Visible to the public Biblio

Found 116 results

Filters: Keyword is power grids  [Clear All Filters]
2021-06-30
Xiong, Xiaoping, Sun, Di, Hao, Shaolei, Lin, Guangyang, Li, Hang.  2020.  Detection of False Data Injection Attack Based on Improved Distortion Index Method. 2020 IEEE 20th International Conference on Communication Technology (ICCT). :1161—1168.
With the advancement of communication technology, the interoperability of the power grid operation has improved significantly, but due to its dependence on the communication system, it is extremely vulnerable to network attacks. Among them, the false data injection attack utilizes the loophole of bad data detection in the system and attacks the state estimation system, resulting in frequent occurrence of abnormal data in the system, which brings great harm to the power grid. In view of the fact that false data injection attacks are easy to avoid traditional bad data detection methods, this paper analyzes the different situations of false data injection attacks based on the characteristics of the power grid. Firstly, it proposes to apply the distortion index method to false data injection attack detection. Experiments prove that the detection results are good and can be complementary to traditional detection methods. Then, combined with the traditional normalized residual method, this paper proposes the improved distortion index method based on the distortion index, which is good at detecting abnormal data. The use of improved distortion index method to detect false data injection attacks can make up for the defect of the lack of universality of traditional detection methods, and meet the requirements of anomaly detection efficiency. Finally, based on the MATLAB power simulation test system, experimental simulation is carried out to verify the effectiveness and universality of the proposed method for false data injection attack detection.
2021-06-02
Scarabaggio, Paolo, Carli, Raffaele, Dotoli, Mariagrazia.  2020.  A game-theoretic control approach for the optimal energy storage under power flow constraints in distribution networks. 2020 IEEE 16th International Conference on Automation Science and Engineering (CASE). :1281—1286.
Traditionally, the management of power distribution networks relies on the centralized implementation of the optimal power flow and, in particular, the minimization of the generation cost and transmission losses. Nevertheless, the increasing penetration of both renewable energy sources and independent players such as ancillary service providers in modern networks have made this centralized framework inadequate. Against this background, we propose a noncooperative game-theoretic framework for optimally controlling energy storage systems (ESSs) in power distribution networks. Specifically, in this paper we address a power grid model that comprehends traditional loads, distributed generation sources and several independent energy storage providers, each owning an individual ESS. Through a rolling-horizon approach, the latter participate in the grid optimization process, aiming both at increasing the penetration of distributed generation and leveling the power injection from the transmission grid. Our framework incorporates not only economic factors but also grid stability aspects, including the power flow constraints. The paper fully describes the distribution grid model as well as the underlying market hypotheses and policies needed to force the energy storage providers to find a feasible equilibrium for the network. Numerical experiments based on the IEEE 33-bus system confirm the effectiveness and resiliency of the proposed framework.
2021-04-27
Zhang, Z., Wang, F., Zhong, C., Ma, H..  2020.  Grid Terminal Data Security Management Mechanism Based On Master-Slave Blockchain. 2020 5th International Conference on Computer and Communication Systems (ICCCS). :67—70.

In order to design an end-to-end data security preservation mechanism, this paper first proposes a grid terminal data security management model based on master-slave Blockchain, including grid terminal, slave Blockchain, and main Blockchain. Among them, the grid terminal mainly completes data generation and data release, the receiving of data and the distributed signature of data are mainly completed from the slave Blockchain, and the main Blockchain mainly completes the intelligent storage of data. Secondly, the data security management mechanism of grid terminal based on master-slave Blockchain is designed, including data distribution process design, data receiving process design, data distributed signature design and data intelligent storage process design. Finally, taking the identity registration and data storage process of the grid terminal as an example, the workflow of the data security management mechanism of the grid terminal based on the master-slave Blockchain is described in detail.

2021-03-29
Kummerow, A., Monsalve, C., Rösch, D., Schäfer, K., Nicolai, S..  2020.  Cyber-physical data stream assessment incorporating Digital Twins in future power systems. 2020 International Conference on Smart Energy Systems and Technologies (SEST). :1—6.

Reliable and secure grid operations become more and more challenging in context of increasing IT/OT convergence and decreasing dynamic margins in today's power systems. To ensure the correct operation of monitoring and control functions in control centres, an intelligent assessment of the different information sources is necessary to provide a robust data source in case of critical physical events as well as cyber-attacks. Within this paper, a holistic data stream assessment methodology is proposed using an expert knowledge based cyber-physical situational awareness for different steady and transient system states. This approach goes beyond existing techniques by combining high-resolution PMU data with SCADA information as well as Digital Twin and AI based anomaly detection functionalities.

2021-03-22
Hosseinipour, A., Hojabri, H..  2020.  Small-Signal Stability Analysis and Active Damping Control of DC Microgrids Integrated With Distributed Electric Springs. IEEE Transactions on Smart Grid. 11:3737–3747.
Series DC electric springs (DCESs) are a state-of-the-art demand-side management (DSM) technology with the capability to reduce energy storage requirements of DC microgrids by manipulating the power of non-critical loads (NCLs). As the stability of DC microgrids is highly prone to dynamic interactions between the system active and passive components, this study intends to conduct a comprehensive small-signal stability analysis of a community DC microgrid integrated with distributed DCESs considering the effect of destabilizing constant power loads (CPLs). For this purpose, after deriving the small-signal model of a DCES-integrated microgrid, the sensitivity of the system dominant frequency modes to variations of various physical and control parameters is evaluated by means of eigenvalue analysis. Next, an active damping control method based on virtual RC parallel impedance is proposed for series DCESs to compensate for their slow dynamic response and to provide a dynamic stabilization function within the microgrid. Furthermore, impedance-based stability analysis is utilized to study the DC microgrid expandability in terms of integration with multiple DCESs. Finally, several case studies are presented to verify analytical findings of the paper and to evaluate the dynamic performance of the DC microgrid.
2021-03-17
Kushal, T. R. B., Gao, Z., Wang, J., Illindala, M. S..  2020.  Causal Chain of Time Delay Attack on Synchronous Generator Control. 2020 IEEE Power Energy Society General Meeting (PESGM). :1—5.

Wide integration of information and communication technology (ICT) in modern power grids has brought many benefits as well as the risk of cyber attacks. A critical step towards defending grid cyber security is to understand the cyber-physical causal chain, which describes the progression of intrusion in cyber-space leading to the formation of consequences on the physical power grid. In this paper, we develop an attack vector for a time delay attack at load frequency control in the power grid. Distinct from existing works, which are separately focused on cyber intrusion, grid response, or testbed validation, the proposed attack vector for the first time provides a full cyber-physical causal chain. It targets specific vulnerabilities in the protocols, performs a denial-of-service (DoS) attack, induces the delays in control loop, and destabilizes grid frequency. The proposed attack vector is proved in theory, presented as an attack tree, and validated in an experimental environment. The results will provide valuable insights to develop security measures and robust controls against time delay attacks.

2021-02-16
Siu, J. Y., Panda, S. Kumar.  2020.  A Specification-Based Detection for Attacks in the Multi-Area System. IECON 2020 The 46th Annual Conference of the IEEE Industrial Electronics Society. :1526—1526.
In the past decade, cyber-attack events on the power grid have proven to be sophisticated and advanced. These attacks led to severe consequences on the grid operation, such as equipment damage or power outages. Hence, it is more critical than ever to develop tools for security assessment and detection of anomalies in the cyber-physical grid. For an extensive power grid, it is complex to analyze the causes of frequency deviations. Besides, if the system is compromised, attackers can leverage on the frequency deviation to bypass existing protection measures of the grid. This paper aims to develop a novel specification-based method to detect False Data Injection Attacks (FDIAs) in the multi-area system. Firstly, we describe the implementation of a three-area system model. Next, we assess the risk and devise several intrusion scenarios. Specifically, we inject false data into the frequency measurement and Automatic Generation Control (AGC) signals. We then develop a rule-based method to detect anomalies at the system-level. Our simulation results proves that the proposed algorithm can detect FDIAs in the system.
2021-02-08
Kwasinski, A..  2020.  Modeling of Cyber-Physical Intra-Dependencies in Electric Power Grids and Their Effect on Resilience. 2020 8th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems. :1–6.
This paper studies the modeling of cyber-physical dependencies observed within power grids and the effects of these intra-dependencies, on power grid resilience, which is evaluated quantitatively. A fundamental contribution of this paper is the description of the critically important role played by cyber-physical buffers as key components to limit the negative effect of intra-dependencies on power grids resilience. Although resilience issues in the electric power provision service could be limited thanks to the use of local energy storage devices as the realization of service buffers, minimal to no autonomy in data connectivity buffers make cyber vulnerabilities specially critical in terms of resilience. This paper also explains how these models can be used for improved power grids resilience planning considering internal cyber-physical interactions.
2020-12-11
Zhang, L., Shen, X., Zhang, F., Ren, M., Ge, B., Li, B..  2019.  Anomaly Detection for Power Grid Based on Time Series Model. 2019 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). :188—192.

In the process of informationization and networking of smart grids, the original physical isolation was broken, potential risks increased, and the increasingly serious cyber security situation was faced. Therefore, it is critical to develop accuracy and efficient anomaly detection methods to disclose various threats. However, in the industry, mainstream security devices such as firewalls are not able to detect and resist some advanced behavior attacks. In this paper, we propose a time series anomaly detection model, which is based on the periodic extraction method of discrete Fourier transform, and determines the sequence position of each element in the period by periodic overlapping mapping, thereby accurately describe the timing relationship between each network message. The experiments demonstrate that our model can detect cyber attacks such as man-in-the-middle, malicious injection, and Dos in a highly periodic network.

Han, Y., Zhang, W., Wei, J., Liu, X., Ye, S..  2019.  The Study and Application of Security Control Plan Incorporating Frequency Stability (SCPIFS) in CPS-Featured Interconnected Asynchronous Grids. 2019 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia). :349—354.

The CPS-featured modern asynchronous grids interconnected with HVDC tie-lines facing the hazards from bulk power imbalance shock. With the aid of cyber layer, the SCPIFS incorporates the frequency stability constrains is put forwarded. When there is bulk power imbalance caused by HVDC tie-lines block incident or unplanned loads increasing, the proposed SCPIFS ensures the safety and frequency stability of both grids at two terminals of the HVDC tie-line, also keeps the grids operate economically. To keep frequency stability, the controllable variables in security control strategy include loads, generators outputs and the power transferred in HVDC tie-lines. McCormick envelope method and ADMM are introduced to solve the proposed SCPIFS optimization model. Case studies of two-area benchmark system verify the safety and economical benefits of the SCPFS. HVDC tie-line transferred power can take the advantage of low cost generator resource of both sides utmost and avoid the load shedding via tuning the power transferred through the operating tie-lines, thus the operation of both connected asynchronous grids is within the limit of frequency stability domain.

Ma, X., Sun, X., Cheng, L., Guo, X., Liu, X., Wang, Z..  2019.  Parameter Setting of New Energy Sources Generator Rapid Frequency Response in Northwest Power Grid Based on Multi-Frequency Regulation Resources Coordinated Controlling. 2019 IEEE 8th International Conference on Advanced Power System Automation and Protection (APAP). :218—222.
Since 2016, the northwest power grid has organized new energy sources to participate in the rapid frequency regulation research and carried out pilot test work at the sending end large power grid. The experimental results show that new energy generator has the ability to participate in the grid's rapid frequency regulation, and its performance is better than that of conventional power supply units. This paper analyses the requirements for fast frequency control of the sending end large power grid in northwest China, and proposes the segmented participation indexes of photovoltaic and wind power in the frequency regulation of power grids. In accordance with the idea of "clear responsibilities, various types of unit coordination", the parameter setting of new energy sources rapid frequency regulation is completed based on the coordinated control based on multi-frequency regulation resources in northwest power grid. The new energy fast frequency regulation model was established, through the PSASP power grid stability simulation program and the large-scale power grid stability simulation analysis was completed. The simulation results show that the wind power and photovoltaic adopting differential rapid frequency regulation parameters can better utilize the rapid frequency regulation capability of various types of power sources, realize the coordinated rapid frequency regulation of all types of units, and effectively improve the frequency security prevention and control level of the sending end large power grid.
2020-12-02
Scheffer, V., Ipach, H., Becker, C..  2019.  Distribution Grid State Assessment for Control Reserve Provision Using Boundary Load Flow. 2019 IEEE Milan PowerTech. :1—6.

With the increasing expansion of wind and solar power plants, these technologies will also have to contribute control reserve to guarantee frequency stability within the next couple of years. In order to maintain the security of supply at the same level in the future, it must be ensured that wind and solar power plants are able to feed in electricity into the distribution grid without bottlenecks when activated. The present work presents a grid state assessment, which takes into account the special features of the control reserve supply. The identification of a future grid state, which is necessary for an ex ante evaluation, poses the challenge of forecasting loads. The Boundary Load Flow method takes load uncertainties into account and is used to estimate a possible interval for all grid parameters. Grid congestions can thus be detected preventively and suppliers of control reserve can be approved or excluded. A validation in combination with an exemplary application shows the feasibility of the overall methodology.

2020-11-16
Tamimi, A., Touhiduzzaman, M., Hahn, A..  2019.  Modeling and Analysis Cyber Threats in Power Systems Using Architecture Analysis Design Language (AADL). 2019 Resilience Week (RWS). 1:213–218.
The lack of strong cyber-physical modeling capabilities presents many challenges across the design, development, verification, and maintenance phases of a system [7]. Novel techniques for modeling the cyber-grid components, along with analysis and verification techniques, are imperative to the deployment of a resilient and robust power grid. Several works address False Data Injection (FDI) attacks to the power grid. However, most of them suffer from the lack of a model to investigate the effects of attacks. This paper proposed a cyber-physical model using Architecture Analysis & Design Language (AADL) [15] and power system information models to address different attacks in power systems.
2020-11-04
Liang, Y., He, D., Chen, D..  2019.  Poisoning Attack on Load Forecasting. 2019 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia). :1230—1235.

Short-term load forecasting systems for power grids have demonstrated high accuracy and have been widely employed for commercial use. However, classic load forecasting systems, which are based on statistical methods, are subject to vulnerability from training data poisoning. In this paper, we demonstrate a data poisoning strategy that effectively corrupts the forecasting model even in the presence of outlier detection. To the best of our knowledge, poisoning attack on short-term load forecasting with outlier detection has not been studied in previous works. Our method applies to several forecasting models, including the most widely-adapted and best-performing ones, such as multiple linear regression (MLR) and neural network (NN) models. Starting with the MLR model, we develop a novel closed-form solution to quickly estimate the new MLR model after a round of data poisoning without retraining. We then employ line search and simulated annealing to find the poisoning attack solution. Furthermore, we use the MLR attacking solution to generate a numerical solution for other models, such as NN. The effectiveness of our algorithm has been tested on the Global Energy Forecasting Competition (GEFCom2012) data set with the presence of outlier detection.

2020-10-14
Ou, Yifan, Deng, Bin, Liu, Xuan, Zhou, Ke.  2019.  Local Outlier Factor Based False Data Detection in Power Systems. 2019 IEEE Sustainable Power and Energy Conference (iSPEC). :2003—2007.
The rapid developments of smart grids provide multiple benefits to the delivery of electric power, but at the same time makes the power grids under the threat of cyber attackers. The transmitted data could be deliberately modified without triggering the alarm of bad data detection procedure. In order to ensure the stable operation of the power systems, it is extremely significant to develop effective abnormal detection algorithms against injected false data. In this paper, we introduce the density-based LOF algorithm to detect the false data and dummy data. The simulation results show that the traditional density-clustering based LOF algorithm can effectively identify FDA, but the detection performance on DDA is not satisfactory. Therefore, we propose the improved LOF algorithm to detect DDA by setting reasonable density threshold.
2020-10-06
Ravikumar, Gelli, Hyder, Burhan, Govindarasu, Manimaran.  2019.  Efficient Modeling of HIL Multi-Grid System for Scalability Concurrency in CPS Security Testbed. 2019 North American Power Symposium (NAPS). :1—6.
Cyber-event-triggered power grid blackout compels utility operators to intensify cyber-aware and physics-constrained recovery and restoration process. Recently, coordinated cyber attacks on the Ukrainian grid witnessed such a cyber-event-triggered power system blackout. Various cyber-physical system (CPS) testbeds have attempted with multitude designs to analyze such interdependent events and evaluate remedy measures. However, resource constraints and modular integration designs have been significant barriers while modeling large-scale grid models (scalability) and multi-grid isolated models (concurrency) under a single real-time execution environment for the hardware-in-the-loop (HIL) CPS security testbeds. This paper proposes a meticulous design and effective modeling for simulating large-scale grid models and multi-grid isolated models in a HIL realtime digital simulator environment integrated with industry-grade hardware and software systems. We have used our existing HIL CPS security testbed to demonstrate scalability by the realtime performance of a Texas-2000 bus US synthetic grid model and concurrency by the real-time performance of simultaneous ten IEEE-39 bus grid models and an IEEE-118 bus grid model. The experiments demonstrated significant results by 100% realtime performance with zero overruns, low latency while receiving and executing control signals from SEL Relays via IEC-61850 protocol and low latency while computing and transmitting grid data streams including stability measures via IEEE C37.118 synchrophasor data protocol to SEL Phasor Data Concentrators.
2020-09-28
Patsonakis, Christos, Terzi, Sofia, Moschos, Ioannis, Ioannidis, Dimosthenis, Votis, Konstantinos, Tzovaras, Dimitrios.  2019.  Permissioned Blockchains and Virtual Nodes for Reinforcing Trust Between Aggregators and Prosumers in Energy Demand Response Scenarios. 2019 IEEE International Conference on Environment and Electrical Engineering and 2019 IEEE Industrial and Commercial Power Systems Europe (EEEIC / I CPS Europe). :1–6.
The advancement and penetration of distributed energy resources (DERs) and renewable energy sources (RES) are transforming legacy energy systems in an attempt to reduce carbon emissions and energy waste. Demand Response (DR) has been identified as a key enabler of integrating these, and other, Smart Grid technologies, while, simultaneously, ensuring grid stability and secure energy supply. The massive deployment of smart meters, IoT devices and DERs dictate the need to move to decentralized, or even localized, DR schemes in the face of the increased scale and complexity of monitoring and coordinating the actors and devices in modern smart grids. Furthermore, there is an inherent need to guarantee interoperability, due to the vast number of, e.g., hardware and software stakeholders, and, more importantly, promote trust and incentivize the participation of customers in DR schemes, if they are to be successfully deployed.In this work, we illustrate the design of an energy system that addresses all of the roadblocks that hinder the large scale deployment of DR services. Our DR framework incorporates modern Smart Grid technologies, such as fog-enabled and IoT devices, DERs and RES to, among others, automate asset handling and various time-consuming workflows. To guarantee interoperability, our system employs OpenADR, which standardizes the communication of DR signals among energy stakeholders. Our approach acknowledges the need for decentralization and employs blockchains and smart contracts to deliver a secure, privacy-preserving, tamper-resistant, auditable and reliable DR framework. Blockchains provide the infrastructure to design innovative DR schemes and incentivize active consumer participation as their aforementioned properties promote transparency and trust. In addition, we harness the power of smart contracts which allows us to design and implement fully automated contractual agreements both among involved stakeholders, as well as on a machine-to-machine basis. Smart contracts are digital agents that "live" in the blockchain and can encode, execute and enforce arbitrary agreements. To illustrate the potential and effectiveness of our smart contract-based DR framework, we present a case study that describes the exchange of DR signals and the autonomous instantiation of smart contracts among involved participants to mediate and monitor transactions, enforce contractual clauses, regulate energy supply and handle payments/penalties.
2020-09-18
Hong, Junho, Nuqui, Reynaldo F., Kondabathini, Anil, Ishchenko, Dmitry, Martin, Aaron.  2019.  Cyber Attack Resilient Distance Protection and Circuit Breaker Control for Digital Substations. IEEE Transactions on Industrial Informatics. 15:4332—4341.
This paper proposes new concepts for detecting and mitigating cyber attacks on substation automation systems by domain-based cyber-physical security solutions. The proposed methods form the basis of a distributed security domain layer that enables protection devices to collaboratively defend against cyber attacks at substations. The methods utilize protection coordination principles to cross check protection setting changes and can run real-time power system analysis to evaluate the impact of the control commands. The transient fault signature (TFS)-based cross-correlation coefficient algorithm has been proposed to detect the false sampled values data injection attack. The proposed functions were verified in a hardware-in-the-loop (HIL) simulation using commercial relays and a real-time digital simulator (RTDS). Various types of cyber intrusions are tested using this test bed to evaluate the consequences and impacts of cyber attacks to power grid as well as to validate the performance of the proposed research-grade cyber attack mitigation functions.
2020-09-14
Liang, Xiao, Ma, Lixin, An, Ningyu, Jiang, Dongxiao, Li, Chenggang, Chen, Xiaona, Zhao, Lijiao.  2019.  Ontology Based Security Risk Model for Power Terminal Equipment. 2019 12th International Symposium on Computational Intelligence and Design (ISCID). 2:212–216.
IoT based technology are drastically accelerating the informationization development of the power grid system of China that consists of a huge number of power terminal devices interconnected by the network of electric power IoT. However, the networked power terminal equipment oriented cyberspace security has continually become a challenging problem as network attack is continually varying and evolving. In this paper, we concentrate on the security risk of power terminal equipment and their vulnerability based on ATP attack detection and defense. We first analyze the attack mechanism of APT security attack based on power terminal equipment. Based on the analysis of the security and attack of power IoT terminal device, an ontology-based knowledge representation method of power terminal device and its vulnerability is proposed.
Widergren, Steve, Melton, Ron, Khandekar, Aditya, Nordman, Bruce, Knight, Mark.  2019.  The Plug-and-Play Electricity Era: Interoperability to Integrate Anything, Anywhere, Anytime. IEEE Power and Energy Magazine. 17:47–58.
The inforrmation age continues to transform the mechanics of integrating electric power devices and systems, from coordinated operations based purely on the physics of electric power engineering to an increasing blend of power with information and communication technology. Integrating electric system components is not just about attaching wires. It requires the connection of computer-based automation systems to associated sensing and communication equipment. The architectural impacts are significant. Well-considered and commonly held concepts, principles, and organizational structures continue to emerge to address the complexity of the integrated operational challenges that drive our society to expect more flexibility in configuring the electric power system, while simultaneously achieving greater efficiency, reliability, and resilience. Architectural concepts, such as modularity and composability, contribute to the creation of structures that enable the connection of power system equipment characterized by clearly defined interfaces consisting of physical and cyberlinks. The result of successful electric power system component connection is interoperation: the discipline that drives integration to be simple and reliable.
2020-09-08
Chen, Yu-Cheng, Mooney, Vincent, Grijalva, Santiago.  2019.  A Survey of Attack Models for Cyber-Physical Security Assessment in Electricity Grid. 2019 IFIP/IEEE 27th International Conference on Very Large Scale Integration (VLSI-SoC). :242–243.
This paper surveys some prior work regarding attack models in a cyber-physical system and discusses the potential benefits. For comparison, the full paper will model a bad data injection attack scenario in power grid using the surveyed prior work.
Chen, Yu-Cheng, Gieseking, Tim, Campbell, Dustin, Mooney, Vincent, Grijalva, Santiago.  2019.  A Hybrid Attack Model for Cyber-Physical Security Assessment in Electricity Grid. 2019 IEEE Texas Power and Energy Conference (TPEC). :1–6.
A detailed model of an attack on the power grid involves both a preparation stage as well as an execution stage of the attack. This paper introduces a novel Hybrid Attack Model (HAM) that combines Probabilistic Learning Attacker, Dynamic Defender (PLADD) model and a Markov Chain model to simulate the planning and execution stages of a bad data injection attack in power grid. We discuss the advantages and limitations of the prior work models and of our proposed Hybrid Attack Model and show that HAM is more effective compared to individual PLADD or Markov Chain models.
2020-08-24
Ulrich, Jacob J., Vaagensmith, Bjorn C., Rieger, Craig G., Welch, Justin J..  2019.  Software Defined Cyber-Physical Testbed for Analysis of Automated Cyber Responses for Power System Security. 2019 Resilience Week (RWS). 1:47–54.

As the power grid becomes more interconnected the attack surface increases and determining the causes of anomalies becomes more complex. Automated responses are a mechanism which can provide resilience in a power system by responding to anomalies. An automated response system can make intelligent decisions when paired with an automated health assessment system which includes a human in the loop for making critical decisions. Effective responses can be determined by developing a matrix which considers the likely impacts on resilience if a response is taken. A testbed assists to analyze these responses and determine their effects on system resilience.

2020-08-07
Liu, Donglan, Zhang, Hao, Yu, Hao, Liu, Xin, Zhao, Yong, Lv, Guodong.  2019.  Research and Application of APT Attack Defense and Detection Technology Based on Big Data Technology. 2019 IEEE 9th International Conference on Electronics Information and Emergency Communication (ICEIEC). :1—4.
In order to excavate security threats in power grid by making full use of heterogeneous data sources in power information system, this paper proposes APT (Advanced Persistent Threat) attack detection sandbox technology and active defense system based on big data analysis technology. First, the file is restored from the mirror traffic and executed statically. Then, sandbox execution was carried out to introduce analysis samples into controllable virtual environment, and dynamic analysis and operation samples were conducted. Through analyzing the dynamic processing process of samples, various known and unknown malicious code, APT attacks, high-risk Trojan horses and other network security risks were comprehensively detected. Finally, the threat assessment of malicious samples is carried out and visualized through the big data platform. The results show that the method proposed in this paper can effectively warn of unknown threats, improve the security level of system data, have a certain active defense ability. And it can effectively improve the speed and accuracy of power information system security situation prediction.
2020-07-27
Babay, Amy, Schultz, John, Tantillo, Thomas, Amir, Yair.  2018.  Toward an Intrusion-Tolerant Power Grid: Challenges and Opportunities. 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS). :1321–1326.
While cyberattacks pose a relatively new challenge for power grid control systems, commercial cloud systems have needed to address similar threats for many years. However, technology and approaches developed for cloud systems do not necessarily transfer directly to the power grid, due to important differences between the two domains. We discuss our experience adapting intrusion-tolerant cloud technologies to the power domain and describe the challenges we have encountered and potential directions for overcoming those obstacles.