Security and Robustness Evaluation and Enhancement of Power System Applications

Industry Collaborators: 

Sargent & Lundy

Research Summary: 

Power system operations rely on a multitude of sensor data from remote measurement devices at substations and in the field. Sensor data are communicated back to the control center using a variety of protocols and communication media. The remote sensors and the communication channels over which their readings are communicated present an attack surface for adversaries wanting to disrupt power system operations. While power system applications are typically robust against erroneous sensor data and data loss due to accidents and failures, they are typically not robust against coordinated malicious sensor data modification. In this work, we studied impacts of malicious sensor data manipulation in power systems, and researched cost-effective mitigation and defense strategies.  

Specifically, for DC state estimation, we showed that protecting a set of basic measurements, that is, those necessary for observability, is necessary and sufficient for detecting a class of false data injection attacks. We also developed a scheme to detect malicious data in state estimation that leverages system losses & estimation of (perturbed) parameters. We identified ways to inject false data into power flow computations, and investigated defenses. We were the first to introduce a topology perturbation-based approach for defending against false data injection. We also proposed a state estimator that leverages both cyber and power system information and is more robust against false data injection.

We researched ways to explicitly take the state of the cyber system into account in order to improve the robustness of power systems against cyber attacks. In the course of this effort, we proposed a framework for a security-oriented cyber-physical contingency analysis in power infrastructures. It allows for analyzing the impact of and ranking potential cyber-induced contingencies. This effort was selected for funding by ARPA-E for further development and is currently being matured into a practical technology. We studied security issues surrounding smart distribution grids; specifically, we looked at data integrity attacks on integrated Volt/VAR control, and proposed countermeasures. Further, we studied security issues surrounding the use of cloud computing for the power grid, and proposed a confidentiality-preserving obfuscation approach for cloud-based power system contingency analysis.

Ultimately, research under this activity looked at robustness characterization of specific power applications with respect to cyber attacks, and proposed mechanisms to improve the robustness of those applications, and provided guidance on where to focus an organization’s security budget to secure power grid infrastructure.

Research Demo:

Topology Perturbation for Detecting Malicious Data Injection: Presented by Kate Morrow during the TCIPG Industry Workshop in November 2011.