skip to main content
OSTI.GOV title logo U.S. Department of Energy
Office of Scientific and Technical Information

Title: SOLAR GUARD PROJECT: Phase I Final Report

Abstract

In this project, performed by SIFT, LLC, with Maxisys as subcontractors, we investigated the threat of malicious data injection (MDI) into the electrical power grid, and demonstrated that this form of cyber-attack can be effectively detected by an ensemble of methods based on machine learning (ML), and state estimation (SE). We first assessed the threat of MDI cyber-attacks, showing that they had the potential to cause grave damage to the electrical power grid. We then analyzed the threat surface for MDI attacks. We found that the vulnerability is substantial and will grow with the growth of distributed energy resources (DER), particularly solar, but also wind, and various forms of local power generation and storage. The growth will come primarily from the need to integrate DER control with distribution grid control, necessarily entailing the integration of remote, third-party devices into the grid control network. Since MDI provides attackers an acceptable benefit (attack effect)/cost (attack difficulty and likelihood of detection) tradeoff, we moved on to experiment with techniques for MDI detection. We developed an experimental scenario, based on MDI attack causing capacitor mis-operation, voltage surge, and damage to grid-attached systems. We built a simulation for a distribution system vulnerable to this typemore » of attack and demonstrated successful MDI attacks causing voltage spikes. Finally, we developed two complementary methods of MDI detection: one based on SE, and one based on ML. The SE method is presented analytically. Our ML method, based on time series models was tested against simulated MDI attacks and demonstrated perfect detection, with some simple filtering described in the report. Our results show the danger of MDI attacks and demonstrate two promising directions for detection.« less

Authors:
ORCiD logo [1];  [1];  [2]; ORCiD logo [2]
  1. SIFT, LLC
  2. Maxisys
Publication Date:
Research Org.:
SIFT, LLC
Sponsoring Org.:
USDOE Office of Science (SC)
OSTI Identifier:
1560061
Report Number(s):
DOE-SIFT-18793
DOE Contract Number:  
SC0018793
Type / Phase:
SBIR (Phase I)
Resource Type:
Technical Report
Country of Publication:
United States
Language:
English
Subject:
14 SOLAR ENERGY; Cyber security, Solar Energy, Malicious Data Injection, Machine Learning, State Estimation, Intrusion Detection, Distributed Energy Resources

Citation Formats

Goldman, Robert P, Mueller, Joseph, Ramanathan, Ramu, and Sheblé, Gerald B. SOLAR GUARD PROJECT: Phase I Final Report. United States: N. p., 2019. Web.
Goldman, Robert P, Mueller, Joseph, Ramanathan, Ramu, & Sheblé, Gerald B. SOLAR GUARD PROJECT: Phase I Final Report. United States.
Goldman, Robert P, Mueller, Joseph, Ramanathan, Ramu, and Sheblé, Gerald B. Mon . "SOLAR GUARD PROJECT: Phase I Final Report". United States.
@article{osti_1560061,
title = {SOLAR GUARD PROJECT: Phase I Final Report},
author = {Goldman, Robert P and Mueller, Joseph and Ramanathan, Ramu and Sheblé, Gerald B},
abstractNote = {In this project, performed by SIFT, LLC, with Maxisys as subcontractors, we investigated the threat of malicious data injection (MDI) into the electrical power grid, and demonstrated that this form of cyber-attack can be effectively detected by an ensemble of methods based on machine learning (ML), and state estimation (SE). We first assessed the threat of MDI cyber-attacks, showing that they had the potential to cause grave damage to the electrical power grid. We then analyzed the threat surface for MDI attacks. We found that the vulnerability is substantial and will grow with the growth of distributed energy resources (DER), particularly solar, but also wind, and various forms of local power generation and storage. The growth will come primarily from the need to integrate DER control with distribution grid control, necessarily entailing the integration of remote, third-party devices into the grid control network. Since MDI provides attackers an acceptable benefit (attack effect)/cost (attack difficulty and likelihood of detection) tradeoff, we moved on to experiment with techniques for MDI detection. We developed an experimental scenario, based on MDI attack causing capacitor mis-operation, voltage surge, and damage to grid-attached systems. We built a simulation for a distribution system vulnerable to this type of attack and demonstrated successful MDI attacks causing voltage spikes. Finally, we developed two complementary methods of MDI detection: one based on SE, and one based on ML. The SE method is presented analytically. Our ML method, based on time series models was tested against simulated MDI attacks and demonstrated perfect detection, with some simple filtering described in the report. Our results show the danger of MDI attacks and demonstrate two promising directions for detection.},
doi = {},
journal = {},
number = ,
volume = ,
place = {United States},
year = {2019},
month = {9}
}

Technical Report:
This technical report may be released as soon as September 5, 2023
Other availability
Please see Document Availability for additional information on obtaining the full-text document. Library patrons may search WorldCat to identify libraries that may hold this item. Keep in mind that many technical reports are not cataloged in WorldCat.

Save / Share: