Biblio

The applications for wide area monitoring, protection, and control systems (WAMPC) at the control center, help with providing resilient, efficient, and secure operation of the transmission system of the smart grid. The increased proliferation of phasor measurement units (PMUs) in this space has inspired many prudent applications to assist in the process of decision making in the control centers. Machine learning (ML) based decision support systems have become viable with the availability of abundant high-resolution wide area operational PMU data. We propose a deep neural network (DNN) based supervisory protection and event diagnosis system and demonstrate that it works with very high degree of confidence. The system introduces a supervisory layer that processes the data streams collected from PMUs and detects disturbances in the power systems that may have gone unnoticed by the local monitoring and protection system. Then, we investigate compromise of the insights of this ML based supervisory control by crafting adversaries that corrupt the PMU data via minimal coordinated manipulation and identification of the spatio-temporal regions in the multidimensional PMU data in a way that the DNN classifier makes wrong event predictions.

The traditional physical power grid is evolving into a cyber-physical Smart Grid (SG) that links the cyber communication and computational elements with the physical control functions to dynamically integrate varied and geographically distributed energy producers/consumers. In the SG, the cyber elements of Wide Area Measurement Systems (WAMS) are deployed to provide the critical monitoring of the state of power transmission and distribution to accomplish real-time control of the grid. Unfortunately, the increasing adoption of such computing/communication cyber-technologies essential to providing the SG operations also opens the risk of the SG being vulnerable to cyberattacks. In particular, attacks such as Denial-of-Service (DoS) and Distributed DoS (DDoS) are of primary concern for WAMS where such attacks can compromise its safety-critical accuracy and responsiveness characteristics. To prevent DoS/DDoS attacks at the transport and application layer from affecting the WAMS operations, we propose a proactive and robust extension of the Multipath-TCP (MPTCP) transportation protocol that mitigates such attacks by using a novel stream hopping MPTCP mechanism, termed as MPTCP-H. The proposed MPTCP-H hides the open port numbers of the connection from an attacker by renewing (over time) the subflows over new port numbers without perturbing the WAMS data traffic. Our results demonstrate MPTCP-H to be both effective and efficient (for reduced latency and congestion), and also applicable to the communication frameworks of other similar Critical Infrastructures.