Aidong Xu,Xingpu Cai,Mengya Li,Yang Cao,Huajun Chen,Wei Ding,Chao Hong,Zhibing Wu,Qi Wang

DOI: https://doi.org/10.1109/cyber46603.2019.9066579

2019-01-01

Abstract:With the development of information and communication technology, power system has integrated deeply with communication system, which is a typical cyber physical system. While the development of smart grid makes the power side control more accurate and efficient, it also poses potential cyber attack risks. Attackers can cause grid faults and further power outages by disguising the attack behaviors as natural faults. When the grid is on operation, a large amount of data is generated on both the power side and the information side. Therefore, identifying the cause of the grid faults correctly through data mining can be helpful to take correct countermeasures in time to prevent the fault from expanding. In this paper, an identification method is proposed based on the collaborative characteristic sequence of a certain event and is verified on a four-machine two-zone system. The results show that method is effective and reliable.

Sheng Xu,Yongxiang Xia,Hui-Liang Shen

DOI: https://doi.org/10.1109/tcsii.2020.2999875

2020-01-01

Abstract:In this brief, we analyze the damage caused by malware-induced cyber attacks in Cyber-Physical Power Systems (CPPSs). Incubation period and detection probability of the malware are considered in our analytical framework. From attacker's perspective, the trade-off between attack effectiveness and detection risk is studied to help choose the best attack timing and obtain the maximum payoff. Moreover, we conduct case studies in CPPSs formed by coupling IEEE 118-Bus System with scale-free communication networks. Simulation results reveal that the maximum expected payoff for the attacker is affected by the coupling pattern and the structure of communication network in CPPSs.

Haicheng Tu,Hui-Liang Shen,Yongxiang Xia

DOI: https://doi.org/10.1109/iscas45731.2020.9180816

2020-01-01

Abstract:Under the variety of information and communication technologies, the control center can securely and reliably operate power grid during the system disturbances and natural events. Specifically, when the initial failures are detected by cyber monitoring, the system will timely take emergency protecting operations to restrain the spreading of failures. Although cyber network makes the system more robust, they also increase the risk from the cyber network. In this paper, we firstly consider a control strategy into the cascading failures model. Then, we study how the cyber attack - False negatives attack confuses the control center, and makes the control center can not take emergency operation timely, causing the failure continue spreading. We propose an optimization problem to model the above assumptions and, by solving the optimization problem, study the impact of different attack scenarios on power system.

Yinan Wang,Wei Li,Gangfeng Yan,Sumian Song

DOI: https://doi.org/10.1109/icit.2017.7915433

2017-01-01

Abstract:This paper proposes an unified framework for electrical cyber physical systems (ECPSs) and studies the mechanism of cyber attacks and cyber security. Communication networks are designed by characteristics of power grids. This model is universal to both transmission and distribution grids. The fragility of ECPSs under cyber attacks (DoS attacks and false data injection attacks) is analyzed in three scenarios based on different types and attackers' acknowledgments of the ECPSs. It has been proved that attacks happen at information uploading routers or control strategy downloading routers will influence the system differently. The effectiveness of relay protection policies and cyber security policies are verified by experimental results.

Yinan Wang,Gangfeng Yan,Ronghao Zheng

DOI: https://doi.org/10.3390/app8050768

2018-01-01

Applied Sciences

Abstract:The integration of modern computing and advanced communication with power grids has led to the emergence of electrical cyber-physical systems (ECPSs). However, the massive application of communication technologies makes the power grids become more vulnerable to cyber attacks. In this paper, we study the vulnerability of ECPSs and develop defence strategies against cyber attacks. Detection and protection algorithms are proposed to deal with the emergency of cascading failures. Moreover, we propose a weight adjustment strategy to solve the unbalanced power flows problem which is caused by splitting incidents. A MATLAB-based platform with advantages of easy programming, fast calculation, and no damage to systems is built for the offline simulation and analysis of the vulnerability of ECPSs. We also propose a five-aspect method of vulnerability assessment which includes the robustness, economic costs, degree of damage, vulnerable equipment, and trip point. The study is of significance to decision makers as they can get specific advice and defence strategies about a special power system.

Huaiyu Liu,Yuze Fu,Kaikai Pan,Wenyuan Xu,Chenggang Li,Chen Liu

DOI: https://doi.org/10.1109/isgtasia54891.2023.10372698

2023-01-01

Abstract:With the growing focus on reducing carbon emissions, there has been a significant increase in the deployment of distributed photovoltaic generation systems. However, their distributed nature makes them vulnerable to adversarial threats. Moreover, these systems can serve as potential entry points or attack surfaces for targeting the power grid. Existing methods are either designed for specific attacks or intrusive to power terminals (e.g., intelligent terminal, communication device). To tackle this issue, this paper introduces a method for detecting and classifying attacks on distributed PV systems leveraging cyber and power side channel data. The proposed method is capable of detecting various attacks rather than specific ones and is non-intrusive for collecting information from power terminals.

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/icarm54641.2022.9959185

2022-01-01

Abstract:The cyber-physical power system (CPPS) is evolved from the traditional power system by the deployment of information networks with control systems, computational units, and communication networks. However, their integration into CPPS introduces new challenges in maintaining security. Various malicious cyber-attacks are drawn much attention recently after the discovery of the impact on CPPS state estimation. Thus, it is of great significance for operators to detect cyber-attacks and identify the types of attacks in CPPS to make decisions appropriately. This problem can be viewed as a multi-class classification problem from the perspective of machine learning. Accordingly, this paper proposes an ensemble learning-based cyber-attacks detection model for CPPS state estimation. In the proposed model, we use the subspace features and then send the data to the classifier for ensemble, where decision trees and random vector functional link networks are introduced as the basic classifier. The proposed model is validated by employing simulated data on IEEE 14-bus and 30-bus systems. Simulation results demonstrate the performance of the proposed cyber-attacks detection model.

Lei Wang,Pengcheng Xu,Zhaoyang Qu,Xiaoyong Bo,Yunchang Dong,Zhenming Zhang,Yang Li

DOI: https://doi.org/10.3389/fenrg.2021.666130

IF: 3.4

2021-04-21

Frontiers in Energy Research

Abstract:Existing coordinated cyber-attack detection methods have low detection accuracy and efficiency and poor generalization ability due to difficulties dealing with unbalanced attack data samples, high data dimensionality, and noisy data sets. This paper proposes a model for cyber and physical data fusion using a data link for detecting attacks on a Cyber–Physical Power System (CPPS). The two-step principal component analysis (PCA) is used for classifying the system’s operating status. An adaptive synthetic sampling algorithm is used to reduce the imbalance in the categories’ samples. The loss function is improved according to the feature intensity difference of the attack event, and an integrated classifier is established using a classification algorithm based on the cost-sensitive gradient boosting decision tree (CS-GBDT). The simulation results show that the proposed method provides higher accuracy, recall, and F-Score than comparable algorithms.

energy & fuels

Lei Wang,Zhaoyang Qu,Yang Li,Kewei Hu,Jian Sun,Kai Xue,Mingshi Cui

DOI: https://doi.org/10.1109/ACCESS.2020.2982057

2020-03-23

Abstract:In the analysis of coordinated network attacks on electric power cyber-physical system (CPS), it is difficult to restore the complete attack path, and the intent of the attack cannot be identified automatically. A method is therefore proposed for the extracting patterns of coordinated network attacks on electric power CPS based on temporal-topological correlation. First, the attack events are aggregated according to the alarm log of the cyber space, and a temporal-causal Bayesian network-based cyber attack recognition algorithm is proposed to parse out the cyber attack sequences of the same attacker. Then, according to the characteristic curves of different attack measurement data in physical space, a combination of physical attack event criteria algorithm is designed to distinguish the types of physical attack events. Finally, physical attack events and cyber attack sequences are matched via temporal-topological correlation, frequent patterns of attack sequences are extracted, and hidden multi-step attack patterns are found from scattered grid measurement data and information from alarm logs. The effectiveness and efficiency of the proposed method are verified by the testbed at Mississippi State University.

Cryptography and Security,Systems and Control,Optimization and Control

Keren CHEN,Fushuan WEN,Junhua ZHAO,Li LI,Yinguo YANG,Yan TAN

DOI: https://doi.org/10.16081/j.issn.1006-6047.2017.12.009

2018-01-01

Abstract:The wide applications of the ever-developing automation and communication technologies have significantly enhanced the operation level of modem power system,while the interactions between the power information system and the power physical system are becoming more extensively and more in-depth,and hence the cyber-physical power system is formed.In the cyber-physical power system,the failure of information equipment has impacts on the security and reliability of power physical system,while attacks from outsiders against either physical or information equipment may result in power supply interruptions.On this background,the cyber-physical power system is simulated as five elements:physical node,physical-physical link,cyber-node,cyber-cyber link and cyber-physical link,to analyze the interactive influence between physical equipment and information equipment,based on which,the influence of information system failure on the operation of physical system is assessed.A bi-level mathematic programming model under the game theory framework is established for distributing defending resources on information and power modules,to quantify the importance degrees of modules under given attacks.The modified IEEE 14-bus power system is simulated and calculated,whose results verify the feasibility and effectiveness of the proposed method.

Wenyue Xia,Lue Sun,Shuyu Jia,Qinglai Guo,Shunjiang Wang,Pengfei Pan

DOI: https://doi.org/10.1109/icpsasia58343.2023.10294569

2023-01-01

Abstract:One of the characteristics of modern power systems is the deep coupling of cyber and physics. The cyber system of power system with collection, calculation and control as the core is playing an increasingly important role in the modern power system. From a security point of view, the impact events and extent of cyber security issues on cyber-physical systems are increasing. So it is necessary to combine cyber systems with physical systems for co-analysis and security assessment. This paper establishes a cyber system model based on information flow, constructs a unified model for the cyber-physical power system under different control scenarios, and conducts simulations to analyze the potential impact of cyber system anomalies on the operation of the power system. The simulation results in IEEE-39 nodes AGC system shows the efficiency of our methods.

Aidong Xu,Yixin Jiang,Yunan Zhang,Chao Hong,Xingpu Cai

DOI: https://doi.org/10.1109/appeec48164.2020.9220716

2020-01-01

Abstract:With the great development of the information communication technology, power systems have been typical Cyber Physical Systems (CPSs). Although the control function of the grid side is becoming more intelligent, Grid Cyber Physical System (GCPS) brings the risk of potential cyberattacks. In this paper, the impacts of cyber-attacks against GCPS are analyzed based on confusion matrix model firstly, then a double-layer cyber physical collaboration control strategy adjustment methods is proposed considering the status of cyber modules and physical devices infected by cyber-attacks. Finally, the feasibility and effectiveness of the proposed method are verified on the IEEE standard system.

Lei Chen,Sijia Guo,Chunxia Dou,Hui Ge,Zihao Cheng,Shengquan Li

DOI: https://doi.org/10.1088/1402-4896/ad28e4

2024-02-14

Physica Scripta

Abstract:Through communication network, cyber-physical power systems can effectively monitor and control physical power grid, but this also increases the danger to systems from cyber attack. In this paper, we study the cascading failure triggered by cyber attack, which infects cyber nodes through malware and to endanger physical nodes through coupling links. First, the flow and topology models for cyber-physical power systems are detailed. In communication network, we analyze the mechanism of diffusion and infection among cyber nodes, and differentiate cyber nodes into three types, corresponding to different state of cyber nodes before and after cyber attack. And in physical power grid, the types of physical nodes are also classified. For different state of cyber nodes, we detail their impact on physical nodes and power flows in physical power grid. Simulation analyzes the robustness of systems and dynamics of cascading failure in different attack scenes and topology structure.

physics, multidisciplinary

Yishuang Hu,Zhengwei Jiang,Yikai Sun,Yi Ding,Chenbo Xu,Xueqi Jin

DOI: https://doi.org/10.1088/1755-1315/467/1/012113

2020-01-01

IOP Conference Series Earth and Environmental Science

Abstract:Aiming at monitoring the behaviour of power system to make it work correctly and better, cyber physical power system (CPPS) was introduced. However, due to the high integration of cyber system, the complexity of power system is greatly enhanced, which puts forward higher requirements for the reliable and safe operation of CPPS. Moreover, when the cyber system is under attack, abnormal information flow may lead to abnormal energy flow. Therefore, this paper proposes a data transmission mechanism to analyse the information flow among CPPS. A data transmission optimization model based on the transmission matrix is constructed. The data transmission from the cyber system to the power system is quantified by the model. The practicability of the proposed data transmission mechanism is given by numerous cases.

Lei Li,Wenting Wang,Qiang Ma,Kunpeng Pan,Xin Liu,Lin Lin,Jian Li

DOI: https://doi.org/10.1016/j.amc.2021.126056

IF: 4.397

2021-07-01

Applied Mathematics and Computation

Abstract:<p>This paper mainly studies the problem of cyber attack estimation and detection in cyber-physical power systems (CPPS). Firstly, CPPS under cyber state attack and sensor attack are modeled through system characteristics. Secondly, to achieve attack estimation, two robust observers are designed for the CPPS under state attack and sensor attack respectively, which can guarantee the error systems are asymptotically stable with a prescribed <span class="math"><math>H∞</math></span> performance. Next, to achieve attack detection, attack detection logic is introduced by comparing the threshold with the estimated attack. Finally, in order to show the feasibility of the state attack and sensor attack detection, taking power systems with three generators and six buses as an example, the simulation results are given.</p>

mathematics, applied

Yuqian Zhang,Minkun Wang,Qinglai Guo,Luo Xu,Quan Qing,Yan Wang

DOI: https://doi.org/10.1109/ei252483.2021.9713567

2021-01-01

Abstract:Cyber system, including state prediction and control systems, are playing a more important role in modern power system. On the other hand, the safe operation of power system is depending more on the cyber system, and contingencies on the cyber side may have larger impact on the power system. Therefore, it is necessary to consider the cyber system along with the physical system and co-simulation and security assessment. An information flow-based cyber system model is established to simulate the possible impact of cyber contingencies on the physical system. A testbed system is built, and case study on the automatic voltage control system in IEEE-14 bus system shows that the proposed model can be adopted in cyber-physical co-simulation and show the potential impact of cyber system contingencies on power system operation.

Ying Chen,Xinwei Sun

DOI: https://doi.org/10.1109/powercon.2014.6993908

2014-01-01

Abstract:Equipped with advanced wide area communication and control techniques, power system are optimally operated. Meanwhile, cyber-attacks to wide area controls could introduce disruptive impacts to power systems. In this work, a framework for assessing cyber security of wide area controlled power system is proposed. To evaluate impacts of cyber-attacks, co-simulations cyber physical power systems are adopted, which are performed in an offline test bed composed by open source power system simulators. Using modified IEEE 39-bus standard system, numeric tests show that cyber-attacks to wide area controls make performances of power systems degenerated remarkably. It is also inferred from results that common algorithm of the state estimate can't fully mitigate above impacts.

Peng Huang,Yinan Wang,Gangfeng Yan

DOI: https://doi.org/10.1109/iecon.2017.8216086

2017-01-01

Abstract:This paper considers a framework of electrical cyber-physical systems (ECPSs) in which each bus and branch in a power grid is equipped with a controller and a sensor. By means of measuring the damages of cyber attacks in terms of cutting off transmission lines, three solution approaches are proposed to assess and deal with the damages caused by faults or cyber attacks. Splitting incident is treated as a special situation in cascading failure propagation. A new simulation platform is built for simulating the protection procedure of ECPSs under faults. The vulnerability of ECPSs under faults is analyzed by experimental results based on IEEE 39-bus system.

Zhijian Cheng,Guanjun Chen,Xiao-Meng Li,Hongru Ren

DOI: https://doi.org/10.3390/s24216886

IF: 3.9

2024-10-27

Sensors

Abstract:Due to its vulnerability to a variety of cyber attacks, research on cyber security for power systems has become especially crucial. In order to maintain the safe and stable operation of power systems, it is worthwhile to gain insight into the complex characteristics and behaviors of cyber attacks from the attacker's perspective. The consensus-based distributed state estimation problem is investigated for power systems subject to collaborative attacks. In order to describe such attack behaviors, the denial of service (DoS) attack model for hybrid remote terminal unit (RTU) and phasor measurement unit (PMU) measurements, and the false data injection (FDI) attack model for neighboring estimation information, are constructed. By integrating these two types of attack models, a different consensus-based distributed estimator is designed to accurately estimate the state of the power system under collaborative attacks. Then, through Lyapunov stability analysis theory, a sufficient condition is provided to ensure that the proposed distributed estimator is stable, and a suitable consensus gain matrix is devised. Finally, to confirm the viability and efficacy of the suggested algorithm, a simulation experiment on an IEEE benchmark 14-bus power system is carried out.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Zhimei Zhang,Shaowei Huang,Feng Liu,Shengwei Mei

DOI: https://doi.org/10.1109/access.2020.3006555

IF: 3.9

2020-01-01

IEEE Access

Abstract:Modern cyber-physical power systems are vulnerable to cyber attacks. Given that cyber and physical networks are coupled tightly, attacks in the cyber layer can penetrate the physical layer, causing the outage of transmission lines and other physical equipment, thus changing the topology of the grid. In some extreme scenarios, the topological change will disrupt the emergency response of the grid, eventually causing cascading outages along with a blackout. Therefore, as the defender, the operator of a cyber-physical power system should identify critical cyber attacks. In this paper, patterns of sequential cyber topological attacks are analyzed. Firstly, a coordinated attack process is established, including mechanism and probability analysis considering the different timescales. Secondly, the concept of patterns is defined as minimal attack sequences aimed at causing blackouts. Furthermore, the representativeness of patterns is illustrated, which can significantly reduce the storage of risky attack sequences. Thirdly, to address the problem that the identification of patterns is computationally intensive, a search strategy that selects the next attack target dynamically and increases the search depth gradually is proposed to avoid unnecessary search trials. Lastly, tests are carried out on the IEEE 39-node system using the AC power flow model, which validates the representativeness of patterns and the performance of the proposed search strategy.