(1990). ENERGY FUNCTION ANALYSIS FOR POWER SYSTEM STABILITY. Electric Machines & Power Systems: Vol. 18, No. 2, pp. 209-210.

Energy function analysis for power system stability

The scope, scale, and intensity of real, as well as potential attacks, on the Smart Grid have been increasing and thus gaining more attention. An important component of Smart Grid cybersecurity efforts addresses the availability and access to the power and related information and communications infrastructures. We overload the term, Denial-of-Service (DoS), to refer to these attacks in the Smart Grid. In this paper, we provide a holistic and methodical presentation of the DoS attack taxonomies as well as a survey of potential solution techniques to help draw a more concerted and coordinated research into this area, lack of which may have profound consequences. To the best of our knowledge, the literature does not have such a comprehensive survey study of the DoS attacks and solutions for the Smart Grid.

/pdf/a-survey-of-denial-of-service-attacks-and-solutions-in-the-2c3u81rgvq.pdf

A Survey of Denial-of-Service Attacks and Solutions in the Smart Grid

GPS spoofing attack (GSA) has been shown to be one of the most imminent threats to almost all cyber-physical systems incorporated with the civilian GPS signal. Specifically, for our current agenda of the modernization of the power grid, this may greatly jeopardize the benefits provided by the pervasively installed phasor measurement units (PMU). In this paper, we consider the case where synchrophasor data from PMUs are compromised due to the presence of a single GSA, and show that it can be corrected by signal processing techniques. In particular, we introduce a statistical model for synchrophasor- based power system state estimation (SE), and then derive the spoofing-matched algorithms for synchrophasor data correction against GPS spoofing attack. Different testing scenarios in IEEE 14-, 30-, 57-, 118-bus systems are simulated to show the proposed algorithms' performance on GSA detection and state estimation. Numerical results demonstrate that our proposed algorithms can consistently locate and correct the spoofed synchrophasor data with good accuracy as long as the system observability is satisfied. The accuracy of state estimation is significantly improved compared with the traditional weighted least square method and approaches the performance under the Genie-aided method.

Synchrophasor Data Correction Under GPS Spoofing Attack: A State Estimation Based Approach

The emerging measurement technology of phasor measurement units (PMUs) makes it possible to estimate the state of electrical grids in real time, thus opening the way to new protection and control applications. PMUs rely on precise time synchronization; therefore, they are vulnerable to time-synchronization attacks (TSAs), which alter the measured voltage and current phases. In particular, undetectable TSAs pose a significant threat as they lead to an incorrect but credible estimate of the system state. Prior work has shown that such attacks exist against pairs of PMUs, but they do not take into consideration the clock adjustment performed by the clock servo, which can modify the attack angles and make the attacks detectable. This cannot be easily addressed with the existing attacks, as the undetectable angle values form a discrete set and cannot be continuously adjusted as would be required to address the problems posed to the attacker by the clock servo. Going beyond prior work, this article first shows how to perform undetectable attacks against more than two PMUs, so that the set of undetectable attacks forms a continuum and supports small adjustments. Second, it shows how an attacker can anticipate the operation of the clock servo while achieving her attack goal and remaining undetectable. Third, this article shows how to identify vulnerable sets of PMUs. Numerical results on the 39-bus IEEE benchmark system illustrate the feasibility of the proposed attack strategies.

Feasibility of Time-Synchronization Attacks Against PMU-Based State Estimation

Data quality issues exist in practical phasor measurement units (PMUs) due to communication errors or signal interferences. As a result, the performances of existing data-driven disturbance classification methods can be significantly affected. In this article, a fast disturbance classification method that is robust to PMU data quality issues is proposed. The impacts of bad PMU measurements on disturbance classification are investigated by analyzing the feature distributions of deep learning methods. A new feature extraction scheme that uses the univariate temporal convolutional denoising autoencoder (UTCN-DAE) is proposed. It allows encoding and decoding univariate disturbance data through a temporal convolutional network to capture the temporal feature representation and is robust to bad data. Based on the features of the frequency and voltage measurements encoded by the UTCN-DAE, a two-stream enhanced network, i.e., the multivariable temporal convolutional denoising network is proposed to achieve optimal feature extraction of multivariate time series by feature fusion. The classification is performed using a multilayered deep neural network and Softmax classifier. Extensive results obtained on the IEEE 39-bus system as well as a large-scale power system in China with field PMU measurements show that the proposed method achieves the highest classification accuracy and computational efficiency as compared to other deep learning algorithms.

A Power System Disturbance Classification Method Robust to PMU Data Quality Issues

The lack of integrated support for security has been a major shortcoming of Precision Time Protocol version 2 (PTPv2) for a long time. The upcoming PTPv2.1 aims at addressing this shortcoming in a variety of ways, including the introduction of lightweight message authentication. In this paper we provide an overview of the planned security features, and report results based on an implementation of the proposed integrated security mechanism based on the open source Linux PTP, including support for hardware timestamping. Our implementation includes an extension of Linux PTP to support transparent clocks. We provide results from an experimental testbed including a transparent clock, which illustrate that the extensions can be implemented in software at a low computational overhead, while supporting hardware timestamping. We also provide a discussion of the remaining vulnerabilities of PTP time synchronization, propose countermeasures, and discuss options for key management, which is not covered by the standard.

Next Steps in Security for Time Synchronization: Experiences from implementing IEEE 1588 v2.1

Precise time synchronization of Phasor Measurement Units (PMUs) is critical for monitoring and control of smart grids. Thus, time synchronization attacks (TSAs) against PMUs pose a severe threat to smart grid security. In this paper we present an approach for detecting TSAs based on the interaction between the time synchronization system and the power system. We develop a phasor measurement model and use it to derive an accurate closed form expression for the correlation between the frequency adjustments made by the PMU clock and the resulting change in the measured phase angle, without an attack. We then propose one model-based and three data-driven TSA detectors that exploit the change in correlation due to a TSA. Using extensive simulations, we evaluate the proposed detectors under different strategies for implementing TSAs, and show that the proposed detectors are superior to state-of-the-art clock frequency anomaly detection, especially for unstable clocks.

Model-Based and Data-Driven Detectors for Time Synchronization Attacks Against PMUs

Recent innovations in protection and control applications for power systems require the use of Phasor Measurement Unit (PMU) measurements. PMUs rely on precise time synchronization and have been shown to be vulnerable to time synchronization attacks. In this paper, we explore time synchronization attacks against PMU measurements that are undetectable by state-of-the-art Bad-Data Detection (BDD) algorithms, used for Linear State-Estimation (LSE). We show that compromising three or more PMUs enables an attacker to create a continuum of undetectable attacks, and based on geometric arguments we provide a closed form expression for computing the attacks. Furthermore, we provide an algorithm for identifying PMU measurements that are vulnerable to the considered attacks. We use simulations on the IEEE 39-Bus benchmark power system to show that attacks can have a significant impact in terms of power flow mis-estimation that could lead to the violation of ampacity limits in transmission lines.

A continuum of undetectable timing-attacks on PMU-based linear state-estimation

Identity theft through phishing and session hijacking attacks has become a major attack vector in recent years, and is expected to become more frequent due to the pervasive use of mobile devices. Continuous authentication based on the characterization of user behavior, both in terms of user interaction patterns and usage patterns, is emerging as an effective solution for mitigating identity theft, and could become an important component of defense-in-depth strategies in cyber-physical systems as well. In this paper, the interaction between an attacker and an operator using continuous authentication is modeled as a stochastic game. In the model, the attacker observes and learns the behavioral patterns of an authorized user whom it aims at impersonating, whereas the operator designs the security measures to detect suspicious behavior and to prevent unauthorized access while minimizing the monitoring expenses. It is shown that the optimal attacker strategy exhibits a threshold structure, and consists of observing the user behavior to collect information at the beginning, and then attacking (rather than observing) after gathering enough data. From the operator’s side, the optimal design of the security measures is provided. Numerical results are used to illustrate the intrinsic trade-off between monitoring cost and security risk, and show that continuous authentication can be effective in minimizing security risk.

Ezzeldin Shereen

Papers

Feasibility of Time-Synchronization Attacks Against PMU-Based State Estimation

Next Steps in Security for Time Synchronization: Experiences from implementing IEEE 1588 v2.1

Model-Based and Data-Driven Detectors for Time Synchronization Attacks Against PMUs

A continuum of undetectable timing-attacks on PMU-based linear state-estimation

Adversarial Attacks on Continuous Authentication Security: A Dynamic Game Approach