Josephine Lamp,Carlos E. Rubio-Medrano,Ziming Zhao,Gail-Joon Ahn

DOI: https://doi.org/10.1109/MSCPES.2017.8064532

2017-01-01

Abstract:Recently, energy delivery systems (EDS) have undergone an intensive modernization process that includes the introduction of dedicated cyber-infrastructures for the purposes of monitoring, control, and optimization of resources. While extremely convenient, the introduction of software-based control over computer networks has also opened the door for the exploitation of non-trivial security vulnerabilities by malicious third-parties. As demonstrated by recent incidents, EDS systems worldwide are vulnerable to sophisticated attacks that include a well-thought out combination of strategies at various levels of abstraction. In such a context, a comprehensive solution supporting automated monitoring and assessment, that can assist security officials in effectively preventing and mitigating such attacks, is highly desired. With this in mind, this paper presents an ongoing effort that takes security requirements obtained from existing documents on guidelines and best practices on EDS, and implements a proof-of-concept framework based on adaptive and customizable software modules that collect and process security-relevant data for assuring the security of EDS.

Yinan Wang,Wei Li,Gangfeng Yan,Sumian Song

DOI: https://doi.org/10.1109/icit.2017.7915433

2017-01-01

Abstract:This paper proposes an unified framework for electrical cyber physical systems (ECPSs) and studies the mechanism of cyber attacks and cyber security. Communication networks are designed by characteristics of power grids. This model is universal to both transmission and distribution grids. The fragility of ECPSs under cyber attacks (DoS attacks and false data injection attacks) is analyzed in three scenarios based on different types and attackers' acknowledgments of the ECPSs. It has been proved that attacks happen at information uploading routers or control strategy downloading routers will influence the system differently. The effectiveness of relay protection policies and cyber security policies are verified by experimental results.

Yinan Wang,Gangfeng Yan,Ronghao Zheng

DOI: https://doi.org/10.3390/app8050768

2018-01-01

Applied Sciences

Abstract:The integration of modern computing and advanced communication with power grids has led to the emergence of electrical cyber-physical systems (ECPSs). However, the massive application of communication technologies makes the power grids become more vulnerable to cyber attacks. In this paper, we study the vulnerability of ECPSs and develop defence strategies against cyber attacks. Detection and protection algorithms are proposed to deal with the emergency of cascading failures. Moreover, we propose a weight adjustment strategy to solve the unbalanced power flows problem which is caused by splitting incidents. A MATLAB-based platform with advantages of easy programming, fast calculation, and no damage to systems is built for the offline simulation and analysis of the vulnerability of ECPSs. We also propose a five-aspect method of vulnerability assessment which includes the robustness, economic costs, degree of damage, vulnerable equipment, and trip point. The study is of significance to decision makers as they can get specific advice and defence strategies about a special power system.

Jiming Chen,Vijay Gupta,Daniel E. Quevedo,Pietro Tesi

DOI: https://doi.org/10.1002/rnc.5051

IF: 3.8973

2020-01-01

International Journal of Robust and Nonlinear Control

Abstract:Due to advances in computing and communication technologies, there has been a growing interest in cyberphysical systems (CPS). These are systems where physical devices are monitored/controlled via embedded computers and networks. By exploiting sensing, computation, and networking capabilities, CPS are paving the way for a new generation of engineering systems, which enable automatic decision‐making processes in fields ranging from customized manufacturing and transportation to health care and energy. Integration of information technology methods with a physical system such as a power grid, transportation system, and supply chain to form a “smart” infrastructure holds the promise of greater efficiency, reliability, and sustainability. However, any such coupling introduces privacy and security issues. The “systems and control” community has contributed to the CPS agenda, addressing issues like estimation, control, and coordination under information constraints. However, a deep understanding of the privacy and security requirements in CPS and their influence on classical control‐theoretic paradigms is still missing...

Yilin Mo,Tiffany Hyun-Jin Kim,Kenneth Brancik,Dona Dickinson,Heejo Lee,Adrian Perrig,Bruno Sinopoli

DOI: https://doi.org/10.1109/jproc.2011.2161428

IF: 20.6

2012-01-01

Proceedings of the IEEE

Abstract:It is often appealing to assume that existing solutions can be directly applied to emerging engineering domains. Unfortunately, careful investigation of the unique challenges presented by new domains exposes its idiosyncrasies, thus often requiring new approaches and solutions. In this paper, we argue that the "smart" grid, replacing its incredibly successful and reliable predecessor, poses a series of new security challenges, among others, that require novel approaches to the field of cyber security. We will call this new field cyber-physical security. The tight coupling between information and communication technologies and physical systems introduces new security concerns, requiring a rethinking of the commonly used objectives and methods. Existing security approaches are either inapplicable, not viable, insufficiently scalable, incompatible, or simply inadequate to address the challenges posed by highly complex environments such as the smart grid. A concerted effort by the entire industry, the research community, and the policy makers is required to achieve the vision of a secure smart grid infrastructure.

Carlos Rubio-Medrano,Josephine Lamp,Vu Coughlin,Ziming Zhao,Anna Scaglione

2017-01-01

Abstract:Description of research activity: Our approach is described as follows: first, we provide support for the creation of dedicated repositories depicting security requirements, which are to be modeled leveraging ontological representations, in such a way that an unambiguous and comprehensive description of requirements, as well as common vulnerabilities and exposures (CVEs) (Mitre 2016), is synthesized cohesively. Using ontologies, the relationships between different security concepts can be better modeled, thus allowing for the exploration and discovery of similar and complimentary requirements obtained from different sources. We have identified already a starting collection of documents which we plan to enhance over time as a result of our interactions with both industry and academic partners, in such a way that our requirements repository is effectively constructed from source materials that are deemed as relevant by the EDS and cybersecurity communities.

Zhigang Chu,Andrea Pinceti,Ramin Kaviani,Roozbeh Khodadadeh,Xingpeng Li,Jiazi Zhang,Karthik Saikumar,Mostafa Sahraei-Ardakani,Christopher Mosier,Robin Podmore,Kory Hedman,Oliver Kosut,Lalitha Sankar

DOI: https://doi.org/10.48550/arXiv.2104.13908

2021-04-29

Abstract:In this paper, we investigate the feasibility and physical consequences of cyber attacks against energy management systems (EMS). Within this framework, we have designed a complete simulation platform to emulate realistic EMS operations: it includes state estimation (SE), real-time contingency analysis (RTCA), and security constrained economic dispatch (SCED). This software platform allowed us to achieve two main objectives: 1) to study the cyber vulnerabilities of an EMS and understand their consequences on the system, and 2) to formulate and implement countermeasures against cyber-attacks exploiting these vulnerabilities. Our results show that the false data injection attacks against state estimation described in the literature do not easily cause base-case overflows because of the conservatism introduced by RTCA. For a successful attack, a more sophisticated model that includes all of the EMS blocks is needed; even in this scenario, only post-contingency violations can be achieved. Nonetheless, we propose several countermeasures that can detect changes due to cyber-attacks and limit their impact on the system.

Systems and Control

DOI: https://doi.org/10.37075/yb.2021.2.10

2021-12-28

Yearbook of UNWE

Abstract:Technical constraints in the field of transport of energy resources following the digitization are particularly relevant in the case of critical infrastructure and Industry 4.0. Since all industrial facilities, of the sector like petrochemical pipelines, expensive to build and designed without any particular form of protection against cyber-attacks, followed a plug-in approach: new technologies have been added on top of existing layers to ensure compatibility and as such became exposed to cyber-attacks. Cyberattacks on energy plants and transportation means could become the most serious threat to any country’s national security, to the impact on the population and the physical destruction of structures, usually in an extremely wide area. The paper justifies and sums up some steps that both governments and industry should follow and plan for: a) creating instruments and structures in place for conducting strategic intelligence prior to attacks on the network b) invest in designing programs that will raise the awareness of the potential threats and will map out the weak points c) boost collaboration and industry partnerships to address the increasing convergence of physical and virtual threats.

Yilin Mo,Tiffany Hyun‐Jin Kim,Kenneth Brancik,D. C. Dickinson,Hee‐Jo Lee,Adrian Perrig,Bruno Sinopoli

2012-01-01

Abstract:It is often appealing to assume that existing solutions can be directly applied to emerging engineering do- mains. Unfortunately, careful investigation of the unique chal- lenges presented by new domains exposes its idiosyncrasies, thus often requiring new approaches and solutions. In this paper, we argue that the Bsmart( grid, replacing its incredibly successful and reliable predecessor, poses a series of new se- curity challenges, among others, that require novel approaches to the field of cyber security. We will call this new field cyber- physical security. The tight coupling between information and communication technologies and physical systems introduces new security concerns, requiring a rethinking of the commonly used objectives and methods. Existing security approaches are either inapplicable, not viable, insufficiently scalable, incom- patible, or simply inadequate to address the challenges posed by highly complex environments such as the smart grid. A con- certed effort by the entire industry, the research community, and the policy makers is required to achieve the vision of a secure smart grid infrastructure.

Somali Chaterji,Parinaz Naghizadeh,Muhammad Ashraful Alam,Saurabh Bagchi,Mung Chiang,David Corman,Brian Henz,Suman Jana,Na Li,Shaoshuai Mou,Meeko Oishi,Chunyi Peng,Tiark Rompf,Ashutosh Sabharwal,Shreyas Sundaram,James Weimer,Jennifer Weller

DOI: https://doi.org/10.48550/arXiv.2001.00090

2019-12-20

Abstract:Cyberphysical systems (CPS) are ubiquitous in our personal and professional lives, and they promise to dramatically improve micro-communities (e.g., urban farms, hospitals), macro-communities (e.g., cities and metropolises), urban structures (e.g., smart homes and cars), and living structures (e.g., human bodies, synthetic genomes). The question that we address in this article pertains to designing these CPS systems to be resilient-from-the-ground-up, and through progressive learning, resilient-by-reaction. An optimally designed system is resilient to both unique attacks and recurrent attacks, the latter with a lower overhead. Overall, the notion of resilience can be thought of in the light of three main sources of lack of resilience, as follows: exogenous factors, such as natural variations and attack scenarios; mismatch between engineered designs and exogenous factors ranging from DDoS (distributed denial-of-service) attacks or other cybersecurity nightmares, so called "black swan" events, disabling critical services of the municipal electrical grids and other connected infrastructures, data breaches, and network failures; and the fragility of engineered designs themselves encompassing bugs, human-computer interactions (HCI), and the overall complexity of real-world systems. In the paper, our focus is on design and deployment innovations that are broadly applicable across a range of CPS application areas.

Computers and Society,Distributed, Parallel, and Cluster Computing,Systems and Control

Harshavardhan Palahalli,Marziyeh Hemmati,Giambattista Gruosso

DOI: https://doi.org/10.3390/electronics11121861

IF: 2.9

2022-06-13

Electronics

Abstract:This article presents an optimal distributed energy resource management system for a smart grid connected to photovoltaics, battery energy storage, and an electric vehicle aggregator. These management systems are one of the key factors for the optimal control of power converters connected to the grid. The proposed management system includes the communication architecture necessary for realizing the information flow between the individual control of the distributed generators and the master supervisory control algorithm. The work carried out on two levels is first to design a control strategy for energy management and validate it with the grid in real-time hardware-in-the-loop simulation integrating the IEC61850 communication layer and physical intelligent electronic devices. The second is to analyze the vulnerabilities of the designed methodology for cybersecurity threats explicitly with the extension of IEC61850 to electric vehicle aggregators for communication with the master energy management. A man-in-the-middle attack conducted in the supervisory communication layer enabled us to investigate the effects of such an attack on the performance and operation of the smart electric grid.

engineering, electrical & electronic,computer science, information systems,physics, applied

Kirti Gupta,Subham Sahoo,Bijaya Ketan Panigrahi

DOI: https://doi.org/10.1109/TSG.2024.3368277

2024-02-22

Abstract:Power electronic systems (PES) face significant threats from various data availability and integrity attacks, significantly affecting the performance of communication networks and power system operation. As a result, several attack detection and reconstruction techniques are deployed, which makes it a costly \& complex cybersecurity operational platform with significant room for incremental extensions for mitigation against future threats. Unlike the said traditional arrangements, our paper introduces a foundational approach by establishing a monolithic cybersecurity architecture (MCA) via incorporating semantic principles into the sampling process for distributed energy resources (DERs). This unified approach concurrently compensates for the intrusion challenges posed by cyber attacks by reconstructing signals using the dynamics of the inner control layer. This reconstruction considers essential semantic attributes, like Priority, Freshness, and Relevance to ensure resilient dynamic performance. Hence, the proposed scheme promises a generalized route to concurrently tackle a global set of cyber attacks in elevating the resilience of PES. Finally, rigorous validation on a modified IEEE 69-bus distribution system and a real-world South California Edison (SCE) 47-bus network, using OPAL-RT under diverse operating conditions, underscores its robustness, model-free design capability, scalability, and adaptability to dynamic cyber graphs and system reconfiguration.

Systems and Control

Jin Ye,Lulu Guo,Bowen Yang,Fangyu Li,Liang Du,Le Guan,Wenzhan Song

DOI: https://doi.org/10.1109/jestpe.2020.3045667

IF: 5.462

2021-08-01

IEEE Journal of Emerging and Selected Topics in Power Electronics

Abstract:Power electronics systems have become increasingly vulnerable to cyber–physical threats due to their growing penetration in the Internet-of-Things (IoT)-enabled applications, including connected electric vehicles (EVs). In response to this emerging need, a cyber–physical-security initiative was recently launched by the IEEE Power Electronics Society (PELS). With increasing connectivity due to vehicle-to-everything (V2X) and the number of electronic control units, connected EVs are facing greater cyber–physical security challenges. However, existing research extensively focuses on the network security of internal combustion engine vehicles and fails to address the cyber–physical security of EVs specifically. In this article, the challenges and future visions of cyber–physical security are discussed for connected EVs from the perspective of firmware security, vehicle charging safety, and powertrain control security. The vulnerabilities of EVs are investigated under a variety of cyberattacks, ranging from energy-efficiency-motivated attacks to safety-motivated attacks. Simulation results, including hardware-in-the-loop (HIL) results, are provided to further analyze the cyberattack impacts on both converter (device) and vehicle (system) levels. More importantly, an architecture for the next-generation power electronics systems is proposed to address the cyber–physical security challenges of EVs. Finally, potential research opportunities are discussed in detail, including detection and migration for firmware security, model-based, and data-driven detection and mitigation. To the best of our knowledge, this is the first comprehensive study on cyber–physical security of powertrain systems in modern EVs.

engineering, electrical & electronic

Daniel Schneider,Jan Reich,Rasmus Adler,Peter Liggesmeyer

2024-05-06

Abstract:Cyber Physical Systems (CPS) enable new kinds of applications as well as significant improvements of existing ones in numerous different application domains. A major trait of upcoming CPS is an increasing degree of automation up to the point of autonomy, as there is a huge potential for economic success as well as for ecologic and societal improvements. However, to unlock the full potential of such (cooperative and automated) CPS, we first need to overcome several significant engineering challenges, where safety assurance is a particularly important one. Unfortunately, established safety assurance methods and standards do not live up to this task, as they have been designed with closed and less complex systems in mind. This paper structures safety assurance challenges of cooperative automated CPS, provides an overview on our vision of dynamic risk management and describes already existing building blocks.

Software Engineering

Ioannis Zografopoulos,Juan Ospina,XiaoRui Liu,Charalambos Konstantinou

DOI: https://doi.org/10.48550/arXiv.2101.10198

2021-01-25

Cryptography and Security

Abstract:Cyber-physical systems (CPS) are interconnected architectures that employ analog, digital, and communication resources for their interaction with the physical environment. CPS are the backbone of enterprise, industrial, and critical infrastructure. Thus, their vital importance makes them prominent targets for malicious attacks aiming to disrupt their operations. Attacks targeting cyber-physical energy systems (CPES), given their mission-critical nature, can have disastrous consequences. The security of CPES can be enhanced leveraging testbed capabilities to replicate power system operations, discover vulnerabilities, develop security countermeasures, and evaluate grid operation under fault-induced or maliciously constructed scenarios. In this paper, we provide a comprehensive overview of the CPS security landscape with emphasis on CPES. Specifically, we demonstrate a threat modeling methodology to accurately represent the CPS elements, their interdependencies, as well as the possible attack entry points and system vulnerabilities. Leveraging the threat model formulation, we present a CPS framework designed to delineate the hardware, software, and modeling resources required to simulate the CPS and construct high-fidelity models which can be used to evaluate the system's performance under adverse scenarios. The system performance is assessed using scenario-specific metrics, while risk assessment enables system vulnerability prioritization factoring the impact on the system operation. The overarching framework for modeling, simulating, assessing, and mitigating attacks in a CPS is illustrated using four representative attack scenarios targeting CPES. The key objective of this paper is to demonstrate a step-by-step process that can be used to enact in-depth cybersecurity analyses, thus leading to more resilient and secure CPS.

Alexis Pengfei Zhao,Shuangqi Li,Chenghong Gu,Xiaohe Yan,Paul Jen-Hwa Hu,Zhaoyu Wang,Da Xie,Zhidong Cao,Xinlei Chen,Chenye Wu,Tianyi Luo,Zikang Wang,Ignacio Hernando-Gil

DOI: https://doi.org/10.1109/jestie.2024.3434350

2024-01-01

IEEE Journal of Emerging and Selected Topics in Industrial Electronics

Abstract:In an era characterized by extensive use of and reliance on information and communications technology (ICT), cyber-physical power systems (CPPS) have emerged as a critical integral of modern power infrastructures, providing vital energy sources to consumers, communities, and industries worldwide. The integration of ICT in these systems, while beneficial, introduces a rapidly evolving range of cybersecurity challenges that significantly threaten their confidentiality, integrity, and availability. To address this, our article offers a comprehensive and timely survey of the current landscape of cyber vulnerabilities in CPPS, reflecting the latest developments in the field up to the present. This includes an in-depth analysis of the diverse types of cyber threats to CPPS and their potential consequences, underscoring the necessity for a broad, multidisciplinary approach. Our review is distinguished by its thoroughness and timeliness, covering recent research to offer one of the most current overviews of cybersecurity in CPPSs. We adopt a holistic perspective, integrating technical, societal, environmental, and policy implications, thereby providing a more comprehensive understanding of cybersecurity in CPPSs. We delve into the complexities of cyberattacks, exploring sophisticated, targeted attacks alongside common threats, and emphasize the dynamic nature of cyber threats, providing insights into their evolution and future trends. Additionally, our review highlights critical yet often overlooked challenges such as system visibility and standardization in security protocols, arguing their significance in enhancing CPPS resilience. Furthermore, our work gives special attention to the aspects of restoration and recovery post-cyberattack, an area less emphasized in existing literature. Through this comprehensive overview of the current state and evolving challenges of CPPS security, our article serves as an indispensable resource for research, practice, and policymaking dedicated to safeguarding the safety, reliability, and resilience of ICTempowered energy systems.

Qin Wang,Guangyuan Zhang,Fushuan Wen

DOI: https://doi.org/10.1049/enc2.12051

2021-01-01

Energy Conversion and Economics

Abstract:Abstract A more reliable, efficient, and resilient smart grid depends on the applications of advanced information and communication technologies to support new functions and controls. The critical infrastructure of a smart grid consists of some major components such as monitoring, controls, communication protocol and software. The cyber‐physical system (CPS), which integrates these components, is an important enabler for the expected transition of the energy system driven by decarbonization, digitalization and decentralization. This paper provides an overview of the policy drivers and barriers for the implementation of CPS in power systems. With the vast deployment of distributed energy resources (DERs), there is increasing demand to model the hardware, software and their interactions in the smart grid environment. This paper reviews the modelling and applications of intelligent CPS for decentralized energy systems. The integration of DERs and the supportive infrastructure make modern power systems more vulnerable and less reliable to external threats such as terrorist intrusion. There are growing concerns over the risk of cyber‐attacks in mart grids. This paper surveys the latest progress on critical infrastructure identification and protection, as well as risk assessment and mitigation methods for cyber‐attacks. Finally, some advanced issues in cyber‐physical energy systems are addressed.

Robert Laddaga,Paul Robertson,Howard Shrobe,Dan Cerys,Prakash Manghwani,Patrik Meijer

DOI: https://doi.org/10.48550/arXiv.1901.01867

2019-01-07

Cryptography and Security

Abstract:Today's cyber physical systems (CPS) are not well protected against cyber attacks. Protected CPS often have holes in their defense, due to the manual nature of today's cyber security design process. It is necessary to automate or semi-automate the design and implementation of CPS to meet stringent cyber security requirements (CSR), without sacrificing functional performance, timing and cost constraints. Step one is deriving, for each CPS, the CSR that flow from the particular functional design for that CPS. That is the task assumed by our system, Deriving Cyber-security Requirements Yielding Protected Physical Systems - DCRYPPS. DCRYPPS applies Artificial Intelligence (AI) technologies, including planning and model based diagnosis to an important area of cyber security.

Abdullah M. Albarrak

DOI: https://doi.org/10.3390/su16188144

IF: 3.9

2024-09-19

Sustainability

Abstract:The energy sector is a critical contributor to the growth and development of any country's economy. However, ensuring robust cybersecurity within the context of smart energy services presents persistent usability challenges in an increasingly digital environment. This study explores the intersection of human-computer interaction (HCI), cybersecurity, and usability to identify and address issues that impact the overall security of smart energy management systems. By analyzing the complex relationships between users and security protocols, this research aims to enhance the security framework, promote better user adherence, and improve system usability. The study focuses on three primary objectives: (1) identifying the most prevalent usability issues in current cybersecurity practices; (2) examining the relationship between HCI and user compliance with security measures; and (3) proposing strategies to improve cybersecurity usability by leveraging HCI principles. Hybrid approaches utilizing artificial intelligence facilitate empirical analysis and framework evaluation. Additionally, a comparative study with six existing models has been conducted. By envisioning a future where security measures not only ensure enhanced protection but also integrate seamlessly into user experiences, this approach seeks to provide valuable insights into ongoing cybersecurity discussions and contribute to a more resilient security landscape against evolving digital threats.

environmental sciences,environmental studies,green & sustainable science & technology

Thomas I. Strasser,Cyndi Moyo,Roland Bründlinger,Sebastian Lehnhoff,Marita Blank,Peter Palensky,Arjen A. van der Meer,Kai Heussen,Oliver Gehrke,J. Emilio Rodriguez,Julia Merino,Carlo Sandroni,Maurizio Verga,Mihai Calin,Ata Khavari,Maria Sosnina,Erik de Jong,Sebastian Rohjans,Anna Kulmala,Kari Mäki,Ron Brandl,Federico Coffele,Graeme M. Burt,Panos Kotsampopoulos,Nikos Hatziargyriou

DOI: https://doi.org/10.1007/978-3-319-64635-0_12

2017-10-06

Abstract:Renewables are key enablers in the plight to reduce greenhouse gas emissions and cope with anthropogenic global warming. The intermittent nature and limited storage capabilities of renewables culminate in new challenges that power system operators have to deal with in order to regulate power quality and ensure security of supply. At the same time, the increased availability of advanced automation and communication technologies provides new opportunities for the derivation of intelligent solutions to tackle the challenges. Previous work has shown various new methods of operating highly interconnected power grids, and their corresponding components, in a more effective way. As a consequence of these developments, the traditional power system is being transformed into a cyber-physical energy system, a smart grid. Previous and ongoing research have tended to mainly focus on how specific aspects of smart grids can be validated, but until there exists no integrated approach for the analysis and evaluation of complex cyber-physical systems configurations. This paper introduces integrated research infrastructure that provides methods and tools for validating smart grid systems in a holistic, cyber-physical manner. The corresponding concepts are currently being developed further in the European project ERIGrid.

Systems and Control