Cyber-physical systems are ubiquitous in power systems, transportation networks, industrial control processes, and critical infrastructures. These systems need to operate reliably in the face of unforeseen failures and external malicious attacks. In this paper: (i) we propose a mathematical framework for cyber-physical systems, attacks, and monitors; (ii) we characterize fundamental monitoring limitations from system-theoretic and graph-theoretic perspectives; and (ii) we design centralized and distributed attack detection and identification monitors. Finally, we validate our findings through compelling examples.

/pdf/attack-detection-and-identification-in-cyber-physical-3fy6vyw4zt.pdf

Attack Detection and Identification in Cyber-Physical Systems

Cyber-physical systems integrate computation, communication, and physical capabilities to interact with the physical world and humans. Besides failures of components, cyber-physical systems are prone to malignant attacks, and specific analysis tools as well as monitoring mechanisms need to be developed to enforce system security and reliability. This paper proposes a unified framework to analyze the resilience of cyber-physical systems against attacks cast by an omniscient adversary. We model cyber-physical systems as linear descriptor systems, and attacks as exogenous unknown inputs. Despite its simplicity, our model captures various real-world cyber-physical systems, and it includes and generalizes many prototypical attacks, including stealth, (dynamic) false-data injection and replay attacks. First, we characterize fundamental limitations of static, dynamic, and active monitors for attack detection and identification. Second, we provide constructive algebraic conditions to cast undetectable and unidentifiable attacks. Third, by using the system interconnection structure, we describe graph-theoretic conditions for the existence of undetectable and unidentifiable attacks. Finally, we validate our findings through some illustrative examples with different cyber-physical systems, such as a municipal water supply network and two electrical power grids.

Attack Detection and Identification in Cyber-Physical Systems -- Part I: Models and Fundamental Limitations

The development of a trustworthy smart grid requires a deeper understanding of potential impacts resulting from successful cyber attacks. Estimating feasible attack impact requires an evaluation of the grid's dependency on its cyber infrastructure and its ability to tolerate potential failures. A further exploration of the cyber-physical relationships within the smart grid and a specific review of possible attack vectors is necessary to determine the adequacy of cybersecurity efforts. This paper highlights the significance of cyber infrastructure security in conjunction with power application security to prevent, mitigate, and tolerate cyber attacks. A layered approach is introduced to evaluating risk based on the security of both the physical power applications and the supporting cyber infrastructure. A classification is presented to highlight dependencies between the cyber-physical controls required to support the smart grid and the communication and computations that must be protected from cyber attack. The paper then presents current research efforts aimed at enhancing the smart grid's application and infrastructure security. Finally, current challenges are identified to facilitate future research efforts.

Cyber–Physical System Security for the Electric Power Grid

https://research.ece.ncsu.edu/netwis/papers/13wl-comnet.pdf

Survey Cyber security in the Smart Grid: Survey and challenges

A secure control framework for resource-limited adversaries

Cyber systems play a critical role in improving the efficiency and reliability of power system operation and ensuring the system remains within safe operating margins. An adversary can inflict severe damage to the underlying physical system by compromising the control and monitoring applications facilitated by the cyber layer. Protection of critical assets from electronic threats has traditionally been done through conventional cyber security measures that involve host-based and network-based security technologies. However, it has been recognized that highly skilled attacks can bypass these security mechanisms to disrupt the smooth operation of control systems. There is a growing need for cyber-attack-resilient control techniques that look beyond traditional cyber defense mechanisms to detect highly skilled attacks. In this paper, we make the following contributions. We first demonstrate the impact of data integrity attacks on Automatic Generation Control (AGC) on power system frequency and electricity market operation. We propose a general framework to the application of attack resilient control to power systems as a composition of smart attack detection and mitigation. Finally, we develop a model-based anomaly detection and attack mitigation algorithm for AGC. We evaluate the detection capability of the proposed anomaly detection algorithm through simulation studies. Our results show that the algorithm is capable of detecting scaling and ramp attacks with low false positive and negative rates. The proposed model-based mitigation algorithm is also efficient in maintaining system frequency within acceptable limits during the attack period.

Model-Based Attack Detection and Mitigation for Automatic Generation Control

The development of a smarter electric grid will depend on increased deployments of information and communication technology (ICT) to support novel communication and control functions. Unfortunately, this additional dependency also expands the risk from cyber attacks. Designing systems with adequate cyber security depends heavily on the availability of representative environments, such as testbeds, where current issues and future ideas can be evaluated. This paper provides an overview of a smart grid security testbed, including the set of control, communication, and physical system components required to provide an accurate cyber-physical environment. It then identifies various testbed research applications and also identifies how various components support these applications. The PowerCyber testbed at Iowa State University is then introduced, including the architecture, applications, and novel capabilities, such as virtualization, Real Time Digital Simulators (RTDS), and ISEAGE WAN emulation. Finally, several attack scenarios are evaluated using the testbed to explore cyber-physical impacts. In particular, availability and integrity attacks are demonstrated with both isolated and coordinated approaches, these attacks are then evaluated based on the physical system's voltage and rotor angle stability.

Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid

Cyber threats for critical infrastructures is an area of growing concern. Data integrity attacks (e.g., manipulating sensor or control signals) on the power system through the SCADA network could have severe effects as it misleads operators into making wrong decisions. However, for an integrity attack to be successful, the malicious data should be within an acceptable range. Hence, only an attacker with intelligence or an understanding of system functionality can cause an effective attack. This paper extends cyber security attack concepts to control systems in an electric power system. Impact on the physical system is estimated by magnitude of load-generation imbalance and frequency deviation after a successful attack on the Automatic Generation Control (AGC) loop. We conduct experiments creating integrity attacks from our attack template on a sample system and evaluate the impact. Our simulation studies show that an integrity attack plan can have severe effects.

Data integrity attacks and their impacts on SCADA control system

Meeting current demands for critical infrastructure cyber security education and research will require accurate testbed development. The PowerCyber was designed to closely resemble power grid communication utilizing actual field devices and SCADA software. The testbed provides a novel environment where students can explore cyber attacks and defenses while evaluating their impact on power flow. This paper documents the design and implementation of the testbed while proposing cyber attack scenarios which will negatively affect grid operations. In addition, it documents the results of an initial cyber vulnerability assessment to evaluate the security posture of the current design.

Siddharth Sridhar

Papers

Cyber–Physical System Security for the Electric Power Grid

Model-Based Attack Detection and Mitigation for Automatic Generation Control

Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid

Data integrity attacks and their impacts on SCADA control system

Development of the PowerCyber SCADA security testbed