Cyber–Physical System Security for the Electric Power Grid
01 Jan 2012-Vol. 100, Iss: 1, pp 210-224
TL;DR: The significance of cyber infrastructure security in conjunction with power application security to prevent, mitigate, and tolerate cyber attacks is highlighted and a layered approach is introduced to evaluating risk based on the security of both the physical power applications and the supporting cyber infrastructure.
Abstract: The development of a trustworthy smart grid requires a deeper understanding of potential impacts resulting from successful cyber attacks. Estimating feasible attack impact requires an evaluation of the grid's dependency on its cyber infrastructure and its ability to tolerate potential failures. A further exploration of the cyber-physical relationships within the smart grid and a specific review of possible attack vectors is necessary to determine the adequacy of cybersecurity efforts. This paper highlights the significance of cyber infrastructure security in conjunction with power application security to prevent, mitigate, and tolerate cyber attacks. A layered approach is introduced to evaluating risk based on the security of both the physical power applications and the supporting cyber infrastructure. A classification is presented to highlight dependencies between the cyber-physical controls required to support the smart grid and the communication and computations that must be protected from cyber attack. The paper then presents current research efforts aimed at enhancing the smart grid's application and infrastructure security. Finally, current challenges are identified to facilitate future research efforts.
Citations
More filters
TL;DR: In this article, a mathematical framework for cyber-physical systems, attacks, and monitors is proposed, and fundamental monitoring limitations from both system-theoretic and graph-based perspectives are characterized.
Abstract: Cyber-physical systems are ubiquitous in power systems, transportation networks, industrial control processes, and critical infrastructures. These systems need to operate reliably in the face of unforeseen failures and external malicious attacks. In this paper: (i) we propose a mathematical framework for cyber-physical systems, attacks, and monitors; (ii) we characterize fundamental monitoring limitations from system-theoretic and graph-theoretic perspectives; and (ii) we design centralized and distributed attack detection and identification monitors. Finally, we validate our findings through compelling examples.
1,430 citations
Posted Content•
TL;DR: This paper proposes a mathematical framework for cyber-physical systems, attacks, and monitors, and describes fundamental monitoring limitations from system-theoretic and graph- theoretic perspectives and designs centralized and distributed attack detection and identification monitors.
Abstract: Cyber-physical systems integrate computation, communication, and physical capabilities to interact with the physical world and humans. Besides failures of components, cyber-physical systems are prone to malignant attacks, and specific analysis tools as well as monitoring mechanisms need to be developed to enforce system security and reliability. This paper proposes a unified framework to analyze the resilience of cyber-physical systems against attacks cast by an omniscient adversary. We model cyber-physical systems as linear descriptor systems, and attacks as exogenous unknown inputs. Despite its simplicity, our model captures various real-world cyber-physical systems, and it includes and generalizes many prototypical attacks, including stealth, (dynamic) false-data injection and replay attacks. First, we characterize fundamental limitations of static, dynamic, and active monitors for attack detection and identification. Second, we provide constructive algebraic conditions to cast undetectable and unidentifiable attacks. Third, by using the system interconnection structure, we describe graph-theoretic conditions for the existence of undetectable and unidentifiable attacks. Finally, we validate our findings through some illustrative examples with different cyber-physical systems, such as a municipal water supply network and two electrical power grids.
1,190 citations
Cites background from "Cyber–Physical System Security for ..."
...tified as an issue of primary concern, see [19], [29] and [10],...
[...]
...attention, such as power networks [15]–[19], linear networks...
[...]
TL;DR: In this paper, an attack space defined by the adversary's model knowledge, disclosure, and disruption resources is introduced, and an attack policy for each scenario is described and the attack's impact is characterized using the concept of safe sets.
839 citations
TL;DR: A comprehensive review of state-of-the-art in FDIAs against modern power systems is given and some potential future research directions in this field are discussed.
Abstract: With rapid advances in sensor, computer, and communication networks, modern power systems have become complicated cyber-physical systems. Assessing and enhancing cyber-physical system security is, therefore, of utmost importance for the future electricity grid. In a successful false data injection attack (FDIA), an attacker compromises measurements from grid sensors in such a way that undetected errors are introduced into estimates of state variables such as bus voltage angles and magnitudes. In evading detection by commonly employed residue-based bad data detection tests, FDIAs are capable of severely threatening power system security. Since the first published research on FDIAs in 2009, research into FDIA-based cyber-attacks has been extensive. This paper gives a comprehensive review of state-of-the-art in FDIAs against modern power systems. This paper first summarizes the theoretical basis of FDIAs, and then discusses both the physical and the economic impacts of a successful FDIA. This paper presents the basic defense strategies against FDIAs and discusses some potential future research directions in this field.
692 citations
TL;DR: In this paper, the authors study and systematize existing research on CPS security under a unified framework, which consists of three orthogonal coordinates: 1) from the security perspective, they follow the well-known taxonomy of threats, vulnerabilities, attacks and controls; 2) from CPS components, they focus on cyber, physical, and cyber-physical components.
Abstract: With the exponential growth of cyber-physical systems (CPSs), new security challenges have emerged. Various vulnerabilities, threats, attacks, and controls have been introduced for the new generation of CPS. However, there lacks a systematic review of the CPS security literature. In particular, the heterogeneity of CPS components and the diversity of CPS systems have made it difficult to study the problem with one generalized model. In this paper, we study and systematize existing research on CPS security under a unified framework. The framework consists of three orthogonal coordinates: 1) from the security perspective, we follow the well-known taxonomy of threats, vulnerabilities, attacks and controls; 2) from the CPS components perspective, we focus on cyber, physical, and cyber-physical components; and 3) from the CPS systems perspective, we explore general CPS features as well as representative systems (e.g., smart grids, medical CPS, and smart cars). The model can be both abstract to show general interactions of components in a CPS application, and specific to capture any details when needed. By doing so, we aim to build a model that is abstract enough to be applicable to various heterogeneous CPS applications; and to gain a modular view of the tightly coupled CPS components. Such abstract decoupling makes it possible to gain a systematic understanding of CPS security, and to highlight the potential sources of attacks and ways of protection. With this intensive literature review, we attempt to summarize the state-of-the-art on CPS security, provide researchers with a comprehensive list of references, and also encourage the audience to further explore this emerging field.
658 citations
References
More filters
Book•
01 Jan 1984
TL;DR: In this paper, the authors present a graduate-level text in electric power engineering as regards to planning, operating, and controlling large scale power generation and transmission systems, including characteristics of power generation units, transmission losses, generation with limited energy supply, control of generation, and power system security.
Abstract: Topics considered include characteristics of power generation units, transmission losses, generation with limited energy supply, control of generation, and power system security. This book is a graduate-level text in electric power engineering as regards to planning, operating, and controlling large scale power generation and transmission systems. Material used was generated in the post-1966 period. Many (if not most) of the chapter problems require a digital computer. A background in steady-state power circuit analysis is required.
6,344 citations
"Cyber–Physical System Security for ..." refers background in this paper
...For example, in cases where the system generation is insufficient to match up to the load, automatic load shedding schemes could be employed to maintain system frequency within safe operating limits and protect the equipment connected to the system....
[...]
TL;DR: In this article, a new class of attacks, called false data injection attacks, against state estimation in electric power grids is presented and analyzed, under the assumption that the attacker can access the current power system configuration information and manipulate the measurements of meters at physically protected locations such as substations.
Abstract: A power grid is a complex system connecting electric power generators to consumers through power transmission and distribution networks across a large geographical area. System monitoring is necessary to ensure the reliable operation of power grids, and state estimation is used in system monitoring to best estimate the power grid state through analysis of meter measurements and power system models. Various techniques have been developed to detect and identify bad measurements, including interacting bad measurements introduced by arbitrary, nonrandom causes. At first glance, it seems that these techniques can also defeat malicious measurements injected by attackers.In this article, we expose an unknown vulnerability of existing bad measurement detection algorithms by presenting and analyzing a new class of attacks, called false data injection attacks, against state estimation in electric power grids. Under the assumption that the attacker can access the current power system configuration information and manipulate the measurements of meters at physically protected locations such as substations, such attacks can introduce arbitrary errors into certain state variables without being detected by existing algorithms. Moreover, we look at two scenarios, where the attacker is either constrained to specific meters or limited in the resources required to compromise meters. We show that the attacker can systematically and efficiently construct attack vectors in both scenarios to change the results of state estimation in arbitrary ways. We also extend these attacks to generalized false data injection attacks, which can further increase the impact by exploiting measurement errors typically tolerated in state estimation. We demonstrate the success of these attacks through simulation using IEEE test systems, and also discuss the practicality of these attacks and the real-world constraints that limit their effectiveness.
2,064 citations
Book•
30 Jan 2017
TL;DR: Phasor Measurement Techniques and Applications: Estimation of Nominal Frequency Inputs and Phasor Estimation at Off-Nominal Frequency inputs.
Abstract: Phasor Measurement Techniques.- Phasor Estimation of Nominal Frequency Inputs.- Phasor Estimation at Off-Nominal Frequency Inputs.- Frequency Estimation.- Phasor Measurement Units and Phasor Data Concentrators.- Transient Response of Phasor Measurement Units.- Phasor Measurement Applications.- State Estimation.- Control with Phasor Feedback.- Protection Systems with Phasor Inputs.- Electromechanical Wave Propagation.
1,628 citations
"Cyber–Physical System Security for ..." refers methods in this paper
...However, Phadke and Thorp [34] identify control applications that could be enhanced by using data Vol. 100, No. 1, January 2012 | Proceedings of the IEEE 215 provided by PMUs....
[...]
...However, Phadke and Thorp [34] identify control applications that could be enhanced by using data Sridhar et al....
[...]
09 Nov 2009
TL;DR: A new class of attacks, called false data injection attacks, against state estimation in electric power grids are presented, showing that an attacker can exploit the configuration of a power system to launch such attacks to successfully introduce arbitrary errors into certain state variables while bypassing existing techniques for bad measurement detection.
Abstract: A power grid is a complex system connecting electric power generators to consumers through power transmission and distribution networks across a large geographical area. System monitoring is necessary to ensure the reliable operation of power grids, and state estimation is used in system monitoring to best estimate the power grid state through analysis of meter measurements and power system models. Various techniques have been developed to detect and identify bad measurements, including the interacting bad measurements introduced by arbitrary, non-random causes. At first glance, it seems that these techniques can also defeat malicious measurements injected by attackers.In this paper, we present a new class of attacks, called false data injection attacks, against state estimation in electric power grids. We show that an attacker can exploit the configuration of a power system to launch such attacks to successfully introduce arbitrary errors into certain state variables while bypassing existing techniques for bad measurement detection. Moreover, we look at two realistic attack scenarios, in which the attacker is either constrained to some specific meters (due to the physical protection of the meters), or limited in the resources required to compromise meters. We show that the attacker can systematically and efficiently construct attack vectors in both scenarios, which can not only change the results of state estimation, but also modify the results in arbitrary ways. We demonstrate the success of these attacks through simulation using IEEE test systems. Our results indicate that security protection of the electric power grid must be revisited when there are potentially malicious attacks.
1,592 citations
"Cyber–Physical System Security for ..." refers background in this paper
...false data injection attack discussed in [27] is the same as removing the attacked meters form the network....
[...]
...created a class of attacks, called false data injection attacks, that escape detection by existing bad measurement identification algorithms, provided they had knowledge of the system configuration [27]....
[...]
03 Jun 2015
TL;DR: This document provides guidance on how to secure Industrial Control Systems, including Supervisory Control and Data Acquisition systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing their unique performance, reliability, and safety requirements.
Abstract: This document provides guidance on how to secure Industrial Control Systems (ICS), including Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC), while addressing their unique performance, reliability, and safety requirements The document provides an overview of ICS and typical system topologies, identifies typical threats and vulnerabilities to these systems, and provides recommended security countermeasures to mitigate the associated risks
1,351 citations