Yinan Wang,Wei Li,Gangfeng Yan,Sumian Song

DOI: https://doi.org/10.1109/icit.2017.7915433

2017-01-01

Abstract:This paper proposes an unified framework for electrical cyber physical systems (ECPSs) and studies the mechanism of cyber attacks and cyber security. Communication networks are designed by characteristics of power grids. This model is universal to both transmission and distribution grids. The fragility of ECPSs under cyber attacks (DoS attacks and false data injection attacks) is analyzed in three scenarios based on different types and attackers' acknowledgments of the ECPSs. It has been proved that attacks happen at information uploading routers or control strategy downloading routers will influence the system differently. The effectiveness of relay protection policies and cyber security policies are verified by experimental results.

Yinan Wang,Gangfeng Yan,Ronghao Zheng

DOI: https://doi.org/10.3390/app8050768

2018-01-01

Applied Sciences

Abstract:The integration of modern computing and advanced communication with power grids has led to the emergence of electrical cyber-physical systems (ECPSs). However, the massive application of communication technologies makes the power grids become more vulnerable to cyber attacks. In this paper, we study the vulnerability of ECPSs and develop defence strategies against cyber attacks. Detection and protection algorithms are proposed to deal with the emergency of cascading failures. Moreover, we propose a weight adjustment strategy to solve the unbalanced power flows problem which is caused by splitting incidents. A MATLAB-based platform with advantages of easy programming, fast calculation, and no damage to systems is built for the offline simulation and analysis of the vulnerability of ECPSs. We also propose a five-aspect method of vulnerability assessment which includes the robustness, economic costs, degree of damage, vulnerable equipment, and trip point. The study is of significance to decision makers as they can get specific advice and defence strategies about a special power system.

Huaiyu Liu,Yuze Fu,Kaikai Pan,Wenyuan Xu,Chenggang Li,Chen Liu

DOI: https://doi.org/10.1109/isgtasia54891.2023.10372698

2023-01-01

Abstract:With the growing focus on reducing carbon emissions, there has been a significant increase in the deployment of distributed photovoltaic generation systems. However, their distributed nature makes them vulnerable to adversarial threats. Moreover, these systems can serve as potential entry points or attack surfaces for targeting the power grid. Existing methods are either designed for specific attacks or intrusive to power terminals (e.g., intelligent terminal, communication device). To tackle this issue, this paper introduces a method for detecting and classifying attacks on distributed PV systems leveraging cyber and power side channel data. The proposed method is capable of detecting various attacks rather than specific ones and is non-intrusive for collecting information from power terminals.

Zhenyong Zhang,Ke Zuo,Ruilong Deng,Fei Teng,Mingyang Sun

DOI: https://doi.org/10.1109/jiot.2023.3264492

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Machine learning-based intelligent systems enhanced with Internet of Things (IoT) technologies have been widely developed and exploited to enable the real-time stability assessment of a large-scale electricity grid. However, it has been extensively recognized that the IoT-enabled communication network of power systems is vulnerable to cyberattacks. In particular, system operating states, critical attributes that act as input to the data-driven stability assessment, can be manipulated by malicious actors to mislead the system operator into making disastrous decisions and thus cause major blackouts and cascading events. In this article, we explore the vulnerability of the data-driven power system stability assessment, with a special emphasis on decision tree-based stability assessment (DTSA) approaches, and investigate the feasibility of constructing a physics-constrained adversarial attack (PCAA) to undermine the DTSA. The PCAA is formulated as a nonlinear programming problem considering the misclassification constraint, power limits, and bad data detection, computing potential adversarial perturbations that reverse the “stable/unstable” prediction of the real-time input while remaining invisible/stealthy. Extensive experiments based on the IEEE 68-bus system are conducted to evaluate the impact of PCAAs on predictions of DTSA and their transferability.

Aniruddha Agrawal,Donnagratia Syndor,Dallang M. Momin,Shaik Affijulla

DOI: https://doi.org/10.1515/ijeeps-2021-0176

2021-09-10

International Journal of Emerging Electric Power Systems

Abstract:Abstract Smart electric grids are practising flexible, reliable and robust operations during delivery and consumption of power. However, these grids are highly vulnerable to a wide range of cyber attacks due to the deployment of an extensive communication network. In this paper, the nature of cyber attack on given power system based on proposed cyber attack models and theorems is analysed by utilizing steady state voltage stability (L index). Further, a cyber attack factor is introduced which may mislead the bus voltage stability virtually. The proposed cyber attack models and theorems are validated by executing cyber attacks on WSCC 9 bus and IEEE 14 bus test systems by using Siemens PSS/E and MATLAB softwares. Through the proposed theorems, the paper exposes and quantifies the threat of cyber attacks in the electric power grid. The simulation results reveal that the proposed cyber attack models may misrepresent the bus voltage stability, thereby misleading the energy management centre (EMC) operator into taking incorrect countermeasures. The above incorrect actions may force voltage instability which further leads to major interruptions in the electric power supply and possible cascading failure of the electric power grid. Moreover, the proposed theorems and rigorous simulations presented in the paper support the EMC operator in intelligently identifying a cyber attack, thereby enabling development of appropriate corrective actions during such cyber attacks on the smart electric grid. Thus, the concept of proposed methodology could best assist the power system operator to build detection algorithms for discrimination of cyber attacks from electrical faults towards strong electric grid resilience character.

Naveen Tatipatri,S. L. Arun

DOI: https://doi.org/10.1109/access.2024.3361039

IF: 3.9

2024-02-10

IEEE Access

Abstract:Continuous communication and information technology advancements facilitate the modernization of the conventional energy grid into an integrated platform. Internet-of-Things (IoT) incorporates power systems, particularly smart grid features and the delivery of new services from the utility side to the end user over a two-way communication channel. However, severe security vulnerabilities have been created due to over-dependency on IoT based communication systems. In addition, critical information exchange between any two entities or devices is always an appealing target for cyber-attackers, especially with financial interest motive by damaging integrity, confidentiality and authenticity in a communication channel. Maintaining data security and preserving privacy in between two entities during the transmission or any data distribution are essential. The potential attacks and impacts of those attacks need to be investigated to develop an effective cyber security infrastructure. Thus, considerable researchers focused on detection and mitigation of these vulnerable cyber-attacks using advanced computation tools. This review article thoroughly investigated possible ways to address cyber security challenges such as smart meter security, end-users privacy, electricity theft cyber-attacks using blockchain and cryptography against communication attacks in smart grid. The operational impacts of cyber-attacks on power system security, as well as the economic impact on deregulated energy markets, have been extensively explored. In addition, the robustness of security features and cryptographic methods against various cyber-attacks is investigated to suggest unexplored cyber-attacks for future scope. Specially, the study of real-world cyber security events, case studies, new findings and new scopes in diverse power industries are carried out. More than 135 research articles has been examined for this review article. This paper mainly concentrates on distribution-side cyber-attacks with impact analysis, detection and protection techniques.

computer science, information systems,telecommunications,engineering, electrical & electronic

Sagnik Basumallik,Sara Eftekharnejad,Brian K. Johnson

DOI: https://doi.org/10.1016/j.ijepes.2020.106225

2020-12-01

Abstract:Deployment of energy management systems in electric utilities has resulted in improvement of situational awareness in power systems. However, additional cyber security issues are introduced in real-time operations. Substantial research has since been dedicated towards the feasibility and formulation of coordinated cyber-physical attacks against power systems. However, the full extent of their impacts contributing to cascading failures is not widely explored. This paper investigates to what extent such coordinated attacks against power system state estimation lead to large scale blackouts. To consider the worst case scenarios, false data injection attacks against parameter-based remedial action schemes are investigated on realistic power networks under large inter-area power transfers. Additionally, three indices are proposed to quantify the severity of the post-attack impacts: Loss of Observability after Cascading Failures, Loss of Observability after Controlled Islanding and Lines Recoverable after Controlled Islanding. The three indices will enable system operators to estimate the extent of recoverability of the grid after attacks have adversely impacted the power grid. All simulations are carried on synthetic Illinois 200-bus and South Carolina 500-bus systems.

engineering, electrical & electronic

Deepjyoti Deka,Ross Baldick,Sriram Vishwanath

DOI: https://doi.org/10.48550/arXiv.1505.01881

2015-05-08

Abstract:Data attacks on meter measurements in the power grid can lead to errors in state estimation. This paper presents a new data attack model where an adversary produces changes in state estimation despite failing bad-data detection checks. The adversary achieves its objective by making the estimator incorrectly identify correct measurements as bad data. The proposed attack regime's significance lies in reducing the minimum sizes of successful attacks to more than half of that of undetectable data attacks. Additionally, the attack model is able to construct attacks on systems that are resilient to undetectable attacks. The conditions governing a successful data attack of the proposed model are presented along with guarantees on its performance. The complexity of constructing an optimal attack is discussed and two polynomial time approximate algorithms for attack vector construction are developed. The performance of the proposed algorithms and efficacy of the hidden attack model are demonstrated through simulations on IEEE test systems.

Cryptography and Security,Systems and Control

Ruilong Deng,Peng Zhuang,Hao Liang

DOI: https://doi.org/10.1109/TSG.2017.2702125

IF: 10.275

2017-01-01

IEEE Transactions on Smart Grid

Abstract:Smart grid, as one of the most critical infrastructures, is vulnerable to a wide variety of cyber and/or physical attacks. Recently, a new category of threats to smart grid, named coordinated cyber-physical attacks (CCPAs), are emerging. A key feature of CCPAs is to leverage cyber attacks to mask physical attacks which can cause power outages and potentially trigger cascading failures. In this pap...

Chee-Wooi Ten,Koji Yamashita,Zhiyuan Yang,Athanasios V. Vasilakos,Andrew Ginter

DOI: https://doi.org/10.1109/tsg.2017.2656068

IF: 10.275

2018-09-01

IEEE Transactions on Smart Grid

Abstract:The first-ever Ukraine cyberattack on power grid has proven its devastation by hacking into their critical cyber assets. With administrative privileges accessing substation networks/local control centers, one intelligent way of coordinated cyberattacks is to execute a series of disruptive switching executions on multiple substations using compromised supervisory control and data acquisition systems. These actions can cause significant impacts to an interconnected power grid. Unlike the previous power blackouts, such high-impact initiating events can aggravate operating conditions, initiating instability that may lead to system-wide cascading failure. A systemic evaluation of “nightmare” scenarios is highly desirable for asset owners to manage and prioritize the maintenance and investment in protecting their cyberinfrastructure. This survey paper is a conceptual expansion of real-time monitoring, anomaly detection, impact analyses, and mitigation framework that emphasizes on the resulting impacts, both on steady-state and dynamic aspects of power system stability. Hypothetically, we associate the combinatorial analyses of steady state on substations/components outages and dynamics of the sequential switching orders as part of the permutation. The expanded framework includes: 1) critical/non-critical combination verification; 2) cascade confirmation; and 3) combination re-evaluation. This paper ends with a discussion of the open issues for metrics and future design pertaining the impact quantification of cyber-related contingencies.

engineering, electrical & electronic

Haftu Tasew Reda,Adnan Anwar,Abdun Naser Mahmood,Zahir Tari

DOI: https://doi.org/10.48550/arXiv.2103.16085

2021-03-30

Cryptography and Security

Abstract:Modern electric power grid, known as the Smart Grid, has fast transformed the isolated and centrally controlled power system to a fast and massively connected cyber-physical system that benefits from the revolutions happening in the communications and the fast adoption of Internet of Things devices. While the synergy of a vast number of cyber-physical entities has allowed the Smart Grid to be much more effective and sustainable in meeting the growing global energy challenges, it has also brought with it a large number of vulnerabilities resulting in breaches of data integrity, confidentiality and availability. False data injection (FDI) appears to be among the most critical cyberattacks and has been a focal point interest for both research and industry. To this end, this paper presents a comprehensive review in the recent advances of the defence countermeasures of the FDI attacks in the Smart Grid infrastructure. Relevant existing literature are evaluated and compared in terms of their theoretical and practical significance to the Smart Grid cybersecurity. In conclusion, a range of technical limitations of existing false data attack detection researches are identified, and a number of future research directions are recommended.

Muhammad Nouman Nafees,Neetesh Saxena,Alvaro Cardenas,Santiago Grijalva,Pete Burnap

DOI: https://doi.org/10.1145/3565570

IF: 16.6

2023-02-03

ACM Computing Surveys

Abstract:The smart grid, regarded as the complex cyber-physical ecosystem of infrastructures, orchestrates advanced communication, computation, and control technologies to interact with the physical environment. Due to the high rewards that threats to the grid can realize, adversaries can mount complex cyber-attacks such as advanced persistent threats-based and coordinated attacks to cause operational malfunctions and power outages in the worst scenarios: The latter of which was reflected in the Ukrainian power grid attack. Despite widespread research on smart grid security, the impact of targeted attacks on control and power systems is anecdotal. This paper reviews the smart grid security from collaborative factors, emphasizing the situational awareness. Specifically, we propose a threat modeling framework and review the nature of cyber-physical attacks to understand their characteristics and impacts on the smart grid’s control and physical systems. We examine the existing threats detection and defense capabilities, such as intrusion detection systems, moving target defense, and co-simulation techniques, along with discussing the impact of attacks through situational awareness and power system metrics. We discuss the human factor aspects for power system operators in analyzing the impacts of cyber-attacks. Finally, we investigate the research challenges with key research gaps to shed light on future research directions.

computer science, theory & methods

Lennart Bader,Martin Serror,Olav Lamberts,Ömer Sen,Dennis van der Velde,Immanuel Hacker,Julian Filter,Elmar Padilla,Martin Henze

DOI: https://doi.org/10.1109/EuroSP57164.2023.00066

2023-05-16

Abstract:The increasing digitalization of power grids and especially the shift towards IP-based communication drastically increase the susceptibility to cyberattacks, potentially leading to blackouts and physical damage. Understanding the involved risks, the interplay of communication and physical assets, and the effects of cyberattacks are paramount for the uninterrupted operation of this critical infrastructure. However, as the impact of cyberattacks cannot be researched in real-world power grids, current efforts tend to focus on analyzing isolated aspects at small scales, often covering only either physical or communication assets. To fill this gap, we present WATTSON, a comprehensive research environment that facilitates reproducing, implementing, and analyzing cyberattacks against power grids and, in particular, their impact on both communication and physical processes. We validate WATTSON's accuracy against a physical testbed and show its scalability to realistic power grid sizes. We then perform authentic cyberattacks, such as Industroyer, within the environment and study their impact on the power grid's energy and communication side. Besides known vulnerabilities, our results reveal the ripple effects of susceptible communication on complex cyber-physical processes and thus lay the foundation for effective countermeasures.

Cryptography and Security,Systems and Control

Yi Huang,Mohammad Esmalifalak,Huy Nguyen,Rong Zheng,Zhu Han,Husheng Li,Lingyang Song

DOI: https://doi.org/10.1109/mcom.2013.6400435

IF: 9.03

2013-01-01

IEEE Communications Magazine

Abstract:In modern smart grid networks, the traditional power grid is empowered by technological advances in sensing, measurement, and control devices with two-way communications between the suppliers and consumers. The smart grid integration helps the power grid networks to be smarter, but it also increases the risk of attacks because of the existing obsolete cyber-infrastructure. In this article, we focus on bad data injection attacks for smart grid. The basic problem formulation is presented, and the special type of stealth attack is discussed. Then we investigate the strategies of defenders and attackers, respectively. Specifically, from the defender's perspective, an adaptive cumulative sum test is able to determine the possible existence of adversaries at the control center as quickly as possible. From the attacker's point of view, independent component analysis is employed for the attackers to make inferences through phasor observations without prior knowledge of the power grid topology. The inferred structural information can then be used to launch stealth attacks.

Le Xie,Yilin Mo,Bruno Sinopoli

DOI: https://doi.org/10.1109/tsg.2011.2161892

IF: 10.275

2011-01-01

IEEE Transactions on Smart Grid

Abstract:We study the economic impact of a potential class of integrity cyber attacks, named false data injection attacks, on electric power market operations. In particular, we show that with the knowledge of the transmission system topology, attackers may circumvent the bad data detection algorithms equipped in today's state estimator. This, in turn, may be leveraged by attackers for consistent financial arbitrage such as virtual bidding at selected pairs of nodes. This paper is a first attempt to formalize the economic impact of malicious data attacks on real-time market operations. We show how an attack could systematically construct a profitable attacking strategy, in the meantime being undetected by the system operator. Such a result is also valuable for the system operators to examine the potential economic loss due to such cyber attack. The potential impact of the false data injection attacks is illustrated on real-time market operations of the IEEE 14-bus system.

Denys Mishchenko,Irina Oleinikova,László Erdődi,Basanta Raj Pokhrel

DOI: https://doi.org/10.1109/access.2024.3375401

IF: 3.9

2024-03-19

IEEE Access

Abstract:The rapid digitalization of power systems involves enhanced interconnectivity, intelligence, and cost-efficiency across all components. In the era of Industry 5.0, the criticality of energy supply makes power systems prime targets for attacks, highlighting the need for the creation and evaluation of solutions against cyber-physical threats. Testbeds have emerged as essential tools for these purposes by representing real-world power systems in controlled environments and simulating cyber-physical attack-defense experiments. This paper introduces a Cyber-Physical Security (CPS) testbed rooted in the Smart Grid Architecture Model (SGAM) and developed adversary setup within the National Smart Grid Laboratory at the Norwegian University of Science and Technology. By adhering to the SGAM framework, this study delves into the classification and assessment of threats within the structure of the CPS testbed, examining vulnerabilities at distinct structural levels. Significantly, the strategic placement of the adversary setup within these levels enables a comprehensive evaluation of cyber-physical vulnerabilities in simulated systems, thereby facilitating the assessment of protective measures. Furthermore, this research presents case studies using three data sources as an aggregated dynamic power system model simulated in the real-time digital simulator OPAL-RT, real power grid, and playback of previously recorded data frames using virtual phasor measurement units functionality. The focus of this work is on the analysis of the five most common cyberattacks on power systems, such as passive and active reconnaissance, interruption in communication, TCP packet injection, and men-in-the-middle attacks utilizing the C37.118.2-2011 protocol. The results of the case studies illustrate the framework for the adversary setup and provide proof-of-concept attack scenarios for evaluation purposes. As part of future work, we intend to expand upon this research with a defender setup and implement more sophisticated, stealthy attacks.

computer science, information systems,telecommunications,engineering, electrical & electronic

Zhimei Zhang,Shaowei Huang,Feng Liu,Shengwei Mei

DOI: https://doi.org/10.1109/access.2020.3006555

IF: 3.9

2020-01-01

IEEE Access

Abstract:Modern cyber-physical power systems are vulnerable to cyber attacks. Given that cyber and physical networks are coupled tightly, attacks in the cyber layer can penetrate the physical layer, causing the outage of transmission lines and other physical equipment, thus changing the topology of the grid. In some extreme scenarios, the topological change will disrupt the emergency response of the grid, eventually causing cascading outages along with a blackout. Therefore, as the defender, the operator of a cyber-physical power system should identify critical cyber attacks. In this paper, patterns of sequential cyber topological attacks are analyzed. Firstly, a coordinated attack process is established, including mechanism and probability analysis considering the different timescales. Secondly, the concept of patterns is defined as minimal attack sequences aimed at causing blackouts. Furthermore, the representativeness of patterns is illustrated, which can significantly reduce the storage of risky attack sequences. Thirdly, to address the problem that the identification of patterns is computationally intensive, a search strategy that selects the next attack target dynamically and increases the search depth gradually is proposed to avoid unnecessary search trials. Lastly, tests are carried out on the IEEE 39-node system using the AC power flow model, which validates the representativeness of patterns and the performance of the proposed search strategy.

Fabio Pasqualetti,Florian Dörfler,Francesco Bullo

DOI: https://doi.org/10.48550/arXiv.1103.2795

2011-03-15

Abstract:Future power networks will be characterized by safe and reliable functionality against physical malfunctions and cyber attacks. This paper proposes a unified framework and advanced monitoring procedures to detect and identify network components malfunction or measurements corruption caused by an omniscient adversary. We model a power system under cyber-physical attack as a linear time-invariant descriptor system with unknown inputs. Our attack model generalizes the prototypical stealth, (dynamic) false-data injection and replay attacks. We characterize the fundamental limitations of both static and dynamic procedures for attack detection and identification. Additionally, we design provably-correct (dynamic) detection and identification procedures based on tools from geometric control theory. Finally, we illustrate the effectiveness of our method through a comparison with existing (static) detection algorithms, and through a numerical study.

Optimization and Control,Systems and Control

Sajjad Maleki,Shijie Pan,Subhash Lakshminarayana,Charalambos Konstantinou

2024-10-29

Abstract:The growing penetration of IoT devices in power grids despite its benefits, raises cyber security concerns. In particular, load-altering attacks (LAAs) targetting high-wattage IoT-controllable load devices pose serious risks to grid stability and disrupt electricity markets. This paper provides a comprehensive review of LAAs, highlighting the threat model, analyzing its impact on transmission and distribution networks, and the electricity market dynamics. We also review the detection and localization schemes for LAAs that employ either model-based or data-driven approaches, with some hybrid methods combining the strengths of both. Additionally, mitigation techniques are examined, focusing on both preventive measures, designed to thwart attack execution, and reactive methods, which aim to optimize responses to ongoing attacks. We look into the application of each study and highlight potential streams for future research in this field.

Systems and Control

Seema Yadav,Nand Kishor,Shubhi Purwar,Petra Raussi,Saikat Chakrabarti

DOI: https://doi.org/10.1016/j.segan.2024.101297

2024-02-17

Sustainable Energy, Grids and Networks

Abstract:This paper presents novel insights about cyber-attacks in the power network and their consequence in terms of stability. Compared to existing cyber-attack related studies in power systems, the work discusses switching attack construction and evaluates the impact on generator dynamics. As such, the study is in two folds: (i) switching attack construction, with selection of switching instants based on system states and (ii) vulnerability analysis of power system components, circuit breaker, governor system and excitation system of generators. The role of inherently present communication delay/state variable delay becomes important as it has direct impact on dynamic performance of the system. The impact of the constant and timedependent delay on the stability is addressed by determining the time-delay margin using Lyapunov-Krasovskii functional. Thereafter, the condition for successful switching attack construction is given in terms of delay margin. The accuracy of the derived condition for successful switching attack is demonstrated via real-time co-simulation (RTDS) and MATLAB software. The vulnerability of power system components in IEEE 3-machine, 9-bus network are analysed as individuals or their combinations when subjected to switching attacks. The adequacy related to power system stability as a consequence of cyber-attacks is investigated with an estimation of RoCoF of generators.

energy & fuels,engineering, electrical & electronic