Biblio

With the introduction of the national “carbon peaking and carbon neutrality” strategic goals and the accelerated construction of the new generation of power systems, cloud applications built on advanced IT technologies play an increasingly important role in meeting the needs of digital power business. In view of the characteristics of the current power industrial control system operation support cloud platform with wide coverage, large amount of log data, and low analysis intelligence, this paper proposes a cloud platform network security behavior audit method based on FP-Growth association rule algorithm, aiming at the uniqueness of the operating data of the cloud platform that directly interacts with the isolated system environment of power industrial control system. By using the association rule algorithm to associate and classify user behaviors, our scheme formulates abnormal behavior judgment standards, establishes an automated audit strategy knowledge base, and improves the security audit efficiency of power industrial control system operation support cloud platform. The intelligent level of log data analysis enables effective discovery, traceability and management of internal personnel operational risks.

This contribution provides the implementation of a digital twin-based assistance system to be used in future control rooms. By applying parameter estimation methods, the dynamic model in the digital twin is an accurate representation of the physical system. Therefore, a dynamic security assessment (DSA) that is highly dependent on a correctly parameterized dynamic model, can give more reliable information to a system operator in the control room. The assistance system is studied on the Cigré TB 536 benchmark system with an obscured set of machine parameters. Through the proposed parameter estimation approach the original parameters could be estimated, changing, and increasing the statement of the DSA in regard to imminent instabilities.

Owing to the decreasing costs of distributed energy resources (DERs) as well as decarbonization policies, power systems are undergoing a modernization process. The large deployment of DERs together with internet of things (IoT) devices provide a platform for peer-to-peer (P2P) energy trading in active distribution networks. However, P2P energy trading with IoT devices have driven the grid more vulnerable to cyber-physical threats. To this end, in this paper, a resilience-oriented P2P energy exchange model is developed considering three phase unbalanced distribution systems. In addition, various scenarios for vulnerability assessment of P2P energy exchanges considering adverse prosumers and consumers, who provide false information regarding the price and quantity with the goal of maximum financial benefit and system operation disruption, are considered. Techno-economic survivability analysis against these attacks are investigated on a IEEE 13-node unbalanced distribution test system. Simulation results demonstrate that adverse peers can affect the physical operation of grid, maximize their benefits, and cause financial loss of other agents.

The amount of information that is shared regularly has increased as a direct result of the rapid development of network administrators, Web of Things-related devices, and online users. Cybercriminals constantly work to gain access to the data that is stored and transferred online in order to accomplish their objectives, whether those objectives are to sell the data on the dark web or to commit another type of crime. After conducting a thorough writing analysis of the causes and problems that arise with wireless networks’ security and privacy, it was discovered that there are a number of factors that can make the networks unpredictable, particularly those that revolve around cybercriminals’ evolving skills and the lack of significant bodies’ efforts to combat them. It was observed. Wireless networks have a built-in security flaw that renders them more defenceless against attack than their wired counterparts. Additionally, problems arise in networks with hub mobility and dynamic network geography. Additionally, inconsistent availability poses unanticipated problems, whether it is accomplished through mobility or by sporadic hub slumber. In addition, it is difficult, if not impossible, to implement recently developed security measures due to the limited resources of individual hubs. Large-scale problems that arise in relation to wireless networks and flexible processing are examined by the Wireless Correspondence Network Security and Privacy research project. A few aspects of security that are taken into consideration include confirmation, access control and approval, non-disavowal, privacy and secrecy, respectability, and inspection. Any good or service should be able to protect a client’s personal information. an approach that emphasises quality, implements strategy, and uses a poll as a research tool for IT and public sector employees. This strategy reflects a higher level of precision in IT faculties.

The modernization of legacy power grids relies on the prevalence of information technology (IT). While the benefits are multi-fold and include increased reliability, more accurate monitoring, etc., the reliance on IT increases the attack surface of power grids by making them vulnerable to cyber-attacks. One of the modernization paths is the emergence of multi-terminal dc systems that offer numerous advantages over traditional ac systems. Therefore, cyber-security issues surrounding dc networks need to be investigated. Contributing to this effort, a class of false data injection attacks, called load redistribution (LR) attacks, that targets dc grids is proposed. These attacks aim to compromise the system load data and lead the system operator to dispatch incorrect power flow commands that lead to adverse consequences. Although similar attacks have been recently studied for ac systems, their feasibility in the converter-based dc grids has yet to be demonstrated. Such an attack assessment is necessary because the dc grids have a much smaller control timescale and are more dependent on IT than their traditional ac counterparts. Hence, this work formulates and evaluates dc grid LR attacks by incorporating voltage-sourced converter (VSC) control strategies that appropriately delineate dc system operations. The proposed attack strategy is solved with Gurobi, and the results show that both control and system conditions can affect the success of an LR attack.

The phenomenon known as "Internet ossification" describes the process through which certain components of the Internet’s older design have become immovable at the present time. This presents considerable challenges to the adoption of IPv6 and makes it hard to implement IP multicast services. For new applications such as data centers, cloud computing and virtualized networks, improved network availability, improved internal and external domain routing, and seamless user connectivity throughout the network are some of the advantages of Internet growth. To meet these needs, we've developed Software Defined Networking for the Future Internet (SDN). When compared to current networks, this new paradigm emphasizes control plane separation from network-forwarding components. To put it another way, this decoupling enables the installation of control plane software (such as Open Flow controller) on computer platforms that are substantially more powerful than traditional network equipment (such as switches/routers). This research describes Mininet’s routing techniques for a virtualized software-defined network. There are two obstacles to overcome when attempting to integrate SDN in an LTE/WiFi network. The first problem is that external network load monitoring tools must be used to measure QoS settings. Because of the increased demand for real-time load balancing methods, service providers cannot adopt QoS-based routing. In order to overcome these issues, this research suggests a router configuration method. Experiments have proved that the network coefficient matrix routing arrangement works, therefore it may provide an answer to the above-mentioned concerns. The Java-based SDN controller outperforms traditional routing systems by nine times on average highest sign to sound ratio. The study’s final finding suggests that the field’s future can be forecast. We must have a thorough understanding of this emerging paradigm to solve numerous difficulties, such as creating the Future Internet and dealing with its obliteration problem. In order to address these issues, we will first examine current technologies and a wide range of current and future SDN projects before delving into the most important issues in this field in depth.

An approach to substantiating the choice of a discipline for the maintenance of a redundant computer system, with the possible use of node resources saved after failures, is considered. The choice is aimed at improving the reliability and profitability of the system, taking into account the operational costs of restoring nodes. Models of reliability of systems with service disciplines are proposed, providing both the possibility of immediate recovery of nodes after failures, and allowing degradation of the system when using node resources stored after failures in it. The models take into account the conditions of the admissibility or inadmissibility of the loss of information accumulated during the operation of the system. The operating costs are determined, taking into account the costs of restoring nodes for the system maintenance disciplines under consideration

Although DC microgrids using a distributed cooperative control architecture can avoid the instability or shutdown issues caused by a single-point failure as compared to the centralized approach, limited global information in the former makes it difficult to detect cyber attacks. Here, we present a false data injection attack (FDIA)–-termed as a local control input attack–-targeting voltage observers in the secondary controllers and control loops in the primary controllers. Such an attack cannot be detected by only observing the performance of the estimated voltage of each agent, thereby posing a potential threat to the system operation. To address this, a detection method using the outputs of the voltage observers is developed to identify the exact location of an FDIA. The proposed approach is based on the characteristics of the distributed cooperative network and avoids heavy dependency on the system model parameters. Next, an event-driven mitigation approach is deployed to substitute the attacked element with a reconstructed signal upon the detection of an attack. Finally, the effectiveness of the proposed resilient scheme is validated using simulation results.

The intelligent cyber-physical system (CPS) has been applied in various fields, covering multiple critical infras-tructures and human daily life support areas. CPS Security is a major concern and of critical importance, especially the security of the intelligent control component. Side-channel analysis (SCA) is the common threat exploiting the weaknesses in system operation to extract information of the intelligent CPS. However, existing literature lacks the systematic theo-retical analysis of the side-channel attacks on the intelligent CPS, without the ability to quantify and measure the leaked information. To address these issues, we propose the SCA-based model extraction attack on intelligent CPS. First, we design an efficient and novel SCA-based model extraction framework, including the threat model, hierarchical attack process, and the multiple micro-space parallel search enabled weight extraction algorithm. Secondly, an information theory-empowered analy-sis model for side-channel attacks on intelligent CPS is built. We propose a mutual information-based quantification method and derive the capacity of side-channel attacks on intelligent CPS, formulating the amount of information leakage through side channels. Thirdly, we develop the theoretical bounds of the leaked information over multiple attack queries based on the data processing inequality and properties of entropy. These convergence bounds provide theoretical means to estimate the amount of information leaked. Finally, experimental evaluation, including real-world experiments, demonstrates the effective-ness of the proposed SCA-based model extraction algorithm and the information theory-based analysis method in intelligent CPS.

With the rapid advancement of the electrical grid, substation automation systems (SASs) have been developing continuously. However, with the introduction of advanced features, such as remote control, potential cyber security threats in SASs are also increased. Additionally, crucial components in SASs, such as protection relays, usually come from third-party vendors and may not be fully trusted. Untrusted devices may stealthily perform harmful or unauthorised behaviours which could compromise or damage SASs, and therefore, bring adverse impacts to the primary plant. Thus, it is necessary to detect abnormal behaviours from an untrusted device before it brings about catastrophic impacts. Anomaly detection techniques are suitable to detect anomalies in SASs as they only bring minimal side-effects to normal system operations. Many researchers have developed various machine learning algorithms and mathematical models to improve the accuracy of anomaly detection. However, without prudent feature selection, it is difficult to achieve high accuracy when detecting attacks launched from internal trusted networks, especially for stealthy message modification attacks which only modify message payloads slightly and imitate patterns of benign behaviours. Therefore, this paper presents choices of features which improve the accuracy of anomaly detection within SASs, especially for detecting “stealthy” attacks. By including two additional features, Boolean control data from message payloads and physical values from sensors, our method improved the accuracy of anomaly detection by decreasing the false-negative rate from 25% to 5% approximately.

The widely adopted dynamic line rating (DLR) mechanism can improve the operation efficiency for industrial and commercial power systems. However, the predicted environmental parameters used in DLR bring great uncertainty to transmission line capacity estimation and may introduce system security risk if over-optimistic estimation is adopted in the operation process, which could affect the electrical safety of industrial and commercial power systems in multiple cases. Therefore, it becomes necessary to establish a system operation security assessment model to reduce the risk and provide operational guidance to enhance electrical safety. This paper aims to solve the electrical safety problems caused by the transmission line under DLR mechanism. An operation security assessment method of transmission lines considering DLR uncertainty is proposed to visualize the safety margin under the given operation strategy and optimally setting transmission line capacity while taking system safety into account. With the help of robust optimization (RO) techniques, the uncertainty is characterized and a risk-averse transmission line rating guidance can be established to determine the safety margin of line capacity for system operation. In this way, the operational security for industrial and commercial power systems can be enhanced by reducing the unsafe conditions while the operational efficiency benefit provided by DLR mechanism still exist.

This contribution provides the implementation of a holistic operational security assessment process for both steady-state security and dynamic stability. The merging of steady-state and dynamic security assessment as a sequential process is presented. A steady-state and dynamic modeling of a VSC-HVDC was performed including curative and stabilizing measures as remedial actions. The assessment process was validated by a case study on a modified version of the Nordic 32 system. Simulation results showed that measure selection based on purely steady-state contingency analysis can lead to loss of stability in time domain. A subsequent selection of measures on the basis of the dynamic security assessment was able to guarantee the operational security for the stationary N-1 scenario as well as the power system stability.

Carefully constructed cyber-attacks directly influence the data integrity and the operational functionality of the smart energy grid. In this paper, we have explored the data integrity attack behaviour in a wide-area sensor-enabled IIoT-SCADA system. We have demonstrated that an intelligent cyber-attacker can inject false information through the sensor devices that may remain stealthy in the traditional detection module and corrupt estimated system states at the utility control centres. Next, to protect the operation, we defined a set of critical measurements that need to be protected for the resilient operation of the grid. Finally, we placed the measurement units using an optimal allocation strategy by ensuring that a limited number of nodes are protected against the attack while the system observability is satisfied. Under such scenarios, a wide range of experiments has been conducted to evaluate the performance considering IEEE 14-bus, 24 bus-reliability test system, 85-bus, 141-bus and 145-bus test systems. Results show that by ensuring the protection of around 25% of the total nodes, the IIoT-SCADA enabled energy grid can be protected against injection attacks while observability of the network is well-maintained.

Distribution system security region (DSSR) has been widely used to analyze the distribution system operation security. This paper innovatively defines the scale of DSSR, namely the number of boundary constraints and variables of all operational constraints, analyzes and puts forward the corresponding evaluation method. Firstly, the influence of the number of security boundary constraints and variables on the scale of DSSR is analyzed. The factors that mainly influence the scale are found, such as the number of transformers, feeders, as well as sectionalizing switches, and feeder contacts modes between transformers. Secondly, a matrix representing the relations among transformers in distribution system is defined to reflect the characteristics of network's structure, while an algorithm of the scale of DSSR based on transformers connection relationship matrix is proposed, which avoids the trouble of listing security region constraints. Finally, the proposed method is applied in a test system to confirm the effectiveness of the concepts and methods. It provides the necessary foundation for DSSR theory as well as safety analysis.