Visible to the public Biblio

Found 158 results

Filters: Keyword is power engineering computing  [Clear All Filters]
Sheela, A., Revathi, S., Iqbal, Atif.  2019.  Cyber Risks Assessment For Intelligent And Non-Intelligent Attacks In Power System. 2019 2nd International Conference on Power and Embedded Drive Control (ICPEDC). :40–45.
Smart power grid is a perfect model of Cyber Physical System (CPS) which is an important component for a comfortable life. The major concern of the electrical network is safety and reliable operation. A cyber attacker in the operation of power system would create a major damage to the entire power system structure and affect the continuity of the power supply by adversely changing its parameters. A risk assessment method is presented for evaluating the cyber security assessment of power systems taking into consideration the need for protection systems. The paper considers the impact of bus and transmission line protection systems located in substations on the cyber physical performance of power systems. The proposed method is to simulate the response of power systems to sudden attacks on various power system preset value and parameters. This paper focuses on the cyber attacks which occur in a co-ordinated way so that many power system components will be in risk. The risk can be modelled as the combined probability of power system impact due to attacks and of successful interruption into the system. Stochastic Petri Nets is employed for assessing the risks. The effectiveness of the proposed cyber security risk assessment method is simulated for a IEEE39 bus system.
Cerotti, D., Codetta-Raiteri, D., Egidi, L., Franceschinis, G., Portinale, L., Dondossola, G., Terruggia, R..  2019.  Analysis and Detection of Cyber Attack Processes targeting Smart Grids. 2019 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe). :1–5.
This paper proposes an approach based on Bayesian Networks to support cyber security analysts in improving the cyber-security posture of the smart grid. We build a system model that exploits real world context information from both Information and Operational Technology environments in the smart grid, and we use it to demonstrate sample predictive and diagnostic analyses. The innovative contribution of this work is in the methodology capability of capturing the many dependencies involved in the assessment of security threats, and of supporting the security analysts in planning defense and detection mechanisms for energy digital infrastructures.
Castillo, Anya, Arguello, Bryan, Cruz, Gerardo, Swiler, Laura.  2019.  Cyber-Physical Emulation and Optimization of Worst-Case Cyber Attacks on the Power Grid. 2019 Resilience Week (RWS). 1:14–18.
In this paper we report preliminary results from the novel coupling of cyber-physical emulation and interdiction optimization to better understand the impact of a CrashOverride malware attack on a notional electric system. We conduct cyber experiments where CrashOverride issues commands to remote terminal units (RTUs) that are controlling substations within a power control area. We identify worst-case loss of load outcomes with cyber interdiction optimization; the proposed approach is a bilevel formulation that incorporates RTU mappings to controllable loads, transmission lines, and generators in the upper-level (attacker model), and a DC optimal power flow (DCOPF) in the lower-level (defender model). Overall, our preliminary results indicate that the interdiction optimization can guide the design of experiments instead of performing a “full factorial” approach. Likewise, for systems where there are important dependencies between SCADA/ICS controls and power grid operations, the cyber-physical emulations should drive improved parameterization and surrogate models that are applied in scalable optimization techniques.
Nath, Anubhav, Biswas, Reetam Sen, Pal, Anamitra.  2019.  Application of Machine Learning for Online Dynamic Security Assessment in Presence of System Variability and Additive Instrumentation Errors. 2019 North American Power Symposium (NAPS). :1—6.
Large-scale blackouts that have occurred in the past few decades have necessitated the need to do extensive research in the field of grid security assessment. With the aid of synchrophasor technology, which uses phasor measurement unit (PMU) data, dynamic security assessment (DSA) can be performed online. However, existing applications of DSA are challenged by variability in system conditions and unaccounted for measurement errors. To overcome these challenges, this research develops a DSA scheme to provide security prediction in real-time for load profiles of different seasons in presence of realistic errors in the PMU measurements. The major contributions of this paper are: (1) develop a DSA scheme based on PMU data, (2) consider seasonal load profiles, (3) account for varying penetrations of renewable generation, and (4) compare the accuracy of different machine learning (ML) algorithms for DSA with and without erroneous measurements. The performance of this approach is tested on the IEEE-118 bus system. Comparative analysis of the accuracies of the ML algorithms under different operating scenarios highlights the importance of considering realistic errors and variability in system conditions while creating a DSA scheme.
Jaiswal, Prajwal Kumar, Das, Sayari, Panigrahi, Bijaya Ketan.  2019.  PMU Based Data Driven Approach For Online Dynamic Security Assessment in Power Systems. 2019 20th International Conference on Intelligent System Application to Power Systems (ISAP). :1—7.
This paper presents a methodology for utilizing Phasor Measurement units (PMUs) for procuring real time synchronized measurements for assessing the security of the power system dynamically. The concept of wide-area dynamic security assessment considers transient instability in the proposed methodology. Intelligent framework based approach for online dynamic security assessment has been suggested wherein the database consisting of critical features associated with the system is generated for a wide range of contingencies, which is utilized to build the data mining model. This data mining model along with the synchronized phasor measurements is expected to assist the system operator in assessing the security of the system pertaining to a particular contingency, thereby also creating possibility of incorporating control and preventive measures in order to avoid any unforeseen instability in the system. The proposed technique has been implemented on IEEE 39 bus system for accurately indicating the security of the system and is found to be quite robust in the case of noise in the measurement data obtained from the PMUs.
Ye, Yu, Guo, Jun, Xu, Xunjian, Li, Qinpu, Liu, Hong, Di, Yuelun.  2019.  High-risk Problem of Penetration Testing of Power Grid Rainstorm Disaster Artificial Intelligence Prediction System and Its Countermeasures. 2019 IEEE 3rd Conference on Energy Internet and Energy System Integration (EI2). :2675–2680.
System penetration testing is an important measure of discovering information system security issues. This paper summarizes and analyzes the high-risk problems found in the penetration testing of the artificial storm prediction system for power grid storm disasters from four aspects: application security, middleware security, host security and network security. In particular, in order to overcome the blindness of PGRDAIPS current SQL injection penetration test, this paper proposes a SQL blind bug based on improved second-order fragmentation reorganization. By modeling the SQL injection attack behavior and comparing the SQL injection vulnerability test in PGRDAIPS, this method can effectively reduce the blindness of SQL injection penetration test and improve its accuracy. With the prevalence of ubiquitous power internet of things, the electric power information system security defense work has to be taken seriously. This paper can not only guide the design, development and maintenance of disaster prediction information systems, but also provide security for the Energy Internet disaster safety and power meteorological service technology support.
Lal Senanayaka, Jagath Sri, Van Khang, Huynh, Robbersmyr, Kjell G..  2018.  Multiple Fault Diagnosis of Electric Powertrains Under Variable Speeds Using Convolutional Neural Networks. 2018 XIII International Conference on Electrical Machines (ICEM). :1900–1905.
Electric powertrains are widely used in automotive and renewable energy industries. Reliable diagnosis for defects in the critical components such as bearings, gears and stator windings, is important to prevent failures and enhance the system reliability and power availability. Most of existing fault diagnosis methods are based on specific characteristic frequencies to single faults at constant speed operations. Once multiple faults occur in the system, such a method may not detect the faults effectively and may give false alarms. Furthermore, variable speed operations render a challenge of analysing nonstationary signals. In this work, a deep learning-based fault diagnosis method is proposed to detect common faults in the electric powertrains. The proposed method is based on pattern recognition using convolutional neural network to detect effectively not only single faults at constant speed but also multiple faults in variable speed operations. The effectiveness of the proposed method is validated via an in-house experimental setup.
Boakye-Boateng, Kwasi, Lashkari, Arash Habibi.  2019.  Securing GOOSE: The Return of One-Time Pads. 2019 International Carnahan Conference on Security Technology (ICCST). :1—8.

IEC 61850 is an international standard that is widely used in substation automation systems (SAS) in smart grids. During its development, security was not considered thus leaving SAS vulnerable to attacks from adversaries. IEC 62351 was developed to provide security recommendations for SAS against (distributed) denial-of-service, replay, alteration, spoofing and detection of devices attacks. However, real-time communications, which require protocols such as Generic Object-Oriented Substation Event (GOOSE) to function efficiently, cannot implement these recommendations due to latency constraints. There has been researching that sought to improve the security of GOOSE messages, however, some cannot be practically implemented due to hardware requirements while others are theoretical, even though latency requirements were met. This research investigates the possibility of encrypting GOOSE messages with One- Time Pads (OTP), leveraging the fact that encryption/decryption processes require the random generation of OTPs and modulo addition (XOR), which could be a realistic approach to secure GOOSE while maintaining latency requirements. Results show that GOOSE messages can be encrypted with some future work required.

Shuvro, Rezoan A., Das, Pankaz, Hayat, Majeed M., Talukder, Mitun.  2019.  Predicting Cascading Failures in Power Grids using Machine Learning Algorithms. 2019 North American Power Symposium (NAPS). :1—6.
Although there has been notable progress in modeling cascading failures in power grids, few works included using machine learning algorithms. In this paper, cascading failures that lead to massive blackouts in power grids are predicted and classified into no, small, and large cascades using machine learning algorithms. Cascading-failure data is generated using a cascading failure simulator framework developed earlier. The data set includes the power grid operating parameters such as loading level, level of load shedding, the capacity of the failed lines, and the topological parameters such as edge betweenness centrality and the average shortest distance for numerous combinations of two transmission line failures as features. Then several machine learning algorithms are used to classify cascading failures. Further, linear regression is used to predict the number of failed transmission lines and the amount of load shedding during a cascade based on initial feature values. This data-driven technique can be used to generate cascading failure data set for any real-world power grids and hence, power-grid engineers can use this approach for cascade data generation and hence predicting vulnerabilities and enhancing robustness of the grid.
Tuttle, Michael, Wicker, Braden, Poshtan, Majid, Callenes, Joseph.  2019.  Algorithmic Approaches to Characterizing Power Flow Cyber-Attack Vulnerabilities. 2019 IEEE Power Energy Society Innovative Smart Grid Technologies Conference (ISGT). :1—5.
As power grid control systems become increasingly automated and distributed, security has become a significant design concern. Systems increasingly expose new avenues, at a variety of levels, for attackers to exploit and enable widespread disruptions and/or surveillance. Much prior work has explored the implications of attack models focused on false data injection at the front-end of the control system (i.e. during state estimation) [1]. Instead, in this paper we focus on characterizing the inherent cyber-attack vulnerabilities with power flow. Power flow (and power flow constraints) are at the core of many applications critical to operation of power grids (e.g. state estimation, economic dispatch, contingency analysis, etc.). We propose two algorithmic approaches for characterizing the vulnerability of buses within power grids to cyber-attacks. Specifically, we focus on measuring the instability of power flow to attacks which manifest as either voltage or power related errors. Our results show that attacks manifesting as voltage errors are an order of magnitude more likely to cause instability than attacks manifesting as power related errors (and 5x more likely for state estimation as compared to power flow).
Jiang, He, Wang, Zhenhua, He, Haibo.  2019.  An Evolutionary Computation Approach for Smart Grid Cascading Failure Vulnerability Analysis. 2019 IEEE Symposium Series on Computational Intelligence (SSCI). :332—338.
The cyber-physical security of smart grid is of great importance since it directly concerns the normal operating of a system. Recently, researchers found that organized sequential attacks can incur large-scale cascading failure to the smart grid. In this paper, we focus on the line-switching sequential attack, where the attacker aims to trip transmission lines in a designed order to cause significant system failures. Our objective is to identify the critical line-switching attack sequence, which can be instructional for the protection of smart grid. For this purpose, we develop an evolutionary computation based vulnerability analysis framework, which employs particle swarm optimization to search the critical attack sequence. Simulation studies on two benchmark systems, i.e., IEEE 24 bus reliability test system and Washington 30 bus dynamic test system, are implemented to evaluate the performance of our proposed method. Simulation results show that our method can yield a better performance comparing with the reinforcement learning based approach proposed in other prior work.
Brugman, Jonathon, Khan, Mohammed, Kasera, Sneha, Parvania, Masood.  2019.  Cloud Based Intrusion Detection and Prevention System for Industrial Control Systems Using Software Defined Networking. 2019 Resilience Week (RWS). 1:98—104.

Industrial control systems (ICS) are becoming more integral to modern life as they are being integrated into critical infrastructure. These systems typically lack application layer encryption and the placement of common network intrusion services have large blind spots. We propose the novel architecture, Cloud Based Intrusion Detection and Prevention System (CB-IDPS), to detect and prevent threats in ICS networks by using software defined networking (SDN) to route traffic to the cloud for inspection using network function virtualization (NFV) and service function chaining. CB-IDPS uses Amazon Web Services to create a virtual private cloud for packet inspection. The CB-IDPS framework is designed with considerations to the ICS delay constraints, dynamic traffic routing, scalability, resilience, and visibility. CB-IDPS is presented in the context of a micro grid energy management system as the test case to prove that the latency of CB-IDPS is within acceptable delay thresholds. The implementation of CB-IDPS uses the OpenDaylight software for the SDN controller and commonly used network security tools such as Zeek and Snort. To our knowledge, this is the first attempt at using NFV in an ICS context for network security.

Hao, Hao, Ying Li, Xin.  2019.  Research on Physical Layer Security of Cooperative Networks Based on Swipt. 2019 International Conference on Smart Grid and Electrical Automation (ICSGEA). :583—586.
In Cooperative Networks based on simultaneous wireless information and power transfer (SWIPT), relay nodes collect the energy of radio signals received from source node and transmit the information of source nodes to destination nodes, which not only prolongs the service life of energy-constrained nodes, but also improves the ability of long-distance transmission of information. Due to the openness of energy harvesting, there may be eavesdropping users with malicious decoding. In order to study the security performance of the Cooperative Networks based on SWIPT, this paper mainly studies the physical layer security performance of this network, derives and simulates the expression of system security outage probability and throughput. The simulation results show that the system security performance is mainly influenced by time allocation parameter of SWIPT and decreases with the increase of target rate.
Karpenko, V.I., Vasilev, S.P., Boltunov, A.P., Voloshin, E.A., Voloshin, A. A..  2019.  Intelligent Consumers Device and Cybersecurity of Load Management in Microgrids. 2019 2nd International Youth Scientific and Technical Conference on Relay Protection and Automation (RPA). :1–10.
The digitalization of the electric power industry and the development of territories isolated from the unified energy system are priorities in the development of the energy sector. Thanks to innovative solutions and digital technologies, it becomes possible to make more effective managing and monitoring. Such solution is IoT platform with intelligent control system implemented by software.
Babay, Amy, Schultz, John, Tantillo, Thomas, Beckley, Samuel, Jordan, Eamon, Ruddell, Kevin, Jordan, Kevin, Amir, Yair.  2019.  Deploying Intrusion-Tolerant SCADA for the Power Grid. 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). :328–335.
While there has been considerable research on making power grid Supervisory Control and Data Acquisition (SCADA) systems resilient to attacks, the problem of transitioning these technologies into deployed SCADA systems remains largely unaddressed. We describe our experience and lessons learned in deploying an intrusion-tolerant SCADA system in two realistic environments: a red team experiment in 2017 and a power plant test deployment in 2018. These experiences resulted in technical lessons related to developing an intrusion-tolerant system with a real deployable application, preparing a system for deployment in a hostile environment, and supporting protocol assumptions in that hostile environment. We also discuss some meta-lessons regarding the cultural aspects of transitioning academic research into practice in the power industry.
Ren, Wenyu, Yu, Tuo, Yardley, Timothy, Nahrstedt, Klara.  2019.  CAPTAR: Causal-Polytree-based Anomaly Reasoning for SCADA Networks. 2019 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). :1–7.
The Supervisory Control and Data Acquisition (SCADA) system is the most commonly used industrial control system but is subject to a wide range of serious threats. Intrusion detection systems are deployed to promote the security of SCADA systems, but they continuously generate tremendous number of alerts without further comprehending them. There is a need for an efficient system to correlate alerts and discover attack strategies to provide explainable situational awareness to SCADA operators. In this paper, we present a causal-polytree-based anomaly reasoning framework for SCADA networks, named CAPTAR. CAPTAR takes the meta-alerts from our previous anomaly detection framework EDMAND, correlates the them using a naive Bayes classifier, and matches them to predefined causal polytrees. Utilizing Bayesian inference on the causal polytrees, CAPTAR can produces a high-level view of the security state of the protected SCADA network. Experiments on a prototype of CAPTAR proves its anomaly reasoning ability and its capabilities of satisfying the real-time reasoning requirement.
Radoglou-Grammatikis, Panagiotis, Sarigiannidis, Panagiotis, Giannoulakis, Ioannis, Kafetzakis, Emmanouil, Panaousis, Emmanouil.  2019.  Attacking IEC-60870-5-104 SCADA Systems. 2019 IEEE World Congress on Services (SERVICES). 2642-939X:41–46.
The rapid evolution of the Information and Communications Technology (ICT) services transforms the conventional electrical grid into a new paradigm called Smart Grid (SG). Even though SG brings significant improvements, such as increased reliability and better energy management, it also introduces multiple security challenges. One of the main reasons for this is that SG combines a wide range of heterogeneous technologies, including Internet of Things (IoT) devices as well as Supervisory Control and Data Acquisition (SCADA) systems. The latter are responsible for monitoring and controlling the automatic procedures of energy transmission and distribution. Nevertheless, the presence of these systems introduces multiple vulnerabilities because their protocols do not implement essential security mechanisms such as authentication and access control. In this paper, we focus our attention on the security issues of the IEC 60870-5-104 (IEC-104) protocol, which is widely utilized in the European energy sector. In particular, we provide a SCADA threat model based on a Coloured Petri Net (CPN) and emulate four different types of cyber attacks against IEC-104. Last, we used AlienVault's risk assessment model to evaluate the risk level that each of these cyber attacks introduces to our system to confirm our intuition about their severity.
Eneh, Joy Nnenna, Onyekachi Orah, Harris, Emeka, Aka Benneth.  2019.  Improving the Reliability and Security of Active Distribution Networks Using SCADA Systems. 2019 IEEE PES/IAS PowerAfrica. :110–115.
The traditional electricity distribution system is rapidly shifting from the passive infrastructure to a more active infrastructure, giving rise to a smart grid. In this project an active electricity distribution network and its components have been studied. A 14-node SCADA-based active distribution network model has been proposed for managing this emerging network infrastructure to ensure reliability and protection of the network The proposed model was developed using matlab /simulink software and the fuzzy logic toolbox. Surge arresters and circuit breakers were modelled and deployed in the network at different locations for protection and isolation of fault conditions. From the reliability analysis of the proposed model, the failure rate and outage hours were reduced due to better response of the system to power fluctuations and fault conditions.
Xie, Yuanpeng, Jiang, Yixin, Liao, Runfa, Wen, Hong, Meng, Jiaxiao, Guo, Xiaobin, Xu, Aidong, Guan, Zewu.  2015.  User Privacy Protection for Cloud Computing Based Smart Grid. 2015 IEEE/CIC International Conference on Communications in China - Workshops (CIC/ICCC). :7–11.

The smart grid aims to improve the efficiency, reliability and safety of the electric system via modern communication system, it's necessary to utilize cloud computing to process and store the data. In fact, it's a promising paradigm to integrate smart grid into cloud computing. However, access to cloud computing system also brings data security issues. This paper focuses on the protection of user privacy in smart meter system based on data combination privacy and trusted third party. The paper demonstrates the security issues for smart grid communication system and cloud computing respectively, and illustrates the security issues for the integration. And we introduce data chunk storage and chunk relationship confusion to protect user privacy. We also propose a chunk information list system for inserting and searching data.

Salehie, Mazeiar, Pasquale, Liliana, Omoronyia, Inah, Nuseibeh, Bashar.  2012.  Adaptive Security and Privacy in Smart Grids: A Software Engineering Vision. 2012 First International Workshop on Software Engineering Challenges for the Smart Grid (SE-SmartGrids). :46–49.

Despite the benefits offered by smart grids, energy producers, distributors and consumers are increasingly concerned about possible security and privacy threats. These threats typically manifest themselves at runtime as new usage scenarios arise and vulnerabilities are discovered. Adaptive security and privacy promise to address these threats by increasing awareness and automating prevention, detection and recovery from security and privacy requirements' failures at runtime by re-configuring system controls and perhaps even changing requirements. This paper discusses the need for adaptive security and privacy in smart grids by presenting some motivating scenarios. We then outline some research issues that arise in engineering adaptive security. We particularly scrutinize published reports by NIST on smart grid security and privacy as the basis for our discussions.

Ionescu, Tudor B., Engelbrecht, Gerhard.  2016.  The Privacy Case: Matching Privacy-Protection Goals to Human and Organizational Privacy Concerns. 2016 Joint Workshop on Cyber- Physical Security and Resilience in Smart Grids (CPSR-SG). :1–6.

Processing smart grid data for analytics purposes brings about a series of privacy-related risks. In order to allow for the most suitable mitigation strategies, reasonable privacy risks need to be addressed by taking into consideration the perspective of each smart grid stakeholder separately. In this context, we use the notion of privacy concerns to reflect potential privacy risks from the perspective of different smart grid stakeholders. Privacy concerns help to derive privacy goals, which we represent using the goals structuring notation. Thus represented goals can more comprehensibly be addressed through technical and non-technical strategies and solutions. The thread of argumentation - from concerns to goals to strategies and solutions - is presented in form of a privacy case, which is analogous to the safety case used in the automotive domain. We provide an exemplar privacy case for the smart grid developed as part of the Aspern Smart City Research project.

Fhom, Hervais Simo, Bayarou, Kpatcha M..  2011.  Towards a Holistic Privacy Engineering Approach for Smart Grid Systems. 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications. :234–241.

Protecting energy consumers's data and privacy is a key factor for the further adoption and diffusion of smart grid technologies and applications. However, current smart grid initiatives and implementations around the globe tend to either focus on the need for technical security to the detriment of privacy or consider privacy as a feature to add after system design. This paper aims to contribute towards filling the gap between this fact and the accepted wisdom that privacy concerns should be addressed as early as possible (preferably when modeling system's requirements). We present a methodological framework for tackling privacy concerns throughout all phases of the smart grid system development process. We describe methods and guiding principles to help smart grid engineers to elicit and analyze privacy threats and requirements from the outset of the system development, and derive the best suitable countermeasures, i.e. privacy enhancing technologies (PETs), accordingly. The paper also provides a summary of modern PETs, and discusses their context of use and contributions with respect to the underlying privacy engineering challenges and the smart grid setting being considered.

Zhang, Yihan, Wu, Jiajing, Chen, Zhenhao, Huang, Yuxuan, Zheng, Zibin.  2019.  Sequential Node/Link Recovery Strategy of Power Grids Based on Q-Learning Approach. 2019 IEEE International Symposium on Circuits and Systems (ISCAS). :1–5.

Cascading failure, which can be triggered by both physical and cyber attacks, is among the most critical threats to the security and resilience of power grids. In current literature, researchers investigate the issue of cascading failure on smart grids mainly from the attacker's perspective. From the perspective of a grid defender or operator, however, it is also an important issue to restore the smart grid suffering from cascading failure back to normal operation as soon as possible. In this paper, we consider cascading failure in conjunction with the restoration process involving repairing of the failed nodes/links in a sequential fashion. Based on a realistic power flow cascading failure model, we exploit a Q-learning approach to develop a practical and effective policy to identify the optimal way of sequential restorations for large-scale smart grids. Simulation results on three power grid test benchmarks demonstrate the learning ability and the effectiveness of the proposed strategy.

Wang, Meng, Chow, Joe H., Hao, Yingshuai, Zhang, Shuai, Li, Wenting, Wang, Ren, Gao, Pengzhi, Lackner, Christopher, Farantatos, Evangelos, Patel, Mahendra.  2019.  A Low-Rank Framework of PMU Data Recovery and Event Identification. 2019 International Conference on Smart Grid Synchronized Measurements and Analytics (SGSMA). :1–9.

The large amounts of synchrophasor data obtained by Phasor Measurement Units (PMUs) provide dynamic visibility into power systems. Extracting reliable information from the data can enhance power system situational awareness. The data quality often suffers from data losses, bad data, and cyber data attacks. Data privacy is also an increasing concern. In this paper, we discuss our recently proposed framework of data recovery, error correction, data privacy enhancement, and event identification methods by exploiting the intrinsic low-dimensional structures in the high-dimensional spatial-temporal blocks of PMU data. Our data-driven approaches are computationally efficient with provable analytical guarantees. The data recovery method can recover the ground-truth data even if simultaneous and consecutive data losses and errors happen across all PMU channels for some time. We can identify PMU channels that are under false data injection attacks by locating abnormal dynamics in the data. The data recovery method for the operator can extract the information accurately by collectively processing the privacy-preserving data from many PMUs. A cyber intruder with access to partial measurements cannot recover the data correctly even using the same approach. A real-time event identification method is also proposed, based on the new idea of characterizing an event by the low-dimensional subspace spanned by the dominant singular vectors of the data matrix.

Sahu, Abhijeet, Huang, Hao, Davis, Katherine, Zonouz, Saman.  2019.  SCORE: A Security-Oriented Cyber-Physical Optimal Response Engine. 2019 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm). :1–6.

Automatic optimal response systems are essential for preserving power system resilience and ensuring faster recovery from emergency under cyber compromise. Numerous research works have developed such response engine for cyber and physical system recovery separately. In this paper, we propose a novel cyber-physical decision support system, SCORE, that computes optimal actions considering pure and hybrid cyber-physical states, using Markov Decision Process (MDP). Such an automatic decision making engine can assist power system operators and network administrators to make a faster response to prevent cascading failures and attack escalation respectively. The hybrid nature of the engine makes the reward and state transition model of the MDP unique. Value iteration and policy iteration techniques are used to compute the optimal actions. Tests are performed on three and five substation power systems to recover from attacks that compromise relays to cause transmission line overflow. The paper also analyses the impact of reward and state transition model on computation. Corresponding results verify the efficacy of the proposed engine.