Towards a Framework for Cyber Attack Impact Analysis of the Electric Smart Grid

This paper presents a framework for cyber attack impact analysis of a smart grid. We focus on the model synthesis stage in which both cyber and physical grid entity relationships are modeled as directed graphs. Each node of the graph has associated state information that is governed by dynamical system equations that model the physics of the interaction (for electrical grid components) or functionality (for cyber grid elements). We illustrate how cause-effect relationships can be conveniently expressed for both analysis and extension to large-scale smart grid systems.

[1]  M. Mertz NERC CIP compliance: We’ve identified our critical assets, now what?” , 2008, 2008 IEEE Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century.

[2]  Chen-Ching Liu,et al.  Cybersecurity of SCADA Systems: Vulnerability assessment and mitigation , 2009, 2009 IEEE/PES Power Systems Conference and Exposition.

[3]  T.J. Overbye,et al.  SCADA Cyber Security Testbed Development , 2006, 2006 38th North American Power Symposium.

[4]  P. Sholander,et al.  Risk assessment for physical and cyber attacks on critical infrastructures , 2005, MILCOM 2005 - 2005 IEEE Military Communications Conference.

[5]  Takis Zourntos,et al.  Dynamic load management for NG IPS ships , 2010, IEEE PES General Meeting.

[6]  R. Caire,et al.  Modeling cyber and physical interdependencies - Application in ICT and power grids , 2009, 2009 IEEE/PES Power Systems Conference and Exposition.

[7]  Robert McDonald New considerations for security compliance, reliability and business continuity , 2008, 2008 IEEE Rural Electric Power Conference.

[8]  Ragnar Schierholz,et al.  Generating configuration for missing traffic detector and security measures in industrial control systems based on the system description files , 2009, 2009 IEEE Conference on Technologies for Homeland Security.

[9]  H. Falk Securing IEC 61850 , 2008, 2008 IEEE Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century.

[10]  G. Dondossola,et al.  Supporting cyber risk assessment of Power Control Systems with experimental data , 2009, 2009 IEEE/PES Power Systems Conference and Exposition.

[11]  Jason Stamp,et al.  Reliability impacts from cyber attack on electric power systems , 2009, 2009 IEEE/PES Power Systems Conference and Exposition.

[12]  Mathias Ekstedt,et al.  Enterprise architecture models for cyber security analysis , 2009, 2009 IEEE/PES Power Systems Conference and Exposition.

[13]  D.A. Cartes,et al.  Implementation and Validation of a Multi-Level Security Model Architecture , 2007, 2007 International Conference on Intelligent Systems Applications to Power Systems.

[14]  V. Madani,et al.  Strategies for protection and control standardization and integrated data management applications , 2008, 2008 IEEE/PES Transmission and Distribution Conference and Exposition.

[15]  William Eberle,et al.  Insider Threat Detection Using Graph-Based Approaches , 2009, 2009 Cybersecurity Applications & Technology Conference for Homeland Security.

[16]  Miles A. McQueen,et al.  Quantitative Cyber Risk Reduction Estimation Methodology for a Small SCADA Control System , 2006, Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS'06).

[17]  Zeng Xiangjun,et al.  Context Information-Based Cyber Security Defense of Protection System , 2007, IEEE Transactions on Power Delivery.

[18]  Massoud Amin Energy Infrastructure Defense Systems , 2005, Proceedings of the IEEE.

[19]  H. Endoh Analyzing aspects of cyber security standard for M&CS , 2008, 2008 SICE Annual Conference.

[20]  G.N. Ericsson Information Security for Electric Power Utilities (EPUs)—CIGRÉ Developments on Frameworks, Risk Assessment, and Technology , 2009, IEEE Transactions on Power Delivery.

[21]  Ed Dawson,et al.  SKMA - A Key Management Architecture for SCADA Systems , 2006 .

[22]  Kevin A. Kwiat,et al.  A Workflow-Based Non-intrusive Approach for Enhancing the Survivability of Critical Infrastructures in Cyber Environment , 2007, Third International Workshop on Software Engineering for Secure Systems (SESS'07: ICSE Workshops 2007).

[23]  Milos Manic,et al.  Interdependency modeling and emergency response , 2007, SCSC.

[24]  Guo Zhizhong,et al.  Vulnerability Assessment of Cyber Security in Power Industry , 2006, 2006 IEEE PES Power Systems Conference and Exposition.

[25]  Milos Manic,et al.  CIMS: A Framework for Infrastructure Interdependency Modeling and Analysis , 2006, Proceedings of the 2006 Winter Simulation Conference.

[26]  N. Hadjsaid,et al.  Towards a common model for studying critical infrastructure interdependencies , 2008, 2008 IEEE Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century.

[27]  Jim Alves-Foss,et al.  Modeling Complex Control Systems to Identify Remotely Accessible Devices Vulnerable to Cyber Attack , 2002 .

[28]  B. McMillin Complexities of information security in Cyber-Physical Power Systems , 2009, 2009 IEEE/PES Power Systems Conference and Exposition.

[29]  T. Mander,et al.  Integrated Network Security Protocol Layer for Open-Access Power Distribution Systems , 2007, 2007 IEEE Power Engineering Society General Meeting.