Smart grids are one of the most sophisticated cyber physical systems (CPSs) responsible to generate, distribute, and deliver electricity. Reliable control of power grids is highly dependent on the cyber infrastructure, e.g., intelligent devices and communication networks. Although the use of such technologies has resulted in the optimal usage of resources, they have made grids prone to malicious adversaries that can launch a wide variety of cyber attacks, especially against supervisory control and data acquisition (SCADA) system. To prevent serious and perhaps irreparable consequences, it is essential to develop innovative practical tools and techniques. In addition, it is vital to design accurate algorithms to detect launched attacks as quickly as possible. To realize attack-resilient smart grids, our lab is working on the following. Although our focus on security research is on smart grids, the tools developed and lessons learned are serving as a stepping-stone to address similar security bottlenecks in other CPSs. Three main elements of our work in this area include:
(1) Designing effective cyber attacks: The goal is to identify weak points of a power network. The best way to achieve this is to design successful cyber (and physical) attacks against smart grids data integrity. We are working on two possible but completely different intentions for an adversary to manipulate grid measurements. First, the adversary’s aim is to manipulate measurements to mislead the grid operator to make wrong decisions, which can move the power grid toward the instability and hence a blackout. Secondly, the attacker, as a power market participant, can compromise grid measurements to make unfair profitable power market transactions at the expense of other participants’ losses. We are investigating the possibilities, requirements, and impacts of two aforementioned scenarios by designing optimization frameworks, given the attacker’s different level of access to the power network.
(2) Precautionary approaches: The knowledge acquired in the first task is capitalized on to make the measurements and communication links secure against possible cyber attacks. Firstly, the weak points of the grid that are more probable to be targeted by the adversaries are identified by making use of observability of the (weighted) graph corresponding to the power grids. Then, an analytical approach is developed to secure these points through the optimal deployment of secured sensing devices, e.g., phasor measurement units (PMUs).
(3) Developing detection approaches: It is essential to develop additional detection tools, which can identify the existence of manipulated measurements by analyzing grid data in real time. We are developing a suite of efficient anomaly detection algorithms that continuously process measurements and trigger the cyber attack alarms when they detect any anomaly. To this purpose, we are utilizing specific knowledge about the system dynamics, e.g., load frequency control (LFC), to investigate incoherency between the sets of received data. Advanced anomaly detection approaches in dynamic graphs are being developed to investigate the existence of possible attacks. In addition, we are exploiting the sparse pattern of power networks to reduce the computational burden, making the proposed approaches suitable for real time attack detection.