A Survey on Power Grid Cyber Security: From Component-Wise Vulnerability Assessment to System-Wide Impact Analysis

Huang, Xiaoge; Qin, Zhijun; Liu, Hui

doi:10.1109/access.2018.2879996

Cited by 35 publications

(14 citation statements)

References 72 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The development of cyber protection systems is related to investments that have to be justifiable, thus requiring identification of CIs and deciding on the manner of their protection. This can be done following a risk-based approach by the TSOs [36] that considers the vulnerabilities of the critical assets and ICS and ensures a broad system analysis [37]. These measures should also include implementation of relevant standards as IEC 60870-5, IEC 60870-6, IEC 61850, IEC 61970, IEC 61968 and IEEE 1815 (DNP3) [14].…”

Section: Current Issues Related To Cybersecurity Of Tsos In Seementioning

confidence: 99%

Overview and Improvement of Procedures and Practices of Electricity Transmission System Operators in South East Europe to Mitigate Cybersecurity Threats

Mateska

Krstevski

Borozan

2021

Systems

View full text Add to dashboard Cite

The implementation of information and communication technologies (ICT) in power systems increases the risks of cybersecurity threats, requiring protection measures that should reflect the multi-actor environment of the contemporary power systems. This paper provides a critical assessment of the cybersecurity practices of the transmission system operators (TSOs) from South East Europe (SEE) and the implementation of obligations for TSOs emerging from the complex set of cybersecurity and electricity legislation. The analyses of TSO cybersecurity practices are based on a survey conducted with the TSOs from SEE and show there is a lack of consistent cybersecurity policy at the TSO level. These analyses demonstrate that the differences between TSOs from the SEE region are not very significant with regards to implementation of technical protection and defense measures for critical infrastructures (CIs) and assets. The comprehensive analyses of electricity and cybersecurity legislation uncover the obligations of TSOs emerging from legislation and relate them to current TSO cybersecurity practices, confirming the necessity to boost existing practices. Considering the analyzed legislation and implemented practices, this paper presents a proposal for a cybersecurity framework for TSOs that should improve their organizational and operational response to the evolving cybersecurity challenges.

show abstract

Section: Current Issues Related To Cybersecurity Of Tsos In Seementioning

confidence: 99%

Overview and Improvement of Procedures and Practices of Electricity Transmission System Operators in South East Europe to Mitigate Cybersecurity Threats

Mateska

Krstevski

Borozan

2021

Systems

View full text Add to dashboard Cite

show abstract

“…References [23] and [24] propose two novel attack models with incomplete information, demonstrating the significance and complexity of defending FDIA. We would refer the readers to our recent survey [25] on major advancements and limitations of the existing FDIA research. Besides the detection of FDIA, identifying the locations of falsified measurements, rather than the locations of falsified state variables, is critical for the prevention of FDIA, as the system operators can consolidate identified vulnerable components or communication channels.…”

Section: Introductionmentioning

confidence: 99%

Defense of Massive False Data Injection Attack via Sparse Attack Points Considering Uncertain Topological Changes

Huang

Qin

Xie

et al. 2022

Journal of Modern Power Systems and Clean Energy

View full text Add to dashboard Cite

False data injection attack (FDIA) is a typical cyber-attack aiming at falsifying measurement data for state estimation (SE), which may incur catastrophic consequences on cyber-physical system operation. In this paper, we develop a deep learning based methodology for detection, localization, and data recovery of FDIA on power systems in a coherent and holistic manner. However, the multi-modal probability distributions of both measurements and state variables in SE due to ever-changing operating points and structural/topological changes pose great challenges in detecting and localizing FDIA. To address this challenge, we first propose an enhanced attack model to launch massive FDIA on limited access points. Second, we train an auto-encoder (AE) with a Bayesian change verification (BCV) classifier using N -1 contingencies to detect FDIA with unseen Nk operational topologies. Third, to avoid model collapse caused by multi-modal measurement distribution, an AEbased generative adversarial network (GAN) is derived to generate a diverse candidate set of normal measurement vectors with various operational topologies. Finally, we develop a pattern match algorithm to localize and recover the falsified measurements and state variables by comparing the falsified measurement vectors with the normal measurement vectors in the candidate set. Case studies with IEEE benchmark systems and a modified 415-bus China Southern Grid system are provided to validate the proposed methodology. It shows that the proposed methodology achieves an average 95% accuracy for detection, over 80% accuracy for localization of FDIA, and recovers the measurement and state variables close to their true values.

show abstract

“…With a goal of developing causal chains of cyber attacks from component-level to system-level for enhancement of cybersecurity of power system, a comprehensive review on power system cybersecurity has been provided in [25]. This work examines the root causes of cyber attacks on power system components and analyzes their impacts on the entire system.…”

Section: Introductionmentioning

confidence: 99%

“…This work examines the root causes of cyber attacks on power system components and analyzes their impacts on the entire system. Cybersecurity landscape on electricity market, operations, generation systems, distribution, customer, and service provider domains has been also described in [25]. A literature survey of machine learning approaches for the detection of false data injection attacks on power systems is provided in [7].…”

Section: Introductionmentioning

confidence: 99%

Detection of Cyber Attacks on Voltage Regulation in Distribution Systems Using Machine Learning

2021

View full text Add to dashboard Cite

Several wired and wireless advanced communication technologies have been used for coordinated voltage regulation schemes in distribution systems. These technologies have been employed to both receive voltage measurements from field sensors and transmit control settings to voltage regulating devices (VRDs). Communication networks for voltage regulation can be susceptible to data falsification attacks, which can lead to voltage instability. In this context, an attacker can alter multiple field measurements in a coordinated manner to disturb voltage control algorithms. This paper proposes a machine learning-based two-stage approach to detect, locate, and distinguish coordinated data falsification attacks on control systems of coordinated voltage regulation schemes in distribution systems with distributed generators. In the first stage (regression), historical voltage measurements along with current meteorological data (solar irradiance and ambient temperature) are provided to random forest regressor to forecast voltage magnitudes of a given current state. In the second stage, a logistic regression compares the forecasted voltage with the measured voltage (used to set VRDs) to detect, locate, and distinguish coordinated data falsification attacks in realtime. The proposed approach is validated through several case studies on a 240-node real distribution system (based in the USA) and the standard IEEE 123-node benchmark distribution system. The results show that the proposed approach can detect low margin attacks (as low as 1% of actual measurements) with up to 99% accuracy. All of the developed source codes of the proposed solution are publicly available at Github.https://github.com/nbhusal/Data-Attack-on-Voltage-Regulation.INDEX TERMS Coordinated control of voltage regulation, data falsification cyber attack, machine learning, and photovoltaic.

show abstract

A Survey on Power Grid Cyber Security: From Component-Wise Vulnerability Assessment to System-Wide Impact Analysis

Cited by 35 publications

References 72 publications

Overview and Improvement of Procedures and Practices of Electricity Transmission System Operators in South East Europe to Mitigate Cybersecurity Threats

Overview and Improvement of Procedures and Practices of Electricity Transmission System Operators in South East Europe to Mitigate Cybersecurity Threats

Defense of Massive False Data Injection Attack via Sparse Attack Points Considering Uncertain Topological Changes

Detection of Cyber Attacks on Voltage Regulation in Distribution Systems Using Machine Learning

Contact Info

Product

Resources

About