Sheng Xu,Yongxiang Xia,Hui-Liang Shen

DOI: https://doi.org/10.1109/jsyst.2022.3150576

IF: 4.802

2022-01-01

IEEE Systems Journal

Abstract:In this article, we study how to resist malware attacks in cyber-physical power systems (CPPSs) through cyber protection. A model that incorporates the power flow analysis, the cyber monitoring and control, and the factor of cyber protection is proposed to simulate malware attacks in CPPSs. Meanwhile, an evaluation method is also developed to estimate the effectiveness of different cyber protection strategies. Through simulations, we conduct case studies in a test CPPS generated by coupling the IEEE 118 Bus System with a scale-free communication network. The protection effects of three heuristic cyber protection strategies, namely, target protection, random protection, and acquaintance protection are compared and analyzed. Simulation results reveal that compared with the other two strategies, target protection can suppress malware propagation and resist malware attacks more effectively. Moreover, we also investigate the optimal cyber protection problem in CPPSs and formulate it as a zero-one integer programming problem. We solve the problem by genetic algorithm and find that some low-degree cyber nodes also play a significant role in resisting malware attacks in CPPSs, especially when the protection budget is tight.

Sheng Xu,Yongxiang Xia,Hui-Liang Shen

DOI: https://doi.org/10.1109/tcsii.2020.2999875

2020-01-01

Abstract:In this brief, we analyze the damage caused by malware-induced cyber attacks in Cyber-Physical Power Systems (CPPSs). Incubation period and detection probability of the malware are considered in our analytical framework. From attacker's perspective, the trade-off between attack effectiveness and detection risk is studied to help choose the best attack timing and obtain the maximum payoff. Moreover, we conduct case studies in CPPSs formed by coupling IEEE 118-Bus System with scale-free communication networks. Simulation results reveal that the maximum expected payoff for the attacker is affected by the coupling pattern and the structure of communication network in CPPSs.

Zhigang Lu,Haoyu Liu,Xiangxing Kong,Huifeng Li,Tiecheng Li

DOI: https://doi.org/10.1016/j.segan.2023.101143

2023-01-01

Sustainable Energy, Grids and Networks

Abstract:Cyber-attacks against the cyber–physical power system (CPPS) may lead to major power outages and even system collapse in severe cases. In order to quantify the attack losses and select optimal strategies to defend against cyber-attacks, this paper proposes a computational model of integrated cyber–physical losses based on the theory of interdependent network. Based on the multiple coupling relationship between cyber system and physical network, the monitoring system is regarded as the cyber–physical interaction layer, and the information network operation constraint, physical system load reduction constraint, and monitoring equipment operation constraint are established respectively to analyze the impact on another network after a failed node appears in one layer of network, and proposed the cyber–physical integrated loss objective function. The offensive and defensive processes are abstracted into a two-player zero-sum game model, which evolves into a multi-stage game according to the changes in the system state during the game, and the integrated cyber–physical loss is used as the game gain of both the attacker and defender, and the Minimax-Q algorithm is introduced to solve for the optimal gain and select the optimal defense strategy. Finally, the IEEE 30 node cyber–physical system is used as a simulation example to verify whether the proposed loss calculation model can effectively quantify the losses caused by the attack on the information network and the power grid, and has practical guidance for the selection of the optimal defense strategy.

Yinan Wang,Gangfeng Yan,Ronghao Zheng

DOI: https://doi.org/10.3390/app8050768

2018-01-01

Applied Sciences

Abstract:The integration of modern computing and advanced communication with power grids has led to the emergence of electrical cyber-physical systems (ECPSs). However, the massive application of communication technologies makes the power grids become more vulnerable to cyber attacks. In this paper, we study the vulnerability of ECPSs and develop defence strategies against cyber attacks. Detection and protection algorithms are proposed to deal with the emergency of cascading failures. Moreover, we propose a weight adjustment strategy to solve the unbalanced power flows problem which is caused by splitting incidents. A MATLAB-based platform with advantages of easy programming, fast calculation, and no damage to systems is built for the offline simulation and analysis of the vulnerability of ECPSs. We also propose a five-aspect method of vulnerability assessment which includes the robustness, economic costs, degree of damage, vulnerable equipment, and trip point. The study is of significance to decision makers as they can get specific advice and defence strategies about a special power system.

Jiajun Shen,Dongqin Feng

DOI: https://doi.org/10.1080/00207721.2017.1406555

IF: 2.648

2018-01-01

International Journal of Systems Science

Abstract:In this paper, the cross-layer security problem of cyber-physical system (CPS) is investigated from the game-theoretic perspective. Physical dynamics of plant is captured by stochastic differential game with cyber-physical influence being considered. The sufficient and necessary condition for the existence of state-feedback equilibrium strategies is given. The attack-defence cyber interactions are formulated by a Stackelberg game intertwined with stochastic differential game in physical layer. The condition such that the Stackelberg equilibrium being unique and the corresponding analytical solutions are both provided. An algorithm is proposed for obtaining hierarchical security strategy by solving coupled games, which ensures the operational normalcy and cyber security of CPS subject to uncertain disturbance and unexpected cyberattacks. Simulation results are given to show the effectiveness and performance of the proposed algorithm.

Han Qin,Jiaming Weng,Dong Liu,Donglian Qi,Yufei Wang

DOI: https://doi.org/10.17775/cseejpes.2020.04550

IF: 6.014

2024-01-01

CSEE Journal of Power and Energy Systems

Abstract:With the help of advanced information technology, real-time monitoring and control levels of cyber-physical distribution systems (CPDS) have been significantly improved. However due to the deep integration of cyber and physical systems, attackers could still threaten the stable operation of CPDS by launching cyber-attacks, such as denial-of-service (DoS) attacks. Thus, it is necessary to study the CPDS risk assessment and defense resource allocation methods under DoS attacks. This paper analyzes the impact of DoS attacks on the physical system based on the CPDS fault self-healing control. Then, considering attacker and defender strategies and attack damage, a CPDS risk assessment framework is established. Furthermore, risk assessment and defense resource allocation methods, based on the Stackelberg dynamic game model, are proposed under conditions in which the cyber and physical systems are launched simultaneously. Finally, a simulation based on an actual CPDS is performed, and the calculation results verify the effectiveness of the algorithm.

Pengchao Yao,Weijie Hao,Bingjing Yan,Tao Yang,Jinming Wang,Qiang Yang

DOI: https://doi.org/10.1109/ei252483.2021.9712960

2021-01-01

Abstract:Cyber-Physical Power Systems (CPPSs) currently face an increasing number of security attacks and lack methods for optimal proactive security decisions to defend the attacks. This paper proposed an optimal defensive method based on game theory to minimize the system performance deterioration of CPPSs under cyberspace attacks. The reinforcement learning algorithmic solution is used to obtain the Nash equilibrium and a set of metrics of system vulnerabilities are adopted to quantify the cost of defense against cyber-attacks. The minimax-Q algorithm is utilized to obtain the optimal defense strategy without the availability of the attacker's information. The proposed solution is assessed through experiments based on a realistic power generation microsystem testbed and the numerical results confirmed its effectiveness.

Boyu Gao,Libao Shi

DOI: https://doi.org/10.1109/access.2020.2973030

IF: 3.9

2020-01-01

IEEE Access

Abstract:The rapid development of advanced information and communication technology has made modern power systems evolve into more complicated cyber-physical power systems (CPPSs) with mutual coupling characteristics between cyber systems and power systems, and at the same time, the CPPSs have to confront some newly emerged risks owing to cyber system unreliability or cyberattacks. In this paper, regarding the cyber and physical attacks in a CPPS, the operation risks and vulnerabilities of transmission lines are discussed in detail by building relevant game-theoretic models. Under two possible cyberattack scenarios, namely time delay of system recovery and distributed denial of service, a three-stage defender-attacker-defender tri-level mathematical programming model is proposed based on dynamic game theory of complete information. In particular, the objective functions and corresponding constraint conditions in each level are analyzed and constructed elaborately. For the solution of this proposed tri-level programming model, a solution method based on an improved particle swarm optimization approach combined with sequential quadratic programming technique is applied during analysis. Finally, the proposed model is validated through two case studies, and some preliminary concluding remarks are summarized.

Xiaoxue Liu,Jiexin Zhang,Peidong Zhu,Qingping Tan,Wei Yin

DOI: https://doi.org/10.1016/j.cose.2020.102138

IF: 5.105

2020-01-01

Computers & Security

Abstract:Industrial control systems (ICSs) are distributed complex cyber physical systems (CPSs). The core parts of ICSs are usually ultimate targets of attackers but being protected strictly and difficult to attack directly. Attackers tend to take cyber-physical attacks via multiple attack-steps from outer nodes with less protection. Then, threats propagate from one node to another until reaching the core assets or being detected. This paper develops a unified methodology which can model and analyze the cyber-physical attacks on ICSs quantitatively and automatically. We define the weighted colored Petri net and propose the basic cyber-physical attack models. Second, we propose the method to calculate the weights in attack models by modeling threat propagation between two nodes as mixed-strategy Bayesian attack-defense game with incomplete information and solving the refined Bayesian Nash Equilibrium. Results show that weights in the cyber-physical attack model (CPAM) are nearly stable even when parameters change. Moreover, we build threat propagation matrix and security state vector and further design the cyber-physical attack path analysis algorithm which can discover possible attack paths with specific attack losses. The case study verifies our methodology and evaluations show that our methodology has good time performance within limited node number. This work can help protect ICSs more efficiently.

Keren Chen,Fushuan Wen,Chung-Li Tseng,Minghui Chen,Zeng Yang,Hongwei Zhao,Huiyu Shang

DOI: https://doi.org/10.3390/en12153002

IF: 3.2

2019-01-01

Energies

Abstract:In a Cyber-Physical Power System (CPPS), the interaction between the power cyber system and the power physical system becomes more extensive and more in-depth. The failure of a cyber component could have an impact on the security and reliability of the power physical system. Existing publications have focused on the impacts of the power cyber network on the power physical network, while a general CPPS model considering the mutual impacts of these two networks is less studied. Given this background, a game-theoretic approach for a cyber-physical power system vulnerability analysis is proposed. First, a CPPS interactive model framework is structured, consisting of five types of elements: P-nodes, PP-links, C-nodes, CC-links and CP-links. The interactions among these elements are considered. On this basis, the system cascading failure under potential attacks is analyzed, followed with an optimal load curtailment operation when in an emergency. To further illustrate the system vulnerability, a bi-level optimization model under a game-theoretic framework is presented to describe the interactions between a CPPS attacker and a system defender. Optimal resource allocation by the system defender for maintaining system reliability can be obtained by solving the problem. The feasibility and effectiveness of the proposed method are demonstrated by a revised version of the IEEE 14-bus power system.

Yu-Chu Tian,Chunjie Zhou,Xiaoya Hu,Bowen Hu,Xin Du

DOI: https://doi.org/10.1109/TII.2022.3168774

IF: 12.3

2023-03-01

IEEE Transactions on Industrial Informatics

Abstract:Advanced cyber-physical power systems (CPPS) has been put forward by the strong integration of energy networks and communication networks. While CPPS brings a promising solution with high efficiency, strong flexibility, great scalability, and improved reliability, it inevitably poses some security challenges. In order to address these challenges, it is essential to accurately describe the attack behavior and system security situation. In this article, a dynamic risk propagation evaluation approach is proposed for accurately predicting attacks and quantitatively analyzing system risk. It is equipped with a partitioned cellular automata model to deal with spatial heterogeneity in the partitioned system. The intentions of targeted attack are also considered for predicting attacks. Then, the cyber-to-physical risk is quantitatively identified from multiple dimensions. Finally, the verification of attack intention is designed to dynamically update and adjust the predicted result. The presented approach is demonstrated through a case study on a CPPS.

Computer Science,Engineering

LI Peikai,LIU Yun,XIN Huanhai,QI Donglian

DOI: https://doi.org/10.7500/AEPS20170705002

2018-01-01

Abstract:Distributed cooperative control mode is an effective approach to overcome the problem of integrating multiple and strongly random distributed generators (DGs) into cyber physical system in distribution network.However,due to the integration between cyber and physical layers,cyber attacks could threat the safe and stable operation of power system through invading the cyber system.A dynamic attack-defense game model based vulnerability assessment of cyber-physical system (CPS)in distribution network is proposed.Firstly,a cooperative control strategy of DGs is described,and its convergence property is analyzed and summarized.Then,a risk assessment of CPS in distribution network is developed,which integrates the risk assessment method,the cooperative control strategy of DGs and strategies of attacker and defender.After that,the dynamic attack-defense game function and its solving steps are designed,which achieves the vulnerability assessment of CPS in distribution network with distributed cooperative control mode.Finally,the effectiveness of the proposed method is verified through simulations involving the IEEE 34-bus distribution network.

Huifeng Li,Jiangfeng Zhang,Xiangxing Kong,Zhigang Lu,Xiaoqiang Guo

DOI: https://doi.org/10.1109/TR.2023.3294264

IF: 5.883

2024-03-01

IEEE Transactions on Reliability

Abstract:With the further development of the smart grid, the modern power system has evolved into a cyber-physical power system (CPPS). In order to accurately quantify the resilience of a CPPS under cyber attacks, in this article, a resilience evaluation method for the CPPS considering the whole process of cyber attacks is proposed. First, the calculation model of successful attack probability is proposed based on the Markov node transition probability matrix and depth-first search algorithm. Second, based on the idea of nonsequential Monte-Carlo simulation, a mixed sampling method is proposed to determine the fault occurrence time and repair time of each circuit breaker in the fault set. In order to describe the change process of load after a successful attack, the response model of the power system is proposed using the optimal load reduction model based on the dc power flow. Four resilience evaluation indices for attack risk resistance, system adaptability, repair rate, and comprehensive weighted index are proposed to evaluate the resilience of CPPS considering cyber attacks. Finally, a case study is carried out based on the IEEE RTS 79 system to verify the effectiveness of the proposed resilience evaluation method.

Environmental Science,Engineering,Computer Science

Lingxuan Zhang,Linsen Li,Futai Zou,Jiachao Niu

DOI: https://doi.org/10.1145/3386263.3406945

2020-01-01

Abstract:Industrial cyber-physical systems (ICPSs) are widely used in critical infrastructures. However, they threaten by various cyberattacks which can directly damage the physical processes of ICPSs. Therefore, we proposed a method to quantitatively assess the risk of cyberattacks on the physical systems of ICPSs. This method conduces implement-appropriate security strategies to protect the security of ICPSs. We use an extended Bayesian attack graph to quantify the probabilities of cyberattacks. In addition, we model the cyberattacks as the illegal control signals injected into the physical system and the illegal actions that change the structure of the physical system. With the established model, we compute a new metric: Physical-System-Deviation-Risk (PSDR), which is used to assess the impact of cyberattacks on the physical system. The risk of the physical systems caused by cyberattacks can be quantified by the PSDR and the probabilities of cyberattacks. Moreover, we use a specific case to demonstrate the effectiveness of this assessment method.

Yuhang Zhang,Ming Ni

DOI: https://doi.org/10.3390/app132011569

2023-10-23

Applied Sciences

Abstract:With the increasing deployment of advanced sensing and measurement devices, the modern distribution system is evolved into a cyber-physical power distribution system (CPPDS). Due to the extensive application of information and communication technology, CPPDS is prevalently exposed to a wide range of cybersecurity threats. In this paper, a novel security-oriented cyber-physical risk assessment method for CPPDS is proposed. Based on the information model composed of logical nodes, an attack graph of privilege promotion by exploiting the cyber vulnerabilities is constructed. The physical consequence caused by cyberattack is analyzed in detail. By using the Markov decision process (MDP) theory, the cyber-physical risk index (CPRI) is calculated. Furthermore, considering the allocation of the finite defense resource, the modified MDP approach with an attack–defense game is presented. The effectiveness of the proposed method is demonstrated with case studies on a four-feeder IEEE-RTBS test system.

materials science, multidisciplinary,engineering,chemistry,physics, applied

Song Deng,Jiantang Zhang,Di Wu,Yi He,Xiangpeng Xie,Xindong Wu

DOI: https://doi.org/10.1109/tii.2022.3169456

IF: 12.3

2022-01-01

IEEE Transactions on Industrial Informatics

Abstract:An accurate and comprehensive risk assessment in a distribution cyber-physical system (DCPS) is essential to ensure its smooth operation, effective control, and exposure of hidden dangers and security implications. Unfortunately, prior risk assessment methods are mostly limited in two aspects. First, the current studies do not respect the complex network topology and intertwined devicewise dependencies, thereby failing to delineate and model the risk propagation mechanism in DCPS accurately. Second, the prior work tends to focus on gauging the risks underlying physical systems independently, overlooking the quantification of risk impact on physical systems incurred by the cyberattack. To fill the gap, in this article, we propose a unified risk assessment model that gauges the comprehensive security implication of DCPS in a Bayesian regime, in which the three key components, namely, the prior probability, posterior probability, and minimum load-loss ratio, are calculated via the cumulative densities, epidemic model, and optimal load shedding, respectively. We benchmark our proposed model on a public testbed, IEEE 39-bus system, with extensive experiments. The results substantiate the viability and effectiveness of our model and suggest that the vulnerability of DCPS is positively correlated with the three components in our Bayesian modeling. We hope this finding can shed some light on future research by providing a plausible apparatus for measuring the security implications of physical systems in DCPS under cyberattacks.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Jia Guo,Yifei Wang,Chuangxin Guo,Shufeng Dong,Baijian Wen

DOI: https://doi.org/10.1109/PESGM.2016.7741899

2016-01-01

Abstract:In Cyber-Physical Power System (CPPS), cyber system and the possible cyber attacks may affect the behavior of physical system. This paper deals with the reliability impact of cyber attacks against monitoring functions to CPPS. Firstly, the monitoring function failure model considering possible cyber attacks is proposed. Secondly, the reliability impact of transmission line monitoring function failure is analyzed. Then, an improved reliability assessment method is presented for quantitative calculation of this impact. Finally, the proposed approach is simulated and analyzed on an benchmark system to verify its necessity and feasibility.

Bingjing Yan,Pengchao Yao,Jinming Wang,Tao Yang,Wei Ruan,Qiang Yang

DOI: https://doi.org/10.1109/ei252483.2021.9712952

2021-01-01

Abstract:The critical industrial infrastructures are facing increasing cyberspace threats and attacks in most recent years, the cyberspace security of different forms of Cyber Physical Systems (CPSs) has received much attention. The game theory is considered as an appropriate paradigm for formulating the behaviors of cyberspace attack and defense. This paper proposes a game theory based dynamic cybersecurity defense strategy in the context of electrical CPSs that relies on zero-sum game of incomplete information to identify the expected utility of attacker and defender under Nash equilibrium. The key idea of the proposed solution is to import physical security target and cyber safety index, analyze the asset value of different nodes in a multi-dimensional manner, and update Markov belief dynamically at each stage to reflect the understanding degree of both sides. The proposed solution is assessed through simulation experiments and the CPS testbed at Zhejiang University. The numerical results confirmed that the proposed method can carry out appropriate strategy for defense resources allocation in electrical CPS with the limited availability of defense resources.

Ying Chen,Junho Hong,Chen-Ching Liu

DOI: https://doi.org/10.1109/tsg.2016.2614603

IF: 10.275

2018-01-01

IEEE Transactions on Smart Grid

Abstract:Cyber intrusions to substations are critical issues to a power grid, which must be defended and mitigated. Essentially, to better understand a cyber intrusion, reconnaissance activities should be modeled. Then, strategies of cyber attacker and defender can be studied, which help to identify substations vulnerable to cyber-attacks. In this paper, a successful intrusion is regarded as a probabilistic event related to reconnaissance activities. Its probability can be approximated by the Poisson distribution of the number of vulnerabilities discovered by the attacker. Furthermore, models of intrusion and defense in competition for control of the substations are proposed using Markov decision process (MDP). Key characteristics of target substation, attacker and defender are considered for determining probabilistic state transitions related to intrusion and defense actions. Thus, by solving the MDP models, the optimal strategies (action policies) of both the attacker and defender can be obtained. With these optimal strategies, the cyber security status of a substation can be evaluated within varied time frames. The case study validates the proposed models and method, including time-based strategies of the attacker and defender.

Xin XU,Huiqun YU,Junhu HUANG

DOI: https://doi.org/10.3778/j.issn.1002-8331.1208-0523

2014-01-01

Abstract:Cyber-Physical System has been widely used in different areas and security has been the core problem of recent researches. The traditional security analysis measurements are inadequate in CPS because of the interaction of discrete cyber events and continuous physical world. In this paper, a quantitative security analysis model based on the combination of Petri net and game theory is proposed to reflect not only the hybrid of cyber and physical world but the behaviors of attackers and defenders. Based on this model, from the reliability, vulnerability and risk effect, the security of CPS is analysed. A case study of airplane collision avoidance system shows the model and analysis approach is feasible and effective.