Communication networks in power systems are a major part of the smart grid paradigm. It enables and facilitates the automation of power grid operation as well as self-healing in contingencies. Such dependencies on communication networks, though, create a roam for cyber-threats. An adversary can launch an attack on the communication network, which in turn reflects on power grid operation. Attacks could be in the form of false data injection into system measurements, flooding the communication channels with unnecessary data, or intercepting messages. Using machine learning-based processing on data gathered from communication networks and the power grid is a promising solution for detecting cyber threats. In this paper, a co-simulation of cyber-security for cross-layer strategy is presented. The advantage of such a framework is the augmentation of valuable data that enhances the detection as well as identification of anomalies in the operation of the power grid. The framework is implemented on the IEEE 118-bus system. The system is constructed in Mininet to simulate a communication network and obtain data for analysis. A distributed three controller software-defined networking (SDN) framework is proposed that utilizes the Open Network Operating System (ONOS) cluster. According to the findings of our suggested architecture, it outperforms a single SDN controller framework by a factor of more than ten times the throughput. This provides for a higher flow of data throughout the network while decreasing congestion caused by a single controller’s processing restrictions. Furthermore, our CECD-AS approach outperforms state-of-the-art physics and machine learning-based techniques in terms of attack classification. The performance of the framework is investigated under various types of communication attacks.
more »
« less
Security Vulnerabilities of Smart Meters in Smart Grid
Integration of complex and high-speed electronic components in the state of art electric power system enhances the need for improved security infrastructure and resilience against invasive and non-invasive attacks on the smart grid. A modern smart grid system integrates a variety of instruments and standards to achieve cost-effective and time-effective energy measurement and management. As the fundamental component in the smart grid, the smart meter supports real-time monitoring, automatic control, and high-speed communication along with power consumption recording. However, the wide use of smart meters also increases privacy and security concerns. In this paper, we demonstrate the vulnerability of side-channel attacks on secure communication in smart grids for software-based and hardware-based implementations.
more »
« less
- Award ID(s):
- 1814420
- NSF-PAR ID:
- 10173302
- Date Published:
- Journal Name:
- Security Vulnerabilities of Smart Meters in Smart Grid
- Page Range / eLocation ID:
- 3018 to 3023
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
The Phasor measurement unit (PMU) measurements are mandatory to monitor the power system’s voltage stability margin in an online manner. Monitoring is key to the secure operation of the grid. Traditionally, online monitoring of voltage stability using synchrophasors required a centralized communication architecture, which leads to the high investment cost and cyber-security concerns. The increasing importance of cyber-security and low investment costs have recently led to the development of distributed algorithms for online monitoring of the grid that are inherently less prone to malicious attacks. In this work, we proposed a novel distributed non-iterative voltage stability index (VSI) by recasting the power flow equations as circles. The processors embedded at each bus in the smart grid with the help of PMUs and communication of voltage phasors between neighboring buses perform simultaneous online computations of VSI. The distributed nature of the index enables the real-time identification of the critical bus of the system with minimal communication infrastructure. The effectiveness of the proposed distributed index is demonstrated on IEEE test systems and contrasted with existing methods to show the benefits of the proposed method in speed, interpretability, identification of outage location, and low sensitivity to noisy measurements.more » « less
-
The smart grid provides efficient and cost-effective management of the electric energy grid by allowing real-time monitoring, coordinating, and controlling the system using communication networks between physical components. This inherent complexity significantly increases the vulnerabilities and attack surface in the smart grid due to misconfigurations or the lack of security hardening. Therefore, it is important to ensure a secure and resilient operation of the smart grid by proactive identification of potential threats, impact assessment, and cost-efficient mitigation planning. This paper aims to achieve these goals through the development of an efficient security framework for the Energy Management System (EMS), a core smart grid component. In this paper, we present a framework that combines formal analytic with PowerWorld simulator which verifies the solution model to investigate the feasibility of false data injection attacks against contingency analysis in the power grid. We evaluate the impact of such attacks by running experiments using synthetic data on the standard IEEE test cases.more » « less
-
Network Intrusion Detection in Smart Grids for Imbalanced Attack Types Using Machine Learning ModelsSmart grid has evolved as the next generation power grid paradigm which enables the transfer of real time information between the utility company and the consumer via smart meter and advanced metering infrastructure (AMI). These information facilitate many services for both, such as automatic meter reading, demand side management, and time-of-use (TOU) pricing. However, there have been growing security and privacy concerns over smart grid systems, which are built with both smart and legacy information and operational technologies. Intrusion detection is a critical security service for smart grid systems, alerting the system operator for the presence of ongoing attacks. Hence, there has been lots of research conducted on intrusion detection in the past, especially anomaly-based intrusion detection. Problems emerge when common approaches of pattern recognition are used for imbalanced data which represent much more data instances belonging to normal behaviors than to attack ones, and these approaches cause low detection rates for minority classes. In this paper, we study various machine learning models to overcome this drawback by using CIC-IDS2018 dataset [1].more » « less
-
null (Ed.)Spurious power consumption data reported from compromised meters controlled by organized adversaries in the Advanced Metering Infrastructure (AMI) may have drastic consequences on a smart grid’s operations. While existing research on data falsification in smart grids mostly defends against isolated electricity theft, we introduce a taxonomy of various data falsification attack types, when smart meters are compromised by organized or strategic rivals. To counter these attacks, we first propose a coarse-grained and a fine-grained anomaly-based security event detection technique that uses indicators such as deviation and directional change in the time series of the proposed anomaly detection metrics to indicate: (i) occurrence, (ii) type of attack, and (iii) attack strategy used, collectively known as attack context . Leveraging the attack context information, we propose three attack response metrics to the inferred attack context: (a) an unbiased mean indicating a robust location parameter; (b) a median absolute deviation indicating a robust scale parameter; and (c) an attack probability time ratio metric indicating the active time horizon of attacks. Subsequently, we propose a trust scoring model based on Kullback-Leibler (KL) divergence, that embeds the appropriate unbiased mean, the median absolute deviation, and the attack probability ratio metric at runtime to produce trust scores for each smart meter. These trust scores help classify compromised smart meters from the non-compromised ones. The embedding of the attack context, into the trust scoring model, facilitates accurate and rapid classification of compromised meters, even under large fractions of compromised meters, generalize across various attack strategies and margins of false data. Using real datasets collected from two different AMIs, experimental results show that our proposed framework has a high true positive detection rate, while the average false alarm and missed detection rates are much lesser than 10% for most attack combinations for two different real AMI micro-grid datasets. Finally, we also establish fundamental theoretical limits of the proposed method, which will help assess the applicability of our method to other domains.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1109/IECON.2019.8926992
