Cyberphysical Infrastructures in Power Systems: Architectures and Vulnerabilities

By Magdi S. Mahmoud, Haris M. Khalid and Mutaz M. Hamdan

In an uncertain and complex environment, to ensure secure and stable operations of large-scale power systems is one of the biggest challenges that power engineers have to address today. Traditionally, power system operations and decision-making in controls are based on power system computations of physical models describing the behavior of power systems. Largely, physical models are constructed according to some assumptions and simplifications, and such is the case with power system models. However, the complexity of power system stability problems, along with the system's inherent uncertainties and nonlinearities, can result in models that are impractical or inaccurate. This calls for adaptive or deep-learning algorithms to significantly improve current control schemes that solve decision and control problems.

Cyberphysical Infrastructures in Power Systems: Architectures and Vulnerabilities provides an extensive overview of CPS concepts and infrastructures in power systems with a focus on the current state-of-the-art research in this field. Detailed classifications are pursued highlighting existing solutions, problems, and developments in this area.

• Gathers the theoretical preliminaries and fundamental issues related to CPS architectures.
• Provides coherent results in adopting control and communication methodologies to critically examine problems in various units within smart power systems and microgrid systems.
• Presents advanced analysis under cyberphysical attacks and develops resilient control strategies to guarantee safe operation at various power levels.

• Language: English
• Publisher: Academic Press
• Release date: Oct 23, 2021
• ISBN: 9780323852623

Magdi S. Mahmoud

Magdi S. Mahmoud is a distinguished professor at King Fahd University of Petroleum and Minerals (KFUPM), Saudi Arabia. He has been faculty member at different universities worldwide including Egypt (CU, AUC), Kuwait (KU), UAE (UAEU), UK (UMIST), USA (Pitt, Case Western), Singapore (Nanyang), and Australia (Adelaide). He lectured in Venezuela (Caracas), Germany (Hanover), UK (Kent), USA (UoSA), Canada (Montreal) and China (BIT, Yanshan). He is the principal author of 51 books, inclusive book-chapters, and author/co-author of more than 610 peer-reviewed papers. He is a fellow of the IEE and a senior member of the IEEE, the CEI (UK). He is currently actively engaged in teaching and research in the development of modern methodologies to distributed control and filtering, networked control systems, fault-tolerant systems, cyberphysical systems, and information technology.

Book preview

Part 1: Background

Outline

Introduction

Chapter 1. Overview

Chapter 2. Smart grids: control and cybersecurity

Introduction

This part consists of two chapters:

Chapter 1: Overview

Chapter 2: Smart grids control and cybersecurity

Chapter 1: Overview

Abstract

Smart grid initiatives aim at producing a grid that is increasingly dependent on its cyberinfrastructure in order to support the numerous power applications necessary to provide improved grid monitoring and control capabilities. This chapter discusses cyberphysical security of wide-area monitoring, protection and control (WAMP) from a coordinated cyberattack perspective and introduces a game theoretic approach to address the issue. Essentially, this chapter provides:

•  A comprehensive overview on consensus control in multiagent systems from the network viewpoints. This comes in line of the extensive researches due to its applicability in analyzing and designing coordination behaviors among agents in multiagent framework.

•  The problem of cyberphysical security (CPS) modeling systems is introduced with emphasis on wide area monitoring, protection and control systems (WAMPCS), wide-area protection (WAP), phasor measurement units.

•  A quantification of the performance degradation of cyberphysical systems under the effect of stealthy integrity attacks. The CPS is modeled as a stochastic linear time-invariant (LTI) system equipped with a linear filter and feedback controller and failure detector.

•  Finally, a brief account of challenges in cyberphysical power systems. Then, it addresses the secure industrial control systems along with Game-theoretic methods.

Keywords

SCADA systems; security; robustness

Chapter Outline

1.1  Cyberphysical security modeling systems (CPS)

1.1.1  Introduction

1.1.2  Wide-area monitoring, protection and control systems

1.1.3  Wide-area protection

1.1.4  Phasor measurement units

1.2  Cyberattack taxonomy

1.2.1  Cyberattack classification

1.2.2  Coordinated attacks on WAMPAC

1.2.3  Cyberphysical security using game-theoretic approach

1.2.4  Cyberlayer risk assessment

1.2.5  Attack modeling

1.2.6  Game formulation and solution strategies

1.3  Challenges in cyberphysical power systems

1.3.1  Signal sampling

1.3.2  Signal quantization

1.3.3  Communication delay

1.3.4  Packet dropouts

1.3.5  Medium access constraints

1.3.6  Channel fading

1.3.6.1  Information-theory based approach

1.3.6.2  Stochastic system approach

1.3.7  Power constraints

1.3.7.1  Reducing the transmission rate

1.3.7.2  Packet size reduction

1.4  Secure industrial control systems

1.4.1  Introduction

1.4.2  Progress of SICS

1.4.3  Major security objectives

1.5  Game-theoretic methods

1.5.1  Robustness issue

1.5.2  Resilient control design

1.5.3  Hierarchical systems

1.5.4  Physical layer control system problem

1.6  Notes

References

1.1 Cyberphysical security modeling systems (CPS)

In this section, we articulate the importance of securing the wide-area monitoring, protection and control (WAMPAC) systems to maintain bulk power system reliability. We present cyberattack taxonomy on WAMPAC, and also identify the cybersecurity requirements, concerns and future requirements for the various applications. Next we introduce different types of coordinated cyberattack scenarios in WAMPAC and presented their potential impacts.

1.1.1 Introduction

Smart grid technologies utilize recent cyberadvancements to enhance control and monitoring functions throughout the electric power grid. The smart grid incorporates various individual technical initiatives such as advanced metering infrastructure (AMI), demand response (DR), WAMPAC systems based on phasor measurement units (PMUs), large scale renewable integration in the form of wind and solar generation, and plug-in hybrid electric vehicles (PHEVs). Of these initiatives, AMI and WAMPAC depend heavily on the cyberinfrastructure and its data transported through several communication protocols to utility control centers and the consumers. Cybersecurity concerns within the communication and computation infrastructure may allow attackers to manipulate either the power applications or physical system. Cyberattacks can take many forms depending on their objective. Attackers can perform various intrusions by exploiting software vulnerabilities or misconfiguration. System resources can also be rendered unavailable through denial of service (DoS) attacks by congesting the network or system with unnecessary data. Even secure cybersystems can be attacked due to insider threats, where a trusted individual can leverage system privileges to steal data or impact system operations. Also, weaknesses in communication protocols allow attackers to steal or manipulate data in transit.

AMI is based on the deployment of smart meters at consumer end and the utility. This provides the utility with the ability to push real-time pricing data to consumers, collect information about current usage, and perform more advanced analysis of faults within the distribution system. Since AMI is associated with the distribution system, typically a huge volume of consumer meters needs to be compromised to create a substantial impact in the bulk power system reliability. This is in strong contrast to the impact a coordinated cyberattack on WAMPAC would have on bulk power system reliability. Therefore, the main focus of this chapter is to study pertinent issues in cyberphysical security of WAMPAC. However, it is important to note that several cybersecurity and privacy issues do exist with respect to AMI and are beyond the scope of this chapter.

1.1.2 Wide-area monitoring, protection and control systems

WAMPAC leverage the phasor measurements units (PMUs) to gain real-time awareness of current grid operations and also provide real-time protection and control functions such as special protection schemes (SPSs) and automatic generation control (AGC), besides other emerging applications such as oscillation detection, and transient stability predictions.

While communication is the key to a smarter grid, developing and securing the appropriate cyberinfrastructures and their communication protocols is crucial. WAMPAC can be subdivided further into its constituent components namely, wide-area monitoring systems (WAMSs), wide-area protection (WAP) systems, and wide-area control (WAC). PMUs utilize high sampling rates and accurate GPS-based timing to provide very accurate, synchronized grid readings. While PMUs provide increasingly accurate situational awareness capabilities, their full potential will not be realized unless these measurement data can be shared among other utilities and regulators. Additionally, power system applications need to be re-examined to determine the extent to which these enhancements can improve the grid's efficiency and reliability. The development of advanced control applications will depend on WAMS, which can effectively distribute information in a secure and reliable manner. An example of WAMS deployment is NASPInet, which is the development of a separate network for PMU data transmission and data sharing including real-time control, quality of service and cybersecurity requirements [1,2].

1.1.3 Wide-area protection

WAP involves the use of system wide information collected over a wide geographic area to perform fast decision-making and switching actions in order to counteract the propagation of large disturbances [3]. The advent of PMUs has transformed protection from a local concept into a system level wide-area concept to handle disturbances. Several protection applications fall under the umbrella of WAP, but the most common one among them is SPS. The North American Electric Reliability Council (NERC) defines SPS as an automatic protection system designed to detect abnormal or predetermined system conditions, and takes corrective actions other than and/or in addition to the isolation of faulted components to maintain system reliability [4]. Such action may include changes in demand, generation (Megawatt (MW) and Mega volt-ampere reactive (MVAR)), or system configuration to maintain system stability, acceptable voltage, or power flows. Some of the most common SPS applications are as follows: generator rejection, load rejection, under frequency load shedding, under voltage load shedding, out-of-step relaying, volt-ampere reactive (VAR) compensation, discrete excitation control, High-Voltage Direct Current (HVDC).

1.1.4 Phasor measurement units

Until the advent of PMUs, the only major WAC mechanism in the power grid was AGC. The AGC functions with the help of tie line flow measurements, frequency and generation data obtained from supervisory control and data acquisition (SCADA) infrastructure. The purpose of the AGC in a power system is to correct system generation in accordance with load changes in order to maintain grid frequency at 60 Hz. Currently, the concept of real-time WAC using PMU data is still in its infancy, and there are no standardized applications that are widely deployed on a system wide scale, though there are several pilot projects in that area [5]. Some of the potential WAC applications are secondary voltage control using PMU data, static VAR compensator (SVC) control using PMUs, and inter-area oscillation damping.

1.2 Cyberattack taxonomy

Fig. 1.1 shows a generic WAMPAC architecture with the various components involved. The system conditions are measured using measurement devices (mostly PMUs). These measurements are communicated to a logic processor to determine corrective actions for each contingency, and then appropriate actions are initiated, usually through high speed communication links. The inherent wide-area nature of these schemes presents several vulnerabilities in terms of possible cyberintrusions to hinder or alter the normal functioning of these schemes. Even though SPS are designed to cause minimal or no impact to the power system under failure, they are not designed to handle failures that are due to malicious events like cyberattacks. Also, as more and more SPS are added in the power system, unexpected dependencies in the operation of the various schemes are introduced, and this increases the risk of increased impacts like system wide collapse due to a cyberattack. It therefore becomes critical to reexamine the design of the WAP schemes with a specific focus on cyberphysical system (CPS) security.

Figure 1.1 Generic WAMPAC architecture.

In addition, Fig. 1.1 presents a control systems (CS) view of the power system and the WAP scheme. The power system is the plant under control, where the parameters like currents and voltages at different places are measured using sensors (PMUs) and sent through the high-speed communication network to the WAP controller for appropriate decision making. The controller decides based on the system conditions and sends corresponding commands to the actuators, which are the protection elements and VAR control elements like SVC and Flexible AC Transmission Systems (FACTS) devices for voltage control related applications. There are different places where a cyberattack can take place in this CS model. The cyberattack could affect the delays experienced in the forward or the feedback path or it could directly affect the data corresponding to sensors, the actuators or the controller. Fig. 1.1 also indicates the attack points on this CS model through the lightning