Anas AlMajali

Mitigating the Risk of Cyber Attack on Smart Grid Systems

Abstract Smart Grid technologies are being developed to upgrade the power grid with networked metrology and controls that can improve efficiency and provide new methods to manage the system. While these technologies offer great benefits, they also introduce new classes of risk, most notably creating new attack vectors that can be exploited by cyber attack. To assess and address risks in cyber-physical systems like these, the system designers toolset needs to include concepts drawn from cyber security, reliability, and fault tolerance design, integrated into a common methodology. In this paper, we discuss the fragmented landscape of studies into the risk of cyber attack on smart metering systems, and then draw on concepts from systems engineering and fault tolerance design to organize and unify the pieces.

A systems approach to analysing cyber-physical threats in the Smart Grid

This paper presents a systems analysis approach to characterizing the risk of a Smart Grid to a load-drop attack. A characterization of the risk is necessary for the design of detection and remediation strategies to address the consequences of such attacks. Using concepts from systems health management and system engineering, this work (a) first identifies metrics that can be used to generate constraints for security features, and (b) lays out an end-to-end integrated methodology using separate network and power simulations to assess system risk. We demonstrate our approach by performing a systems-style analysis of a load-drop attack implemented over the AMI subsystem and targeted at destabilizing the underlying power grid.

Modeling security policies for mitigating the risk of load altering attacks on smart grid systems

While demand response programs achieve energy efficiency and quality objectives, they bring potential security threats into the Smart Grid. An ability to influence load in the system provides the capability for an attacker to cause system failures and impacts the quality and integrity of the power delivered to customers. This paper presents a security mechanism that monitors and controls load according to security policies during normal system operation. The mechanism monitors, detects, and responds to load altering attacks. The authors examined security requirements of Smart Grid stakeholders and constructed a set of load control policies enforced by the mechanism. A proof of concept prototype was implemented and tested using the simulation environment. By enforcing the proposed policies in this prototype, the system is maintained in a safe state in the presence of load drop attacks.

Analyzing Cyber-Physical Threats on Robotic Platforms

Robots are increasingly involved in our daily lives. Fundamental to robots are the communication link (or stream) and the applications that connect the robots to their clients or users. Such communication link and applications are usually supported through client/server network connection. This networking system is amenable of being attacked and vulnerable to the security threats. Ensuring security and privacy for robotic platforms is thus critical, as failures and attacks could have devastating consequences. In this paper, we examine several cyber-physical security threats that are unique to the robotic platforms; specifically the communication link and the applications. Threats target integrity, availability and confidential security requirements of the robotic platforms, which use MobileEyes/arnlServer client/server applications. A robot attack tool (RAT) was developed to perform specific security attacks. An impact-oriented approach was adopted to analyze the assessment results of the attacks. Tests and experiments of attacks were conducted in simulation environment and physically on the robot. The simulation environment was based on MobileSim; a software tool for simulating, debugging and experimenting on MobileRobots/ActivMedia platforms and their environments. The robot platform PeopleBotTM was used for physical experiments. The analysis and testing results show that certain attacks were successful at breaching the robot security. Integrity attacks modified commands and manipulated the robot behavior. Availability attacks were able to cause Denial-of-Service (DoS) and the robot was not responsive to MobileEyes commands. Integrity and availability attacks caused sensitive information on the robot to be hijacked. To mitigate security threats, we provide possible mitigation techniques and suggestions to raise awareness of threats on the robotic platforms, especially when the robots are involved in critical missions or applications.

PSP: A Framework to Allocate Resources to Power Storage Systems under Cyber-Physical Attacks

This risk assessment of the smart grid focuses on energy storage, which is essential but largely unaddressed by the current literature. This work concentrates on actions (such as decreasing or increasing power reserve and power dispatch, performing load curtailment or load shedding, or repair of nodes) the defender should take to meet power demand at minimum operating cost in the presence of cyber-physical attacks on the power and information infrastructure of the smart grid. In this paper, we formulate a Power Storage Protection (PSP) framework against a fixed opponent (adversary). We fix the strategy for the adversary and model the problem as a Partially Observable Markov Decision Process (POMDP) from the perspective of the defender (power utility) and solve it using POMDP solver. We provide a theoretical framework for formulating the above problem and provide experimental results to support our claim using a simplified PSP scenario in which optimal POMDP policy is computed efficiently.

Analyzing cyber-physical attacks on smart grid systems

We present a roadmap to evaluate the resilience of Smart Grid systems in the presence of cyber-physical attacks on its various functions and components such as Distributed Energy Resources, demand response, and gas distribution pipeline for peaker plants. We discuss attack scenarios corresponding to each functionality and the effect on the resilience of the given smart grid system. Through contingency simulations in the PowerWorld simulator, we analyze cyber attacks that propagate from cyber to power system and discuss how such attacks destabilize the underlying power grid. The analysis of such simulations helps system engineers to develop a robust and more resilient system and improves the response of the system to ongoing attacks.

Modeling worm propagation in the advanced metering infrastructure

A computer worm is malicious software that can spread rapidly between interconnected devices and perform malicious actions. In an Advanced Metering Infrastructure (AMI), smart meters may communicate in an ad-hoc fashion to perform many functionalities like remote metering and demand response. However, the AMI is susceptible to cyber-physical threats caused by malware like worms. The speed at which worms propagate in the AMI affects the physical consequences of cyber attacks. In this paper, worm propagation in the AMI is simulated and a probabilistic model is derived. This model can be used to estimate the time required to infect N meters in the AMI and accordingly predict possible physical consequences.