Power Grid Security

SoS Logo

Power Grid Security

Cyber-Physical Systems such as the power grid are complex networks linked with cyber capabilities. The complexity and potential consequences of cyber-attacks on the grid make them an important area for scientific research. The articles cited below appeared in 2014.

  • Xuezhong Guan; Jinlong Liu; Zhe Gao; Di Yu; Miao Cai, "Power Grids Vulnerability Analysis Based On Combination Of Degree And Betweenness," Control and Decision Conference (2014 CCDC), The 26th Chinese, pp. 4829, 4833, May 31 2014-June 2 2014. doi: 10.1109/CCDC.2014.6853038 This paper proposes an analysis method of power grids vulnerability based on complex networks. The method effectively combines the degree and betweenness of nodes or lines into a new index. Through combination of the two indexes, the new index can help to analyze the vulnerability of power grids. Attacking the line of the new index can obtain a smaller size of the largest cluster and global efficiency than that of the pure degree index or betweenness index. Finally, the fault simulation results of IEEE 118 bus system show that the new index can reveal the vulnerability of power grids more effectively.
    Keywords: power grids; power system faults; IEEE 118 bus system; betweenness index; complex networks; degree index; fault simulation; power grid vulnerability analysis; Complex networks; Educational institutions; Generators; Indexes; Power grids; Power system faults; Power system protection; Complex networks; Degree-betweenness; Power grids; Vulnerability (ID#:14-3193)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6853038&isnumber=6852105
  • Zhe Gao; Xiaowu Cai; Chuan Lv; Chao Liang, "Analysis on Vulnerability Of Power Grid Based On Electrical Betweenness With Information Entropy," Control Conference (CCC), 2014 33rd Chinese, pp.2727,2731, 28-30 July 2014. doi: 10.1109/ChiCC.2014.6897068 This paper investigates the vulnerability of power grids based on the complex networks combining the information entropy. The difference of current directions for a link is considered, and it is characterized by the information entropy. By combining the information entropy, the electrical betweenness is improved to evaluate the vulnerability of power grids. Attacking the link based on the largest electrical betweenness with the information can get the larger size of the largest cluster and the lower lost of loads, compared with the electrical betweenness without the information entropy. Finally, IEEE 118 bus system is tested to validate the effectiveness of the novel index to characterize the the vulnerability of power grids.
    Keywords: IEEE standards; entropy; power grids; IEEE 118 bus system; complex networks; information entropy; power grid vulnerability; Complex networks; Entropy; Generators; Information entropy; Load modeling; Power grids; Complex networks; Information Entropy; Power grids; Vulnerability (ID#:14-3194)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6897068&isnumber=6895198
  • Zhang, Yichi; Xiang, Yingmeng; Wang, Lingfeng, "Reliability Analysis Of Power Grids With Cyber Vulnerability In SCADA System," PES General Meeting | Conference & Exposition, 2014 IEEE, pp.1,5, 27-31 July 2014. doi: 10.1109/PESGM.2014.6939397 As information and communication networks are highly interconnected with the power grid, cyber security of the supervisory control and data acquisition (SCADA) system has become a critical issue in the power system. By intruding into the SCADA system via the remote access points, the attackers are able to eavesdrop critical data and reconfigure devices to trip the system breakers. The cyber attacks are able to impact the reliability of the power system through the SCADA system. In this paper, six cyber attack scenarios in the SCADA system are considered. A Bayesian attack graph model is used to evaluate the probabilities of successful cyber attacks on the SCADA system, which will result in breaker trips. A forced outage rate (FOR) model is proposed considering the frequencies of successful attacks on the generators and transmission lines. With increased FOR values resulted from the cyber attacks, the loss of load probabilities (LOLP) in reliability test system 79 (RTS79) are estimated. The results of the simulations demonstrate that the power system becomes less reliable as the frequency of successful attacks increases.
    Keywords: Bayes methods; Generators; Power system reliability; Reliability; SCADA systems; Substations; Bayesian attack graph model; Cyber security; SCADA system; cyber-physical power systems; forced outage rate; loss of load probability; power system reliability (ID#:14-3195)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6939397&isnumber=6938773
  • Hong Liu; Huansheng Ning; Yan Zhang; Qingxu Xiong; Yang, L.T., "Role-Dependent Privacy Preservation for Secure V2G Networks in the Smart Grid," Information Forensics and Security, IEEE Transactions on, vol. 9, no. 2, pp. 208, 220, Feb. 2014. doi: 10.1109/TIFS.2013.2295032 Vehicle-to-grid (V2G), involving both charging and discharging of battery vehicles (BVs), enhances the smart grid substantially to alleviate peaks in power consumption. In a V2G scenario, the communications between BVs and power grid may confront severe cyber security vulnerabilities. Traditionally, authentication mechanisms are solely designed for the BVs when they charge electricity as energy customers. In this paper, we first show that, when a BV interacts with the power grid, it may act in one of three roles: 1) energy demand (i.e., a customer); 2) energy storage; and 3) energy supply (i.e., a generator). In each role, we further demonstrate that the BV has dissimilar security and privacy concerns. Hence, the traditional approach that only considers BVs as energy customers is not universally applicable for the interactions in the smart grid. To address this new security challenge, we propose a role-dependent privacy preservation scheme (ROPS) to achieve secure interactions between a BV and power grid. In the ROPS, a set of interlinked subprotocols is proposed to incorporate different privacy considerations when a BV acts as a customer, storage, or a generator. We also outline both centralized and distributed discharging operations when a BV feeds energy back into the grid. Finally, security analysis is performed to indicate that the proposed ROPS owns required security and privacy properties and can be a highly potential security solution for V2G networks in the smart grid. The identified security challenge as well as the proposed ROPS scheme indicates that role-awareness is crucial for secure V2G networks.
    Keywords: battery powered vehicles; cryptographic protocols; energy storage; power engineering computing; smart power grids; ROPS; authentication mechanisms; battery vehicles; cyber security vulnerability; energy demand; energy storage; energy supply; interlinked subprotocols; role-dependent privacy preservation scheme; secure V2G networks; security analysis; smart grid; vehicle-to-grid networks; Authentication; Electricity; Privacy; Protocols; Smart grids; Vehicle-to-grid (V2G); authentication; privacy; security; smart grid (ID#:14-3196)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6684311&isnumber=6705647
  • Jun Yan; Haibo He; Yan Sun, "Integrated Security Analysis on Cascading Failure in Complex Networks," Information Forensics and Security, IEEE Transactions on, vol. 9, no. 3, pp.451, 463, March 2014. doi: 10.1109/TIFS.2014.2299404 The security issue of complex networks has drawn significant concerns recently. While pure topological analyzes from a network security perspective provide some effective techniques, their inability to characterize the physical principles requires a more comprehensive model to approximate failure behavior of a complex network in reality. In this paper, based on an extended topological metric, we proposed an approach to examine the vulnerability of a specific type of complex network, i.e., the power system, against cascading failure threats. The proposed approach adopts a model called extended betweenness that combines network structure with electrical characteristics to define the load of power grid components. By using this power transfer distribution factor-based model, we simulated attacks on different components (buses and branches) in the grid and evaluated the vulnerability of the system components with an extended topological cascading failure simulator. Influence of different loading and overloading situations on cascading failures was also evaluated by testing different tolerance factors. Simulation results from a standard IEEE 118-bus test system revealed the vulnerability of network components, which was then validated on a dc power flow simulator with comparisons to other topological measurements. Finally, potential extensions of the approach were also discussed to exhibit both utility and challenge in more complex scenarios and applications.
    Keywords: security of data; topology; cascading failure; complex networks; extended topological metric; integrated security analysis; network security perspective; power grid components; power transfer distribution factor-based model; standard IEEE 118-bus test system; Analytical models; Complex networks; Power grids; Power system faults; Power system protection; Security; Complex network security; cascading failure; extended topological analysis; structural vulnerability (ID#:14-3197)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6708453&isnumber=6727454
  • Yihai Zhu; Jun Yan; Yufei Tang; Yan Sun; Haibo He, "The Sequential Attack Against Power Grid Networks," Communications (ICC), 2014 IEEE International Conference on, pp.616,621, 10-14 June 2014. doi: 10.1109/ICC.2014.6883387 The vulnerability analysis is vital for safely running power grids. The simultaneous attack, which applies multiple failures simultaneously, does not consider the time domain in applying failures, and is limited to find unknown vulnerabilities of power grid networks. In this paper, we discover a new attack scenario, called the sequential attack, in which the failures of multiple network components (i.e., links/nodes) occur at different time. The sequence of such failures can be carefully arranged by attackers in order to maximize attack performances. This attack scenario leads to a new angle to analyze and discover vulnerabilities of grid networks. The IEEE 39 bus system is adopted as test benchmark to compare the proposed attack scenario with the existing simultaneous attack scenario. New vulnerabilities are found. For example, the sequential failure of two links, e.g., links 26 and 39 in the test benchmark, can cause 80% power loss, whereas the simultaneous failure of them causes less than 10% power loss. In addition, the sequential attack is demonstrated to be statistically stronger than the simultaneous attack. Finally, several metrics are compared and discussed in terms of whether they can be used to sharply reduce the search space for identifying strong sequential attacks.
    Keywords: failure analysis; power grids; time-domain analysis; IEEE 39 bus system; multiple failures; multiple network components; power grid networks; sequential attack; sequential failure; test benchmark; time domain; vulnerability analysis; Generators; Power grids; Power system faults; Power system protection; Size measurement; Substations; Cascading Failure; Power Grid Network; Sequential Attack; Vulnerability Analysis (ID#:14-3198)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6883387&isnumber=6883277
  • Farzan, F.; Jafari, M.A.; Wei, D.; Lu, Y., "Cyber-Related Risk Assessment And Critical Asset Identification In Power Grids," Innovative Smart Grid Technologies Conference (ISGT), 2014 IEEE PES, pp.1,5, 19-22 Feb. 2014. doi: 10.1109/ISGT.2014.6816371 This paper proposes a methodology to assess cyber-related risks and to identify critical assets both at power grid and substation levels. The methodology is based on a two-pass engine model. The first pass engine is developed to identify the most critical substation(s) in a power grid. A mixture of Analytical hierarchy process (AHP) and (N-1) contingent analysis is used to calculate risks. The second pass engine is developed to identify risky assets within a substation and improve the vulnerability of a substation against the intrusion and malicious acts of cyber hackers. The risk methodology uniquely combines asset reliability, vulnerability and costs of attack into a risk index. A methodology is also presented to improve the overall security of a substation by optimally placing security agent(s) on the automation system.
    Keywords: analytic hierarchy process; power grids; power system reliability; power system security; risk analysis; substation automation;AHP;N-1 contingent analysis; analytical hierarchy process; asset reliability; automation system; cost vulnerability; critical asset identification; critical substation identification; cyber hackers; cyber related risk assessment; intrusion detection; malicious; optimal placing security; power grid; risk index; risk methodology; second pass engine; substation level; substation vulnerability; two-pass engine model; Automation; Indexes; Modeling; Power grids; Reliability; Security; Substations; cyber security; cyber vulnerability; electrical power grids; risk assessment; substation (ID#:14-3199)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6816371&isnumber=6816367
  • Beasley, C.; Venayagamoorthy, G.K.; Brooks, R., "Cyber Security Evaluation Of Synchrophasors In A Power System," Power Systems Conference (PSC), 2014 Clemson University, pp. 1, 5, 11-14 March 2014. doi: 10.1109/PSC.2014.6808100 The addition of synchrophasors such as phasor measurement units (PMUs) to the existing power grid will enhance real-time monitoring and analysis of the grid. The PMU collects bus voltage, line current, and frequency measurements and uses the communication network to send the measurements to the respective substation(s)/control center(s). Since this approach relies on network infrastructure, possible cyber security vulnerabilities have to be addressed to ensure that is stable, secure, and reliable. In this paper, security vulnerabilities associated with a synchrophasor network in a benchmark IEEE 68 bus (New England/New York) power system model are examined. Currently known feasible attacks are demonstrated. Recommended testing and verification methods are also presented.
    Keywords: phasor measurement; power grids; power system security; security of data; PMU; benchmark IEEE 68 bus power system model; bus voltage; communication network; cyber security vulnerabilities; frequency measurements; line current; network infrastructure; phasor measurement units; power grid; real-time monitoring; synchrophasors; Current measurement; Frequency measurement; Phasor measurement units; Power measurement; Security; Smart grids; Cyber-attacks; data security; phasor measurement units; power system; smart grid (ID#:14-3200)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6808100&isnumber=6808089
  • Zonouz, S.; Davis, C.M.; Davis, K.R.; Berthier, R.; Bobba, R.B.; Sanders, W.H., "SOCCA: A Security-Oriented Cyber-Physical Contingency Analysis in Power Infrastructures," Smart Grid, IEEE Transactions on, vol.5, no.1, pp.3,13, Jan. 2014. doi: 10.1109/TSG.2013.2280399 Contingency analysis is a critical activity in the context of the power infrastructure because it provides a guide for resiliency and enables the grid to continue operating even in the case of failure. In this paper, we augment this concept by introducing SOCCA, a cyber-physical security evaluation technique to plan not only for accidental contingencies but also for malicious compromises. SOCCA presents a new unified formalism to model the cyber-physical system including interconnections among cyber and physical components. The cyber-physical contingency ranking technique employed by SOCCA assesses the potential impacts of events. Contingencies are ranked according to their impact as well as attack complexity. The results are valuable in both cyber and physical domains. From a physical perspective, SOCCA scores power system contingencies based on cyber network configuration, whereas from a cyber perspective, control network vulnerabilities are ranked according to the underlying power system topology.
    Keywords: power grids; power system planning; power system security; SOCCA; accidental contingency; control network; cyber components; cyber network configuration ;cyber perspective; cyber-physical security evaluation; grid operation; malicious compromises; physical components; power infrastructures; power system contingency; power system topology; security-oriented cyber-physical contingency analysis; Algorithm design and analysis; Indexes; Mathematical model ;Network topology; Power grids; Security; Contingency analysis; cyber-physical systems; security; situational awareness; state estimation (ID#:14-3201)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6687271&isnumber=6693741
  • Chiaradonna, S.; Di Giandomenico, F.; Murru, N., "On a Modeling Approach to Analyze Resilience of a Smart Grid Infrastructure," Dependable Computing Conference (EDCC), 2014 Tenth European, pp.166,177, 13-16 May 2014. doi: 10.1109/EDCC.2014.34 The evolution of electrical grids, both in terms of enhanced ICT functionalities to improve efficiency, reliability and economics, as well as the increasing penetration of renewable redistributed energy resources, results in a more sophisticated electrical infrastructure which poses new challenges from several perspectives, including resilience and quality of service analysis. In addition, the presence of interdependencies, which more and more characterize critical infrastructures (including the power sector), exacerbates the need for advanced analysis approaches, to be possibly employed since the early phases of the system design, to identify vulnerabilities and appropriate countermeasures. In this paper, we outline an approach to model and analyze smart grids and discuss the major challenges to be addressed in stochastic model-based analysis to account for the peculiarities of the involved system elements. Representation of dynamic and flexible behavior of generators and loads, as well as representation of the complex ICT control functions required to preserve and/or re-establish electrical equilibrium in presence of changes need to be faced to assess suitable indicators of the resilience and quality of service of the smart grid.
    Keywords: critical infrastructures; power system control; power system economics; power system reliability; smart power grids; stochastic processes; ICT control functions; ICT functionalities; critical infrastructure; electrical equilibrium; power system economics; power system efficiency; power system reliability; quality of service; renewable redistributed energy resource; smart grid infrastructure resilience; stochastic model based analysis; Analytical models; Generators; Load modeling; Low voltage; Smart grids; Substations; Voltage control; Electrical Smart Grid; Interdependencies; Modeling Framework; SAN Formalism; Stochastic Process (ID#:14-3202)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6821102&isnumber=6821069
  • Xiang, Yingmeng; Wang, Lingfeng; Zhang, Yichi, "Power System Adequacy Assessment With Probabilistic Cyber Attacks Against Breakers," PES General Meeting | Conference & Exposition, 2014 IEEE, pp. 1, 5, 27-31 July 2014. doi: 10.1109/PESGM.2014.6939374 Modern power systems heavily rely on the associated cyber network, and cyber attacks against the control network may cause undesired consequences such as load shedding, equipment damage, and so forth. The behaviors of the attackers can be random, thus it is crucial to develop novel methods to evaluate the adequacy of the power system under probabilistic cyber attacks. In this study, the external and internal cyber structures of the substation are introduced, and possible attack paths against the breakers are analyzed. The attack resources and vulnerability factors of the cyber network are discussed considering their impacts on the success probability of a cyber attack. A procedure integrating the reliability of physical components and the impact of cyber attacks against breakers are proposed considering the behaviors of the physical devices and attackers. Simulations are conducted based on the IEEE RTS79 system. The impact of the attack resources and attack attempt numbers are analyzed for attackers from different threats groups. It is concluded that implementing effective cyber security measures is crucial to the cyber-physical power grids.
    Keywords: Generators; IEC standards; Power system reliability; Reliability; Security; Substations; Cybersecurity; adequacy assessment; cyber-physical systems; probabilistic modeling; smart grid; substation breakers (ID#:14-3203)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6939374&isnumber=6938773
  • Zhu, Y.; Yan, J.; Tang, Y.; Sun, Y.L.; He, H., "Resilience Analysis of Power Grids Under the Sequential Attack," Information Forensics and Security, IEEE Transactions on, vol. 9, no. 12, pp.2340, 2354, Dec. 2014. doi: 10.1109/TIFS.2014.2363786 The modern society increasingly relies on electrical service, which also brings risks of catastrophic consequences, e.g., large-scale blackouts. In the current literature, researchers reveal the vulnerability of power grids under the assumption that substations/transmission lines are removed or attacked synchronously. In reality, however, it is highly possible that such removals can be conducted sequentially. Motivated by this idea, we discover a new attack scenario, called the sequential attack, which assumes that substations/transmission lines can be removed sequentially, not synchronously. In particular, we find that the sequential attack can discover many combinations of substation whose failures can cause large blackout size. Previously, these combinations are ignored by the synchronous attack. In addition, we propose a new metric, called the sequential attack graph (SAG), and a practical attack strategy based on SAG. In simulations, we adopt three test benchmarks and five comparison schemes. Referring to simulation results and complexity analysis, we find that the proposed scheme has strong performance and low complexity.
    Keywords: Complexity theory; Measurement; Power grids; Power system faults; Power system protection; Power transmission lines; Substations; Attack Strategies; Cascading Failures; Power Grid Security; Power grid security; attack strategies; cascading failures (ID#:14-3204)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6926763&isnumber=6953163
  • Yang, Y.; McLaughlin, K.; Sezer, S.; Littler, T.; Im, E.G.; Pranggono, B.; Wang, H.F., "Multiattribute SCADA-Specific Intrusion Detection System for Power Networks," Power Delivery, IEEE Transactions on, vol. 29, no.3, pp.1092, 1102, June 2014. doi: 10.1109/TPWRD.2014.2300099 The increased interconnectivity and complexity of supervisory control and data acquisition (SCADA) systems in power system networks has exposed the systems to a multitude of potential vulnerabilities. In this paper, we present a novel approach for a next-generation SCADA-specific intrusion detection system (IDS). The proposed system analyzes multiple attributes in order to provide a comprehensive solution that is able to mitigate varied cyber-attack threats. The multiattribute IDS comprises a heterogeneous white list and behavior-based concept in order to make SCADA cybersystems more secure. This paper also proposes a multilayer cyber-security framework based on IDS for protecting SCADA cybersecurity in smart grids without compromising the availability of normal data. In addition, this paper presents a SCADA-specific cybersecurity testbed to investigate simulated attacks, which has been used in this paper to validate the proposed approach.
    Keywords: SCADA systems; power system security; security of data; smart power grids; IDS; SCADA cybersystems; behavior-based concept; cyber-attack threats; heterogeneous white list; multiattribute SCADA-specific intrusion detection system; multilayer cyber-security framework; power system networks;smart grids; supervisory control and data acquisition systems; Computer security; Current measurement; Detectors; Intrusion detection; Protocols; SCADA systems; Cybersecurity; intrusion detection; smart grid; supervisory control and data acquisition (SCADA) (ID#:14-3205)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6737311&isnumber=6819482
  • Shipman, C.; Hopkinson, K.; Lopez, J., "Con-Resistant Trust for Improved Reliability in a Smart Grid Special Protection System," Power Delivery, IEEE Transactions on, vol. PP, no. 99, pp. 1, 1, 26 July 2014. doi: 10.1109/TPWRD.2014.2358074 This article applies a con-resistant trust mechanism to improve the performance of a communications-based special protection system to enhance its effectiveness and resiliency. Smart grids incorporate modern information technologies to increase reliability and efficiency through better situational awareness. However, with the benefits of this new technology comes added risks associated with threats and vulnerabilities to the technology and to the critical infrastructure it supports. The research in this article uses con-resistant trust to quickly identify malicious or malfunctioning (untrustworthy) protection system nodes to mitigate instabilities. The con-resistant trust mechanism allows protection system nodes to make trust assessments based on the node’s cooperative and defective behaviors. These behaviors are observed via frequency readings which are periodically reported. The trust architecture is tested in experiments comparing a simulated special protection system with a con-resistant trust mechanism to one without the mechanism via an analysis of variance statistical model. Simulations result show promise for the proposed con-resistant trust mechanism.
    Keywords: Generators; Government; Load modeling; Peer-to-peer computing; Resistance; Smart grids; Time-frequency analysis (ID#:14-3206)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6898851&isnumber=4359248
  • Marashi, K.; Sarvestani, S.S., "Towards Comprehensive Modeling of Reliability for Smart Grids: Requirements and Challenges," High-Assurance Systems Engineering (HASE), 2014 IEEE 15th International Symposium on, pp.105,112, 9-11 Jan. 2014. doi: 10.1109/HASE.2014.23 Smart grids utilize computation and communication to improve the efficacy and dependability of power generation, transmission, and distribution. As such, they are among the most critical and complex cyber-physical systems. The success of smart grids in achieving their stated goals is yet to be rigorously proven. In this paper, our focus is on improvements (or lack thereof) in reliability. We discuss vulnerabilities in the smart grid and their potential impact on its reliability, both generally and for the specific example of the IEEE-14 bus system. We conclude the paper by presenting a preliminary Markov imbedded systems model for reliability of smart grids and describe how it can be evolved to capture the vulnerabilities discussed.
    Keywords: Markov processes; distributed power generation; power engineering computing; power system reliability; smart power grids; IEEE-14 bus system; Markov embedded system model; cyber-physical systems; power distribution; power generation; power transmission; smart grid reliability; Computational modeling; Power system reliability; Power transmission lines; Reliability; Smart grids; Transmission line measurements; cyber-physical systems; reliability modeling; smart grid; vulnerability analysis (ID#:14-3207)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6754594&isnumber=6754569
  • Sgouras, K.I.; Birda, A.D.; Labridis, D.P., "Cyber Attack Impact On Critical Smart Grid Infrastructures," Innovative Smart Grid Technologies Conference (ISGT), 2014 IEEE PES, pp.1,5, 19-22 Feb. 2014. doi: 10.1109/ISGT.2014.6816504 Electrical Distribution Networks face new challenges by the Smart Grid deployment. The required metering infrastructures add new vulnerabilities that need to be taken into account in order to achieve Smart Grid functionalities without considerable reliability trade-off. In this paper, a qualitative assessment of the cyber attack impact on the Advanced Metering Infrastructure (AMI) is initially attempted. Attack simulations have been conducted on a realistic Grid topology. The simulated network consisted of Smart Meters, routers and utility servers. Finally, the impact of Denial-of-Service and Distributed Denial-of-Service (DoS/DDoS) attacks on distribution system reliability is discussed through a qualitative analysis of reliability indices.
    Keywords: computer network security; power distribution reliability; power engineering computing; power system security; smart meters; smart power grids; AMI; DoS-DDoS attacks; advanced metering infrastructure; critical smart grid infrastructures; cyber attack impact; distributed denial-of-service attacks; distribution system reliability; electrical distribution networks; grid topology; qualitative assessment; routers; smart grid deployment; smart meters; utility servers; Computer crime; Reliability; Servers; Smart grids; Topology; AMI; Cyber Attack ;DDoS; DoS; Reliability; Simulation; Smart Grid (ID#:14-3208)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6816504&isnumber=6816367
  • Ming Shange; Jingqiang Lin; Xiaokun Zhang; Changwei Xu, "A Game-Theory Analysis Of The Rat-Group Attack In Smart Grids," Intelligent Sensors, Sensor Networks and Information Processing (ISSNIP), 2014 IEEE Ninth International Conference on, pp.1,6, 21-24 April 2014. doi: 10.1109/ISSNIP.2014.6827636 More and more intelligent functions are proposed, designed and implemented in meters to make the power supply be smart. However, these complex functions also bring risks to the smart meters, and they become susceptible to vulnerabilities and attacks. We present the rat-group attack in this paper, which exploits the vulnerabilities of smart meters in the cyber world, but spreads in the physical world due to the direct economic benefits. To the best of our knowledge, no systematic work has been conducted on this attack. Game theory is then applied to analyze this attack, and two game models are proposed and compared under different assumptions. The analysis results suggest that the power company shall follow an open defense policy: disclosing the defense parameters to all users (i.e., the potential attackers), results in less loss in the attack.
    Keywords: {game theory; power engineering computing; security of data; smart meters; smart power grids; game-theory analysis; power grid; rat-group attack; smart grids; smart meters; Analytical models; Companies; Electricity; Game theory; Games; Smart grids; Attack; game theory; power grid; rat-group attack; smart grid; smart meter (ID#:14-3209)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6827636&isnumber=6827478
  • Mohagheghi, S., "Integrity Assessment Scheme for Situational Awareness in Utility Automation Systems," Smart Grid, IEEE Transactions on, vol.5, no.2, pp.592,601, March 2014. doi: 10.1109/TSG.2013.2283260 Today's more reliable communication technology, together with the availability of higher computational power, have paved the way for introduction of more advanced automation systems based on distributed intelligence and multi-agent technology. However, abundance of data, while making these systems more powerful, can at the same time act as their biggest vulnerability. In a web of interconnected devices and components functioning within an automation framework, potential impact of malfunction in a single device, either through internal failure or external damage/intrusion, may lead to detrimental side-effects spread across the whole underlying system. The potentially large number of devices, along with their inherent interrelations and interdependencies, may hinder the ability of human operators to interpret events, identify their scope of impact and take remedial actions if necessary. Through utilization of the concepts of graph-theoretic fuzzy cognitive maps (FCM) and expert systems, this paper puts forth a solution that is able to reveal weak links and vulnerabilities of an automation system, should it become exposed to partial internal failure or external damage. A case study has been performed on the IEEE 34-bus test distribution system to show the efficiency of the proposed scheme.
    Keywords: cognitive systems; expert systems; fuzzy set theory; graph theory; power distribution control; unsupervised learning; FCM; IEEE 34-bus test distribution system; advanced automation systems; automation framework; automation system vulnerabilities; distributed intelligence; expert systems; external damage; graph-theoretic fuzzy cognitive maps; human operators; integrity assessment scheme; interconnected devices; multiagent technology; partial internal failure; utility automation systems; Artificial intelligence; Automation; Capacitors; Fuzzy cognitive maps; Power systems; State estimation; Switches; Automation system; event analysis; fuzzy cognitive map; monitoring; situational awareness (ID#:14-3210)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6732971&isnumber=6740878
  • Xiang, Yingmeng; Zhang, Yichi; Wang, Lingfeng; Sun, Weiqing, "Impact of UPFC on Power System Reliability Considering Its Cyber Vulnerability," T&D Conference and Exposition, 2014 IEEE PES, pp.1,5, 14-17 April 2014. doi: 10.1109/TDC.2014.6863469 The unified power flow controller (UPFC) has attracted much attention recently because of its capability in controlling the active and reactive power flows. The normal operation of UPFC is dependent on both its physical part and the associated cyber system. Thus malicious cyber attacks may impact the reliability of UPFC. As more information and communication technologies are being integrated into the current power grid, more frequent occurrences of cyber attacks are possible. In this paper, the cyber architecture of UPFC is analyzed, and the possible attack scenarios are considered and discussed. Based on the interdependency of the physical part and the cyber part, an integrated reliability model for UPFC is proposed and analyzed. The impact of UPFC on the overall system reliability is examined, and it is shown that cyber attacks against UPFC may yield an adverse influence.
    Keywords: Unified power flow controller; cyber security; cyber-physical system; power system reliability (ID#:14-3211)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6863469&isnumber=6863147
  • Chen, K.Y.; Heckel-Jones, C.A.C.; Maupin, N.G.; Rubin, S.M.; Bogdanor, J.M.; Zhenyu Guo; Haimes, Y.Y., "Risk Analysis Of GPS-Dependent Critical Infrastructure System Of Systems," Systems and Information Engineering Design Symposium (SIEDS), 2014, pp.316, 321, 25-25 April 2014. doi: 10.1109/SIEDS.2014.6829911 The Department of Energy seeks to modernize the U.S. electric grid through the SmartGrid initiative, which includes the use of Global Positioning System (GPS)-timing dependent electric phasor measurement units (PMUs) for continual monitoring and automated controls. The U.S. Department of Homeland Security is concerned with the associated risks of increased utilization of GPS timing in the electricity subsector, which could in turn affect a large number of electricity-dependent Critical Infrastructure (CI) sectors. Exploiting the vulnerabilities of GPS systems in the electricity subsector can result to large-scale and costly blackouts. This paper seeks to analyze the risks of increased dependence of GPS into the electric grid through the introduction of PMUs and provides a systems engineering perspective to the GPS-dependent System of Systems (S-o-S) created by the SmartGrid initiative. The team started by defining and modeling the S-o-S followed by usage of a risk analysis methodology to identify and measure risks and evaluate solutions to mitigating the effects of the risks. The team expects that the designs and models resulting from the study will prove useful in terms of determining both current and future risks to GPS-dependent CIs sectors along with the appropriate countermeasures as the United States moves towards a SmartGrid system.
    Keywords: Global Positioning System; critical infrastructures; phasor measurement; risk analysis; smart power grids; systems engineering; Department of Energy; GPS timing; GPS-dependent CI sectors; GPS-dependent critical infrastructure system; Global Positioning System; PMU; SmartGrid initiative; SoS; US Department of Homeland Security; US electric grid; electric phasor measurement units; electricity subsector; electricity-dependent critical infrastructure sectors; risk analysis methodology; system of systems ;systems engineering; Clocks; Electricity; Global Positioning System; Modeling; Phasor measurement units; Risk management; Critical Infrastructure;GPS;Risk Analysis; SmartGrid (ID#:14-3212)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6829911&isnumber=6829868
  • Chen, R.L.-Y.; Cohn, A.; Neng Fan; Pinar, A., "Contingency-Risk Informed Power System Design," Power Systems, IEEE Transactions on, vol.29, no. 5, pp.2087, 2096, Sept. 2014. doi: 10.1109/TPWRS.2014.2301691 We consider the problem of designing (or augmenting) an electric power system at a minimum cost such that it satisfies the N-k-ε survivability criterion. This survivability criterion is a generalization of the well-known N-k criterion, and it requires that at least (1-εj) fraction of the steady-state demand be met after failures of j components, for j=0,1,...,k. The network design problem adds another level of complexity to the notoriously hard contingency analysis problem, since the contingency analysis is only one of the requirements for the design optimization problem. We present a mixed-integer programming formulation of this problem that takes into account both transmission and generation expansion. We propose an algorithm that can avoid combinatorial explosion in the number of contingencies, by seeking vulnerabilities in intermediary solutions and constraining the design space accordingly. Our approach is built on our ability to identify such system vulnerabilities quickly. Our empirical studies on modified instances of the IEEE 30-bus and IEEE 57-bus systems show the effectiveness of our methods. We were able to solve the transmission and generation expansion problems for k=4 in approximately 30 min, while other approaches failed to provide a solution at the end of 2 h.
    Keywords: {integer programming; power system economics; power system reliability; risk analysis; IEEE 30-bus systems; IEEE 57-bus systems; N-k-ε survivability criterion; combinatorial explosion; contingency analysis problem; contingency-risk informed power system design; electric power system; generation expansion problem; minimum cost; mixed-integer programming formulation; time 2 h; transmission expansion problem; Electricity; Investment; Laboratories; Planning; Power systems; Standards; Vectors; Contingency requirements; decomposition; implicit optimization; long-term grid planning; separation oracle (ID#:14-3213)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6744681&isnumber=6879345
  • Sierla, S.; Hurkala, M.; Charitoudi, K.; Chen-Wei Yang; Vyatkin, V., "Security Risk Analysis For Smart Grid Automation," Industrial Electronics (ISIE), 2014 IEEE 23rd International Symposium on, pp.1737,1744, 1-4 June 2014. doi: 10.1109/ISIE.2014.6864877 The reliability theory used in the design of complex systems including electric grids assumes random component failures and is thus unsuited to analyzing security risks due to attackers that intentionally damage several components of the system. In this paper, a security risk analysis methodology is proposed consisting of vulnerability analysis and impact analysis. Vulnerability analysis is a method developed by security engineers to identify the attacks that are relevant for the system under study, and in this paper, the analysis is applied on the communications network topology of the electric grid automation system. Impact analysis is then performed through co-simulation of automation and the electric grid to assess the potential damage from the attacks. This paper makes an extensive review of vulnerability and impact analysis methods and relevant system modeling techniques from the fields of security and industrial automation engineering, with a focus on smart grid automation, and then applies and combines approaches to obtain a security risk analysis methodology. The methodology is demonstrated with a case study of fault location, isolation and supply restoration smart grid automation.
    Keywords: SCADA systems; control engineering computing; fault diagnosis; power engineering computing; power system faults; power system reliability; power system security; risk analysis; smart power grids; attack identification; communications network topology; complex system design; electric grid automation system; electric grids; fault isolation; fault location; impact analysis; industrial automation engineering; random component failures; reliability theory; security risk analysis methodology; supply restoration smart grid automation; vulnerability analysis; Automation; Fault location; IEC standards; Security; Smart grids; Software; Substations; IEC 61499; IEC 61850; automation architecture; impact analysis; risk analysis; security (ID#:14-3214)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6864877&isnumber=6864573
  • Bo Chai; Zaiyue Yang; Jiming Chen, "Impacts of Unreliable Communication And Regret Matching Based Anti-Jamming Approach In Smart Grid," Innovative Smart Grid Technologies Conference (ISGT), 2014 IEEE PES, pp. 1, 5, 19-22 Feb. 2014. doi: 10.1109/ISGT.2014.6816472 Demand response management (DRM) is one of the main features in smart grid, which is realized via communications between power providers and consumers. Due to the vulnerabilities of communication channels, communication is not perfect in practice and will be threatened by jamming attack. In this paper, we consider jamming attack in the wireless communication for smart grid. Firstly, the DRM performance degradation introduced by unreliable communication is fully studied. Secondly, a regret matching based anti-jamming algorithm is proposed to enhance the performance of communication and DRM. Finally, numerical results are presented to illustrate the impacts of unreliable communication on DRM and the performance of the proposed anti-jamming algorithm.
    Keywords: {jamming; power system management; smart power grids; wireless channels;DRM; antijamming attack approach; communication channel; demand response management; jamming attack; regret matching; smart grid; unreliable wireless communication; Algorithm design and analysis; Cognitive radio; Educational institutions; Games; Jamming; Smart grids (ID#:14-3215)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6816472&isnumber=6816367
  • Albasrawi, M.N.; Jarus, N.; Joshi, K.A.; Sarvestani, S.S., "Analysis of Reliability and Resilience for Smart Grids," Computer Software and Applications Conference (COMPSAC), 2014 IEEE 38th Annual, pp. 529, 534, 21-25 July 2014. doi: 10.1109/COMPSAC.2014.75 Smart grids, where cyber infrastructure is used to make power distribution more dependable and efficient, are prime examples of modern infrastructure systems. The cyber infrastructure provides monitoring and decision support intended to increase the dependability and efficiency of the system. This comes at the cost of vulnerability to accidental failures and malicious attacks, due to the greater extent of virtual and physical interconnection. Any failure can propagate more quickly and extensively, and as such, the net result could be lowered reliability. In this paper, we describe metrics for assessment of two phases of smart grid operation: the duration before a failure occurs, and the recovery phase after an inevitable failure. The former is characterized by reliability, which we determine based on information about cascading failures. The latter is quantified using resilience, which can in turn facilitate comparison of recovery strategies. We illustrate the application of these metrics to a smart grid based on the IEEE 9-bus test system.
    Keywords: power system reliability; smart power grids; accidental failures; cascading failures; cyber infrastructure; malicious attacks; reliability analysis; resilience analysis; smart grids; Measurement; Power system faults; Power system protection; Reliability; Resilience; Smart grids; cyber-physical; modeling; reliability; resilience; smart grid (ID#:14-3216)
    URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6899257&isnumber=6899181


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.