Biblio

A Cyber Physical Sensor System (CPSS) consists of a computing platform equipped with wireless access points, sensors, and actuators. In a Cyber Physical System, CPSS constantly collects data from a physical object that is under process and performs local real-time control activities based on the process algorithm. The collected data is then transmitted through the network layer to the enterprise command and control center or to the cloud computing services for further processing and analysis. This paper investigates the CPSS' most common cyber security threats and vulnerabilities and provides countermeasures. Furthermore, the paper addresses how the CPSS are attacked, what are the leading consequences of the attacks, and the possible remedies to prevent them. Detailed case studies are presented to help the readers understand the CPSS threats, vulnerabilities, and possible solutions.

The existing radial topology makes the power system less reliable since any part in the system failure will disrupt electrical power delivery in the network. The increasing security concerns, electrical energy theft, and present advancement in Information and Communication Technologies are some factors that led to modernization of power system. In a smart grid, a network of smart sensors offers numerous opportunities that may include monitoring of power, consumer-side energy management, synchronization of dispersed power storage, and integrating sources of renewable energy. Smart sensor networks are low cost and are ease to deploy hence they are favorable contestants for deployment smart power grids at a larger scale. These networks will result in a colossal volume of dissimilar range of data that require an efficient processing and analyzing process in order to realize an efficient smart grid. The existing technology can be used to collect data but dealing with the collected information proficiently as well as mining valuable material out of it remains challenging. The paper investigates communication technologies that maybe deployed in a smart grid. In this paper simulations results for the Additive White Gaussian Noise (AWGN) channel are illustrated. We propose a model and a communication network domain riding on the power system domain. The model was interrogated by simulation in MATLAB.

The power outages of the last couple of years around the world introduce the indispensability of technological development to improve the traditional power grids. Early warnings of imminent failures represent one of the major required improvements. Costly blackouts throughout the world caused by the different severe incidents in traditional power grids have motivated researchers to diagnose and investigate previous blackouts and propose a prediction model that enables to prevent power outages. Although, in the new generation of power grid, the smart grid's (SG) real time data can be used from smart meters (SMs) and phasor measurement unit sensors (PMU) to prevent blackout, it demands high reliability and stability against power outages. This paper implements a proactive prediction model based on deep-belief networks that can predict imminent blackout. The proposed model is evaluated on a real smart grid dataset. Promising results are reported in the case study.

With Electricity as a fundamental part of our life, its production has still large, negative environmental impact. Therefore, one strain of research is to optimize electricity usage by avoiding its unnecessary consumption or time its consumption when green energy is available. The shift towards an Advanced Metering Infrastructure (AMI) allows to optimize energy distribution based on the current load at residence level. However, applications such as Demand Management and Advanced Load Forecasting require information further down at device level, which cannot be provided by standard electricity meters nor existing AMIs. Hence, different approaches for appliance monitoring emerged over the past 30 years which are categorized into Intrusive systems requiring multiple distributed sensors and Non-Intrusive systems requiring a single unobtrusive sensor. Although each category has been individually explored, hybrid approaches have received little attention. Our experiments highlight that variable consumer devices (e.g. PCs) are detrimental to the detection performance of non-intrusive systems. We further show that their influence can be inhibited by using sensor data from additional intrusive sensors. Even fairly straightforward sensor fusion techniques lead to a classification performance (F1) gain from 84.88 % to 93.41 % in our test setup. As this highlights the potential to contribute to the global goal of saving energy, we define further research directions for hybrid load monitoring systems.

Nowadays, electricity companies have started applying smart grid in their systems rather than the conventional electrical grid (manual grid). Smart grid produces an efficient and effective energy management and control, reduces the cost of production, saves energy and it is more reliable compared to the conventional grid. As an advanced energy meter, smart meters can measure the power consumption as well as monitor and control electrical devices. Smart meters have been adopted in many countries since the 2000s as they provide economic, social and environmental benefits for multiple stakeholders. The design of smart meter can be customized depending on the customer and the utility company needs. There are different sensors and devices supported by dedicated communication infrastructure which can be utilized to implement smart meters. This paper presents a study of the challenges associated with smart meters, smart homes and smart grids as an effort to highlight opportunities for emerging research and industrial solutions.

This paper proposes a game-theoretic approach to analyze the interactions between an attacker and a defender in a cyber-physical system (CPS) and develops effective defense strategies. In a CPS, the attacker launches cyber attacks on a number of nodes in the cyber layer, trying to maximize the potential damage to the underlying physical system while the system operator seeks to defend several nodes in the cyber layer to minimize the physical damage. Given that CPS attacking and defending is often a continual process, a zero-sum Markov game is proposed in this paper to model these interactions subject to underlying uncertainties of real-world events and actions. A novel model is also proposed in this paper to characterize the interdependence between the cyber layer and the physical layer in a CPS and quantify the impact of the cyber attack on the physical damage in the proposed game. To find the Nash equilibrium of the Markov game, we design an efficient algorithm based on value iteration. The proposed general approach is then applied to study the wide-area monitoring and protection issue in smart grid. Extensive simulations are conducted based on real-world data, and results show the effectiveness of the defending strategies derived from the proposed approach.

With the rapid development of the smart grid, a large number of intelligent sensors and meters have been introduced in distribution network, which will inevitably increase the integration of physical networks and cyber networks, and bring potential security threats to the operating system. In this paper, the functions of the information system on distribution network are described when cyber attacks appear at the intelligent electronic devices (lED) or at the distribution main station. The effect analysis of the distribution network under normal operating condition or in the fault recovery process is carried out, and the reliability assessment model of the distribution network considering cyber attacks is constructed. Finally, the IEEE-33-bus distribution system is taken as a test system to presented the evaluation process based on the proposed model.

Smart Grid (SG) technology has been developing for years, which facilitates users with portable access to power through being applied in numerous application scenarios, one of which is the electric vehicle charging. In order to ensure the security of the charging process, users need authenticating with the smart meter for the subsequent communication. Although there are many researches in this field, few of which have endeavored to protect the anonymity and the untraceability of users during the authentication. Further, some studies consider the problem of user anonymity, but they are non-light-weight protocols, even some can not assure any fairness in key agreement. In this paper, we first points out that existing authentication schemes for Smart Grid are neither lack of critical security nor short of important property such as untraceability, then we propose a new two-factor lightweight user authentication scheme based on password and biometric. The authentication process of the proposed scheme includes four message exchanges among the user mobile, smart meter and the cloud server, and then a security one-time session key is generated for the followed communication process. Moreover, the scheme has some new features, such as the protection of the user's anonymity and untraceability. Security analysis shows that our proposed scheme can resist various well-known attacks and the performance analysis shows that compared to other three schemes, our scheme is more lightweight, secure and efficient.

Reliable operation of power systems is a primary challenge for the system operators. With the advancement in technology and grid automation, power systems are becoming more vulnerable to cyber-attacks. The main goal of adversaries is to take advantage of these vulnerabilities and destabilize the system. This paper describes a game-theoretic approach to attacker / defender modeling in power systems. In our models, the attacker can strategically identify the subset of substations that maximize damage when compromised. However, the defender can identify the critical subset of substations to protect in order to minimize the damage when an attacker launches a cyber-attack. The algorithms for these models are applied to the standard IEEE-14, 39, and 57 bus examples to identify the critical set of substations given an attacker and a defender budget.

Gaussian random attacks that jointly minimize the amount of information obtained by the operator from the grid and the probability of attack detection are presented. The construction of the attack is posed as an optimization problem with a utility function that captures two effects: firstly, minimizing the mutual information between the measurements and the state variables; secondly, minimizing the probability of attack detection via the Kullback-Leibler (KL) divergence between the distribution of the measurements with an attack and the distribution of the measurements without an attack. Additionally, a lower bound on the utility function achieved by the attacks constructed with imperfect knowledge of the second order statistics of the state variables is obtained. The performance of the attack construction using the sample covariance matrix of the state variables is numerically evaluated. The above results are tested in the IEEE 30-Bus test system.

Quantifying vulnerability and security levels for smart grid diversified link of networks have been a challenging task for a long period of time. Security experts and network administrators used to act based on their proficiencies and practices to mitigate network attacks rather than objective metrics and models. This paper uses the Markov Chain Model [1] to evaluate quantitatively the vulnerabilities associated to the 802.11 Wi-Fi network in a smart grid. Administrator can now assess the level of severity of potential attacks based on determining the probability density of the successive states and thus, providing the corresponding security measures. This model is based on the observed vulnerabilities provided by the Common Vulnerabilities and Exposures (CVE) database explored by MITRE [2] to calculate the Markov processes (states) transitions probabilities and thus, deducing the vulnerability level of the entire attack paths in an attack graph. Cumulative probabilities referring to high vulnerability level in a specific attack path will lead the system administrator to apply appropriate security measures a priori to potential attacks occurrence.

Advanced Metering Infrastructure (AMI) forms a communication network for the collection of power data from smart meters in Smart Grid. As the communication within an AMI needs to be secure, key management becomes an issue due to overhead and limited resources. While using public-keys eliminate some of the overhead of key management, there is still challenges regarding certificates that store and certify the public-keys. In particular, distribution and storage of certificate revocation list (CRL) is major a challenge due to cost of distribution and storage in AMI networks which typically consist of wireless multi-hop networks. Motivated by the need of keeping the CRL distribution and storage cost effective and scalable, in this paper, we present a distributed CRL management model utilizing the idea of distributed hash trees (DHTs) from peer-to-peer (P2P) networks. The basic idea is to share the burden of storage of CRLs among all the smart meters by exploiting the meshing capability of the smart meters among each other. Thus, using DHTs not only reduces the space requirements for CRLs but also makes the CRL updates more convenient. We implemented this structure on ns-3 using IEEE 802.11s mesh standard as a model for AMI and demonstrated its superior performance with respect to traditional methods of CRL management through extensive simulations.

Parameter estimation in wireless sensor networks (WSN) using encrypted non-binary quantized data is studied. In a WSN, sensors transmit their observations to a fusion center through a wireless medium where the observations are susceptible to unauthorized eavesdropping. Encryption approaches for WSNs with fixed threshold binary quantization were previously explored. However, fixed threshold binary quantization limits parameter estimation to scalar parameters. In this paper, we propose a stochastic encryption approach for WSNs that can operate on non-binary quantized observations and has the capability for vector parameter estimation. We extend a binary stochastic encryption approach proposed previously, to a non-binary generalized case. Sensor outputs are quantized using a quantizer with R + 1 levels, where R $ε$ 1, 2, 3,..., encrypted by flipping them with certain flipping probabilities, and then transmitted. Optimal estimators using maximum-likelihood estimation are derived for both a legitimate fusion center (LFC) and a third party fusion center (TPFC) perspectives. We assume the TPFC is unaware of the encryption. Asymptotic analysis of the estimators is performed by deriving the Cramer-Rao lower bound for LFC estimation, and the asymptotic bias and variance for TPFC estimation. Numerical results validating the asymptotic analysis are presented.

Software-defined networking (SDN) enables efficient networkmanagement. As the technology matures, utilities are looking to integrate those benefits to their operations technology (OT) networks. To help the community to better understand and evaluate the effects of such integration, we develop DSSnet, a testing platform that combines a power distribution system simulator and an SDN-based network emulator for smart grid planning and evaluation. DSSnet relies on a container-based virtual time system to achieve efficient synchronization between the simulation and emulation systems. To enhance the system scalability and usability, we extend DSSnet to support a distributed controller environment. To enhance system fidelity, we extend the virtual time system to support kernel-based switches. We also evaluate the system performance of DSSnet and demonstrate the usability of DSSnet with a resilient demand response application case study.

Recent research has proposed a moving target defense (MTD) approach that actively changes transmission line susceptance to preclude stealthy false data injection (FDI) attacks against the state estimation of a smart grid. However, existing studies were often conducted under a less adversarial setting, in that they ignore the possibility that an alert attacker can also try to detect the activation of MTD and then cancel any FDI attack until they learn the new system configuration after MTD. Indeed, in this paper, we show that this can be achieved easily by the attacker. To improve the stealthiness of MTD against the attacker, we propose a hidden MTD approach that maintains the power flows of the whole grid after MTD. We develop an algorithm to construct the hidden MTD and analyze its feasibility condition when only a subset of transmission lines can adjust susceptance. Simulations are conducted to demonstrate the effectiveness of the hidden MTD against alert attackers under realistic settings.

A well studied privacy problem in the area of smart grids is the question of how to aggregate the sum of a set of smart meter readings in a privacy friendly manner, i.e., in such a way that individual meter readings are not revealed to the adversary. Much less well studied is how to deal with arbitrary meter crashes during such aggregation protocols: current privacy friendly aggregation protocols cannot deal with these type of failures. Such failures do happen in practice, though. We therefore propose two privacy friendly aggregation protocols that tolerate such crash failures, up to a predefined maximum number of smart meters. The basic protocol tolerates meter crashes at the start of each aggregation round only. The full, more complex, protocol tolerates meter crashes at arbitrary moments during an aggregation round. It runs in a constant number of phases, cleverly avoiding the otherwise applicable consensus protocol lower bound.

The eleven papers in this special section focus on power electronics-enabled autonomous systems. Power systems are going through a paradigm change from centralized generation to distributed generation and further onto smart grid. Millions of relatively small distributed energy resources (DER), including wind turbines, solar panels, electric vehicles and energy storage systems, and flexible loads are being integrated into power systems through power electronic converters. This imposes great challenges to the stability, scalability, reliability, security, and resiliency of future power systems. This section joins the forces of the communities of control/systems theory, power electronics, and power systems to address various emerging issues of power-electronics-enabled autonomous power systems, paving the way for large-scale deployment of DERs and flexible loads.

The Internet of Things (IoT) increasingly demonstrates its role in smart services, such as smart home, smart grid, smart transportation, etc. However, due to lack of standards among different vendors, existing networked IoT devices (NoTs) can hardly provide enough security. Moreover, it is impractical to apply advanced cryptographic solutions to many NoTs due to limited computing capability and power supply. Inspired by recent advances in IoT demand, in this paper, we develop an IoT security architecture that can protect NoTs in different IoT scenarios. Specifically, the security architecture consists of an auditing module and two network-level security controllers. The auditing module is designed to have a stand-alone intrusion detection system for threat detection in a NoT network cluster. The two network-level security controllers are designed to provide security services from either network resource management or cryptographic schemes regardless of the NoT security capability. We also demonstrate the proposed IoT security architecture with a network based one-hop confidentiality scheme and a cryptography-based secure link mechanism.

Phasor measurement units (PMUs) provide high-fidelity situational awareness of electric power grid operations. PMU data are used in real-time to inform wide area state estimation, monitor area control error, and event detection. As PMU data becomes more reliable, these devices are finding roles within control systems such as demand response programs and early fault detection systems. As with other cyber physical systems, maintaining data integrity and security are significant challenges for power system operators. In this paper, we present a comprehensive study of multiple machine learning techniques for detecting malicious data injection within PMU data streams. The two datasets used in this study are from the Bonneville Power Administration's PMU network and an inter-university PMU network among three universities, located in the U.S. Pacific Northwest. These datasets contain data from both the transmission level and the distribution level. Our results show that both SVM and ANN are generally effective in detecting spoofed data, and TensorFlow, the newly released tool, demonstrates potential for distributing the training workload and achieving higher performance. We expect these results to shed light on future work of adopting machine learning and data analytics techniques in the electric power industry.

Since the Information Networks are added to the current electricity networks, the security and privacy of individuals is challenged. This combination of technologies creates vulnerabilities in the context of smart grid power which disrupt the consumer energy supply. Methods based on encryption are against the countermeasures attacks that have targeted the integrity and confidentiality factors. Although the cryptography strategies are used in Smart Grid, key management which is different in size from tens to millions of keys (for meters), is considered as the critical processes. The Key mismanagement causes to reveal the secret keys for attacker, a symmetric key distribution method is recently suggested by [7] which is based on a symmetric key distribution, this strategy is very suitable for smart electric meters. The problem with this method is its vulnerability to impersonating respondents attack. The proposed approach to solve this problem is to send the both side identifiers in encrypted form based on hash functions and a random value, the proposed solution is appropriate for devices such as meters that have very little computing power.

By applying power usage statistics from smart meters, users are able to save energy in their homes or control smart appliances via home automation systems. However, owing to security and privacy concerns, it is recommended that smart meters (SM) should not have direct communication with smart appliances. In this paper, we propose a design for a smart meter gateway (SMGW) associated with a two-phase authentication mechanism and key management scheme to link a smart grid with smart appliances. With placement of the SMGW, we can reduce the design complexity of SMs as well as enhance the strength of security.

Integration of information technologies with the current power infrastructure promises something further than a smart grid: implementation of smart cities. Power efficient cities will be a significant step toward greener cities and a cleaner environment. However, the extensive use of information technologies in smart cities comes at a cost of reduced privacy. In particular, consumers' power profiles will be accessible by third parties seeking information over consumers' personal habits. In this paper, a methodology for enhancing privacy of electricity consumption patterns is proposed and tested. The proposed method exploits digital connectivity and predictive tools offered via smart grids to morph consumption patterns by grouping consumers via an optimization scheme. To that end, load anticipation, correlation and Theil coefficients are utilized synergistically with genetic algorithms to find an optimal assembly of consumers whose aggregated pattern hides individual consumption features. Results highlight the efficiency of the proposed method in enhancing privacy in the environment of smart cities.

With the rapid development of smart grid, smart meters are deployed at energy consumers' premises to collect real-time usage data. Although such a communication model can help the control center of the energy producer to improve the efficiency and reliability of electricity delivery, it also leads to some security issues. For example, this real-time data involves the customers' privacy. Attackers may violate the privacy for house breaking, or they may tamper with the transmitted data for their own benefits. For this purpose, many data aggregation schemes are proposed for privacy preservation. However, rare of them cares about both the data aggregation and fine-grained access control to improve the data utility. In this paper, we proposes a data aggregation scheme based on attribute decision tree. Security analysis illustrates that our scheme can achieve the data integrity, data privacy preservation and fine- grained data access control. Experiment results show that our scheme are more efficient than existing schemes.

Power grids are undergoing major changes due to rapid growth in renewable energy resources and improvements in battery technology. While these changes enhance sustainability and efficiency, they also create significant management challenges as the complexity of power systems increases. To tackle these challenges, decentralized Internet-of-Things (IoT) solutions are emerging, which arrange local communities into transactive microgrids. Within a transactive microgrid, "prosumers" (i.e., consumers with energy generation and storage capabilities) can trade energy with each other, thereby smoothing the load on the main grid using local supply. It is hard, however, to provide security, safety, and privacy in a decentralized and transactive energy system. On the one hand, prosumers' personal information must be protected from their trade partners and the system operator. On the other hand, the system must be protected from careless or malicious trading, which could destabilize the entire grid. This paper describes Privacy-preserving Energy Transactions (PETra), which is a secure and safe solution for transactive microgrids that enables consumers to trade energy without sacrificing their privacy. PETra builds on distributed ledgers, such as blockchains, and provides anonymity for communication, bidding, and trading.

A smart grid is a fully automated power electricity network, which operates, protects and controls all its physical environments of power electricity infrastructure being able to supply energy in an efficient and reliable way. As the importance of cyber-physical system (CPS) security is growing, various vulnerability analysis methodologies for general systems have been suggested, whereas there has been few practical research targeting the smart grid infrastructure. In this paper, we highlight the significance of security vulnerability analysis in the smart grid environment. Then we introduce various automated vulnerability analysis techniques from executable files. In our approach, we propose a novel binary-based vulnerability discovery method for AMI and EV charging system to automatically extract security-related features from the embedded software. Finally, we present the test result of vulnerability discovery applied for AMI and EV charging system in Korean smart grid environment.