Annarita Giani

Smart Grid Data Integrity Attacks

Real power injections at loads and generators, and real power flows on selected lines in a transmission network are monitored and transmitted over a SCADA network to the system operator. These are used in state estimation algorithms to make dispatch, re-balance and other energy management system [EMS] decisions. Coordinated cyber attacks on power meter readings can be designed to be undetectable by any bad data detection algorithm. These unobservable attacks present a serious threat to grid operations. Of particular interest are sparse attacks that involve the compromise of a modest number of meter readings. An efficient algorithm to find all unobservable attacks [under standard DC load flow approximations] involving the compromise of exactly two power injection meters and an arbitrary number of power meters on lines is presented. This requires O(n2m) flops for a power system with n buses and m line meters. If all lines are metered, there exist canonical forms that characterize all 3, 4, and 5-sparse unobservable attacks. These can be quickly detected with O(n2) flops using standard graph algorithms. Known-secure phasor measurement units [PMUs] can be used as countermeasures against a given collection of cyber attacks. Finding the minimum number of necessary PMUs is NP-hard. It is shown that p+1 PMUs at carefully chosen buses are sufficient to neutralize a collection of p cyber attacks.

Smart grid data integrity attacks: characterizations and countermeasures π

Coordinated cyberattacks of power meter readings can be arranged to be undetectable by any bad data detection algorithm in the power system state estimation process. These unobservable attacks present a potentially serious threat to grid operations. Of particular interest are sparse attacks that involve the compromise of a modest number of meter readings. An efficient algorithm to find all unobservable attacks [under standard DC load flow approximations] involving the compromise of exactly two power injection meters and an arbitrary number of line power meters is presented. This requires O(n2m) flops for a power system with n buses and m line meters. If all lines are metered, there exist canonical forms that characterize all 3, 4, and 5-sparse unobservable attacks. These can be quickly detected in power systems using standard graph algorithms. Known-secure phasor measurement units [PMUs] can be used as countermeasures against an arbitrary collection of cyberattacks. Finding the minimum number of necessary PMUs is NP-hard. It is shown that p + 1 PMUs at carefully chosen buses are sufficient to neutralize a collection of p cyberattacks.

DexterNet: An Open Platform for Heterogeneous Body Sensor Networks and its Applications

We present an open-source platform for wireless body sensor networks called DexterNet. The system supports real-time, persistent human monitoring in both indoor and outdoor environments. The platform utilizes a three-layer architecture to control heterogeneous body sensors. The first layer called the body sensor layer (BSL) deals with design of heterogeneous body sensors and their instrumentation on the body. At the second layer called the personal network layer (PNL), the body sensors on a single subject communicate with a mobile base station, which supports Linux OS and the IEEE 802.15.4 protocol. The BSL and PNL functions are abstracted and implemented as an open-source software library, called Signal Processing In Node Environment (SPINE). A DexterNet network is scalable, and can be reconfigured on-the-fly via SPINE. At the third layer called the global network layer (GNL), multiple PNLs communicate with a remote Internet server to permanently log the sensor data and support higher-level applications. We demonstrate the versatility of the DexterNet platform via several real-world applications.

A testbed for secure and robust SCADA systems

The Supervisory Control and Data Acquisition System (SCADA) monitor and control real-time systems. SCADA systems are the backbone of the critical infrastructure, and any compromise in their security can have grave consequences. Therefore, there is a need to have a SCADA testbed for checking vulnerabilities and validating security solutions. In this paper we develop such a SCADA testbed.

The VIKING project: An initiative on resilient control of power networks

This paper presents the work on resilient and secure power transmission and distribution developed within the VIKING (Vital Infrastructure, networKs, INformation and control system ManaGement) project. VIKING receives funding from the European Communitys Seventh Framework Program. We will present the consortium, the motivation behind this research, the main objective of the project together with the current status.

A wireless body sensor network for the prevention and management of asthma

We present an application of an open source platform for wireless body sensor network called DexterNet to the problem of childrens asthma. The architecture of the system consists of three layers. At the body sensor layer (BSL), the integrated monitoring of a childs activities, geographic location, and air pollution exposures occurs. At the personal network layer (PNL), a wireless mobile device worn by the child summarizes the sensed data, and provides information feedback. The mobile device communicates wirelessly over the Internet with the third global network layer (GNL), in which a web server provides the following four information services: a clinical module that supports the healthcare management of asthma cases, a personal health module that supports individual prevention of asthma attacks, a community module that supports participatory sensing, and a health research module that supports the collection of anonymous sensor data for research into the risk factors associated with asthma. We illustrate the potential for the system to serve as a comprehensive strategy to manage asthma cases and prevent asthma attacks.

Optimal contracts for wind power producers in electricity markets

This paper is focused on optimal contracts for an independent wind power producer in conventional electricity markets. Starting with a simple model of the uncertainty in the production of power from a wind turbine farm and a model for the electric energy market, we derive analytical expressions for optimal contract size and corresponding expected optimal profit. We also address problems involving overproduction penalties, cost of reserves, and utility of additional sensor information. We obtain analytical expressions for marginal profits from investing in local generation and energy storage.

Phasor measurement unit selection for unobservable electric power data integrity attack detection

Abstract Electric power system operators make critical decisions based on remote measurements. If the measurements are compromised, the decisions made on the basis of the bad measurements could lead to critical consequences. Of particular concern are unobservable attacks where compromised measurements are not flagged as erroneous by bad data detection algorithms. Secure measurement devices, such as phasor measurement units (PMUs), can help to recognize these attacks. This paper presents an algorithm based on integer programming for the optimal placement of PMUs to detect unobservable electric power SCADA data integrity attacks. The algorithm can also be used to identify minimal sets of existing PMUs whose data is needed to detect unobservable bad data attacks. Practical examples drawn from the power engineering literature are used to demonstrate the efficiency of the algorithm.

Robust Medical Data Delivery for Wireless Pervasive Healthcare

The use of wireless sensor networks as a means for providing remote healthcare provides a unique opportunity to reduce the healthcare cost through more efficient use of clinical resources and earlier detection of medical conditions. Despite the initial promising results, there remain significant obstacles to apply this technology to the practical medical care context. In this paper, we investigate one of the critical issues - how to assure the timely and reliable delivery of life-critical medical data in the pervasive patient monitoring networks.In this paper, our study is based on the remote health monitoring system {\em CareNet}~\cite{bodynets08-jiang-carenet} which is built on top of a two-tier wireless sensor networks. In particular, we present an integrated admission control and routing solution to ensure the quality of admitted sensor delivery services. Using an optimization-based approach, our solution can maximally utilize the scarce wireless resource and satisfy the monitoring service requirements from the most number of patients. The novelty of our approach come from its patient activity awareness, which is used to provide more accurate estimation of the network capacity and worst-case assurance of the service quality under all patient movement scenarios. Extensive experiment and simulation results are presented to validate our proposed solution.

Metrics for assessment of smart grid data integrity attacks

There is an emerging consensus that the nations electricity grid is vulnerable to cyber attacks. This vulnerability arises from the increasing reliance on using remote measurements, transmitting them over legacy data networks to system operators who make critical decisions based on available data. Data integrity attacks are a class of cyber attacks that involve a compromise of information that is processed by the grid operator. This information can include meter readings of injected power at remote generators, power flows on transmission lines, and relay states. These data integrity attacks have consequences only when the system operator responds to compromised data by re-dispatching generation under normal or contingency protocols. These consequences include (a) financial losses from sub-optimal economic dispatch to service loads, (b) robustness/resiliency losses from placing the grid at operating points that are at greater risk from contingencies, and (c) systemic losses resulting from cascading failures induced by poor operational choices. This paper is focussed on understanding the connections between grid operational procedures and cyber attacks. We first offer an example to illustrate how data integrity attacks can cause economic and physical damage by misleading operators into taking inappropriate decisions. We then focus on unobservable data integrity attacks involving power meter data. These are coordinated attacks where the compromised data is consistent with the physics of power flow, and is therefore passed by any bad data detection algorithm. We develop metrics to assess the economic impact of these attacks under operator re-dispatch decisions using optimal power flow methods. These metrics can be used to prioritize the adoption of appropriate countermeasures including PMU placement, encryption, hardware upgrades, and advanced detection algorithms.