Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Network-Aware Mitigation of Data Integrity Attacks on Power System State Estimation
KTH, School of Electrical Engineering (EES), Communication Networks. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
KTH, School of Electrical Engineering (EES), Automatic Control. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.
KTH, School of Electrical Engineering (EES), Communication Networks. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.ORCID iD: 0000-0002-4876-0223
KTH, School of Electrical Engineering (EES), Automatic Control. KTH, School of Electrical Engineering (EES), Centres, ACCESS Linnaeus Centre.ORCID iD: 0000-0003-1835-2963
2012 (English)In: IEEE Journal on Selected Areas in Communications, ISSN 0733-8716, E-ISSN 1558-0008, Vol. 30, no 6, 1108-1118 p.Article in journal (Refereed) Published
Abstract [en]

Critical power system applications like contingency analysis and optimal power flow calculation rely on the power system state estimator. Hence the security of the state estimator is essential for the proper operation of the power system. In the future more applications are expected to rely on it, so that its importance will increase. Based on realistic models of the communication infrastructure used to deliver measurement data from the substations to the state estimator, in this paper we investigate the vulnerability of the power system state estimator to attacks performed against the communication infrastructure. We define security metrics that quantify the importance of individual substations and the cost of attacking individual measurements. We propose approximations of these metrics, that are based on the communication network topology only, and we compare them to the exact metrics. We provide efficient algorithms to calculate the security metrics. We use the metrics to show how various network layer and application layer mitigation strategies, like single and multi-path routing and data authentication, can be used to decrease the vulnerability of the state estimator. We illustrate the efficiency of the algorithms on the IEEE 118 and 300 bus benchmark power systems.

Place, publisher, year, edition, pages
2012. Vol. 30, no 6, 1108-1118 p.
Keyword [en]
SCADA communication, state estimation, cyber-physical security
National Category
Telecommunications
Research subject
SRA - ICT
Identifiers
URN: urn:nbn:se:kth:diva-92610DOI: 10.1109/JSAC.2012.120709ISI: 000305984500009Scopus ID: 2-s2.0-84863506343OAI: oai:DiVA.org:kth-92610DiVA: diva2:513940
Projects
EU FP7 VikingACCESS
Funder
EU, FP7, Seventh Framework ProgrammeICT - The Next Generation
Note

QC 20140924

Available from: 2012-04-04 Created: 2012-04-04 Last updated: 2017-12-07Bibliographically approved
In thesis
1. Data Integrity and Availability in Power System Communication Infrastructures
Open this publication in new window or tab >>Data Integrity and Availability in Power System Communication Infrastructures
2013 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Society is increasingly dependent on the proper functioning of electric power systems. Today's electric power systems rely heavily on information and networking technology in order to achieve efficient and secure operation. Recent initiatives to upgrade power systems into smart grids target an even tighter integration with information and communication technologies in order to enable the integration of renewable energy sources, local and bulk generation and demand response. Therefore for a proper functioning of smart grids, it is essential that the communication network is secure and reliable both in the face of network failures and in the face of attacks. This thesis contributes to improving the security of power system applications against attacks on the communication infrastructure. The contributions lie in two areas.

The first area is the interaction of network and transport layer protocols with power system application layer security. We consider single and multi-area power system state estimation based on redundant telemetry measurements. The state estimation is a basis for a set of applications used for information support in the control center, and therefore its security is an important concern. For the case of single-area state estimation, we look at the security of measurement aggregation over a wide area communication network. Due to the size and complexity of power systems, it can be prohibitively expensive to introduce cryptographic security in every component of the communication infrastructure. Therefore, we investigate how the application layer logic can be leveraged to optimize the deployment of network, transport and application layer security solutions. We define security metrics that quantify the importance of particular components of the network infrastructure. We provide efficient algorithms to calculate the metrics, and that allow identification of the weakest points in the infrastructure that have to be secured. For the case of multi-area state estimation, we look at the security of data exchange between the control centers of neighboring areas. Although the data exchange is typically cryptographically secure, the communication infrastructure of a control center may get compromised by a targeted trojan that could attack the data before the cryptographic protection is applied or after it is removed. We define multiple attack strategies for which we show that they can significantly disturb the state estimation. We also show a possible way to detect and to mitigate the attack.

The second area is a study of the communication availability at the application layer. Communication availability in power systems has to be achieved in the case of network failures as well as in the case of attacks. Availability is not necessarily achieved by cryptography, since traffic analysis attacks combined with targeted denial-of-service attacks could significantly disturb the communication. Therefore, we study how anonymity networks can be used to improve availability, which comes at the price of increased communication overhead and delay. Because of the way anonymity networks operate, one would expect that availability would be improved with more overhead and delay. We show that surprisingly this is not always the case. Moreover, we show that it is better to overestimate than to underestimate the attacker's capabilities when configuring anonymity networks.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2013. iii, 36 p.
Series
Trita-EE, ISSN 1653-5146 ; 2013:016
Keyword
Cyber security, power systems, communications, state estimation, distributed
National Category
Communication Systems Telecommunications
Identifiers
urn:nbn:se:kth:diva-122447 (URN)978-91-7501-772-3 (ISBN)
Presentation
2013-05-30, Hörsal F3, Lindstedtsvägen 26, KTH, Stockholm, 13:00 (English)
Opponent
Supervisors
Note

QC 20130522

Available from: 2013-05-22 Created: 2013-05-21 Last updated: 2013-05-24Bibliographically approved
2. Cyber-security in Smart Grid Communication and Control
Open this publication in new window or tab >>Cyber-security in Smart Grid Communication and Control
2014 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Society is increasingly dependent on the reliable operation of power systems. Power systems, at the same time, heavily rely on information technologies to achieve efficient and reliable operation. Recent initiatives to upgrade power systems into smart grids target an even tighter integration with information technologies to enable the integration of renewable energy sources, local and bulk generation and demand response. Thus for the reliable operation of smart grids, it is essential that its information infrastructure is secure and reliable in the face of both failures and attacks. This thesis contributes to improving the security of power systems against attacks on their information infrastructures. The contributions lie in three areas: data integrity, data condentiality, and data availability of power system applications.

We analyze how characteristics of power system applications can be leveraged for detection and mitigation of data integrity attacks. We consider singleand multi-area power system state estimation. For single-area state estimation, we look at the integrity of measurement data delivered over a wide area communication network. We deffine security metrics that quantify the importance of particular components of the communication network, and that allow us to optimize the deployment of network, transport and application layer security solutions. For multi-area state estimation, we look at the integrity of data exchanged between the control centers of neighboring areas in face of a targeted trojan that compromises an endpoint of the secure communication tunnel. We deffine multiple attack strategies and show that they can signifficantly disturb the state estimation. Moreover, we propose schemes that could be used for detection, localization, and mitigation of data integrity attacks.

We investigate how to provide data confidentiality for power system applications when they utilize cloud computing. We focus on contingency analysis and propose an approach to obfuscate information regarding power flows and the presence of a contingency violation while allowing the operator to analyze contingencies with the needed accuracy in the cloud. Our empirical evaluation shows that the errors introduced into power flows due to the proposed obfuscation are small, and that the RMS errors introduced grow linearly with the magnitude of obfuscation.

We study how to improve data availability in face of gray hole attacks combined with traffic analysis. We consider two cases: SCADA substation to control center communication using DNP3, and inter-control center communication. In the first case, we propose a support vector machine-based traffic analysis algorithm that uses only the information on timing and direction of three consecutive messages, and show that a gray hole attack can be effectively performed even if the traffic is sent through an encrypted tunnel. We discuss possible mitigation schemes, and show that a minor modication of message timing could help mitigate the attack. In the second case, we study how anonymity networks can be used to improve availability at the price of increased communication overhead and delay. We show that surprisingly availability is not always improved with more overhead and delay. Moreover, we show that it is better to overestimate than to underestimate the attacker's capabilities when conguring anonymity networks.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2014. vi, 48 p.
Series
TRITA-EE, ISSN 1653-5146 ; 2014:039
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Electrical Engineering
Identifiers
urn:nbn:se:kth:diva-152223 (URN)978-91-7595-250-5 (ISBN)
Public defence
2014-10-07, Hörsal F3, Lindstedtsvägen 26, KTH, Stockholm, 10:00 (English)
Opponent
Supervisors
Note

QC 20140924

Available from: 2014-09-24 Created: 2014-09-23 Last updated: 2014-09-24Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Authority records BETA

Dán, GyörgySandberg, Henrik

Search in DiVA

By author/editor
Vuković, OgnjenSou, Kin CheongDán, GyörgySandberg, Henrik
By organisation
Communication NetworksACCESS Linnaeus CentreAutomatic Control
In the same journal
IEEE Journal on Selected Areas in Communications
Telecommunications

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 392 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf