Attack Models for Advanced Persistent Threats in Smart Grid Wide Area Monitoring

Wide Area Monitoring Systems (WAMSs) provide an essential building block for Smart Grid supervision and control. Distributed Phasor Measurement Units (PMUs) allow accurate clock-synchronized measurements of voltage and current phasors (amplitudes, phase angles) and frequencies. The sensor data from PMUs provide situational awareness in the grid, and are used as input for control decisions. A modification of sensor data can severely impact grid stability, overall power supply, and physical devices. Since power grids are critical infrastructures, WAMSs are tempting targets for all kinds of attackers, including well-organized and motivated adversaries such as terrorist groups or adversarial nation states. Such groups possess sufficient resources to launch sophisticated attacks. In this paper, we provide an in-depth analysis of attack possibilities on WAMSs. We model the dependencies and building blocks of Advanced Persistent Threats (APTs) on WAMSs using attack trees. We consider the whole WAMS infrastructure, including aggregation and data collection points, such as Phasor Data Concentrators (PDCs), classical IT components, and clock synchronization. Since Smart Grids are cyber-physical systems, we consider physical perturbations, in addition to cyber attacks in our models. The models provide valuable information about the chain of cyber or physical attack steps that can be combined to build a sophisticated attack for reaching a higher goal. They assist in the assessment of physical and cyber vulnerabilities, and provide strategic guidance for the deployment of suitable countermeasures.

[1]  Jitesh H. Panchal,et al.  Risk Mitigation for Dynamic State Estimation Against Cyber Attacks and Unknown Inputs , 2015, IEEE Transactions on Smart Grid.

[2]  Ehab Al-Shaer,et al.  A Noninvasive Threat Analyzer for Advanced Metering Infrastructure in Smart Grid , 2013, IEEE Transactions on Smart Grid.

[3]  Paul Smith,et al.  Data Integrity Attacks in Smart Grid Wide Area Monitoring , 2016, ICS-CSR.

[4]  Wolfgang Reisig Petri Nets: An Introduction , 1985, EATCS Monographs on Theoretical Computer Science.

[5]  Thomas M. Chen,et al.  Petri Net Modeling of Cyber-Physical Attacks on Smart Grid , 2011, IEEE Transactions on Smart Grid.

[6]  Mark Adamiak,et al.  IEC 61850 Communication Networks and Systems In Substations: An Overview for Users , 1988 .

[7]  Cristina Alcaraz,et al.  Cyber Stealth Attacks in Critical Information Infrastructures , 2018, IEEE Systems Journal.

[8]  Henrik Sandberg,et al.  Challenges in Power System Information Security , 2012, IEEE Security & Privacy.

[9]  E. Byres,et al.  The Use of Attack Trees in Assessing Vulnerabilities in SCADA Systems , 2004 .

[10]  Joachim Fabini,et al.  Security Challenges for Wide Area Monitoring in Smart Grids , 2014, Elektrotech. Informationstechnik.

[11]  William H. Sanders,et al.  AMI threats, intrusion detection requirements and deployment recommendations , 2012, 2012 IEEE Third International Conference on Smart Grid Communications (SmartGridComm).

[12]  Jie YAN,et al.  Risk assessment framework for power control systems with PMU-based intrusion response system , 2015 .

[13]  Andrew P. Moore,et al.  Attack Modeling for Information Security and Survivability , 2001 .

[14]  Ping Chen,et al.  A Study on Advanced Persistent Threats , 2014, Communications and Multimedia Security.

[15]  Ashkan Sami,et al.  Integrity attack detection in PMU networks using static state estimation algorithm , 2015, 2015 IEEE Eindhoven PowerTech.

[16]  William H. Sanders,et al.  Model-Based Cybersecurity Assessment with NESCOR Smart Grid Failure Scenarios , 2015, 2015 IEEE 21st Pacific Rim International Symposium on Dependable Computing (PRDC).

[17]  Alejandro D. Dominguez-Garcia,et al.  Spoofing GPS Receiver Clock Offset of Phasor Measurement Units , 2013, IEEE Transactions on Power Systems.

[18]  H. Vincent Poor,et al.  Strategic Protection Against Data Injection Attacks on Power Grids , 2011, IEEE Transactions on Smart Grid.

[19]  Chen-Ching Liu,et al.  Vulnerability Assessment of Cybersecurity for SCADA Systems Using Attack Trees , 2007, 2007 IEEE Power Engineering Society General Meeting.

[20]  Joe H. Chow,et al.  Real-time detection of packet drop attacks on synchrophasor data , 2014, 2014 IEEE International Conference on Smart Grid Communications (SmartGridComm).