skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Flood Risks of Cyber‐Physical Attacks in a Smart Storm Water System
Abstract The rise in smart water technologies has introduced new cybersecurity vulnerabilities for water infrastructures. However, the implications of cyber‐physical attacks on the systems like urban drainage systems remain underexplored. This research delves into this gap, introducing a method to quantify flood risks in the face of cyber‐physical threats. We apply this approach to a smart stormwater system—a real‐time controlled network of pond‐conduit configurations, fitted with water level detectors and gate regulators. Our focus is on a specific cyber‐physical threat: false data injection (FDI). In FDI attacks, adversaries introduce deceptive data that mimics legitimate system noises, evading detection. Our risk assessment incorporates factors like sensor noises and weather prediction uncertainties. Findings reveal that FDIs can amplify flood risks by feeding the control system false data, leading to erroneous outflow directives. Notably, FDI attacks can reshape flood risk dynamics across different storm intensities, accentuating flood risks during less severe but more frequent storms. This study offers valuable insights for strategizing investments in smart stormwater systems, keeping cyber‐physical threats in perspective. Furthermore, our risk quantification method can be extended to other water system networks, such as irrigation channels and multi‐reservoir systems, aiding in cyber‐defense planning.  more » « less
Award ID(s):
1941727
PAR ID:
10484877
Author(s) / Creator(s):
 ;  ;  
Publisher / Repository:
DOI PREFIX: 10.1029
Date Published:
Journal Name:
Water Resources Research
Volume:
60
Issue:
1
ISSN:
0043-1397
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; (, IEEE Transactions on Industry Applications)
    False data injection (FDI) attacks targeting under-load tap changing (ULTC) transformers pose a significant threat to smart distribution networks by exploiting vulnerabilities in the volt-var optimization (VVO) process, leading to potential undervoltage and voltage collapse. The increased integration of renewable energy and cyber-physical systems has expanded the attack surface, making traditional detection methods inadequate. For example, in 2023, attacks on utilities and decentralized components in the United States rose by 200%, with overall cyber threats increasing by 104%, highlighting growing vulnerabilities in distribution systems. To this end, this article proposes a two-stage remediation framework for decentralized FDI (DFDI) attacks targeting ULTC transformers. In the attack stage, vulnerabilities in ULTCs and voltage regulators are scrutinized, risking voltage collapse or blackouts in the distribution system. In the remediation stage, the distribution system operator focuses on non-attacked ULTCs, voltage regulators, distributed generation (DG) units, and smart homes to minimize reliance on compromised components. In this regard, a distinctive formulation of distribution network resilience and load management (DNRLM) problem is introduced to identify a resilient network topology and determine a situational power balance strategy. The proposed framework focuses on minimizing the system's reliance on the attacked ULTCs and voltage regulator components, thereby avoiding the intended voltage collapse caused by such DFDIs. The simulation results verify that the proposed method reduces the voltage collapse proximity index by over 60%, enhancing system resilience under DFDI attacks. 
    more » « less
  2. ; ; ; ; (, IEEE)
    This work introduces a novel physics-informed neural network (PINN)-based framework for modeling and optimizing false data injection (FDI) attacks on electric vehicle charging station (EVCS) networks, with a focus on centralized charging management system (CMS). By embedding the governing physical laws as constraints within the neural network’s loss function, the proposed framework enables scalable, real-time analysis of cyber-physical vulnerabilities. The PINN models EVCS dynamics under both normal and adversarial conditions while optimizing stealthy attack vectors that exploit voltage and current regulation. Evaluations on the IEEE 33-bus system demonstrate the framework’s capability to uncover critical vulnerabilities. These findings underscore the urgent need for enhanced resilience strategies in EVCS networks to mitigate emerging cyber threats targeting the power grid. Furthermore, the framework lays the groundwork for exploring a broader range of cyber-physical attack scenarios on EVCS networks, offering potential insights into their impact on power grid operations. It provides a flexible platform for studying the interplay between physical constraints and adversarial manipulations, enhancing our understanding of EVCS vulnerabilities. This approach opens avenues for future research into robust mitigation strategies and resilient design principles tailored to the evolving cybersecurity challenges in smart grid systems. 
    more » « less
  3. ; ; ; (, in Proc. IEEE SmartGridCom’22, Oct. 2022.)
    The urgent need for the decarbonization of power girds has accelerated the integration of renewable energy. Con-currently the increasing distributed energy resources (DER) and advanced metering infrastructures (AMI) have transformed the power grids into a more sophisticated cyber-physical system with numerous communication devices. While these transitions provide economic and environmental value, they also impose increased risk of cyber attacks and operational challenges. This paper investigates the vulnerability of the power grids with high renewable penetration against an intraday false data injection (FDI) attack on DER dispatch signals and proposes a kernel support vector regression (SVR) based detection model as a countermeasure. The intraday FDI attack scenario and the detection model are demonstrated in a numerical experiment using the HCE 187-bus test system. 
    more » « less
  4. ; ; ; ; (, Journal of Computing and Information Science in Engineering)
    Abstract The advancement of sensing technology enables efficient data collection from manufacturing systems for monitoring and control. Furthermore, with the rapid development of the Internet of Things (IoT) and information technologies, more and more manufacturing systems become cyber-enabled, facilitating real-time data sharing and information exchange, which significantly improves the flexibility and efficiency of manufacturing systems. However, the cyber-enabled environment may pose the collected sensor data under high risks of cyber-physical attacks during the data and information sharing. Specifically, cyber-physical attacks could target the manufacturing process and/or the data transmission process to maliciously tamper the sensor data, resulting in false alarms or failures in anomaly detection in monitoring. In addition, the cyber-physical attacks may also enable illegal data access without authorization and cause the leakage of key product/process information. Therefore, it becomes critical to develop an effective approach to protect data from these attacks so that the cyber-physical security of the manufacturing systems could be assured in the cyber-enabled environment. To achieve this goal, this paper proposes an integrative blockchain-enabled data protection method by leveraging camouflaged asymmetry encryption. A real-world case study that protects cyber-physical security of collected sensor data in additive manufacturing is presented to demonstrate the effectiveness of the proposed method. The results demonstrate that malicious tampering could be detected in a relatively short time (less than 0.05ms) and the risk of unauthorized data access is significantly reduced as well. 
    more » « less
  5. ; (, IEEE)
    Cyber Physical Systems (CPS) consist of integration of cyber and physical spaces through computing, communication, and control operations. In vehicular CPS, modern vehicles with multiple Electronic Control Units (ECUs) and networking with other vehicles help autonomous driving. Vehicular CPS is vulner-able to multitude of cyber attacks, including false data injection attacks. This paper presents an Asynchronous Federated Learning (AFL) with a Gated Recurrent Unit (GRU) model for identifying False Data Injection (FDI) attacks in a VCPS. The AFL model continuously monitors the network and constructs a digital twin using the data obtained from a VCPS for intrusion detection. The proposed model is evaluated using different evaluation metrics. Numerical results show that the AFL model outperforms other existing models. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email