Physical-Model-Checking to Detect Switching-Related Attacks in Power Systems

Recent public disclosures on attacks targeting the power industry showed that savvy attackers are now capable of occulting themselves from conventional rule-based network intrusion detection systems (IDS), bringing about serious threats. In order to leverage the work of rule-based IDS, this paper presents an artificially intelligent physical-model-checking intrusion detection framework capable of detecting tampered-with control commands from control centers of power grids. Unlike the work presented in the literature, the work in this paper utilizes artificial intelligence (AI) to learn the load flow characteristics of the power system and benefits from the fast responses of the AI to decode and understand contents of network packets. The output of the AI is processed through an expert system to verify that incoming control commands do not violate the physical system operational constraints and do not put the power system in an insecure state. The proposed content-aware IDS is tested in simulation on a 14-bus IEEE benchmark system. Experimental verification on a small power system, with an IEC 61850 network architecture is also carried out. The results showed the accuracy of the proposed framework in successfully detecting malicious and/or erroneous control commands.

[1]  Mohamad El Hariri,et al.  Online false data detection and lost packet forecasting system using time series neural networks for IEC 61850 sampled measured values , 2017, 2017 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT).

[2]  Zahir Tari,et al.  Ensuring Data Integrity of OPF Module and Energy Database by Detecting Changes in Power Flow Patterns in Smart Grids , 2017, IEEE Transactions on Industrial Informatics.

[3]  O. A. Mohammed,et al.  IEC 61850: Technology standards and cyber-threats , 2016, 2016 IEEE 16th International Conference on Environment and Electrical Engineering (EEEIC).

[4]  Victor O. K. Li,et al.  Online False Data Injection Attack Detection With Wavelet Transform and Deep Neural Networks , 2018, IEEE Transactions on Industrial Informatics.

[5]  Kameshwar Poolla,et al.  Smart grid data integrity attacks: characterizations and countermeasuresπ , 2011, 2011 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[6]  Osama A. Mohammed,et al.  Laboratory-Based Smart Power System, Part I: Design and System Development , 2012, IEEE Transactions on Smart Grid.

[7]  Ali Davoudi,et al.  Detection of False-Data Injection Attacks in Cyber-Physical DC Microgrids , 2017, IEEE Transactions on Industrial Informatics.

[8]  Osama A. Mohammed,et al.  Laboratory-Based Smart Power System, Part II: Control, Monitoring, and Protection , 2012, IEEE Transactions on Smart Grid.

[9]  Wei Zhao,et al.  Bad Data Detection Using Linear WLS and Sampled Values in Digital Substations , 2018, IEEE Transactions on Power Delivery.

[10]  Mohamad El Hariri,et al.  On the Implementation of the IEC 61850 Standard: Will Different Manufacturer Devices Behave Similarly under Identical Conditions? , 2016 .

[11]  Siddharth Sridhar,et al.  Model-Based Attack Detection and Mitigation for Automatic Generation Control , 2014, IEEE Transactions on Smart Grid.

[12]  Ross J. Anderson,et al.  The Protection of Substation Communications , 2009 .

[13]  Ravishankar K. Iyer,et al.  Runtime Semantic Security Analysis to Detect and Mitigate Control-Related Attacks in Power Grids , 2018, IEEE Transactions on Smart Grid.

[14]  O. A. Mohammed,et al.  A targeted attack for enhancing resiliency of intelligent intrusion detection modules in energy cyber physical systems , 2017, 2017 19th International Conference on Intelligent System Application to Power Systems (ISAP).

[15]  Hemanshu R. Pota,et al.  Cyber vulnerabilities on agent-based smart grid protection system , 2014, 2014 IEEE PES General Meeting | Conference & Exposition.

[16]  Xueqian Fu,et al.  Interval state estimation based defense mechanism against cyber attack on power systems , 2017, 2017 IEEE Conference on Energy Internet and Energy System Integration (EI2).

[17]  Haibo He,et al.  Supplementary File : Revealing Cascading Failure Vulnerability in Power Grids using Risk-Graph , 2013 .

[18]  Md. Apel Mahmud,et al.  Multi-Agent Approach for Enhancing Security of Protection Schemes in Cyber-Physical Energy Systems , 2017, IEEE Transactions on Industrial Informatics.

[19]  Haibo He,et al.  Resilience Analysis of Power Grids Under the Sequential Attack , 2014, IEEE Transactions on Information Forensics and Security.