Visible to the public Biblio

Filters: Author is Sridhar, S.  [Clear All Filters]
Sridhar, S., Govindarasu, M..  2014.  Model-Based Attack Detection and Mitigation for Automatic Generation Control. Smart Grid, IEEE Transactions on. 5:580-591.

Cyber systems play a critical role in improving the efficiency and reliability of power system operation and ensuring the system remains within safe operating margins. An adversary can inflict severe damage to the underlying physical system by compromising the control and monitoring applications facilitated by the cyber layer. Protection of critical assets from electronic threats has traditionally been done through conventional cyber security measures that involve host-based and network-based security technologies. However, it has been recognized that highly skilled attacks can bypass these security mechanisms to disrupt the smooth operation of control systems. There is a growing need for cyber-attack-resilient control techniques that look beyond traditional cyber defense mechanisms to detect highly skilled attacks. In this paper, we make the following contributions. We first demonstrate the impact of data integrity attacks on Automatic Generation Control (AGC) on power system frequency and electricity market operation. We propose a general framework to the application of attack resilient control to power systems as a composition of smart attack detection and mitigation. Finally, we develop a model-based anomaly detection and attack mitigation algorithm for AGC. We evaluate the detection capability of the proposed anomaly detection algorithm through simulation studies. Our results show that the algorithm is capable of detecting scaling and ramp attacks with low false positive and negative rates. The proposed model-based mitigation algorithm is also efficient in maintaining system frequency within acceptable limits during the attack period.

Ashok, A., Sridhar, S., McKinnon, A. D., Wang, P., Govindarasu, M..  2016.  Testbed-based performance evaluation of Attack Resilient Control for AGC. 2016 Resilience Week (RWS). :125–129.

The modern electric power grid is a complex cyber-physical system whose reliable operation is enabled by a wide-area monitoring and control infrastructure. Recent events have shown that vulnerabilities in this infrastructure may be exploited to manipulate the data being exchanged. Such a scenario could cause the associated control applications to mis-operate, potentially causing system-wide instabilities. There is a growing emphasis on looking beyond traditional cybersecurity solutions to mitigate such threats. In this paper we perform a testbed-based validation of one such solution - Attack Resilient Control (ARC) - on Iowa State University's PowerCyber testbed. ARC is a cyber-physical security solution that combines domain-specific anomaly detection and model-based mitigation to detect stealthy attacks on Automatic Generation Control (AGC). In this paper, we first describe the implementation architecture of the experiment on the testbed. Next, we demonstrate the capability of stealthy attack templates to cause forced under-frequency load shedding in a 3-area test system. We then validate the performance of ARC by measuring its ability to detect and mitigate these attacks. Our results reveal that ARC is efficient in detecting stealthy attacks and enables AGC to maintain system operating frequency close to its nominal value during an attack. Our studies also highlight the importance of testbed-based experimentation for evaluating the performance of cyber-physical security and control applications.

Ashok, A., Sridhar, S., Rice, M., Smith, J..  2017.  Substation Monitoring to Enhance Situational Awareness \#x2014; Challenges and Opportunities. 2017 IEEE Power Energy Society Innovative Smart Grid Technologies Conference (ISGT). :1–5.

Situational awareness during sophisticated cyber attacks on the power grid is critical for the system operator to perform suitable attack response and recovery functions to ensure grid reliability. The overall theme of this paper is to identify existing practical issues and challenges that utilities face while monitoring substations, and to suggest potential approaches to enhance the situational awareness for the grid operators. In this paper, we provide a broad discussion about the various gaps that exist in the utility industry today in monitoring substations, and how those gaps could be addressed by identifying the various data sources and monitoring tools to improve situational awareness. The paper also briefly describes the advantages of contextualizing and correlating substation monitoring alerts using expert systems at the control center to obtain a holistic systems-level view of potentially malicious cyber activity at the substations before they cause impacts to grid operation.

Sridhar, S., Smys, S..  2017.  Intelligent Security Framework for Iot Devices Cryptography Based End-to-End Security Architecture. 2017 International Conference on Inventive Systems and Control (ICISC). :1–5.

Internet of Thing (IoT) provide services by linking the different platform devices. They have the limitation in providing intelligent service. The IoT devices are heterogeneous which includes wireless sensors to less resource constrained devices. These devices are prone to hardware/software and network attacks. If not properly secured, it may lead to security issues like privacy and confidentiality. To resolve the above problem, an Intelligent Security Framework for IoT Devices is proposed in this paper. The proposed method is made up of (1) the light weight Asymmetric cryptography for securing the End-To-End devices which protects the IoT service gateway and the low power sensor nodes and (2) implements Lattice-based cryptography for securing the Broker devices/Gateway and the cloud services. The proposed architecture implements Asymmetric Key Encryption to share session key between the nodes and then uses this session key for message transfer This protects the system from Distributed Denial of Service Attacks, eavesdropping and Quantum algorithm attacks. The proposed protocol uses the unique Device ID of the sensors to generate key pair to establish mutual authentication between Devices and Services. Finally, the Mutual authentication mechanism is implemented in the gateway.