skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid

Abstract

Cyber security and resiliency of Wide-Area Monitoring, Protection and Control (WAMPAC) applications is critically important to ensure secure, reliable, and economic operation of the bulk power system. WAMPAC relies heavily on the security of measurements and control commands transmitted over wide-area communication networks for real-time operational, protection, and control functions. Also, the current “N-1 security criteria” for grid operation is inadequate to address malicious cyber events and therefore it is important to fundamentally redesign WAMPAC and to enhance Energy Management System (EMS) applications to make them attack-resilient. In this paper, we propose an end-to-end defense-in-depth architecture for attack-resilient WAMPAC that addresses resilience at both the infrastructure layer and the application layers. Also, we propose an attack-resilient cyber-physical security framework that encompasses the entire security life cycle including risk assessment, attack prevention, attack detection, attack mitigation, and attack resilience. The overarching objective of this paper is to provide a broad scope that comprehensively describes most of the major research issues and potential solutions in the context of cyber-physical security of WAMPAC for the power grid.

Authors:
; ;
Publication Date:
Research Org.:
Pacific Northwest National Lab. (PNNL), Richland, WA (United States)
Sponsoring Org.:
USDOE Office of Electricity Delivery and Energy Reliability (OE)
OSTI Identifier:
1371964
Report Number(s):
PNNL-SA-120681
Journal ID: ISSN 0018-9219; 830403000
DOE Contract Number:
AC05-76RL01830
Resource Type:
Journal Article
Resource Relation:
Journal Name: Proceedings of the IEEE; Journal Volume: 105; Journal Issue: 7
Country of Publication:
United States
Language:
English
Subject:
24 POWER TRANSMISSION AND DISTRIBUTION; cyber-physical security; attack-resilient framework; WAMPAC

Citation Formats

Ashok, Aditya, Govindarasu, Manimaran, and Wang, Jianhui. Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid. United States: N. p., 2017. Web. doi:10.1109/JPROC.2017.2686394.
Ashok, Aditya, Govindarasu, Manimaran, & Wang, Jianhui. Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid. United States. doi:10.1109/JPROC.2017.2686394.
Ashok, Aditya, Govindarasu, Manimaran, and Wang, Jianhui. 2017. "Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid". United States. doi:10.1109/JPROC.2017.2686394.
@article{osti_1371964,
title = {Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid},
author = {Ashok, Aditya and Govindarasu, Manimaran and Wang, Jianhui},
abstractNote = {Cyber security and resiliency of Wide-Area Monitoring, Protection and Control (WAMPAC) applications is critically important to ensure secure, reliable, and economic operation of the bulk power system. WAMPAC relies heavily on the security of measurements and control commands transmitted over wide-area communication networks for real-time operational, protection, and control functions. Also, the current “N-1 security criteria” for grid operation is inadequate to address malicious cyber events and therefore it is important to fundamentally redesign WAMPAC and to enhance Energy Management System (EMS) applications to make them attack-resilient. In this paper, we propose an end-to-end defense-in-depth architecture for attack-resilient WAMPAC that addresses resilience at both the infrastructure layer and the application layers. Also, we propose an attack-resilient cyber-physical security framework that encompasses the entire security life cycle including risk assessment, attack prevention, attack detection, attack mitigation, and attack resilience. The overarching objective of this paper is to provide a broad scope that comprehensively describes most of the major research issues and potential solutions in the context of cyber-physical security of WAMPAC for the power grid.},
doi = {10.1109/JPROC.2017.2686394},
journal = {Proceedings of the IEEE},
number = 7,
volume = 105,
place = {United States},
year = 2017,
month = 7
}
  • The wide area monitoring system (WAMS) is considered a pivotal component of future electric power grids. As a pilot WAMS that has been operated for more than a decade, the frequency monitoring network FNET/GridEye makes use of hundreds of global positioning system-synchronized phasor measurement sensors to capture the increasingly complicated grid behaviors across the interconnected power systems. In this paper, the FNET/GridEye system is overviewed and its operation experiences in electric power grid wide area monitoring are presented. Particularly, the implementation of a number of data analytics applications will be discussed in details. FNET/GridEye lays a firm foundation for themore » later WAMS operation in the electric power industry.« less
  • State awareness for a control system is the accurate knowledge of the internal states of the system realization. To maintain stable operation, a controller requires a certain degree of state awareness. By definition, a cyber-attacker decreases the state awareness by modifying or removing the information available to the operator and control system. By doing so, the attacker can directly cause damage to the physical system through the control system, or indirectly by causing the operator to react in a damaging manner to the false information. In a number of recent papers, detection and mitigation strategies have been proposed that assumemore » state awareness. The goal of the attacker to reduce or remove state awareness makes this assumption invalid for most situations. One of the central problems of resilient control is developing methods to retain sufficient state awareness to continue operation during a cyberattack. In this paper, we will define state awareness, discuss the consequences of loss of state awareness, and some potential research directions for maintaining state awareness.« less
  • This paper studies an attacker against a cyberphysical system (CPS) whose goal is to move the state of a CPS to a target state while ensuring that his or her probability of being detected does not exceed a given bound. The attacker’s probability of being detected is related to the nonnegative bias induced by his or her attack on the CPS’s detection statistic. We formulate a linear quadratic cost function that captures the attacker’s control goal and establish constraints on the induced bias that reflect the attacker’s detection-avoidance objectives. When the attacker is constrained to be detected at the false-alarmmore » rate of the detector, we show that the optimal attack strategy reduces to a linear feedback of the attacker’s state estimate. In the case that the attacker’s bias is upper bounded by a positive constant, we provide two algorithms – an optimal algorithm and a sub-optimal, less computationally intensive algorithm – to find suitable attack sequences. Lastly, we illustrate our attack strategies in numerical examples based on a remotely-controlled helicopter under attack.« less
  • The power grid has been evolving over the last 120 years, but it is seeing more changes in this decade and next than it has seen over the past century. In particular, the widespread deployment of intermittent renewable generation, smart loads and devices, hierarchical and distributed control technologies, phasor measurement units, energy storage, and widespread usage of electric vehicles will require fundamental changes in methods and tools for the operation and planning of the power grid. The resulting new dynamic and stochastic behaviors will demand the inclusion of more complexity in modeling the power grid. Solving such complex models inmore » the traditional computing environment will be a major challenge. Along with the increasing complexity of power system models, the increasing complexity of smart grid data further adds to the prevailing challenges. In this environment, the myriad of smart sensors and meters in the power grid increase by multiple orders of magnitude, so do the volume and speed of the data. The information infrastructure will need to drastically change to support the exchange of enormous amounts of data as smart grid applications will need the capability to collect, assimilate, analyze and process the data, to meet real-time grid functions. High performance computing (HPC) holds the promise to enhance these functions, but it is a great resource that has not been fully explored and adopted for the power grid domain.« less