skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: A Risk Analysis Framework for Cyber Security and Critical Infrastructure Protection of the U.S. Electric Power Grid
Abstract The purpose of this article is to introduce a risk analysis framework to enhance the cyber security of and to protect the critical infrastructure of the electric power grid of the United States. Building on the fundamental questions of risk assessment and management, this framework aims to advance the current risk analysis discussions pertaining to the electric power grid. Most of the previous risk‐related studies on the electric power grid focus mainly on the recovery of the network from hurricanes and other natural disasters. In contrast, a disproportionately small number of studies explicitly investigate the vulnerability of the electric power grid to cyber‐attack scenarios, and how they could be prevented or mitigated. Such a limited approach leaves the United States vulnerable to foreign and domestic threats (both state‐sponsored and “lone wolf”) to infiltrate a network that lacks a comprehensive security environment or coordinated government response. By conducting a review of the literature and presenting a risk‐based framework, this article underscores the need for a coordinated U.S. cyber security effort toward formulating strategies and responses conducive to protecting the nation against attacks on the electric power grid.  more » « less
Award ID(s):
1832635
PAR ID:
10454138
Author(s) / Creator(s):
 ;  
Publisher / Repository:
Wiley-Blackwell
Date Published:
Journal Name:
Risk Analysis
Volume:
40
Issue:
9
ISSN:
0272-4332
Page Range / eLocation ID:
p. 1744-1761
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ; ; ; (, Applied Sciences)
    Communication networks in power systems are a major part of the smart grid paradigm. It enables and facilitates the automation of power grid operation as well as self-healing in contingencies. Such dependencies on communication networks, though, create a roam for cyber-threats. An adversary can launch an attack on the communication network, which in turn reflects on power grid operation. Attacks could be in the form of false data injection into system measurements, flooding the communication channels with unnecessary data, or intercepting messages. Using machine learning-based processing on data gathered from communication networks and the power grid is a promising solution for detecting cyber threats. In this paper, a co-simulation of cyber-security for cross-layer strategy is presented. The advantage of such a framework is the augmentation of valuable data that enhances the detection as well as identification of anomalies in the operation of the power grid. The framework is implemented on the IEEE 118-bus system. The system is constructed in Mininet to simulate a communication network and obtain data for analysis. A distributed three controller software-defined networking (SDN) framework is proposed that utilizes the Open Network Operating System (ONOS) cluster. According to the findings of our suggested architecture, it outperforms a single SDN controller framework by a factor of more than ten times the throughput. This provides for a higher flow of data throughout the network while decreasing congestion caused by a single controller’s processing restrictions. Furthermore, our CECD-AS approach outperforms state-of-the-art physics and machine learning-based techniques in terms of attack classification. The performance of the framework is investigated under various types of communication attacks. 
    more » « less
  2. ; ; ; ; ; ; ; (, Resilience Week Symposium (RWS))
    Cyber physical system (CPS) Critical infrastructures (CIs) like the power and energy systems are increasingly becoming vulnerable to cyber attacks. Mitigating cyber risks in CIs is one of the key objectives of the design and maintenance of these systems. These CPS CIs commonly use legacy devices for remote monitoring and control where complete upgrades are uneconomical and infeasible. Therefore, risk assessment plays an important role in systematically enumerating and selectively securing vulnerable or high-risk assets through optimal investments in the cybersecurity of the CPS CIs. In this paper, we propose a CPS CI security framework and software tool, CySec Game, to be used by the CI industry and academic researchers to assess cyber risks and to optimally allocate cybersecurity investments to mitigate the risks. This framework uses attack tree, attack-defense tree, and game theory algorithms to identify high-risk targets and suggest optimal investments to mitigate the identified risks. We evaluate the efficacy of the framework using the tool by implementing a smart grid case study that shows accurate analysis and feasible implementation of the framework and the tool in this CPS CI environment. 
    more » « less
  3. ; ; ; ; (, IEEE)
    This work introduces a novel physics-informed neural network (PINN)-based framework for modeling and optimizing false data injection (FDI) attacks on electric vehicle charging station (EVCS) networks, with a focus on centralized charging management system (CMS). By embedding the governing physical laws as constraints within the neural network’s loss function, the proposed framework enables scalable, real-time analysis of cyber-physical vulnerabilities. The PINN models EVCS dynamics under both normal and adversarial conditions while optimizing stealthy attack vectors that exploit voltage and current regulation. Evaluations on the IEEE 33-bus system demonstrate the framework’s capability to uncover critical vulnerabilities. These findings underscore the urgent need for enhanced resilience strategies in EVCS networks to mitigate emerging cyber threats targeting the power grid. Furthermore, the framework lays the groundwork for exploring a broader range of cyber-physical attack scenarios on EVCS networks, offering potential insights into their impact on power grid operations. It provides a flexible platform for studying the interplay between physical constraints and adversarial manipulations, enhancing our understanding of EVCS vulnerabilities. This approach opens avenues for future research into robust mitigation strategies and resilient design principles tailored to the evolving cybersecurity challenges in smart grid systems. 
    more » « less
  4. ; ; (, IEEE Journal of Emerging and Selected Topics in Power Electronics)
    Despite the IEEE Power Electronics Society (PELS) establishing Technical Committee 10 on Design Methodologies with a focus on the cyber-physical security of power electronics systems, a holistic design methodology for addressing security vulnerabilities remains underdeveloped. This gap largely stems from the limited integration of computer science and power/control engineering studies in this interdisciplinary field. Addressing the inadequacy of unilateral cyber or control perspectives, this paper presents a novel four-layer cyber-physical security model specifically designed for electric machine drives. Central to this model is the innovative Control Information Flow (CIF) model, residing within the control layer, which serves as a pivotal link between the cyber layer’s vulnerable resources and the physical layer’s state-space models. By mapping vulnerable resources to control variable space and tracing attack propagation, the CIF model facilitates accurate impact predictions based on tainted control laws. The effectiveness and validity of this proposed model are demonstrated through hardware experiments involving two typical cyber-attack scenarios, underscoring its potential as a comprehensive framework for multidisciplinary security strategies. 
    more » « less
  5. (, 2019 IEEE 58th Conference on Decision and Control)
    Dynamic trip optimization in electric rail networks is a relatively unexplored topic. In this paper, we propose a transactive controller that includes an optimization framework and a control algorithm that enable minimum cost operation of an electric rail network. The optimization framework attempts to minimize the operational costs for a given electricity price by allowing variations of the trains’ acceleration profiles and therefore their power consumption and energy costs. Constraints imposed by the train dynamics, their schedules, and power consumption are included in this framework. A control algorithm is then proposed to optimize the electricity price through an iterative procedure that combines the desired demand profiles obtained from the optimization framework together with the variations in Distributed Energy Resources (DERs) while ensuring power balance. Together, they form to an overall framework that yields the desired transactions between the railway and power grid infrastructures. This approach is validated using simulation studies of the Southbound Amtrak service along the Northeast Corridor (NEC) between Boston, MA and New Haven, CT in the United States, reducing energy costs by 10% when compared to standard trip optimization based on minimum work. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email