Biblio

How does information regarding an adversary's intentions affect optimal system design? This paper addresses this question in the context of graphical coordination games where an adversary can indirectly influence the behavior of agents by modifying their payoffs. We study a situation in which a system operator must select a graph topology in anticipation of the action of an unknown adversary. The designer can limit her worst-case losses by playing a security strategy, effectively planning for an adversary which intends maximum harm. However, fine-grained information regarding the adversary's intention may help the system operator to fine-tune the defenses and obtain better system performance. In a simple model of adversarial behavior, this paper asks how much a system operator can gain by fine-tuning a defense for known adversarial intent. We find that if the adversary is weak, a security strategy is approximately optimal for any adversary type; however, for moderately-strong adversaries, security strategies are far from optimal.

Smart grid has evolved as the next generation power grid paradigm which enables the transfer of real time information between the utility company and the consumer via smart meter and advanced metering infrastructure (AMI). These information facilitate many services for both, such as automatic meter reading, demand side management, and time-of-use (TOU) pricing. However, there have been growing security and privacy concerns over smart grid systems, which are built with both smart and legacy information and operational technologies. Intrusion detection is a critical security service for smart grid systems, alerting the system operator for the presence of ongoing attacks. Hence, there has been lots of research conducted on intrusion detection in the past, especially anomaly-based intrusion detection. Problems emerge when common approaches of pattern recognition are used for imbalanced data which represent much more data instances belonging to normal behaviors than to attack ones, and these approaches cause low detection rates for minority classes. In this paper, we study various machine learning models to overcome this drawback by using CIC-IDS2018 dataset [1].

This paper presents a methodology for utilizing Phasor Measurement units (PMUs) for procuring real time synchronized measurements for assessing the security of the power system dynamically. The concept of wide-area dynamic security assessment considers transient instability in the proposed methodology. Intelligent framework based approach for online dynamic security assessment has been suggested wherein the database consisting of critical features associated with the system is generated for a wide range of contingencies, which is utilized to build the data mining model. This data mining model along with the synchronized phasor measurements is expected to assist the system operator in assessing the security of the system pertaining to a particular contingency, thereby also creating possibility of incorporating control and preventive measures in order to avoid any unforeseen instability in the system. The proposed technique has been implemented on IEEE 39 bus system for accurately indicating the security of the system and is found to be quite robust in the case of noise in the measurement data obtained from the PMUs.

A study case of electric power distribution system fault recovery has been introduced in this article. With proper connections, network reconfiguration should be considered an effective solution to the system fault condition. Considering the radial structure of the distribution system, appropriate observation on visualized outcome of the voltage profile can lead the system operator to obtain the best switching line effectively. Contour plots are applied for visualizing the voltage profiles of a modified IEEE 13-node test feeder model.

This paper proposes a game-theoretic approach to analyze the interactions between an attacker and a defender in a cyber-physical system (CPS) and develops effective defense strategies. In a CPS, the attacker launches cyber attacks on a number of nodes in the cyber layer, trying to maximize the potential damage to the underlying physical system while the system operator seeks to defend several nodes in the cyber layer to minimize the physical damage. Given that CPS attacking and defending is often a continual process, a zero-sum Markov game is proposed in this paper to model these interactions subject to underlying uncertainties of real-world events and actions. A novel model is also proposed in this paper to characterize the interdependence between the cyber layer and the physical layer in a CPS and quantify the impact of the cyber attack on the physical damage in the proposed game. To find the Nash equilibrium of the Markov game, we design an efficient algorithm based on value iteration. The proposed general approach is then applied to study the wide-area monitoring and protection issue in smart grid. Extensive simulations are conducted based on real-world data, and results show the effectiveness of the defending strategies derived from the proposed approach.

Situational awareness during sophisticated cyber attacks on the power grid is critical for the system operator to perform suitable attack response and recovery functions to ensure grid reliability. The overall theme of this paper is to identify existing practical issues and challenges that utilities face while monitoring substations, and to suggest potential approaches to enhance the situational awareness for the grid operators. In this paper, we provide a broad discussion about the various gaps that exist in the utility industry today in monitoring substations, and how those gaps could be addressed by identifying the various data sources and monitoring tools to improve situational awareness. The paper also briefly describes the advantages of contextualizing and correlating substation monitoring alerts using expert systems at the control center to obtain a holistic systems-level view of potentially malicious cyber activity at the substations before they cause impacts to grid operation.

As societies are becoming more dependent on the power grids, the security issues and blackout threats are more emphasized. This paper proposes a new graph model for online visualization and assessment of power grid security. The proposed model integrates topology and power flow information to estimate and visualize interdependencies between the lines in the form of line dependency graph (LDG) and immediate threats graph (ITG). These models enable the system operator to predict the impact of line outage and identify the most vulnerable and critical links in the power system. Line Vulnerability Index (LVI) and Line Criticality Index (LCI) are introduced as two indices extracted from LDG to aid the operator in decision making and contingency selection. This package can be useful in enhancing situational awareness in power grid operation by visualization and estimation of system threats. The proposed approach is tested for security analysis of IEEE 30-bus and IEEE 118-bus systems and the results are discussed.