Manimaran Govindarasu

Cyber–Physical System Security for the Electric Power Grid

The development of a trustworthy smart grid requires a deeper understanding of potential impacts resulting from successful cyber attacks. Estimating feasible attack impact requires an evaluation of the grids dependency on its cyber infrastructure and its ability to tolerate potential failures. A further exploration of the cyber-physical relationships within the smart grid and a specific review of possible attack vectors is necessary to determine the adequacy of cybersecurity efforts. This paper highlights the significance of cyber infrastructure security in conjunction with power application security to prevent, mitigate, and tolerate cyber attacks. A layered approach is introduced to evaluating risk based on the security of both the physical power applications and the supporting cyber infrastructure. A classification is presented to highlight dependencies between the cyber-physical controls required to support the smart grid and the communication and computations that must be protected from cyber attack. The paper then presents current research efforts aimed at enhancing the smart grids application and infrastructure security. Finally, current challenges are identified to facilitate future research efforts.

Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid

The development of a smarter electric grid will depend on increased deployments of information and communication technology (ICT) to support novel communication and control functions. Unfortunately, this additional dependency also expands the risk from cyber attacks. Designing systems with adequate cyber security depends heavily on the availability of representative environments, such as testbeds, where current issues and future ideas can be evaluated. This paper provides an overview of a smart grid security testbed, including the set of control, communication, and physical system components required to provide an accurate cyber-physical environment. It then identifies various testbed research applications and also identifies how various components support these applications. The PowerCyber testbed at Iowa State University is then introduced, including the architecture, applications, and novel capabilities, such as virtualization, Real Time Digital Simulators (RTDS), and ISEAGE WAN emulation. Finally, several attack scenarios are evaluated using the testbed to explore cyber-physical impacts. In particular, availability and integrity attacks are demonstrated with both isolated and coordinated approaches, these attacks are then evaluated based on the physical systems voltage and rotor angle stability.

Vulnerability Assessment of Cybersecurity for SCADA Systems Using Attack Trees

By penetrating the SCADA system, an intruder may remotely operate a power system using supervisory control privileges. Hence, cybersecurity has been recognized as a major threat due to the potential intrusion to the online system. This paper proposes a methodology to evaluate the cybersecurity vulnerability using attack trees. The attack tree formulation based on power system control networks is used to evaluate the system, scenario, and leaf vulnerabilities. The measure of vulnerabilities in the power system control framework is determined based on existing cybersecurity conditions before the vulnerability indices are evaluated. After the indices are evaluated, an upper bound is imposed on each scenario vulnerability in order to determine the pivotal attack leaves that require countermeasure improvements. The proposed framework can be extended to security investment analysis.

Cyber Attack Exposure Evaluation Framework for the Smart Grid

The smart grids heavy reliance on cyber resources introduces numerous security concerns. The substantial attack surface presented by the advanced metering infrastructure (AMI) along with the dissemination of sensitive data including privacy, billing, and control information will provide attackers with significant economic incentive. In addition, the scale and complexity of the architecture will stress the capabilities of many security controls such as public key encryption (PKI), authentication, and access control. The aforementioned concerns produce a requirement for increased risk management including security models that have the capability to scale to such a complex environment. A security model is introduced to represent various privilege states in a large architecture and evaluates viable paths that an attacker could exploit. The resulting model is used to produce a quantitative information-based exposure metric to evaluate the completeness of implemented security mechanisms. Various applications are proposed to show how the metric can enhance current risk management processes by identifying information dependencies of the deployed security mechanisms. Finally, the applicability of the proposed methodologies has been evaluated through a simulation study using realistic AMI infrastructure to demonstrate the utility of the proposed metric.

Model-Based Attack Detection and Mitigation for Automatic Generation Control

Cyber systems play a critical role in improving the efficiency and reliability of power system operation and ensuring the system remains within safe operating margins. An adversary can inflict severe damage to the underlying physical system by compromising the control and monitoring applications facilitated by the cyber layer. Protection of critical assets from electronic threats has traditionally been done through conventional cyber security measures that involve host-based and network-based security technologies. However, it has been recognized that highly skilled attacks can bypass these security mechanisms to disrupt the smooth operation of control systems. There is a growing need for cyber-attack-resilient control techniques that look beyond traditional cyber defense mechanisms to detect highly skilled attacks. In this paper, we make the following contributions. We first demonstrate the impact of data integrity attacks on Automatic Generation Control (AGC) on power system frequency and electricity market operation. We propose a general framework to the application of attack resilient control to power systems as a composition of smart attack detection and mitigation. Finally, we develop a model-based anomaly detection and attack mitigation algorithm for AGC. We evaluate the detection capability of the proposed anomaly detection algorithm through simulation studies. Our results show that the algorithm is capable of detecting scaling and ramp attacks with low false positive and negative rates. The proposed model-based mitigation algorithm is also efficient in maintaining system frequency within acceptable limits during the attack period.

Wireless Network Design for Transmission Line Monitoring in Smart Grid

In this paper, we develop a real-time situational awareness framework for the electrical transmission power grid using Wireless Sensor Network (WSN). While WSNs are capable of cost efficient monitoring over vast geographical areas, several technical challenges exist. The low power, low data rate devices cause bandwidth and latency bottlenecks. In this paper, our objective is to design a wireless network capable of real-time delivery of physical measurements for ideal preventive or corrective control action. For network design, we formulate an optimization problem with the objective of minimizing the installation and operational costs while satisfying the end-to-end latency and bandwidth constraints of the data flows. We study a hybrid hierarchical network architecture composed of a combination of wired, wireless and cellular technologies that can guarantee low cost real-time data monitoring. We formulate a placement problem to find the optimal location of cellular enabled transmission towers. Further, we present evaluation results of the optimization solution for diverse scenarios. Our formulation is generic and addresses real world scenarios with asymmetric sensor data generation, unreliable wireless link behavior, non-uniform cellular coverage, etc. Our analysis shows that a transmission line monitoring framework using WSN is indeed feasible using available technologies. Our results show that wireless link bandwidth can be a limiting factor for cost optimization.

Integrated Anomaly Detection for Cyber Security of the Substations

Cyber intrusions to substations of a power grid are a source of vulnerability since most substations are unmanned and with limited protection of the physical security. In the worst case, simultaneous intrusions into multiple substations can lead to severe cascading events, causing catastrophic power outages. In this paper, an integrated Anomaly Detection System (ADS) is proposed which contains host- and network-based anomaly detection systems for the substations, and simultaneous anomaly detection for multiple substations. Potential scenarios of simultaneous intrusions into the substations have been simulated using a substation automation testbed. The host-based anomaly detection considers temporal anomalies in the substation facilities, e.g., user-interfaces, Intelligent Electronic Devices (IEDs) and circuit breakers. The malicious behaviors of substation automation based on multicast messages, e.g., Generic Object Oriented Substation Event (GOOSE) and Sampled Measured Value (SMV), are incorporated in the proposed network-based anomaly detection. The proposed simultaneous intrusion detection method is able to identify the same type of attacks at multiple substations and their locations. The result is a new integrated tool for detection and mitigation of cyber intrusions at a single substation or multiple substations of a power grid.

Development of the PowerCyber SCADA security testbed

Meeting current demands for critical infrastructure cyber security education and research will require accurate testbed development. The PowerCyber was designed to closely resemble power grid communication utilizing actual field devices and SCADA software. The testbed provides a novel environment where students can explore cyber attacks and defenses while evaluating their impact on power flow. This paper documents the design and implementation of the testbed while proposing cyber attack scenarios which will negatively affect grid operations. In addition, it documents the results of an initial cyber vulnerability assessment to evaluate the security posture of the current design.

Cyber-physical security of Wide-Area Monitoring, Protection and Control in a smart grid environment

Smart grid initiatives will produce a grid that is increasingly dependent on its cyber infrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. However, recent findings documented in government reports and other literature, indicate the growing threat of cyber-based attacks in numbers and sophistication targeting the nation’s electric grid and other critical infrastructures. Specifically, this paper discusses cyber-physical security of Wide-Area Monitoring, Protection and Control (WAMPAC) from a coordinated cyber attack perspective and introduces a game-theoretic approach to address the issue. Finally, the paper briefly describes how cyber-physical testbeds can be used to evaluate the security research and perform realistic attack-defense studies for smart grid type environments.

Cybersecurity for electric power control and automation systems

Disruption of electric power operations can be catastrophic on the national security and economy. Due to the complexity of widely dispersed assets and the interdependency between computer, communication, and power systems, the requirement to meet security and quality compliance on the operations is a challenging issue. In recent years, NERCs cybersecurity standard was initiated to require utilities compliance on cybersecurity in control systems - NERC CIP 1200. This standard identifies several cyber-related vulnerabilities that exist in control systems and recommends several remedial actions (e.g., best practices). This paper is an overview of the cybersecurity issues for electric power control and automation systems, the control architectures, and the possible methodologies for vulnerability assessment of existing systems.