Wenting Wang,Dongqin Feng,Mingliang Chen,Shuxian Yang

DOI: https://doi.org/10.1109/ccdc62350.2024.10588015

2024-01-01

Abstract:This work investigates the problem of detecting and localizing attacks on a class of power cyber-physical systems (CPSs) in the presence of dynamic load alteration attacks (D-LAA). The power CPS is modeled as a discrete-time system with an unknown input, assuming that the sampling process is periodic and the D-LAA is bounded. This study delves into the investigation of attack detection and localization within a specific category of power cyber-physical systems (CPSs) when dealing with dynamic load alteration attacks (D-LAA). A novel Maximum Correntropy Robust Two-Stage Kalman Filter (MCRTSKF) is proposed so that the accurate state estimation for power CPS is achieved in spite of anomalous noise. Meanwhile, some essential parameters for the designed filter are obtained through the fixed-point iteration-stop parameter selection method. Furthermore, based on the state estimate value, the attack detection and localization procedure is presented. Finally, the validity and effectiveness of the proposed attack detection and localization schemes are illustrated by case studies on an IEEE 9-bus system.

Jiazhou Wang,Jue Tian,Nanpeng Yu,Yang Liu,Haichuan Zhang,Yadong Zhou,Ting Liu

DOI: https://doi.org/10.1109/tsg.2024.3416699

IF: 10.275

2024-01-01

IEEE Transactions on Smart Grid

Abstract:The widespread integration of information technology into power systems increases their vulnerability to false data injection (FDI) attacks, where attackers can mislead the power system state estimator to produce incorrect results. Consequently, it is critical to identify the attack and recover the real system state of the power grid. The primary method of state recovery is to derive the real state from measurements covered by the static measurement protection (SMP) methods, which are expensive to apply. The dynamic reactance perturbation (DRP) methods are low-cost but may fail in some conditions to detect attacks due to the topology limitation. In this paper, we propose a dynamic and static combined defense (DSCD) method, which combines the DRP and SMP methods to identify attacks and enhance the resilience of the state estimator at a lower cost. First, we propose the framework of DSCD and derive the necessary and sufficient conditions for recovering the system state. Second, we develop a non-convex optimization model to implement DSCD and propose heuristic algorithms under two extreme scenarios. Using these algorithms, defenders have the flexibility to balance between cost and delay. Simulation results on four IEEE test systems validated the superior performance of the proposed DSCD method.

Sze Zheng Yong,Minghui Zhu,Emilio Frazzoli

DOI: https://doi.org/10.48550/arXiv.1707.07112

2017-07-22

Abstract:In this paper, we consider the problem of attack-resilient state estimation, that is to reliably estimate the true system states despite two classes of attacks: (i) attacks on the switching mechanisms and (ii) false data injection attacks on actuator and sensor signals, in the presence of unbounded stochastic process and measurement noise signals. We model the systems under attack as hidden mode stochastic switched linear systems with unknown inputs and propose the use of a multiple-model inference algorithm to tackle these security issues. Moreover, we characterize fundamental limitations to resilient estimation (e.g., upper bound on the number of tolerable signal attacks) and discuss the topics of attack detection, identification and mitigation under this framework. Simulation examples of switching and false data injection attacks on a benchmark system and an IEEE 68-bus test system show the efficacy of our approach to recover resilient (i.e., asymptotically unbiased) state estimates as well as to identify and mitigate the attacks.

Optimization and Control,Cryptography and Security,Systems and Control,Dynamical Systems

Lin Zhang,Luis Burbano,Xin Chen,Alvaro A. Cardenas,Steven Drager,Matthew Anderson,Fanxin Kong

DOI: https://doi.org/10.1109/rtas61025.2024.00030

2023-01-01

Abstract:Cyber-physical systems tightly integrate computational resources with physical processes through sensing and actuating, widely penetrating various safety-critical domains, such as autonomous driving, medical monitoring, and industrial control. Unfortunately, they are susceptible to assorted attacks that can result in injuries or physical damage soon after the system is compromised. Consequently, we require mechanisms that swiftly recover their physical states, redirecting a compromised system to desired states to mitigate hazardous situations that can result from attacks. However, existing recovery studies have overlooked stochastic uncertainties that can be unbounded, making a recovery infeasible or invalidating safety and real-time guarantees. This paper presents a novel recovery approach that achieves the highest probability of steering the physical states of systems with stochastic uncertainties to a target set rapidly or within a given time. Further, we prove that our method is sound, complete, fast, and has low computational complexity if the target set can be expressed as a strip. Finally, we demonstrate the practicality of our solution through the implementation in multiple use cases encompassing both linear and nonlinear dynamics, including robotic vehicles, drones, and vehicles in high-fidelity simulators.

Lin Zhang,Xin Chen,Fanxin Kong,Alvaro A. Cardenas

DOI: https://doi.org/10.1109/rtss49844.2020.00028

2021-01-01

ACM Transactions on Embedded Computing Systems

Abstract:The increasing autonomy and connectivity in cyber-physical systems (CPS) come with new security vulnerabilities that are easily exploitable by malicious attackers to spoof a system to perform dangerous actions. While the vast majority of existing works focus on attack prevention and detection, the key question is "what to do after detecting an attack?". This problem attracts fairly rare attention though its significance is emphasized by the need to mitigate or even eliminate attack impacts on a system. In this article, we study this attack response problem and propose novel real-time recovery for securing CPS. First, this work's core component is a recovery control calculator using a Linear-Quadratic Regulator (LQR) with timing and safety constraints. This component can smoothly steer back a physical system under control to a target state set before a safe deadline and maintain the system state in the set once it is driven to it. We further propose an Alternating Direction Method of Multipliers (ADMM) based algorithm that can fast solve the LQR-based recovery problem. Second, supporting components for the attack recovery computation include a checkpointer, a state reconstructor, and a deadline estimator. To realize these components respectively, we propose (i) a sliding-windowbased checkpointing protocol that governs sufficient trustworthy data, (ii) a state reconstruction approach that uses the checkpointed data to estimate the current system state, and (iii) a reachability-based approach to conservatively estimate a safe deadline. Finally, we implement our approach and demonstrate its effectiveness in dealing with totally 15 experimental scenarios which are designed based on 5 CPS simulators and 3 types of sensor attacks.

Wenhai Qi,Yanjing Yi,Peng Shi,Guangdeng Zong,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tcsii.2023.3300727

2024-01-01

Abstract:This brief studies the adaptive event-driven control for continuous positive stochastic semi-Markov jump models in the presence of cyber attacks. To save the limited network resources, an adaptive event-driven mechanism is constructed, in which the communication threshold can be dynamically tuned according to the error and state signals. On the basis of linear co-positive Lyapunov function and gain matrix decomposition, stochastic stability conditions are developed under the framework of deception attacks. Next, the design strategy of adaptive event-driven controller is proposed to guarantee the positivity and stochastic stability of the underlying system in linear programming. Furthermore, by means of a lower bound of inter execution time, it is illustrated that there will be finite triggering within a limited time, resulting in no Zeno phenomenon. Finally, a communication network model is shown to verify the theoretical findings.

Shanling Dong,Meiqin Liu

DOI: https://doi.org/10.1109/tfuzz.2022.3193805

IF: 12.253

2022-01-01

IEEE Transactions on Fuzzy Systems

Abstract:This article investigates the adaptive fuzzy asynchronous control problem for discrete-time nonhomogeneous Markov jump power systems under hybrid attacks. A nonhomogeneous Markov process is used to describe the phenomenon of transient failures occurring in power lines and subsequent switching of associated circuit breakers. The corresponding nonhomogeneous hidden Markov model is utilized to detect the jump modes of power systems. Both deception attack and denial-of-service attack are analyzed simultaneously owing to the vulnerability of power systems. With detected modes and fuzzy logic systems, an adaptive fuzzy asynchronous control strategy is proposed. Using the mode-dependent Lyapunov function, the existence conditions of the desired controller law are obtained such that the closed-loop power systems are bounded stable in the mean-square sense. Finally, the usefulness of the developed control strategy is demonstrated by a numerical example.

Lin Zhang,Kaustubh Sridhar,Mengyu Liu,Pengyuan Lu,Xin Chen,Fanxin Kong,Oleg Sokolsky,Insup Lee

DOI: https://doi.org/10.1109/RTAS58335.2023.00024

2023-01-01

Abstract:Cyber-physical systems (CPSs) leverage computations to operate physical objects in real-world environments, and increasingly more CPS-based applications have been designed for life-critical applications. Therefore, any vulnerability in such a system can lead to severe consequences if exploited by adversaries. In this paper, we present a data predictive recovery system to safeguard the CPS from sensor attacks, assuming that we can identify compromised sensors from data. Our recovery system guarantees that the CPS will never encounter unsafe states and will smoothly recover to a target set within a conservative deadline. It also guarantees that the CPS will remain within the target set for a specified period. Major highlights of our paper include (i) the recovery procedure works on nonlinear systems, (ii) the method leverages uncorrupted sensors to relieve uncertainty accumulation, and (iii) an extensive set of experiments on various nonlinear benchmarks that demonstrate our framework's performance and efficiency.

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/icarm54641.2022.9959185

2022-01-01

Abstract:The cyber-physical power system (CPPS) is evolved from the traditional power system by the deployment of information networks with control systems, computational units, and communication networks. However, their integration into CPPS introduces new challenges in maintaining security. Various malicious cyber-attacks are drawn much attention recently after the discovery of the impact on CPPS state estimation. Thus, it is of great significance for operators to detect cyber-attacks and identify the types of attacks in CPPS to make decisions appropriately. This problem can be viewed as a multi-class classification problem from the perspective of machine learning. Accordingly, this paper proposes an ensemble learning-based cyber-attacks detection model for CPPS state estimation. In the proposed model, we use the subspace features and then send the data to the classifier for ensemble, where decision trees and random vector functional link networks are introduced as the basic classifier. The proposed model is validated by employing simulated data on IEEE 14-bus and 30-bus systems. Simulation results demonstrate the performance of the proposed cyber-attacks detection model.

Mengxiang Liu,Zhongda Chu,Fei Teng

2023-09-07

Abstract:To address the increasing vulnerability of power grids, significant attention has been focused on the attack detection and impact mitigation. However, it is still unclear how to effectively and quickly recover the cyber and physical networks from a cyberattack. In this context, this paper presents the first investigation of the Cyber Recovery from Dynamic load altering Attack (CRDA). Considering the interconnection among electricity, transportation, and cyber networks, two essential sub-tasks are formulated for the CRDA: i) Optimal design of repair crew routes to remove installed malware and ii) Adaptive adjustment of system operation to eliminate the mitigation costs while guaranteeing stability. To achieve this, linear stability constraints are obtained by estimating the related eigenvalues under the variation of multiple IBR droop gains based on the sensitivity information of strategically selected sampling points. Moreover, to obtain the robust recovery strategy, the potential counter-measures from the adversary during the recovery process are modeled as maximizing the attack impact of remaining compromised resources in each step. A Mixed-Integer Linear Programming (MILP) problem can be finally formulated for the CRDA with the primary objective to reset involved droop gains and secondarily to repair all compromised loads. Case studies are performed in the modified IEEE 39-bus power system to illustrate the effectiveness of the proposed CRDA compared to the benchmark case.

Systems and Control

Ning Wang,Guang-Hong Yang

DOI: https://doi.org/10.1109/tcyb.2024.3485249

IF: 11.8

2024-11-29

IEEE Transactions on Cybernetics

Abstract:This study addresses a tampered-data recovery problem for linear discrete-time systems with completely unknown system dynamics under stealthy attacks. The basic idea is to identify the stealthy attack, that lies in any of attack-stealthy subspaces, and compensate for it. Different from the existing sparse recovery methods which are applicable to nonstealthy sparse attacks, a novel encoding scheme, where a set of subdecoding matrices is designed specifically for each 1-D attack-stealthy subspace, is developed so that the parameters of the stealthy attack can be identified via a subspace projection technique. A necessary and sufficient condition of determining the targeted subspace by using n parallel attack identification filters is established for this encoding scheme. Especially, a composite encoding matrix characterizes the lower and upper boundaries of the recovery error covariance's trace. A simulation example of a flight vehicle illustrates the efficiency of the proposed approach.

automation & control systems,computer science, cybernetics, artificial intelligence

Gabriella Fiore,Elena De Santis,Maria Domenica Di Benedetto

DOI: https://doi.org/10.48550/arXiv.1704.02737

2017-04-10

Abstract:Switching systems are an important mathematical formalism when dealing with Cyber-Physical Systems (CPSs). In this paper we provide conditions for the exact reconstruction of the initial discrete state of a switching system, when only the continuous output is measurable, and the discrete output signal is not available. In particular, assuming that the continuous input and output signals may be corrupted by additive malicious attacks, we provide conditions for the secure mode distinguishability for linear switching systems. As illustrative example, we consider the hybrid model of a DC/DC boost converter.

Systems and Control

Huaizhi Wang,Jiaqi Ruan,Bin Zhou,Canbing Li,Qiuwei Wu,Muhammad Qamar Raza,Guang-Zhong Cao

DOI: https://doi.org/10.1109/tii.2019.2902163

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:Understanding potential behaviors of attackers is of paramount importance for improving the cybersecurity of power systems. However, the attack behaviors in existing studies are often modeled statically on a single snapshot, which neglects the reality of a dynamically time-evolving power system. Accordingly, a dynamic cyber-attack model with local network information is proposed to characterize the typical data injection attack with the integration of potential dynamic behaviors of an attacker. The proposed model collaboratively alters the meter measurement in a stealthy way to illegally contaminate the system state, thus posing severe threats to cyber physical power systems. We then develop a novel anomaly detection countermeasure from the perspective of state estimation to effectively recognize the dynamic injection attack. In this countermeasure, an interval state forecasting method is proposed to approximate the possible largest variation bounds of each state variable based on a worst-case analysis considering the forecasting uncertainties of renewable energy sources, electric loads, and network parameter perturbations. In addition, the kernel quantile regression is introduced and implemented to formulate the uncertainties in renewable energy and electric load forecast as a series of confidence intervals. When any state variable falls outside its preforecasted intervals, the proposed countermeasure detects the anomaly and sets an alarm condition indicating the possibility of data contamination. Finally, the results from our extensive studies on several IEEE standard test systems have been presented to demonstrate the feasibility of the dynamic attack and the effectiveness of the detection countermeasure.

Borja Bordel Sánchez,Ramón Alcarria,Tomás Robles,Borja Bordel S醤chez,Ram髇 Alcarria,Tom醩 Robles

DOI: https://doi.org/10.32604/cmc.2023.039466

2023-01-01

Abstract:Cyber-Physical Systems are very vulnerable to sparse sensor attacks. But current protection mechanisms employ linear and deterministic models which cannot detect attacks precisely. Therefore, in this paper, we propose a new non-linear generalized model to describe Cyber-Physical Systems. This model includes unknown multivariable discrete and continuous-time functions and different multiplicative noises to represent the evolution of physical processes and random effects in the physical and computational worlds. Besides, the digitalization stage in hardware devices is represented too. Attackers and most critical sparse sensor attacks are described through a stochastic process. The reconstruction and protection mechanisms are based on a weighted stochastic model. Error probability in data samples is estimated through different indicators commonly employed in non-linear dynamics (such as the Fourier transform, first-return maps, or the probability density function). A decision algorithm calculates the final reconstructed value considering the previous error probability. An experimental validation based on simulation tools and real deployments is also carried out. Both, the new technology performance and scalability are studied. Results prove that the proposed solution protects Cyber-Physical Systems against up to 92% of attacks and perturbations, with a computational delay below 2.5 s. The proposed model shows a linear complexity, as recursive or iterative structures are not employed, just algebraic and probabilistic functions. In conclusion, the new model and reconstruction mechanism can protect successfully Cyber-Physical Systems against sparse sensor attacks, even in dense or pervasive deployments and scenarios.

computer science, information systems,materials science, multidisciplinary

Boyo Gao,Libao Shi,Yixin Ni

DOI: https://doi.org/10.1049/cp.2019.0285

2019-01-01

Abstract:The modern power system is experiencing rapid development towards a smarter cyber-physical power grid. How to comprehensively and effectively identify the vulnerable components under various cyber attacks has attracted widespread interest and attention around the world. In this paper, a game-theoretical scheme is developed to analyze the vulnerabilities of transmission lines and cyber elements under locally coordinated cyber-physical attacks in a cyber-physical power infrastructure. A two-step scenario including resources allocation made by system defender in advance and subsequent coordinated cyber-physical attacks are designed elaborately. The designed scenario is modeled as a game of incomplete information, which is then converted into a bi-level mathematical programming problem. In the lower level model, the attacker aims at maximizing system losses by attacking some transmission lines. While in the higher level model, the defender allocates defensive resources, trying to maximally reduce the losses considering the possible attacks. The payoffs of the game are calculated by leveraging a strategy of searching accident chains caused by cascading failure analyzed in this paper. A particle swarm optimization algorithm is applied to solve the proposed nonlinear bi-level programming model, and the case studies on a 34-bus system are conducted to verify the effectiveness of the proposed scheme.

Yihao Guo,Chuangxin Guo,Jie Yang

DOI: https://doi.org/10.17775/CSEEJPES.2022.08550

IF: 6.014

2024-01-01

CSEE Journal of Power and Energy Systems

Abstract:Extreme events such as natural disasters and malicious attacks have become more frequent and caused many blackouts in recent years. There is an urgent need to develop an effective restorative strategy applicable to modern cyber-physical power systems. To this end, an analysis of cyber-physical interdependence is performed at first. Considering the operating constraints of cyber network and the cyber-physical coupling constraints, a novel bi-level attack model is proposed to generate the disaster scenario. With the objective of minimizing the electricity loss over the recovery process, a resilience-oriented restoration model is presented to help the system rapidly recover normal level of performance, featuring the combination of substation reconfiguration and the coordinated repair work on electrical and cyber components considering cyber-physical interdependence. Solution approaches are provided to transform the original nonlinear problems into mixed integer linear programming models which can be solved readily. Case studies are carried out on IEEE RTS-79 system and IEEE 118-bus system. Simulation results prove the advantage and effectiveness of the proposed methods.

Pengyuan Lu,Lin Zhang,Mengyu Liu,Kaustubh Sridhar,Fanxin Kong,Oleg Sokolsky,Insup Lee

DOI: https://doi.org/10.1145/3653974

2024-04-06

Abstract:Cyber-physical systems (CPS) have experienced rapid growth in recent decades. However, like any other computer-based systems, malicious attacks evolve mutually, driving CPS to undesirable physical states and potentially causing catastrophes. Although the current state-of-the-art is well aware of this issue, the majority of researchers have not focused on CPS recovery, the procedure we defined as restoring a CPS's physical state back to a target condition under adversarial attacks. To call for attention on CPS recovery and identify existing efforts, we have surveyed a total of 30 relevant papers. We identify a major partition of the proposed recovery strategies: shallow recovery vs. deep recovery, where the former does not use a dedicated recovery controller while the latter does. Additionally, we surveyed exploratory research on topics that facilitate recovery. From these publications, we discuss the current state-of-the-art of CPS recovery, with respect to applications, attack type, attack surfaces and system dynamics. Then, we identify untouched sub-domains in this field and suggest possible future directions for researchers.

Systems and Control

Yining Li,Jing Wu,Shaoyuan Li

DOI: https://doi.org/10.1504/ijmic.2016.081137

2016-01-01

International Journal of Modelling Identification and Control

Abstract:For the physical network, such as power physical network, built cyber network to optimise the regulation and control to constitute cyber-physical system, in order to achieve optimal control of large scale distributed systems, and bring along with virus, hacking, denial of service from the threat of cyber network that may lead to malicious damage in physical system. In this paper, a distributed dynamic model for a class of power systems with data attack is built with the assumption of attack detectability. Dynamic state estimators are presented to detect the attacked data and estimate its original value. Finally, a simulation of 9-bus power system shows the effectiveness of our proposed method.

Man Zhang,Chong Lin

DOI: https://doi.org/10.1080/21642583.2020.1834465

2020-10-23

Abstract:<span>In this paper, the problem of secure state estimation for cyber physical systems (CPSs) with state delay and sparse sensor attacks is studied. An algorithm combining set cover approach and adaptive switching mechanism is proposed, which can realize off-line acquisition of candidate set and accurately locate the real attack mode. The contributions of this algorithm are that it can greatly reduce the search space, eliminate the impact of attacks on state estimation, improve the estimation speed and ensure the real-time performance of state estimation under the premise of effective estimation. The sufficient condition for the existence of the observer is obtained. Finally, the rapidity and effectiveness of the designed observer are verified by two examples.</span>