Visible to the public A microgrid ontology for the analysis of cyber-physical security

TitleA microgrid ontology for the analysis of cyber-physical security
Publication TypeConference Paper
Year of Publication2017
AuthorsBackes, M., Keefe, K., Valdes, A.
Conference Name2017 Workshop on Modeling and Simulation of Cyber-Physical Energy Systems (MSCPES)
Keywords61850-7-420 DER object classes, adversary objectives, ADversary View Security Evaluation framework, ADVISE framework, artificial intelligence security, asset-specific attributes, capacity limits, common data classes, common information model, control directives, control loop, controllable loads, Cyber-physical security, cyber-physical security evaluation, Cyber-physical systems, DER unit controllers, DER-associated devices, distributed energy resource, distributed generation, distributed power generation, electrical substation automation, electrical system, energy storage, fault state, Human Behavior, IEC 61850, IEC 61850 protocol suite, IEC 61850-7-420 DER extension, IEC standards, message classes, Metrics, microgrid ontology, Microgrids, object models, ontologies (artificial intelligence), power engineering computing, power system applications, Power system protection, power system security, pubcrawl, ramp rate, rated capacity, Resiliency, Scalability, state-of-charge, substation automation, substation configuration, substation design, threat model, utility grid
AbstractThe IEC 61850 protocol suite for electrical sub-station automation enables substation configuration and design for protection, communication, and control. These power system applications can be formally verified through use of object models, common data classes, and message classes. The IEC 61850-7-420 DER (Distributed Energy Resource) extension further defines object classes for assets such as types of DER (e.g., energy storage, photovoltaic), DER unit controllers, and other DER-associated devices (e.g., inverter). These object classes describe asset-specific attributes such as state of charge, capacity limits, and ramp rate. Attributes can be fixed (rated capacity of the device) dynamic (state of charge), or binary (on or off, dispatched or off-line, operational or fault state). We sketch out a proposed ontology based on the 61850 and 61850-7-420 DER object classes to model threats against a micro-grid, which is an electrical system consisting of controllable loads and distributed generation that can function autonomously (in island mode) or connected to a larger utility grid. We consider threats against the measurements on which the control loop is based, as well as attacks against the control directives and the communication infrastructure. We use this ontology to build a threat model using the ADversary View Security Evaluation (ADVISE) framework, which enables identification of attack paths based on adversary objectives (for example, destabilize the entire micro-grid by reconnecting to the utility without synchronization) and helps identify defender strategies. Furthermore, the ADVISE method provides quantitative security metrics that can help inform trade-off decisions made by system architects and controls.
Citation Keybackes_microgrid_2017