Chao Li,Zhenhua Wang,Xiaofeng Hou,Haopeng Chen,Xiaoyao Liang,Minyi Guo

DOI: https://doi.org/10.1145/3007787.3001189

2016-01-01

ACM SIGARCH Computer Architecture News

Abstract:Battery systems are crucial components for mission-critical data centers. Without secure energy backup, existing under-provisioned data centers are largely unguarded targets for cyber criminals. Particularly for today's scale-out servers, power oversubscription unavoidably taxes a data center's backup energy resources, leaving very little room for dealing with emergency. Besides, the emerging trend towards deploying distributed energy storage architecture causes the associated energy backup of each rack to shrink, making servers vulnerable to power anomalies. As a result, an attacker can generate power peaks to easily crash or disrupt a power-constrained system. This study aims at securing data centers from malicious loads that seek to drain their precious energy storage and overload server racks without prior detection. We term such load as Power Virus (PV) and demonstrate its basic two-phase attacking model and characterize its behaviors on real systems. The PV can learn the victim rack's battery characteristics by disguising as benign loads. Once gaining enough information, the PV can be mutated to generate hidden power spikes that have a high chance to overload the system. To defend against PV, we propose power attack defense (PAD), a novel energy management patch built on lightweight software and hardware mechanisms. PAD not only increases the attacking cost considerably by hiding vulnerable racks from visible spikes, it also strengthens the last line of defense against hidden spikes. Using Google cluster traces we show that PAD can effectively raise the bar of a successful power attack: compared to prior arts, it increases the data center survival time by 1.6~11X and provides better performance guarantee. It enables modern data centers to safely exploit the benefits that power oversubscription may provide, with the slightest cost overhead.

Xiaofeng Hou,Mingyu Liang,Chao Li,Wenli Zheng,Quan Chen,Minyi Guo

DOI: https://doi.org/10.1145/3337821.3337856

2019-01-01

Abstract:The state-of-the-art techniques on data center peak power management are too optimistic; they overestimate their benefits in a potentially insecure operating environment. Especially in data centers that oversubscribe power infrastructure, it is likely that unexpected traffics can violate power budget before an effective network DoS attack is observed. In this work, we take the first to investigate the joint effect of power throttling and traffic flooding. We characterize a special operating region in which DoS attacks can provoke undesirable power peaks without exhibiting network traffic anomalies. In this region, an attacker can trigger power emergency by sending normal traffics throughout the Internet. We term this new type of threat as DOPE (Denial of Power and Energy). We show that existing technologies are insufficient for eliminating DOPE without negative performance effects on legitimate users. To enhance data center resiliency, we propose a request-aware power management framework called Anti-DOPE. The key feature of Anti-DOPE is bridging the gap between network traffic controlling and server power management. Specifically, it pre-processes of incoming requests to isolate malicious power attacks on the network load balancer side and then post-processes of compute node performance to minimize the collateral damage it may cause. Anti-DOPE is orthogonal to prior power management schemes and requires minute system modification. Using Alibaba container trace we show that Anti-DOPE allows 44% shorter average response time. It also improves the 90th percentile tail latency by 68.1% compared to the other power controlling methods.

Aidong Xu,Yixin Jiang,Yang Cao,Guoming Zhang,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/ei247390.2019.9062014

2019-01-01

Abstract:With the rapid development of information technology and the Internet of Things, the common information technologies are being applied to the power grid. It brings about the tremendous improvement in productivity, yet breaks down the safety barrier, which makes the power grid a popular target for attacks. The Distribution Terminal Unit (DTU) is a critical part of the power grid because of the acts as access points in the substation and controls the grid equipment. However, DTUs are vulnerable to different types of attacks, which can cause significant property loss or even casualties To monitor the operation of DTU, we proposed a real-time monitoring system by analyzing the side-channel information of power consumption. To validate this idea, we design 3 types of attacks and collect the power information separately, then we choose representational power features and machine learning algorithm for detecting those attacks. We validate that it is feasible to detect attacks and achieves a detection accuracy above 99%.

Xiaofeng Hou,Luoyao Hao,Chao Li,Quan Chen,Wenli Zheng,Minyi Guo

DOI: https://doi.org/10.1109/iccd.2018.00015

2018-01-01

Abstract:Aggressively provisioned data centers achieve great cost savings by over-committing the very expensive power distribution infrastructure. However, existing proposals for managing load power demand in such a data center are largely utilization-driven, overlooking power-related interferences among users. An important observation is that some tasks can impact existing power budget management framework and disrupt normal operation by taking away the precious public power capacity. This vulnerability exposes data centers to a new type of risk that we call power grab, which is essentially hostile power resource competition. It could worsen the performance-utilization tradeoff in a power-constrained computing environment. Anticipating a growing case for power-oriented com-petition, we propose CFP, a resilient power capacity management frame-work for improving the fairness and service quality in scale-out data centers. Our solution features a market-based power re-source allocation and billing scheme that involves users in the loop. It allows the data center to bypass the formidable task of identifying malicious users and defend against power grab with reward and punishment incentives. We build a proof-of-concept system and also evaluate our design with realistic Google cluster traces. Compared to prior arts, CFP can increase the average performance-cost ratio by 1.8X. It can boost the total throughput in an APDC by 15% under severe power contention. Our design allows scale-out data centers to safely exploit the benefits that power over-subscription may provide, with minor overhead.

Huaiyu Liu,Yuze Fu,Kaikai Pan,Wenyuan Xu,Chenggang Li,Chen Liu

DOI: https://doi.org/10.1109/isgtasia54891.2023.10372698

2023-01-01

Abstract:With the growing focus on reducing carbon emissions, there has been a significant increase in the deployment of distributed photovoltaic generation systems. However, their distributed nature makes them vulnerable to adversarial threats. Moreover, these systems can serve as potential entry points or attack surfaces for targeting the power grid. Existing methods are either designed for specific attacks or intrusive to power terminals (e.g., intelligent terminal, communication device). To tackle this issue, this paper introduces a method for detecting and classifying attacks on distributed PV systems leveraging cyber and power side channel data. The proposed method is capable of detecting various attacks rather than specific ones and is non-intrusive for collecting information from power terminals.

Feiyang Hong,Zhejing Bao,Miao You

DOI: https://doi.org/10.1109/CCDC52312.2021.9601681

2021-01-01

Abstract:Recent studies show that the cyber-attacks such as false data injection attack (FDIA) are capable of severely threatening power system security, in such a way that the undetected errors are introduced into the states estimations by evading the conventional bad data detection (BDD) methods. This paper proposes a tri-level optimization model against the FDIA by formulating the attack actions and identifying the optimal defense strategies constrained by the limited resources. In the lower level, an economic dispatching is implemented to seek the operational strategy aiming at minimizing the operating costs under the given attack. The middle level formulates the behaviors of the attacker to discover the most destructive attack strategy intended by the attacker based on the defense strategy determined by the upper level. The upper level represents the actions of the planner and determines the optimal defense allocation on the measuring meters. The min-max-min tri-level model can be solved by the column-and-constraint generation (C&CG) algorithm. Simulations are implemented to identify the components which should be protected under the limited defense resources and severe attacks.

Longjun Liu,Hongbin Sun,Chao Li,Tao Li,Jingmin Xin,Nanning Zheng

DOI: https://doi.org/10.1109/tsusc.2018.2886382

2021-01-01

IEEE Transactions on Sustainable Computing

Abstract:The massive and irregular load surges challenge datacenter power infrastructures. As a result, power mismatching between supply and demand has emerged as a crucial availability issue in modern datacenters which are either under-provisioned or powered by intermittent power sources. Recent proposals have employed energy storage devices such as the uninterruptible power supply (UPS) to address this issue. However, current approaches lack the capacity of efficiently handling the irregular and unpredictable power mismatches. In this paper, we propose Hybrid and Hierarchical Energy Buffering (HHEB), a novel heterogeneous and adaptive scheme that could enable various energy storage devices (ESDs) to be efficiently integrated into existing datacenters for dynamically dealing with power mismatches. Our techniques exploit the diverse characteristics of different ESDs and intelligent load assignment algorithms to improve the dependability and efficiency of datacenter power systems. We evaluate the HHEB design with a prototype. Compared with a homogenous battery energy buffering system, HHEB could improve energy efficiency by 39.7 percent, extend UPS lifetime by 4.7X, promote energy availability by 3.2X, reduce system downtime by 41 percent, and effectively improve the energy availability of various energy buffers in different hierarchies. It allows datacenters to adapt to various power supply anomalies, thereby improving operational efficiency, dependability and availability.

Shuyu Jia,Qinglai Guo,Luo Xu,Weihua Luo,Shu Zheng,Chengjiang Liu

DOI: https://doi.org/10.1109/ei252483.2021.9713060

2021-01-01

Abstract:As an important power system operation scenario in the future, distributed power generation requires stable and economic operation. Due to development of technologies in physical and cyber systems, as well as the coupling of those mentioned above, cyber-physical-system needs to be modeled and analyzed together. Complex information systems and complex communication environments have introduced a series of more complex security issues. Physical systems rely on information systems to operate, and information systems themselves have fragile characteristics, all of which make them easy to become ideal targets for network attacks. The decomposition-coordination scenarios in distributed power system plays an important role, while the protection or detection on cyberattack is in lack. Therefore, this paper proposes an active detection algorithm on the ADMM-based decomposition-coordination power generation economic dispatch scenario to defend against data integrity attacks, then we test its performance under IEEE standard 9-node system.

Yang Liu,Mi Wen,Hong Wen,Ruilong Deng,Sha Peng,Naiwang Guo

DOI: https://doi.org/10.1109/tii.2024.3485110

IF: 12.3

2024-01-01

IEEE Transactions on Industrial Informatics

Abstract:With the advancement of carbon-neutral and new power system construction, numerous information devices are continuously connected to power distribution systems, gradually breaking the original unobservable state of power distribution systems and making them more vulnerable to false data injection attacks (FDIAs). Contrary to most existing research focusing on the unbalanced network, less attention has been paid to the influence of randomness and fluctuation of distributed photovoltaic (PV) to perform FDIAs in the power distribution system. In this article, the failure mechanism of FDIAs and the improved FDIAs method are proposed simultaneously for the distribution system with a high penetration of distributed PV scenarios. Specifically, based on the reactive power optimization process, the randomness and fluctuation of distributed PV are applied to decrease significantly the stealthiness of the FDIAs. Subsequently, an improved FDIA method, based on time-dependent loss conditional generative adversarial networks, is proposed to enhance the stealth and effectiveness of the attack. Finally, numerical results based on the modified IEEE 33 bus test systems demonstrate the effectiveness of the failure mechanism and the improved FDIAs. Research results can facilitate the execution of countermeasures for distribution systems with a high penetration of distributed PV, posing serious and pressing security concerns in power distribution systems with a high penetration of distributed PV scenarios.

Fawaz Al-Hazemi,Yuyang Peng,Chan-Hyun Youn,Josip Lorincz,Chao Li,Guo Song,Raouf Boutaba

DOI: https://doi.org/10.1016/j.comnet.2018.08.004

IF: 5.493

2018-01-01

Computer Networks

Abstract:Although technique known as server consolidation approach in a data center can reduce the overall power consumption, the Power Usage Effectiveness (PUE) of the data center will still be negatively affected with presence of distributed Uninterruptible Power Supplies (UPSs). The impact on the PUE arises from the fact that all UPS modules are kept running to maintain power availability for only a few active servers during off-peak periods. To address this problem, in this paper technique for reducing power consumption in a data center by consolidating the UPSs used during off peak periods is proposed. The proposed technique achieves power savings by leveraging a micro Automatic Transfer Switch (micro-ATS) at the server end. The novelty of this work lies in developed adaptive algorithm that continuously looks for opportunities to reduce the number of UPSs by offloading under-loaded UPSs to a neighboring UPS whenever that neighboring UPS can handle the extra load. In various simulated scenarios involving corporate data centers, our approach demonstrates the ability to save more power and achieve lower PUE degradation compared with state-of-the-art approaches such as server consolidation. Specifically, the proposed approach achieves a savings of approximately 20% to 40% in a data center’s power consumption, depending on the data center’s off-peak periods, which can be accomplished using only 80% of the UPS modules in the data center.

Xiaofei He,Xinyu Yang,Jie Lin,Linqiang Ge,Wei Yu,Qingyu Yang

DOI: https://doi.org/10.1109/PCCC.2015.7410291

2015-01-01

Abstract:The smart grid is a new type of energy-based cyber-physical system (CPS), which enables interactions between the utility provider and customers through smart meters and advanced metering infrastructures (AMU. Nonetheless, an adversary can inject misleading energy usage information to the utility provider through compromised smart meters and disrupt the grid and electricity market operations. To address this issue, in this paper, we propose an Energy Dispatching False Data Defense (EDF2D) approach, which can effectively detect the forged interactive information between customers and the utility provider with a great accuracy and mitigate the damage raised by attacks on grid operations. Particularly, EDF2D uses the historical interactive information of normal users to determine the conditional probabilities of data anomalies. Based on these conditional probabilities, a Bayesian network designed for detecting false data can be established by EDF2D, and this network is then used to confirm the authenticity of interactive information received by the utility provider originally transmitted from customers. Through a combination of theoretical analysis and performance evaluation, our experimental data shows that EDF2D can effectively detect harmful false interactive data forged by the adversary and mitigate false data injection attacks on smart grid operations.

Zhenyong Zhang,Ke Zuo,Ruilong Deng,Fei Teng,Mingyang Sun

DOI: https://doi.org/10.1109/jiot.2023.3264492

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Machine learning-based intelligent systems enhanced with Internet of Things (IoT) technologies have been widely developed and exploited to enable the real-time stability assessment of a large-scale electricity grid. However, it has been extensively recognized that the IoT-enabled communication network of power systems is vulnerable to cyberattacks. In particular, system operating states, critical attributes that act as input to the data-driven stability assessment, can be manipulated by malicious actors to mislead the system operator into making disastrous decisions and thus cause major blackouts and cascading events. In this article, we explore the vulnerability of the data-driven power system stability assessment, with a special emphasis on decision tree-based stability assessment (DTSA) approaches, and investigate the feasibility of constructing a physics-constrained adversarial attack (PCAA) to undermine the DTSA. The PCAA is formulated as a nonlinear programming problem considering the misclassification constraint, power limits, and bad data detection, computing potential adversarial perturbations that reverse the “stable/unstable” prediction of the real-time input while remaining invisible/stealthy. Extensive experiments based on the IEEE 68-bus system are conducted to evaluate the impact of PCAAs on predictions of DTSA and their transferability.

Han Qin,Jiaming Weng,Dong Liu,Donglian Qi,Yufei Wang

DOI: https://doi.org/10.17775/cseejpes.2020.04550

IF: 6.014

2024-01-01

CSEE Journal of Power and Energy Systems

Abstract:With the help of advanced information technology, real-time monitoring and control levels of cyber-physical distribution systems (CPDS) have been significantly improved. However due to the deep integration of cyber and physical systems, attackers could still threaten the stable operation of CPDS by launching cyber-attacks, such as denial-of-service (DoS) attacks. Thus, it is necessary to study the CPDS risk assessment and defense resource allocation methods under DoS attacks. This paper analyzes the impact of DoS attacks on the physical system based on the CPDS fault self-healing control. Then, considering attacker and defender strategies and attack damage, a CPDS risk assessment framework is established. Furthermore, risk assessment and defense resource allocation methods, based on the Stackelberg dynamic game model, are proposed under conditions in which the cyber and physical systems are launched simultaneously. Finally, a simulation based on an actual CPDS is performed, and the calculation results verify the effectiveness of the algorithm.

Guosai Wang,Shuhao Wang,Bing Luo,Weisong Shi,Yinghang Zhu,Wenjun Yang,Dianming Hu,Longbo Huang,Xin Jin,Wei Xu

DOI: https://doi.org/10.1145/2901318.2901338

2016-01-01

Abstract:Given the high cost of large-scale data centers, an important design goal is to fully utilize available power resources to maximize the computing capacity. In this paper we present Ampere, a novel power management system for data centers to increase the computing capacity by over-provisioning the number of servers. Instead of doing power capping that degrades the performance of running jobs, we use a statistical control approach to implement dynamic power management by indirectly affecting the workload scheduling, which can enormously reduce the risk of power violations. Instead of being a part of the already over-complicated scheduler, Ampere only interacts with the scheduler with two basic APIs. Instead of power control on the rack level, we impose power constraint on the row level, which leads to more room for over provisioning.We have implemented and deployed Ampere in our production data center. Controlled experiments on 400+ servers show that by adding 17% servers, we can increase the throughput of the data center by 15%, leading to significant cost savings while bringing no disturbances to the job performance.

Longjun Liu,Hongbin Sun,Chao Li,Yang Hu,Jingmin Xin,Nanning Zheng,Tao Li

DOI: https://doi.org/10.1007/s11227-015-1529-2

2015-01-01

Abstract:Datacenters, the essential infrastructures for supercomputing and cloud computing, are facing increasing pressure of capping tremendous power consumption and carbon emission. Many studies have proposed to leverage energy storage devices to shave peak power or smooth intermittent power for datacenters, respectively. However, a joint energy management of peak shaving and renewable energy harvesting in datacenters is still lacking. In this paper, we propose a new power management scheme named RE-UPS, which explores the opportunity to shave datacenter peak power demand with renewable energy. RE-UPS is based on the emerging distributed energy storage architecture and existing UPS infrastructure of datacenter. It further leverages a dynamic heuristic algorithm to determine the appropriate energy storage allocation and server power sources. The proposed energy management policies can greatly optimize the design among maximizing renewable energy harvest, shaving peak power, and maintaining UPS energy availability. Compared to the baseline power management schemes, RE-UPS can averagely improve backup energy capacity by 28 %, extend battery lifetime by 42 %, increase green energy utilization by 78 %, and reduce workload performance degradation by 13 %.

Kecheng Li,Genyuan Yang,Shanling Dong,Meiqin Liu

DOI: https://doi.org/10.23919/ccc63176.2024.10661728

2024-01-01

Abstract:The increasing integration of smart grid technologies in multiregional power systems improves efficiency but also exposes them to cyber security threats, especially false data injection attacks. In this paper, we address this challenge by proposing a distributed detection framework tailored for multi-regional power systems. Traditional centralized approaches are insufficient to cope with the dynamic and decentralized nature of these systems. The framework aims to simultaneously monitor and analyze multiple regions in real-time, enhancing the system’s ability to withstand false data injection attacks. This study outlines the proposed framework and provides simulation results for validation, emphasizing the need for proactive defense mechanisms in safeguarding the data integrity of power systems.

Jun Sun,Shibo Chen,Pengcheng You,Qinmin Yang,Zaiyue Yang

DOI: https://doi.org/10.1109/TCC.2021.3132174

IF: 5.697

2023-01-01

IEEE Transactions on Cloud Computing

Abstract:This article investigates the online operation of distributed data centers equipped with energy battery. We aim to minimize their long-term operational cost by optimally distributing workload among data centers and operating energy battery. However, future spatio-temporally variant uncertainties in both workload and electricity prices have been the main impediment for a performance-guaranteed online data center operation strategy. To address this issue, we develop a fully distributed online algorithm that decouples workload distribution and battery operation across the network and time by introducing well-designed virtual queues for workload and batteries into the framework of Lyapunov optimization. Theoretically, an analytical gap between the long-term operational cost achieved by our algorithm and the theoretical optimum is provided to corroborate the desirable operation strategy. Extensive simulations using the real-world workload and electricity price data demonstrate the cost-delay tradeoff that our algorithm strikes and validate the theoretical results that we obtained.

Rahul Urgaonkar,Bhuvan Urgaonkar,Michael J. Neely,Anand Sivasubramaniam

DOI: https://doi.org/10.48550/arXiv.1103.3099

2011-03-19

Abstract:Since the electricity bill of a data center constitutes a significant portion of its overall operational costs, reducing this has become important. We investigate cost reduction opportunities that arise by the use of uninterrupted power supply (UPS) units as energy storage devices. This represents a deviation from the usual use of these devices as mere transitional fail-over mechanisms between utility and captive sources such as diesel generators. We consider the problem of opportunistically using these devices to reduce the time average electric utility bill in a data center. Using the technique of Lyapunov optimization, we develop an online control algorithm that can optimally exploit these devices to minimize the time average cost. This algorithm operates without any knowledge of the statistics of the workload or electricity cost processes, making it attractive in the presence of workload and pricing uncertainties. An interesting feature of our algorithm is that its deviation from optimality reduces as the storage capacity is increased. Our work opens up a new area in data center power management.

Performance,Systems and Control,Optimization and Control

Xiaopu Peng,Tathagata Bhattacharya,Ting Cao,Jianzhou Mao,Taha Tekreeti,Xiao Qin

DOI: https://doi.org/10.21203/rs.3.rs-668107/v1

2021-07-09

Abstract:Abstract To develop environmental friendly and energy-efficient data centers, it is prudent to leverage on-site renewable sources like solar and wind. Data centers deploy distributed UPS systems to improve efficiency, scalability, and reliability of UPS systems, thereby handling the intermittent nature of renewable energy. We propose a renewableenergy manager called REDUX to (1) offer a smart way of managing energy supply of data centers powered by grid and renewable energy and (2) maintain a desirable balance between energy cost and system performance. To achieve this overarching objective, REDUX judiciously orchestrates distribute UPS devices (i.e., recharge or discharge) to allocate energy resources when (1) grid price is at low or high states or (2) renewable energy generation is at a low or fluctuate level. REDUX not only guarantees the stable operation of daily workload conditions, but also cuts back the energy cost of data centers by improving power resource utilization. Compared with the existing strategies, REDUX demonstrates a prominent capability of mitigating average peak workload and boosting renewable-energy utilization.

Longjun Liu,Chao Li,Hongbin Sun,Yang Hu,Jingmin Xin,Nanning Zheng,Tao Li

DOI: https://doi.org/10.1109/lca.2014.2363084

IF: 2.3

2015-01-01

IEEE Computer Architecture Letters

Abstract:Power mismatching between supply and demand has emerged as a top issue in modern datacenters that are under-provisioned or powered by intermittent power supplies. Recent proposals are primarily limited to leveraging uninterruptible power supplies (UPS) to handle power mismatching, and therefore lack the capability of efficiently handling the irregular peak power mismatches. In this paper we propose hPower, the first heterogeneous energy buffering strategy that incorporates supercapacitors into existing datacenters to handle power mismatch. Our technique exploits power supply diversity and smart load assignment to provide efficiency-aware and emergency-aware power mismatch management. We show that hPower could improve energy efficiency by 30 percent, extend UPS lifetime by 4.3×, and reduce system downtime by 36 percent. It allows datacenters to adapt themselves to various power supply anomalies, thereby improving operational efficiency and resiliency.