Vulnerability assessment for communication network of Substation Automation Systems to cyber attack

The Substation Automation System (SAS) is a crucial element of power system control. The devices of SAS with remote-control functions are one of the main target of cyber attack. The vulnerability assessment for communication network of SASs that supporting the analysis of control process, is an unsolved problem. Combined with the characteristics of SAS and the vulnerability assessment of the distributed systems, a vulnerability assessment method for communication nework of SASs to cyber attack is proposed. The substation communication system has been classified into six basic models used to construct vulnerability state graph (VSG). The vulnerability of single action is defined based on exponential distribution function including parameters called vulnerability factor and equivalent attacking cost, and then the vulnerability value of target systems are calculated by four connection types of VSG. Furthermore, a vulnerability factor quantity method based on AHP-TOPSIS is designed. An evaluation instance is constructed from IEC 61850 standard, the proposed method is applicable to evaluate the vulnerability of communication network of SASs.

[1]  Rodolphe Ortalo,et al.  Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security , 1999, IEEE Trans. Software Eng..

[2]  Ching-Lai Hwang,et al.  Multiple Attribute Decision Making: Methods and Applications - A State-of-the-Art Survey , 1981, Lecture Notes in Economics and Mathematical Systems.

[3]  Jim Alves-Foss,et al.  Modeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack , 2002 .

[4]  Guo Zhizhong,et al.  Vulnerability Assessment of Cyber Security in Power Industry , 2006, 2006 IEEE PES Power Systems Conference and Exposition.

[5]  G.N. Ericsson Toward a Framework for Managing Information Security for an Electric Power Utility—CIGRÉ Experiences , 2007, IEEE Transactions on Power Delivery.

[6]  Jian Wang,et al.  Study on PMI based access control of substation automation system , 2006, 2006 IEEE Power Engineering Society General Meeting.

[7]  Zeng Xiangjun,et al.  Context Information-Based Cyber Security Defense of Protection System , 2007, IEEE Transactions on Power Delivery.

[8]  K.E. Holbert,et al.  PRA for vulnerability assessment of power system infrastructure security , 2005, Proceedings of the 37th Annual North American Power Symposium, 2005..

[9]  Thomas P. von Hoff,et al.  Security for Industrial Communication Systems , 2005, Proceedings of the IEEE.

[10]  Jim Alves-Foss,et al.  Risk Analysis and Probabilistic Survivability Assessment ( RAPSA ) : An Assessment Approach for Power Substation Hardening , 2002 .

[11]  F. Cleveland,et al.  IEC TC57 Security Standards for the Power System's Information Infrastructure - Beyond Simple Encryption , 2006, 2005/2006 IEEE/PES Transmission and Distribution Conference and Exhibition.

[12]  T. Saaty,et al.  The Analytic Hierarchy Process , 1985 .

[13]  Lian Yi-feng,et al.  A Vulnerability Model of Distributed Systems Based on Reliability Theory , 2006 .