Ruiwen He,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/ei250167.2020.9346835

2020-01-01

Abstract:With the development of information technology and Power Internet of Things, the increasing number of networked terminals presents new network security threats. Industrial control equipment and systems have vulnerabilities in hardware, software and firmware, and advanced persistent threat against ICS has become more complex and diverse. However, most of the research are aimed at the detection of single vulnerability, and lack attack mechanism analysis and threat assessment for attack chain. We proposed a threat assessment method based on vulnerability descriptive text and described the attributes of attack samples according to the classification results in attack targets, methods and consequences. We constructed attack graphs based on attack sample attributes and cyber-physical topology to quantitatively evaluate the feasibility and benefits of each attack path from vulnerability capabilities and the impact of devices in the physical world. Finally, we took the substation device status monitoring system as an example to verify the feasibility of this method.

Yinan Wang,Gangfeng Yan,Ronghao Zheng

DOI: https://doi.org/10.3390/app8050768

2018-01-01

Applied Sciences

Abstract:The integration of modern computing and advanced communication with power grids has led to the emergence of electrical cyber-physical systems (ECPSs). However, the massive application of communication technologies makes the power grids become more vulnerable to cyber attacks. In this paper, we study the vulnerability of ECPSs and develop defence strategies against cyber attacks. Detection and protection algorithms are proposed to deal with the emergency of cascading failures. Moreover, we propose a weight adjustment strategy to solve the unbalanced power flows problem which is caused by splitting incidents. A MATLAB-based platform with advantages of easy programming, fast calculation, and no damage to systems is built for the offline simulation and analysis of the vulnerability of ECPSs. We also propose a five-aspect method of vulnerability assessment which includes the robustness, economic costs, degree of damage, vulnerable equipment, and trip point. The study is of significance to decision makers as they can get specific advice and defence strategies about a special power system.

Peng Huang,Yinan Wang,Gangfeng Yan

DOI: https://doi.org/10.1109/iecon.2017.8216086

2017-01-01

Abstract:This paper considers a framework of electrical cyber-physical systems (ECPSs) in which each bus and branch in a power grid is equipped with a controller and a sensor. By means of measuring the damages of cyber attacks in terms of cutting off transmission lines, three solution approaches are proposed to assess and deal with the damages caused by faults or cyber attacks. Splitting incident is treated as a special situation in cascading failure propagation. A new simulation platform is built for simulating the protection procedure of ECPSs under faults. The vulnerability of ECPSs under faults is analyzed by experimental results based on IEEE 39-bus system.

Zhenyong Zhang,Ke Zuo,Ruilong Deng,Fei Teng,Mingyang Sun

DOI: https://doi.org/10.1109/jiot.2023.3264492

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Machine learning-based intelligent systems enhanced with Internet of Things (IoT) technologies have been widely developed and exploited to enable the real-time stability assessment of a large-scale electricity grid. However, it has been extensively recognized that the IoT-enabled communication network of power systems is vulnerable to cyberattacks. In particular, system operating states, critical attributes that act as input to the data-driven stability assessment, can be manipulated by malicious actors to mislead the system operator into making disastrous decisions and thus cause major blackouts and cascading events. In this article, we explore the vulnerability of the data-driven power system stability assessment, with a special emphasis on decision tree-based stability assessment (DTSA) approaches, and investigate the feasibility of constructing a physics-constrained adversarial attack (PCAA) to undermine the DTSA. The PCAA is formulated as a nonlinear programming problem considering the misclassification constraint, power limits, and bad data detection, computing potential adversarial perturbations that reverse the “stable/unstable” prediction of the real-time input while remaining invisible/stealthy. Extensive experiments based on the IEEE 68-bus system are conducted to evaluate the impact of PCAAs on predictions of DTSA and their transferability.

LI Peikai,LIU Yun,XIN Huanhai,QI Donglian

DOI: https://doi.org/10.7500/AEPS20170705002

2018-01-01

Abstract:Distributed cooperative control mode is an effective approach to overcome the problem of integrating multiple and strongly random distributed generators (DGs) into cyber physical system in distribution network.However,due to the integration between cyber and physical layers,cyber attacks could threat the safe and stable operation of power system through invading the cyber system.A dynamic attack-defense game model based vulnerability assessment of cyber-physical system (CPS)in distribution network is proposed.Firstly,a cooperative control strategy of DGs is described,and its convergence property is analyzed and summarized.Then,a risk assessment of CPS in distribution network is developed,which integrates the risk assessment method,the cooperative control strategy of DGs and strategies of attacker and defender.After that,the dynamic attack-defense game function and its solving steps are designed,which achieves the vulnerability assessment of CPS in distribution network with distributed cooperative control mode.Finally,the effectiveness of the proposed method is verified through simulations involving the IEEE 34-bus distribution network.

Han Qin,Jiaming Weng,Dong Liu,Donglian Qi,Yufei Wang

DOI: https://doi.org/10.17775/cseejpes.2020.04550

IF: 6.014

2024-01-01

CSEE Journal of Power and Energy Systems

Abstract:With the help of advanced information technology, real-time monitoring and control levels of cyber-physical distribution systems (CPDS) have been significantly improved. However due to the deep integration of cyber and physical systems, attackers could still threaten the stable operation of CPDS by launching cyber-attacks, such as denial-of-service (DoS) attacks. Thus, it is necessary to study the CPDS risk assessment and defense resource allocation methods under DoS attacks. This paper analyzes the impact of DoS attacks on the physical system based on the CPDS fault self-healing control. Then, considering attacker and defender strategies and attack damage, a CPDS risk assessment framework is established. Furthermore, risk assessment and defense resource allocation methods, based on the Stackelberg dynamic game model, are proposed under conditions in which the cyber and physical systems are launched simultaneously. Finally, a simulation based on an actual CPDS is performed, and the calculation results verify the effectiveness of the algorithm.

P A S Ralston,J H Graham,J L Hieb

DOI: https://doi.org/10.1016/j.isatra.2007.04.003

Abstract:The growing dependence of critical infrastructures and industrial automation on interconnected physical and cyber-based control systems has resulted in a growing and previously unforeseen cyber security threat to supervisory control and data acquisition (SCADA) and distributed control systems (DCSs). It is critical that engineers and managers understand these issues and know how to locate the information they need. This paper provides a broad overview of cyber security and risk assessment for SCADA and DCS, introduces the main industry organizations and government groups working in this area, and gives a comprehensive review of the literature to date. Major concepts related to the risk assessment methods are introduced with references cited for more detail. Included are risk assessment methods such as HHM, IIM, and RFRM which have been applied successfully to SCADA systems with many interdependencies and have highlighted the need for quantifiable metrics. Presented in broad terms is probability risk analysis (PRA) which includes methods such as FTA, ETA, and FEMA. The paper concludes with a general discussion of two recent methods (one based on compromise graphs and one on augmented vulnerability trees) that quantitatively determine the probability of an attack, the impact of the attack, and the reduction in risk associated with a particular countermeasure.

LIU Sen-sen,CHEN Wei-hua,JIANG Quan-yuan

DOI: https://doi.org/10.3785/j.issn.1008-973x.2009.03.036

2009-01-01

Abstract:The risk theory was applied to static security analysis of power system,and a power system risk model with obvious parallel processing was built.A novel parallel processing approach of risk assessment of power system was presented based on the parallel model.The approach was implemented by PC cluster.In the implementation of specific parallel computing,the PC cluster technology was used.The New England 10-machine 39-node system was used to verify power system static security risk assessment methodology based on parallel computing.System's N-1 breaking accidents were used as the system's expected accident set.The risk of line power overload and that of bus low voltage were used as the two risk indicators to describe static security.The performance of parallel computing algorithm based on indicators and that of parallel computing algorithm based on static incidents allocation were compared.

Buxiang Zhou,Binjie Sun,Tianlei Zang,Yating Cai,Jiale Wu,Huan Luo

DOI: https://doi.org/10.3390/e25010047

IF: 2.738

2022-12-28

Entropy

Abstract:With the increasing digitalization and informatization of distribution network systems, distribution networks have gradually developed into distribution network cyber physical systems (CPS) which are deeply integrated with traditional power systems and cyber systems. However, at the same time, the network risk problems that the cyber systems face have also increased. Considering the possible cyber attack vulnerabilities in the distribution network CPS, a dynamic Bayesian network approach is proposed in this paper to quantitatively assess the security risk of the distribution network CPS. First, the Bayesian network model is constructed based on the structure of the distribution network and common vulnerability scoring system (CVSS). Second, a combination of the fuzzy analytic hierarchy process (FAHP) and entropy weight method is used to correct the selectivity of the attacker to strike the target when cyber attack vulnerabilities occur, and then after considering the defense resources of the system, the risk probability of the target nodes is obtained. Finally, the node loads and node risk rates are used to quantitatively assess the risk values that are applied to determine the risk level of the distribution network CPS, so that defense strategies can be given in advance to counter the adverse effects of cyber attack vulnerabilities.

physics, multidisciplinary

Jun'e Li,Jiaqi Liang,Quanying Liu,Donglian Qi,Jianliang Zhang,Yangrong Chen

DOI: https://doi.org/10.3389/fenrg.2022.971725

IF: 3.4

2022-01-01

Frontiers in Energy Research

Abstract:With the rapid development of integrated energy system, the large-scale and high-permeability access of distributed generations (DGs) is making the distribution networks develop into active distribution networks (ADNs). The increased complexity of ADNs also increases the vulnerabilities for cyberattacks. It is a new challenge how to evaluate the situation of an ADN so as to support the decision-making of grid control policies in the condition of cyberattacks probably occur. Hence, in this paper, we proposed a method of situation assessment for ADNs considering cyberattacks. This method is aggregated by two parts. 1) An index system is presented, which includes the indexes of DGs stability, the indexes of security risk considering cyberattacks along with the traditional safety indexes. 2) The entropy weight method is used to assign weights to each index, and taking the normal operation status of ADNs as the reference scenario, an operating situation assessment method for ADNs is proposed based on grey correlation analysis method. Finally, in order to verify the effectiveness of the proposed index system and assessment method, 12 attack scenarios are established from three categories: attacks on DGs, attacks on controllable loads and attacks on both of them, and the situation of the ADN, a case based on IEEE 33-node standard distribution system, is evaluated under each scenario.

Qiangsheng Dai,Libao Shi,Yixin Ni

DOI: https://doi.org/10.1109/pesgm.2018.8586312

2018-01-01

Abstract:The operating conditions of distribution system can be perceived and optimized rapidly and effectively with the help of information and communication technology. However, some potential cybersecurity risk needs to arouse enough attention. In this paper, a novel and practical cyber-attack method targeting remote terminal unit (RTU) is proposed firstly. Regarding the enormous cyber-physical devices in a distribution system and the high maintenance costs, this paper also introduces a risk index to identify the vulnerability of a distribution system to be studied under cyber-attack. A Bayesian attack graph model is applied to quantify the probability of successfully exploiting known and zero-day vulnerabilities, and the relationship between the attack behavior and the feeder automation action is further analyzed. Simulation results demonstrate the effectiveness and validity of the proposed model and method.

DING Li-jie,CHEN Wei-hua,BAO Zhe-jing

2009-01-01

Abstract:To ensure the static security of the power system,which is one of the key factors in power system operation,a method of risk assessment and preventive control was proposed based on the risk of line overload and voltage exceeding.In this method,the probabilistic power flow(PPT) and cumulant method were used to analyze the randomness of system statuses,and the severity function was applied to describing the impact and outcome of line overhead and voltage exceeding.Moreover,the product of probability and severity of line overload and voltage exceeding was defined as the risk index of the system.Finally,a preventive control model for static security,based on optimal power flow and particle swarm optimization method,was developed and used to optimize the outputs of the system active and reactive resources,which reduced the risks of overload and voltage exceeding and increased system security.The method was proved effective through testing.

Yuhang Zhang,Ming Ni

DOI: https://doi.org/10.3390/app132011569

2023-10-23

Applied Sciences

Abstract:With the increasing deployment of advanced sensing and measurement devices, the modern distribution system is evolved into a cyber-physical power distribution system (CPPDS). Due to the extensive application of information and communication technology, CPPDS is prevalently exposed to a wide range of cybersecurity threats. In this paper, a novel security-oriented cyber-physical risk assessment method for CPPDS is proposed. Based on the information model composed of logical nodes, an attack graph of privilege promotion by exploiting the cyber vulnerabilities is constructed. The physical consequence caused by cyberattack is analyzed in detail. By using the Markov decision process (MDP) theory, the cyber-physical risk index (CPRI) is calculated. Furthermore, considering the allocation of the finite defense resource, the modified MDP approach with an attack–defense game is presented. The effectiveness of the proposed method is demonstrated with case studies on a four-feeder IEEE-RTBS test system.

materials science, multidisciplinary,engineering,chemistry,physics, applied

Chunyu Chen,Yang Chen,Kaifeng Zhang,Wenjun Bi,Meng Tian

DOI: https://doi.org/10.48550/arXiv.2003.05661

2020-03-12

Abstract:Security is one of the biggest concern in power system operation. Recently, the emerging cyber security threats to operational functions of power systems arouse high public attention, and cybersecurity vulnerability thus become an emerging topic to evaluate compromised operational performance under cyber attack. In this paper, vulnerability of cyber security of load frequency control (LFC) system, which is the key component in energy manage system (EMS), is assessed by exploiting the system response to attacks on LFC variables/parameters. Two types of attacks: 1) injection attack and 2) scale attack are considered for evaluation. Two evaluation criteria reflecting the damage on system stability and power generation are used to quantify system loss under cyber attacks. Through a sensitivity-based method and attack tree models, the vulnerability of different LFC components is ranked. In addition, a post-intrusion cyber attack detection scheme is proposed. Classification-based schemes using typical classification algorithms are studied and compared to identify different attack scenarios.

Systems and Control

Jie Yang,Yihao Guo,Chuangxin Guo,Zhe Chen,Shenghan Wang

DOI: https://doi.org/10.1109/access.2021.3101896

IF: 3.9

2021-01-01

IEEE Access

Abstract:Assessing cross-space risk of cyber-physical distribution system under integrated attack is investigated in this paper. Firstly, a hierarchical structure of cyber-physical distribution network according to IEC 61850 is established and a deliberate attack scenario with limited adversarial knowledge and stealth requirement is developed based on a general linear model for state estimation. Then, we formulate two optimization problems to describe the attack implementation and propagation process and obtain the likelihood of attacks including a robust solution and a risk solution in a fuzzy Bayesian network (BN). On this basis, a physical impact metric is defined as the integrated deviation of system states and measurements. Thus, the cross-space risk assessment can be performed. Finally, the simulation results of case studies demonstrate that the proposed method is effective and provides a broad and clear view of cyber-physical distribution system security situation.

Kaixing Huang,Chunjie Zhou,Yu-Chu Tian,Shuanghua Yang,Yuanqing Qin

DOI: https://doi.org/10.1109/tie.2018.2798605

IF: 7.7

2018-10-01

IEEE Transactions on Industrial Electronics

Abstract:Industrial cyber-physical systems (ICPSs) are widely applied in critical infrastructures such as chemical plants, water distribution networks, and power grids. However, they face various cyberattacks, which may cause physical damage to these industrial facilities. Therefore, ensuring the security of ICPSs is of paramount importance. For this purpose, a new risk assessment method is presented in this paper to quantify the impact of cyberattacks on the physical system of ICPSs. This method helps carry out appropriate attack mitigation measures. The method uses a Bayesian network to model the attack propagation process and infers the probabilities of sensors and actuators to be compromised. These probabilities are fed into a stochastic hybrid system (SHS) model to predict the evolution of the physical process being controlled. Then, the security risk is quantified by evaluating the system availability with the SHS model. The effectiveness of the proposed method is demonstrated with a case study on a hardware-in-the-loop simulation test bed.

automation & control systems,engineering, electrical & electronic,instruments & instrumentation

Qiangsheng Dai,Libao Shi,Yixin Ni

DOI: https://doi.org/10.1109/tpwrs.2019.2899983

IF: 7.326

2019-01-01

IEEE Transactions on Power Systems

Abstract:The extensive application of information and communication technology (ICT) can effectively improve the operational performance of active distribution systems (ADSs). On the other hand, the use of ICT may expose the systems to cyberattacks. Since feeder automation (FA) in advanced ADS provides fast-responding self-healing capability to restore service during an outage, the potential effect of cyberattacks on ADS becomes more devastating. In this paper, two simple yet powerful cyberattack methods targeting remote terminal units (RTUs) are proposed. The physical response of ADS to malicious cyberattacks on FA is elaborately investigated considering the output fluctuation of distributed generators. The impact of this specific cyberattack on ADS is quantified by a risk assessment index measured in scale and in duration to full restoration. The probability of RTU potentially being attacked is modeled based on search theory. Furthermore, a Bayesian attack graph model is applied and designed to quantify the probability of successfully exploiting the currently known and zero-day vulnerabilities. The proposed methodology is tested and validated via using a modified three-feeder ADS and the IEEE 123 Node Test Feeder.

Xindong Liu,Mohammad Shahidehpour,Zuyi Li,Xuan Liu,Yijia Cao,Zhiyi Li

DOI: https://doi.org/10.1109/tsg.2016.2545683

IF: 10.275

2017-01-01

IEEE Transactions on Smart Grid

Abstract:This paper presents a risk assessment method for evaluating the cyber security of power systems considering the role of protection systems. This paper considers the impact of bus and transmission line protection systems located in substations on the cyber-physical performance of power systems. The proposed method simulates the physical response of power systems to malicious attacks on protection system settings and parameters. The relationship among settings of protection devices, protection logics, and circuit breaker logics is analyzed. The expected load curtailment (ELC) index is used in this paper to quantify potential system losses due to cyber attacks. The Monte Carlo simulation is applied to calculate ELC for assessing attackers’ capabilities as bus arrangements are altered. The effectiveness of the proposed risk assessment method is demonstrated using a 9-bus system and the IEEE 68-bus system.

Yingjun Wu,R. Fu,Xiaojuan Huang,Yusheng Xue,D. Yue,Yi Tang

DOI: https://doi.org/10.1109/ACCESS.2018.2855752

IF: 3.9

IEEE Access

Abstract:A cyber physical distribution power system (CPDS) is a large and complex infrastructure that coordinates the cyber communication system and the physical distribution power system. Because of the increasingly advanced information communication technology, the development of cyber physical distribution power system has caused key cyber security issues related to system operation. This paper is focused on realizing a unified system attack modeling and security assessment of an active distribution power system. In this paper, first we present an overview of the system operation from the fusion system perspective. The significant effects of network intrusion attacks on operational security are evaluated. A new unified cyber physical network model is established using a limited stochastic Petri net graph theory that considers refined firewalls and password components. Then, a security effectiveness evaluation method is proposed to analyze channel throughput variation and system robustness. Overall CPDS security risk values are determined based on physical influence coefficients. Finally, simulations of an improved IEEE-33 bus distribution power system and security assessment under intrusion attacks are described. The research work could raise awareness of the cyber intrusion threats and provide the basis for security defense.

Engineering,Computer Science

Chen Weihua,Jiang Quanyuan,Cao Yijia

DOI: https://doi.org/10.1109/ipec.2005.207004

2005-01-01

Abstract:With the increasing utilization of HVDC system, security assessment of HVDC system has become a hot topic. This paper presents a novel approach using the framework of vulnerability to assess HVDC system security. First, equivalent models of HVDC systems, based on Markov model and logical diagram, are built to solve "dimension disaster" problem. Second, the risk index is used as an indicator of the level of security, and its sensitivity to a changing system parameter is used as an indicator of its trend. These two indicators are combined to determine the degree of HVDC system vulnerability to contingent disturbances. Finally, artificial neural network (ANN) is applied to the fast pattern recognition and classification of system vulnerability status. A case of Gezhouba-Shanghai HVDC system in China is presented to verify correctness and effectiveness of the approach.