More Like this

1. Cyber Attack and Defense for Smart Inverters in a Distribution System

   Sun, C. C.; Zhu, R.; Liu, C. C. (June 2019, CIGRE Study Committee D2 Colloquium, Helsinki, Finland)

   The fast-growing installation of solar PVs has a significant impact on the operation of distribution systems. Grid-tied solar inverters provide reactive power capability to support the voltage profile in a distribution system. In comparison with traditional inverters, smart inverters have the capability of real time remote control through digital communication interfaces. However, cyberattack has become a major threat with the deployment of Information and Communications Technology (ICT) in a smart grid. The past cyberattack incidents have demonstrated how attackers can sabotage a power grid through digital communication systems. In the worst case, numerous electricity consumers can experience a major and extended power outage. Unfortunately, tracking techniques are not efficient for today’s advanced communication networks. Therefore, a reliable cyber protection system is a necessary defense tool for the power grid. In this paper, a signature-based Intrusion Detection System (IDS) is developed to detect cyber intrusions of a distribution system with a high level penetration of solar energy. To identify cyberattack events, an attack table is constructed based on the Temporal Failure Propagation Graph (TFPG) technique. It includes the information of potential cyberattack patterns in terms of attack types and time sequence of anomaly events. Once the detected anomaly events are matched with any of the predefined attack patterns, it is judged to be a cyberattack. Since the attack patterns are distinguishable from other system failures, it reduces the false positive rate. To study the impact of cyberattacks on solar devices and validate the performance of the proposed IDS, a realistic Cyber-Physical System (CPS) simulation environment available at Virginia Tech (VT) is used to develop an interconnection between the cyber and power system models. The CPS model demonstrates how communication system anomalies can impact the physical system. The results of two example cyberattack test cases are obtained with the IEEE 13 node test feeder system and the power system simulator, DIgSILENT PowerFactory. 

   more » « less
2. Evaluating the effects of cyber-attacks on cyber physical systems using a hardware-in-the-loop simulation testbed

   https://doi.org/10.1109/RWEEK.2017.8088669  

   Potteiger, Bradley; Emfinger, William; Neema, Himanshu; Koutosukos, Xenofon; Tang, CheeYee; Stouffer, Keith (September 2017, 2017 Resilience Week (RWS))

   Cyber-Physical Systems (CPS) consist of embedded computers with sensing and actuation capability, and are integrated into and tightly coupled with a physical system. Because the physical and cyber components of the system are tightly coupled, cyber-security is important for ensuring the system functions properly and safely. However, the effects of a cyberattack on the whole system may be difficult to determine, analyze, and therefore detect and mitigate. This work presents a model based software development framework integrated with a hardware-in-the-loop (HIL) testbed for rapidly deploying CPS attack experiments. The framework provides the ability to emulate low level attacks and obtain platform specific performance measurements that are difficult to obtain in a traditional simulation environment. The framework improves the cybersecurity design process which can become more informed and customized to the production environment of a CPS. The developed framework is illustrated with a case study of a railway transportation system. 

   more » « less
3. SAGE: S tealthy A ttack Ge neration in cyber-physical systems

   https://doi.org/10.1080/24725854.2023.2184004  

   Biehler, Michael; Zhong, Zhen; Shi, Jianjun (January 2023, IISE Transactions)

   Cyber-physical systems (CPS) have been increasingly attacked by hackers. CPS are especially vulnerable to attackers that have full knowledge of the system's configuration. Therefore, novel anomaly detection algorithms in the presence of a knowledgeable adversary need to be developed. However, this research is still in its infancy due to limited attack data availability and test beds. By proposing a holistic attack modeling framework, we aim to show the vulnerability of existing detection algorithms and provide a basis for novel sensor-based cyber-attack detection. Stealthy Attack GEneration (SAGE) for CPS serves as a tool for cyber-risk assessment of existing systems and detection algorithms for practitioners and researchers alike. Stealthy attacks are characterized by malicious injections into the CPS through input, output, or both, which produce bounded changes in the detection residue. By using the SAGE framework, we generate stealthy attacks to achieve three objectives: (i) Maximize damage, (ii) Avoid detection, and (iii) Minimize the attack cost. Additionally, an attacker needs to adhere to the physical principles in a CPS (objective iv). The goal of SAGE is to model worst-case attacks, where we assume limited information asymmetries between attackers and defenders (e.g., insider knowledge of the attacker). Those worst-case attacks are the hardest to detect, but common in practice and allow understanding of the maximum conceivable damage. We propose an efficient solution procedure for the novel SAGE optimization problem. The SAGE framework is illustrated in three case studies. Those case studies serve as modeling guidelines for the development of novel attack detection algorithms and comprehensive cyber-physical risk assessment of CPS. The results show that SAGE attacks can cause severe damage to a CPS, while only changing the input control signals minimally. This avoids detection and keeps the cost of an attack low. This highlights the need for more advanced detection algorithms and novel research in cyber-physical security. 

   more » « less
4. Design of a Laboratory Scale Solar Microgrid Cyber-Physical System for Education

   https://doi.org/10.3390/electronics10131562  

   Guo, Liping; Kors, Jason (July 2021, Electronics)

   null (Ed.)

   Renewable energy sources such as solar and wind provide an effective solution for reducing dependency on conventional power generation and increasing the reliability and quality of power systems. Presented in this paper are design and implementation of a laboratory scale solar microgrid cyber-physical system (CPS) with wireless data monitoring as a teaching tool in the engineering technology curriculum. In the system, the solar panel, battery, charge controller, and loads form the physical layer, while the sensors, communication networks, supervisory control and data acquisition systems (SCADA) and control systems form the cyber layer. The physical layer was seamlessly integrated with the cyber layer consisting of control and communication. The objective was to create a robust CPS platform and to use the system to promote interest in and knowledge of renewable energy among university students. Experimental results showed that the maximum power point tracking (MPPT) charge controller provided the loads with power from the solar panel and used additional power to charge the rechargeable battery. Through the system, students learned and mastered key concepts and knowledge of multi-disciplinary areas including data sampling and acquisition, analog to digital conversion, solar power, battery charging, control, embedded systems and software programing. It is a valuable teaching resource for students to study renewable energy in CPS. 

   more » « less
5. Detecting Cyber Attacks in Smart Grids Using Semi-Supervised Anomaly Detection and Deep Representation Learning

   https://doi.org/10.3390/info12080328  

   Qi, Ruobin; Rasband, Craig; Zheng, Jun; Longoria, Raul (August 2021, Information)

   null (Ed.)

   Smart grids integrate advanced information and communication technologies (ICTs) into traditional power grids for more efficient and resilient power delivery and management, but also introduce new security vulnerabilities that can be exploited by adversaries to launch cyber attacks, causing severe consequences such as massive blackout and infrastructure damages. Existing machine learning-based methods for detecting cyber attacks in smart grids are mostly based on supervised learning, which need the instances of both normal and attack events for training. In addition, supervised learning requires that the training dataset includes representative instances of various types of attack events to train a good model, which is sometimes hard if not impossible. This paper presents a new method for detecting cyber attacks in smart grids using PMU data, which is based on semi-supervised anomaly detection and deep representation learning. Semi-supervised anomaly detection only employs the instances of normal events to train detection models, making it suitable for finding unknown attack events. A number of popular semi-supervised anomaly detection algorithms were investigated in our study using publicly available power system cyber attack datasets to identify the best-performing ones. The performance comparison with popular supervised algorithms demonstrates that semi-supervised algorithms are more capable of finding attack events than supervised algorithms. Our results also show that the performance of semi-supervised anomaly detection algorithms can be further improved by augmenting with deep representation learning. 

   more » « less