, which focuses on their impact on the power grid and concealment analysis, is conducted to raise awareness of the severity and stealthiness of the proposed cyber-attacks. This paper is among the first few developing comprehensive MITM cyber-attacks to intelligently manipulate building power consumption exploiting real-time BAS data. It unveils the important risks associated with BAS and provides valuable insights for further assessment of cyber security of grid-interactive smart buildings.

energy & fuels,thermodynamics,mechanics

Xingyu Shi,Huan Guo,Weiyu Wang,Banghuang Yin,Yijia Cao

DOI: https://doi.org/10.3389/fenrg.2023.1242047

IF: 3.4

2023-01-01

Frontiers in Energy Research

Abstract:Introduction: Load Redistribution (LR) attacks, as a common form of false data injection attack, have emerged as a significant cybersecurity threat to power system operations by manipulating load buses’ measurements at substations. Existing LR attack methods typically assume that any substation can be equally attacked, contributing to the analysis of LR attacks in power systems. However, the diversity of cyber vulnerabilities in substation communication links implies varying costs associated with falsifying load buses’ measurements. Thus, quantitatively evaluating these costs and analyzing the impact of LR attacks on power systems within cost constraints holds practical significance.Methods: In this paper, we employ a Bayesian attack graph model to characterize the intrusion process through cyber vulnerabilities. The costs of falsifying load buses’ measurements at substations are quantitatively evaluated using the mean time-to-compromise model. Subsequently, from the attacker’s perspective, we propose a bi-level optimization model for LR attacks, considering the mean time to compromise in conjunction with limited attack resources and power flow constraints.Results: Simulations conducted on the IEEE 14-bus system illustrate the influence of cyber vulnerabilities on LR attacks within power systems. Furthermore, we verify that the attack scenario of the existing LR attack model aligns with a case of the proposed bi-level LR attack model when there is sufficient attack time to compromise all communication links.Discussion: The findings of this research demonstrate that the impact of cyber vulnerabilities on LR attacks can be quantified by assessing the attack costs. Effective management of LR attacks can be achieved under cost constraints through optimization methods. These insights contribute to enhancing network security strategies for power systems, mitigating potential threats posed by LR attacks in power system operations.

Zhigang Chu,Andrea Pinceti,Ramin Kaviani,Roozbeh Khodadadeh,Xingpeng Li,Jiazi Zhang,Karthik Saikumar,Mostafa Sahraei-Ardakani,Christopher Mosier,Robin Podmore,Kory Hedman,Oliver Kosut,Lalitha Sankar

DOI: https://doi.org/10.48550/arXiv.2104.13908

2021-04-29

Abstract:In this paper, we investigate the feasibility and physical consequences of cyber attacks against energy management systems (EMS). Within this framework, we have designed a complete simulation platform to emulate realistic EMS operations: it includes state estimation (SE), real-time contingency analysis (RTCA), and security constrained economic dispatch (SCED). This software platform allowed us to achieve two main objectives: 1) to study the cyber vulnerabilities of an EMS and understand their consequences on the system, and 2) to formulate and implement countermeasures against cyber-attacks exploiting these vulnerabilities. Our results show that the false data injection attacks against state estimation described in the literature do not easily cause base-case overflows because of the conservatism introduced by RTCA. For a successful attack, a more sophisticated model that includes all of the EMS blocks is needed; even in this scenario, only post-contingency violations can be achieved. Nonetheless, we propose several countermeasures that can detect changes due to cyber-attacks and limit their impact on the system.

Systems and Control

Jie Lin,Wei Yu,Xinyu Yang,Guobin Xu,Wei Zhao

DOI: https://doi.org/10.1109/iccps.2012.26

2012-01-01

Abstract:Smart Grid is a new type of energy-based cyber-physical system (CPS) that will provide reliable, secure, and efficient energy transmission and distribution. The way to secure the distributed energy routing process that efficiently utilizes the distributed energy resources and minimizes the energy transmission overhead is essential in smart grid. In this paper, we study the vulnerability of the distributed energy routing process and investigate novel false data injection attacks against the energy routing process. We consider several general attacks, in which the adversary may manipulate the quantity of energy supply, the quantity of energy response, and the link state of energy transmission. The forged data injected by those attacks will cause imbalanced demand and supply, increase the cost for energy distribution, and disrupt the energy distribution. We formally model these attacks and quantitatively analyze their impact on energy distribution. Our evaluation data show that those attacks can effectively disrupt the effectiveness of energy distribution process, causing significant supplied energy loss, energy transmission cost and the number of outage users.

Jie Lin,Wei Yu,Xinyu Yang,Guobin Xu

DOI: https://doi.org/10.1049/pbce096e_ch5

2016-01-01

Abstract:The cyber-physical system (CPS) is a system that can efficiently integrate both cyber and physical components by leveraging modern sensing, computing, and networking technologies. As an important role of CPS, sensors can obtain measurements of physical components and transmit the measurement data to the control center through communication networks. Nonetheless, sensor networks can pose serious security challenges to CPSs as well. In this chapter, we first review CPSs and wireless sensor networks in CPSs. We then take the smart grid as an example of a CPS and investigate the impacts of one category of attacks, namely false data injection attacks, against the operation of the smart grid. Through a combination of theoretical analysis and performance evaluation, we find that false data injection attacks can disrupt the electricity market operations, posing an increased electricity price to consumers. We also discuss the impacts of false data injection attacks on other key functions in the smart grid, including energy distribution, state estimation, etc.

Tao Zhi,Guangya Si,Xiaoyuan He,Yi Xu

DOI: https://doi.org/10.1109/imccc.2011.251

2011-01-01

Abstract:To destroy a country's physical electric power infrastructure by attacking its control system through cyber means, has become an important way to weaken a country's war power. Along with the construction of next generation smart grid, development of the internet of things and appearance of system of systems(henceforth, SOS) warfare based on information systems, the complicated control networks system would confront more and more threat of cyber attack. we design the main structure and key arithmetic of the model, based on the physical electric power infrastructure whose cyber and physical system is close interdependent in order to provide theoretic reference to the analyzing and evaluating the cascading effects from increasing cyber attack to physic system. Preliminary experiments show that these structures and algorithms are reasonable and feasible.

Jiazuo Hou,Jun Wang,Yue Song,Wei Sun,Yunhe Hou

DOI: https://doi.org/10.1109/tsg.2022.3199366

IF: 10.275

2023-01-01

IEEE Transactions on Smart Grid

Abstract:The small-signal angle stability (SSAS) of a power system is determined by the property of operation points. The widely applied false data injection (FDI) cyber-attack, however, is able to stealthily mislead the optimal power flow (OPF) and thus compromise operation points, leading to damages to the SSAS margin. To provide insights for cyber defenders, this paper proposes and investigates a stealthy SSAS-oriented FDI cyber-attack focusing on two attacking purposes, i.e., the SSAS margin and operation cost, with higher priority on the former one. First, this paper establishes a novel bi-level model with an implicit SSAS constraint based on a structure preserving model to compromise operation points. Then, for the SSAS interarea mode in a typical two-area system, this paper formulates closed-form expressions of how the SSAS margin and operation cost behave with respect to stealthy injections. By comparison, for the SSAS local mode in general power systems, this paper proposes a moving target cyber-attack-based hierarchical solution algorithm. Simulation results on a two-area system, a Kundur 11 bus system, and a modified IEEE 14 bus system demonstrate the significant damaging effects of the proposed SSAS-oriented FDI cyber-attack and the conflict between the two attacking purposes.

engineering, electrical & electronic