Biblio

Infrastructural systems such as the electricity grid, healthcare, and transportation networks today rely increasingly on the joint functioning of networked information systems and physical components, in short, on cyber-physical architectures. Despite tremendous advances in cryptography, physical-layer security and authentication, information attacks, both passive such as eavesdropping, and active such as unauthorized data injection, continue to thwart the reliable functioning of networked systems. In systems with joint cyber-physical functionality, the ability of an adversary to monitor transmitted information or introduce false information can lead to sensitive user data being leaked or result in critical damages to the underlying physical system. This paper investigates two broad challenges in information security in cyber-physical systems (CPSs): preventing retrieval of internal physical system information through monitored external cyber flows, and limiting the modification of physical system functioning through compromised cyber flows. A rigorous analytical framework grounded on information-theoretic security is developed to study these challenges in a general stochastic control system abstraction-a theoretical building block for CPSs-with the objectives of quantifying the fundamental tradeoffs between information security and physical system performance, and through the process, designing provably secure controller policies. Recent results are presented that establish the theoretical basis for the framework, in addition to practical applications in timing analysis of anonymous systems, and demand response systems in a smart electricity grid.

Reliable and secure grid operations become more and more challenging in context of increasing IT/OT convergence and decreasing dynamic margins in today's power systems. To ensure the correct operation of monitoring and control functions in control centres, an intelligent assessment of the different information sources is necessary to provide a robust data source in case of critical physical events as well as cyber-attacks. Within this paper, a holistic data stream assessment methodology is proposed using an expert knowledge based cyber-physical situational awareness for different steady and transient system states. This approach goes beyond existing techniques by combining high-resolution PMU data with SCADA information as well as Digital Twin and AI based anomaly detection functionalities.

Due to geographical locations of Indonesia, some technology such as hydro and solar photovoltaics are very attractive to be used and developed. Distribution Energy Resources (DER) is the appropriate schemes implemented to achieve optimal operation respecting the location and capacity of the plant. The Gorontalo sub-system network was chosen as a case study considering both of micro-hydro and PV as contributed to supply the grid. The needs of a smart electrical system are required to improve reliability, power quality, and adaptation to any circumstances during DER application. While the topology was changing over time, intermittent of DER output and bidirectional power flow can be overcome with smart grid systems. In this study, an automation algorithm has been conducted to aid the engineers in solving the protection problems caused by DER implementation. The Protection Security Assessment (PSA) method is used to evaluate the state of the protection system. Determine the relay settings using an adaptive rule-based method on expert systems. The application with a Graphical User Interface (GUI) has been developed to make user easier to get the specific relay settings and locations which are sensitive, fast, reliable, and selective.

The intelligent electronic devices widely deployed across the distribution network are inevitably making the feeder automation (FA) system more vulnerable to cyber-attacks, which would lead to disastrous socio-economic impacts. This paper proposes a three-stage game-theoretic framework that the defender allocates limited security resources to minimize the economic impacts on FA system while the attacker deploys limited attack resources to maximize the corresponding impacts. Meanwhile, the probability of successful attack is calculated based on the Bayesian attack graph, and a fault-tolerant location technique for centralized FA system is elaborately considered during analysis. The proposed game-theoretic framework is converted into a two-level zero-sum game model and solved by the particle swarm optimization (PSO) combined with a generalized reduced gradient algorithm. Finally, the proposed model is validated on distribution network for RBTS bus 2.

With the rapid progress of informatization construction in power business, data resource has become the basic strategic resource of the power industry and innovative element in power production. The security protection of data in power business is particularly important in the informatization construction of power business. In order to implement data security protection, transparent encryption is one of the fifteen key technical standards in the Construction Guideline of the Standard Network Data Security System. However, data storage in the encrypted state is bound to affect the security audit of data to a certain extent. Based on this problem, this paper proposes a scheme to audit the sensitivity of the power business data under the protection of encryption to achieve an efficient sensitivity audit of ciphertext data with the premise of not revealing the decryption key or data information. Through a security demonstration, this paper fully proves that this solution is secure under the known plaintext attacks.

Wide integration of information and communication technology (ICT) in modern power grids has brought many benefits as well as the risk of cyber attacks. A critical step towards defending grid cyber security is to understand the cyber-physical causal chain, which describes the progression of intrusion in cyber-space leading to the formation of consequences on the physical power grid. In this paper, we develop an attack vector for a time delay attack at load frequency control in the power grid. Distinct from existing works, which are separately focused on cyber intrusion, grid response, or testbed validation, the proposed attack vector for the first time provides a full cyber-physical causal chain. It targets specific vulnerabilities in the protocols, performs a denial-of-service (DoS) attack, induces the delays in control loop, and destabilizes grid frequency. The proposed attack vector is proved in theory, presented as an attack tree, and validated in an experimental environment. The results will provide valuable insights to develop security measures and robust controls against time delay attacks.

Artificial neural networks allow the identification of black-box models. This paper proposes a method aimed at replicating the static and dynamic behavior of a DC-DC power converter based on a recurrent nonlinear autoregressive exogenous neural network. The method proposed in this work applies an algorithm that trains a neural network based on the inputs and outputs (currents and voltages) of a Buck converter. The approach is validated by means of simulated data of a realistic nonsynchronous Buck converter model programmed in Simulink and by means of experimental results. The predictions made by the neural network are compared to the actual outputs of the system, to determine the accuracy of the method, thus validating the proposed approach. Both simulation and experimental results show the feasibility and accuracy of the proposed black-box approach.

In the past decade, cyber-attack events on the power grid have proven to be sophisticated and advanced. These attacks led to severe consequences on the grid operation, such as equipment damage or power outages. Hence, it is more critical than ever to develop tools for security assessment and detection of anomalies in the cyber-physical grid. For an extensive power grid, it is complex to analyze the causes of frequency deviations. Besides, if the system is compromised, attackers can leverage on the frequency deviation to bypass existing protection measures of the grid. This paper aims to develop a novel specification-based method to detect False Data Injection Attacks (FDIAs) in the multi-area system. Firstly, we describe the implementation of a three-area system model. Next, we assess the risk and devise several intrusion scenarios. Specifically, we inject false data into the frequency measurement and Automatic Generation Control (AGC) signals. We then develop a rule-based method to detect anomalies at the system-level. Our simulation results proves that the proposed algorithm can detect FDIAs in the system.

In modern grid systems which is a typical cyber-physical System (CPS), information space and physical space are closely related. Once the communication link is interrupted, it will make a great damage to the power system. If the service path is too concentrated, the risk will be greatly increased. In order to solve this problem, this paper constructs a route planning algorithm that combines node load pressure, link load balance and service delay risk. At present, the existing intelligent algorithms are easy to fall into the local optimal value, so we chooses the deep reinforcement learning algorithm (DRL). Firstly, we build a risk assessment model. The node risk assessment index is established by using the node load pressure, and then the link risk assessment index is established by using the average service communication delay and link balance degree. The route planning problem is then solved by a route planning algorithm based on DRL. Finally, experiments are carried out in a simulation scenario of a power grid system. The results show that our method can find a lower risk path than the original Dijkstra algorithm and the Constraint-Dijkstra algorithm.

Microgrids' dependency on communication links exposes the control systems to cyber attack threats. In this work, instead of designing reactive defense approaches, a proacitve moving target defense mechanism is proposed for securing microgrid secondary frequency control from denial of service (DoS) attack. The sensor data is transmitted by following a Markov process, not in a deterministic way. This uncertainty will increase the difficulty for attacker's decision making and thus significantly reduce the attack space. As the system parameters are constantly changing, a gain scheduling based secondary frequency controller is designed to sustain the system performance. Case studies of a microgrid with four inverter-based DGs show the proposed moving target mechanism can enhance the resiliency of the microgrid control systems against DoS attacks.

This paper studies the modeling of cyber-physical dependencies observed within power grids and the effects of these intra-dependencies, on power grid resilience, which is evaluated quantitatively. A fundamental contribution of this paper is the description of the critically important role played by cyber-physical buffers as key components to limit the negative effect of intra-dependencies on power grids resilience. Although resilience issues in the electric power provision service could be limited thanks to the use of local energy storage devices as the realization of service buffers, minimal to no autonomy in data connectivity buffers make cyber vulnerabilities specially critical in terms of resilience. This paper also explains how these models can be used for improved power grids resilience planning considering internal cyber-physical interactions.

Adversarial models are well-established for cryptographic protocols, but distributed real-time protocols have requirements that these abstractions are not intended to cover. The IEEE/IEC 61850 standard for communication networks and systems for power utility automation in particular not only requires distributed processing, but in case of the generic object oriented substation events and sampled value (GOOSE/SV) protocols also hard real-time characteristics. This motivates the desire to include both quality of service (QoS) and explicit network topology in an adversary model based on a π-calculus process algebraic formalism based on earlier work. This allows reasoning over process states, placement of adversarial entities and communication behaviour. We demonstrate the use of our model for the simple case of a replay attack against the publish/subscribe GOOSE/SV subprotocol, showing bounds for non-detectability of such an attack.

Due to malicious eavesdropping, forgery as well as other risks, it is challenging to dispose and store collected power data from smart grid in secure manners. Blockchain technology has become a novel method to solve the above problems because of its de-centralization and tamper-proof characteristics. It is especially well known that data stored in blockchain cannot be changed, so it is vital to seek out perfect mechanisms to ensure that data are compliant with high quality (namely, accuracy of the power data) before being stored in blockchain. This will help avoid losses due to low-quality data modification or deletion as needed in smart grid. Thus, we apply the parallel vision theory on the identification of meter readings to realize accurate power data. A cloud-blockchain fusion model (CBFM) is proposed for the storage of accurate power data, allowing for secure conducting of flexible transactions. Only power data calculated by parallel visual system instead of image data collected originally via robot would be stored in blockchain. Hence, we define the quality assurance before data uploaded to blockchain and security guarantee after data stored in blockchain as a successive framework, which is a brand new solution to manage efficiency and security as a whole for power data and data alike in other scenes. Security analysis and performance evaluations are performed, which prove that CBFM is highly secure and efficient impressively.

Consensus-based distributed microgrid energy management system is one of the most used distributed control strategies in the microgrid area. To improve its cybersecurity, the system needs to evaluate the trustworthiness of the participating agents in addition to the conventional cryptography efforts. This paper proposes a novel augmented reputation metric to evaluate the agents' trustworthiness in a distributed fashion. The proposed metric adopts a novel augmentation method to substantially improve the trust evaluation and attack detection performance under three typical difficult-to-detect attack patterns. The proposed metric is implemented and validated on a real-time HIL microgrid testbed.

In the process of informationization and networking of smart grids, the original physical isolation was broken, potential risks increased, and the increasingly serious cyber security situation was faced. Therefore, it is critical to develop accuracy and efficient anomaly detection methods to disclose various threats. However, in the industry, mainstream security devices such as firewalls are not able to detect and resist some advanced behavior attacks. In this paper, we propose a time series anomaly detection model, which is based on the periodic extraction method of discrete Fourier transform, and determines the sequence position of each element in the period by periodic overlapping mapping, thereby accurately describe the timing relationship between each network message. The experiments demonstrate that our model can detect cyber attacks such as man-in-the-middle, malicious injection, and Dos in a highly periodic network.

The CPS-featured modern asynchronous grids interconnected with HVDC tie-lines facing the hazards from bulk power imbalance shock. With the aid of cyber layer, the SCPIFS incorporates the frequency stability constrains is put forwarded. When there is bulk power imbalance caused by HVDC tie-lines block incident or unplanned loads increasing, the proposed SCPIFS ensures the safety and frequency stability of both grids at two terminals of the HVDC tie-line, also keeps the grids operate economically. To keep frequency stability, the controllable variables in security control strategy include loads, generators outputs and the power transferred in HVDC tie-lines. McCormick envelope method and ADMM are introduced to solve the proposed SCPIFS optimization model. Case studies of two-area benchmark system verify the safety and economical benefits of the SCPFS. HVDC tie-line transferred power can take the advantage of low cost generator resource of both sides utmost and avoid the load shedding via tuning the power transferred through the operating tie-lines, thus the operation of both connected asynchronous grids is within the limit of frequency stability domain.

Smart cities comprise multiple critical infrastructures, two of which are the power grid and communication networks, backed by centralized data analytics and storage. To effectively model the interdependencies between these infrastructures and enable a greater understanding of how communities respond to and impact them, large amounts of varied, real-world data on residential and commercial consumer energy consumption, load patterns, and associated human behavioral impacts are required. The dissemination of such data to the research communities is, however, largely restricted because of security and privacy concerns. This paper creates an opportunity for the development and dissemination of synthetic energy consumption data which is inherently anonymous but holds similarities to the properties of real data. This paper explores a framework using mixture density network (MDN) model integrated with a multi-layered Long Short-Term Memory (LSTM) network which shows promise in this area of research. The model is trained using an initial sample recorded from residential smart meters in the state of Florida, and is used to generate fully synthetic energy consumption data. The synthesized data will be made publicly available for interested users.

With the rapid progression of Information and Communication Technology (ICT) and especially of Internet of Things (IoT), the conventional electrical grid is transformed into a new intelligent paradigm, known as Smart Grid (SG). SG provides significant benefits both for utility companies and energy consumers such as the two-way communication (both electricity and information), distributed generation, remote monitoring, self-healing and pervasive control. However, at the same time, this dependence introduces new security challenges, since SG inherits the vulnerabilities of multiple heterogeneous, co-existing legacy and smart technologies, such as IoT and Industrial Control Systems (ICS). An effective countermeasure against the various cyberthreats in SG is the Intrusion Detection System (IDS), informing the operator timely about the possible cyberattacks and anomalies. In this paper, we provide an anomaly-based IDS especially designed for SG utilising operational data from a real power plant. In particular, many machine learning and deep learning models were deployed, introducing novel parameters and feature representations in a comparative study. The evaluation analysis demonstrated the efficacy of the proposed IDS and the improvement due to the suggested complex data representation.

Security and privacy of smart grid communication data is crucial given the nature of the continuous bidirectional information exchange between the consumer and the utilities. Data security has conventionally been ensured using cryptographic techniques implemented at the upper layers of the network stack. However, it has been shown that security can be further enhanced using physical layer (PHY) methods. To aid and/or complement such PHY and upper layer techniques, in this paper, we propose a PHY design that can detect and locate not only an active intruder but also a passive eavesdropper in the network. Our method can either be used as a stand-alone solution or together with existing techniques to achieve improved smart grid data security. Our machine learning based solution intelligently and automatically detects and locates a possible intruder in the network by reusing power line transmission modems installed in the grid for communication purposes. Simulation results show that our cost-efficient design provides near ideal intruder detection rates and also estimates its location with a high degree of accuracy.

Smart grid has evolved as the next generation power grid paradigm which enables the transfer of real time information between the utility company and the consumer via smart meter and advanced metering infrastructure (AMI). These information facilitate many services for both, such as automatic meter reading, demand side management, and time-of-use (TOU) pricing. However, there have been growing security and privacy concerns over smart grid systems, which are built with both smart and legacy information and operational technologies. Intrusion detection is a critical security service for smart grid systems, alerting the system operator for the presence of ongoing attacks. Hence, there has been lots of research conducted on intrusion detection in the past, especially anomaly-based intrusion detection. Problems emerge when common approaches of pattern recognition are used for imbalanced data which represent much more data instances belonging to normal behaviors than to attack ones, and these approaches cause low detection rates for minority classes. In this paper, we study various machine learning models to overcome this drawback by using CIC-IDS2018 dataset [1].

Nowadays, with the diversification and decentralization of energy systems, the energy Internet makes it possible to interconnect distributed energy sources and consumers. In the energy trading market, the traditional centralized model relies entirely on trusted third parties. However, as the number of entities involved in the transactions grows and the forms of transactions diversify, the centralized model gradually exposes problems such as insufficient scalability, High energy consumption, and low processing efficiency. To address these challenges, we propose a secure and efficient energy renewable trading scheme based on blockchain. In our scheme, the electricity market trading model is divided into two levels, which can not only protect the privacy, but also achieve a green computing. In addition, in order to adapt to the relatively weak computing power of the underlying equipment in smart grid, we design a credibility-based equity proof mechanism to greatly improve the system availability. Compared with other similar distributed energy trading schemes, we prove the advantages of our scheme in terms of high operational efficiency and low computational overhead through experimental evaluations. Additionally, we conduct a detailed security analysis to demonstrate that our solution meets the security requirements.

Smart metering systems have been gaining popularity as a vital part of the general smart grid paradigm. Naturally, as new technologies arise to cover this emerging field, so do security and privacy related issues regarding the energy consumer's personal data. These challenges impose the need for the development of new methods through a better understanding of the state-of-the-art. This paper aims at identifying the main categories of security and privacy techniques utilized in smart metering systems from a three-point perspective: i) a field research survey, ii) EU initiatives and findings towards the same direction and iii) a data-driven analysis of the state-of-the-art and the identification of its main topics (or themes) using topic modeling techniques. Detailed quantitative results of this analysis, such as semantic interpretation of the identified topics and a graph representation of the topic trends over time, are presented.

The roll-out of smart meters (SMs) in the electric grid has enabled data-driven grid management and planning techniques. SM data can be used together with short-term load forecasts (STLFs) to overcome polling frequency constraints for better grid management. However, the use of SMs that report consumption data at high spatial and temporal resolutions entails consumer privacy risks, motivating work in protecting consumer privacy. The impact of privacy protection schemes on STLF accuracy is not well studied, especially for smaller aggregations of consumers, whose load profiles are subject to more volatility and are, thus, harder to predict. In this paper, we analyse the impact of two user demand shaping privacy protection schemes, model-distribution predictive control (MDPC) and load-levelling, on STLF accuracy. Support vector regression is used to predict the load profiles at different consumer aggregation levels. Results indicate that, while the MDPC algorithm marginally affects forecast accuracy for smaller consumer aggregations, this diminishes at higher aggregation levels. More importantly, the load-levelling scheme significantly improves STLF accuracy as it smoothens out the grid visible consumer load profile.

Data dropouts in communication network can have a significant impact on wide-area oscillation damping control of a smart power grid with large-scale deployment of distributed and networked phasor measurement units and wind energy resources. Remote feedback signals sent through communication channels encounter data dropout, which is represented by the Gilbert-Elliott model. An observer-driven reduced copy (ORC) approach is presented, which uses the knowledge of the nominal system dynamics during data dropouts to improve the damping performance where conventional feedback would suffer. An expression for the expectation of the bound on the error norm between the actual and the estimated states relating uncertainties in the cyber system due to data dropout and physical system due to change in operating conditions is also derived. The key contribution comes from the analytical derivation of the impact of coupling between the cyber and the physical layer on ORC performance. Monte Carlo simulation is performed to calculate the dispersion of the error bound. Nonlinear time-domain simulations demonstrate that the ORC produces significantly better performance compared to conventional feedback under higher data drop situations.

The lack of strong cyber-physical modeling capabilities presents many challenges across the design, development, verification, and maintenance phases of a system [7]. Novel techniques for modeling the cyber-grid components, along with analysis and verification techniques, are imperative to the deployment of a resilient and robust power grid. Several works address False Data Injection (FDI) attacks to the power grid. However, most of them suffer from the lack of a model to investigate the effects of attacks. This paper proposed a cyber-physical model using Architecture Analysis & Design Language (AADL) [15] and power system information models to address different attacks in power systems.