skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Addressing the Challenges of Anomaly Detection for Cyber Physical Energy Grid Systems

Abstract

The consolidation of cyber communications networks and physical control systems within the energy smart grid introduces a number of new risks. Unfortunately, these risks are largely unknown and poorly understood, yet include very high impact losses from attack and component failures. One important aspect of risk management is the detection of anomalies and changes. However, anomaly detection within cyber security remains a difficult, open problem, with special challenges in dealing with false alert rates and heterogeneous data. Furthermore, the integration of cyber and physical dynamics is often intractable. And, because of their broad scope, energy grid cyber-physical systems must be analyzed at multiple scales, from individual components, up to network level dynamics. We describe an improved approach to anomaly detection that combines three important aspects. First, system dynamics are modeled using a reduced order model for greater computational tractability. Second, a probabilistic and principled approach to anomaly detection is adopted that allows for regulation of false alerts and comparison of anomalies across heterogeneous data sources. Third, a hierarchy of aggregations are constructed to support interactive and automated analyses of anomalies at multiple scales.

Authors:
 [1];  [1];  [1];  [1]
  1. ORNL
Publication Date:
Research Org.:
Oak Ridge National Lab. (ORNL), Oak Ridge, TN (United States)
Sponsoring Org.:
USDOE Laboratory Directed Research and Development (LDRD) Program
OSTI Identifier:
1059713
DOE Contract Number:  
DE-AC05-00OR22725
Resource Type:
Conference
Resource Relation:
Conference: Cyber Security and Information Intelligence Research Workshop, Oak Ridge, TN, USA, 20121030, 20121102
Country of Publication:
United States
Language:
English
Subject:
Smart Grid; Energy Security; Anomaly Detection; Control Systems; Reduced Order Models

Citation Formats

Ferragut, Erik M, Laska, Jason A, Melin, Alexander M, and Czejdo, Bogdan. Addressing the Challenges of Anomaly Detection for Cyber Physical Energy Grid Systems. United States: N. p., 2013. Web.
Ferragut, Erik M, Laska, Jason A, Melin, Alexander M, & Czejdo, Bogdan. Addressing the Challenges of Anomaly Detection for Cyber Physical Energy Grid Systems. United States.
Ferragut, Erik M, Laska, Jason A, Melin, Alexander M, and Czejdo, Bogdan. 2013. "Addressing the Challenges of Anomaly Detection for Cyber Physical Energy Grid Systems". United States.
@article{osti_1059713,
title = {Addressing the Challenges of Anomaly Detection for Cyber Physical Energy Grid Systems},
author = {Ferragut, Erik M and Laska, Jason A and Melin, Alexander M and Czejdo, Bogdan},
abstractNote = {The consolidation of cyber communications networks and physical control systems within the energy smart grid introduces a number of new risks. Unfortunately, these risks are largely unknown and poorly understood, yet include very high impact losses from attack and component failures. One important aspect of risk management is the detection of anomalies and changes. However, anomaly detection within cyber security remains a difficult, open problem, with special challenges in dealing with false alert rates and heterogeneous data. Furthermore, the integration of cyber and physical dynamics is often intractable. And, because of their broad scope, energy grid cyber-physical systems must be analyzed at multiple scales, from individual components, up to network level dynamics. We describe an improved approach to anomaly detection that combines three important aspects. First, system dynamics are modeled using a reduced order model for greater computational tractability. Second, a probabilistic and principled approach to anomaly detection is adopted that allows for regulation of false alerts and comparison of anomalies across heterogeneous data sources. Third, a hierarchy of aggregations are constructed to support interactive and automated analyses of anomalies at multiple scales.},
doi = {},
url = {https://www.osti.gov/biblio/1059713}, journal = {},
number = ,
volume = ,
place = {United States},
year = {Tue Jan 01 00:00:00 EST 2013},
month = {Tue Jan 01 00:00:00 EST 2013}
}

Conference:
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that hold this conference proceeding.

Save / Share: