ebook img

Power Systems Cybersecurity: Methods, Concepts, and Best Practices PDF

463 Pages·2023·11.823 MB·English
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Power Systems Cybersecurity: Methods, Concepts, and Best Practices

Power Systems Hassan Haes Alhelou Nikos Hatziargyriou Zhao Yang Dong   Editors Power Systems Cybersecurity Methods, Concepts, and Best Practices Power Systems Electrical power has been the technological foundation of industrial societies for many years. Although the systems designed to provide and apply electrical energyhavereachedahighdegreeofmaturity,unforeseenproblemsareconstantly encountered,necessitatingthedesignofmoreefficientandreliablesystemsbasedon noveltechnologies.ThebookseriesPowerSystemsisaimedatprovidingdetailed, accurateandsoundtechnicalinformationaboutthesenewdevelopmentsinelectrical powerengineering.Itincludestopicsonpowergeneration,storageandtransmission aswellaselectricalmachines.Themonographsandadvancedtextbooksinthisseries addressresearchers,lecturers,industrialengineersandseniorstudentsinelectrical engineering. **PowerSystemsisindexedinScopus** · · Hassan Haes Alhelou Nikos Hatziargyriou Zhao Yang Dong Editors Power Systems Cybersecurity Methods, Concepts, and Best Practices Editors HassanHaesAlhelou NikosHatziargyriou DepartmentofElectricalandComputer DepartmentofElectricalandComputer SystemsEngineering Engineering MonashUniversity NationalTechnicalUniversityofAthens Clayton,VIC,Australia Athens,Greece ZhaoYangDong SchoolofElectricalandElectronics Engineering NanyangTechnologicalUniversity Singapore,Singapore ISSN 1612-1287 ISSN 1860-4676 (electronic) PowerSystems ISBN 978-3-031-20359-6 ISBN 978-3-031-20360-2 (eBook) https://doi.org/10.1007/978-3-031-20360-2 ©TheEditor(s)(ifapplicable)andTheAuthor(s),underexclusivelicensetoSpringerNature SwitzerlandAG2023 Thisworkissubjecttocopyright.AllrightsaresolelyandexclusivelylicensedbythePublisher,whether thewholeorpartofthematerialisconcerned,specificallytherightsoftranslation,reprinting,reuse ofillustrations,recitation,broadcasting,reproductiononmicrofilmsorinanyotherphysicalway,and transmissionorinformationstorageandretrieval,electronicadaptation,computersoftware,orbysimilar ordissimilarmethodologynowknownorhereafterdeveloped. Theuseofgeneraldescriptivenames,registerednames,trademarks,servicemarks,etc.inthispublication doesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfromtherelevant protectivelawsandregulationsandthereforefreeforgeneraluse. Thepublisher,theauthors,andtheeditorsaresafetoassumethattheadviceandinformationinthisbook arebelievedtobetrueandaccurateatthedateofpublication.Neitherthepublishernortheauthorsor theeditorsgiveawarranty,expressedorimplied,withrespecttothematerialcontainedhereinorforany errorsoromissionsthatmayhavebeenmade.Thepublisherremainsneutralwithregardtojurisdictional claimsinpublishedmapsandinstitutionalaffiliations. ThisSpringerimprintispublishedbytheregisteredcompanySpringerNatureSwitzerlandAG Theregisteredcompanyaddressis:Gewerbestrasse11,6330Cham,Switzerland Preface Due to environmental concerns and energy security risks, modern power systems are being through the transition toward the smart grid concept, which enables the high penetration level of renewable energies and motilities the high digitalization rate that requires new information and communication infrastructures. Renewable energyresourcesaremainlyinverter-basedsourcesthatintroducenewproblemsand technicalissuestomodernpowersystemsthatshouldbeproperlyaddressed.Such energy sources highly decrease the system’s total inertia which puts the system’s stabilityandsecurityindangerandweakensthegridagainstdifferenteventsincluding cyberattacks.Themainaspectofthetransitiontosmartgridsisthereplacementof traditionalinfrastructurethatwasbasedonSCADAsystemswithnewonesthatare beingbuiltbasedonwide-areameasurementsystems(WAMS),widesensornetworks (WSN),andinternetofthings(IoT)technologies.Inonehand,therecentadvances inthemeasurementsandcommunications systems,i.e.,phasormeasurementunits (PMUs) and wide-area monitoring systems (WAMSs), open a promising environ- mentfordevelopingnewcontrolandprotectionapproachesthatcanhelpsolvethe renewableenergyandmodernpowersystemoperationtechnicalissues.Ontheother hand,thesenewinfrastructuresarevulnerabletocyberattackswhichputthesystem’s cybersecurityunderthedanger,where,insomecases,asmallfalseinjecteddataas anattackcouldresultinaseriousblackout.Aclearexampleofsuchevents,the2015 Ukraineblackoutwhichhasbeenproventhatithappenedduetocyberattackbased onfalse-dateinjectionscenario.Thisdangerouseventandotherrecentcyberattack events against energy systems in different countries around the globe have highly motivatedresearchactivitiesonthepowersystemscybersecurity. Cyberattackersarehighlyskilledprofessionalsworkingasteamswhoarecapable ofgeneratingverycomplexandcoordinatedattacksusingsophisticatedtools.There- fore,powersystemoperatorsinWAMScentersneedtobeequippedwithrobusttools that can detect and classify the cyberattack signals instantly. The WAMS centers shouldbesuppliedwithnewoperation,control,andprotectionapproachesthatcan takecyberattackissuesintoaccount.Forinstance,itisobviousthatallcontrolsystems inmodernpowersystemsshouldbereplacedwithnewtolerant/resilientcontrollers against cyberattacks. The new wide-area monitoring systems provide the modern v vi Preface power systems with real-time measurements of electric quantities. Based on these quantities,thepowersystemcybersecuritycanbemonitoredandassessedonlineand inareal-timemanner.Therefore,cybersecurityincludingthestabilityandsecurity ofmodernenergysystemscanbeguaranteedatasuitablelevelusingnewwide-area tolerant/resilientcontrolandprotectionschemes.Developingsuchschemescanbring severaladvantagestoboththesystemoperatorsandconsumers.Furthermore,thiswill helpincompletingthetransitiontosmartgridsandadoptingnewemergingconcepts safely,suchasdemandresponseprograms,virtualpowerplants,theintegrationof aggregatedelectricvehicles(EVs),andothersmartapplianceswiththegrid,withno delaysduetotheirhighvulnerabilitytocyberattacks.Thus,modernpowersystems require cyberattack detectors and tolerant/resilient operation and control schemes thatcantakecyberattacksintoaccount,tobeusedonlineinthemonitoringcenters, the control rooms, the aggregators of EVs and other appliances, the virtual power plants,andprotectionschemes.Thereisagreatresearchgaprelatedtomodernpower systemscybersecurityinthepresenceofhighpenetrationdistributedgeneratingunits andrenewableenergyresources.Therefore,thisbookaimstodoacompletestateof theartandproposenewcontrolandprotectionschemesthatcanimprovetheoverall stabilityandcybersecurityofthefuturepowersystems. This book contains eighteen unique chapters that cover the different aspects of powersystemcybersecurity.FirstPartofthebook,comprising5chapters,startswith chaptersthatcomprehensivelyreviewandsurveythecybersecurityofpowersystems andconcludeswithanin-depthanalysisandoverviewofpowersystemvulnerabil- itiesandsituationalawarenessinmodernpowersystems.SecondPartofthebook, consisting of 3 chapters, presents a comprehensive understanding of cybersecurity of modern power system control with a focus on how to defend against cyberat- tacks on automatic generation control and frequency control in modern systems. ThirdPartofthebook,comprising2specialchapters,providesthetheoreticaland experimentalrequiredanalysisofcybersecurityinpowersystemprotection.Fourth Part,whichconsistsof3chapters,discussestheadvances incyberattack detection formodernpowersystemsandsmartgrids.Thebook’sFifthPart,whichcontains5 chapters,presentsthespecialtopicsincybersecurityofmodernpowersystemsand concludeswithastudyoncybersecuritystandardsforpowersystems.Inmoredetail, thechaptersofthebookandtheiruniquecontributionsaresummarizedbelow. Chapter A Comprehensive Review on Cyber-Attack Detection and Control of Microgrid Systems provides a comprehensive review on cyberattack detection and control of microgrid systems. Due to the fast progress of Microgrid (MG) systems and the development of advanced computing technologies and commu- nication networks—all of which enhance the efficiency and reliability of power networks—MGs are at the risk of various cyberattacks which can eventually lead to different glitches in the power distribution networks. There are many different kindsofcyberattacks,someofwhicharetheFalseDataInjectionAttack,Denialof Service,StealthAttack,andCovertAttack.Thecommongoalsoftheseattacksareto causepoweroutages,economicloss,andevensysteminstability.Cyberattackscould infiltrateMGsthroughthecommunicationlinks,localcontrollers,ormastercontrol Preface vii channels.Inthischapter,athoroughreviewofthetypesofcyberattacksandtheprob- lemscausedbytheminMGshasbeenpresented,andsomemethodsofcyberattack detection,resilientcontrolsystemdesign,andcountermeasuresagainstsuchattacks havebeendiscussed.Numerousresearchworkshavealreadyinvestigatedthesubject ofcyberattacksonboththeDirect-Current(DC)andAlternating-Current(AC)MG systems. These studies can be divided into two main categories: (a) detection and mitigationapproaches,and(b)resilientcontrolsystemdesigns.Severalsubclasses ofeachofthesecategories,alongwiththeiradvantagesanddisadvantageshavebeen thoroughlyinvestigatedinthischapter.Inthefirstcategory,afterdetectingacompro- misedagent, an active or passive mitigation mechanism is activated toprevent the spreadoftheagent’sdestructiveeffectstothewholesystem.Thismayimposesome strictlimitationsontheMGs.Inthesecondcategory,bydevelopingthedistributed attack-resilient control protocols, the resilience of a MG system against potential attacks/faults/noises is enhanced to the point where no detection and mitigation actionwillberequired. Chapter Cyber Vulnerabilities of Modern Power Systems investigates cyber vulnerabilities of modern power systems. Modern power systems heavily rely on InternetofThings(IoT)andemergingwide-areasensornetworksthatexposethem to cyber vulnerabilities such as network failures and cyberattacks. Some practical networkfailureexamplesincludeNorthAmerica(2003)duetostateestimatorand alarm system failure, Austria (2013) due to network congestion caused by a soft- ware bug, and Switzerland (2005) due to information overload. Ukraine’s power system went down in December 2015 leaving thousands of homes and facilities outofpowerduetoacyberattackcausedbyamalware,identifiedasBlackEnergy, in control center computers. Such failures and cyberattacks will leave majority of customerswithoutpowersupplyandmaycausesignificantdamagetohighlysensitive and mission-critical equipment. In case of power electronics-intensive microgrids, theafter-effectsofthecyberattacksareevenmoredetrimentalduetocomparatively weaker and fragile distribution grid, highly dynamic source and load profiles, and meager generational inertia. Cyber vulnerabilities are divided into two main cate- gories,i.e.,cyberattacksandnetworkfailures.Anoverviewofsuchcybervulnerabil- ities,practicallimitationsofmodernpowersystems,relevantpreventionmeasures, andacasestudyarepresentedinthischapter. Chapter Cyber-Physical Security in Smart Power Systems from a Resilience Perspective: Concepts and Possible Solutions reviews the cyber-physical security in smart power systems from a resilience perspective: concepts and possible solu- tions. Vital energy infrastructures in today’s evolving society are becoming more complex by distributed networks of cyber-physical systems (CPS). Although CPS providesagreatdealofflexibilityintheexploitationofcriticalinfrastructure,they can also create other security-based threats which should be suitably addressed in thedesignanddevelopmentstage.Consideringthisissue,powersystemsshouldbe properlyresistanttoadverseeventssothattheiroperationisnoteasilyimpactedby severe conditions. At the same time, energy systems should be flexible enough to adapt to severe disruptions without losing or breaking down completely, and they viii Preface should be able to recover in the least time after solving the problem. This crit- ical feature of power systems is generally called resilience. This chapter provides an overview of various resilience methods from the perspective of CPS in smart powersystemsandmicrogrids.Inordertoprovideadetailedstudy,inthischapter, cyber-physical structures, threats, and security issues in smart power systems are introduced.Vulnerabilitiesofcontrolsystemsandimportantmethodsfordetecting andcounteringcyberattackswithdefensesmechanisminsmartpowersystemsare presented. Possible solutions to improve cyber-physical resilience of smart power systemsandsomeimportantoptimizationtechniquesusedinsmartpowersystems andmicrogridsareprovided,whichcanbeutilizedanddevelopedbyresearchersin thisfield. Chapter Cybersecurity Challenges in Microgrids: Inverter-Based Resources andElectricVehiclessurveyscybersecuritychallengesinmicrogrids:inverter-based resourcesandelectricvehicles.Powersystemsareshiftingintoanewparadigmof connectivity.Thisnewparadigmfacilitatesmassiveintegrationsofdifferentenergy resources and loads, e.g., renewable energy and electric vehicle (EV) charging stations,throughoutamicrogridwithcyberinterfaces.Theintegrationoftheseenergy resources and EVs can significantly enhance the microgrid efficiency, reliability, resiliency,andaddressenvironmentalconcerns.Severalemergingtechnologiesare requiredtopreparethecyber-physicalinfrastructureforthishighlyintegratedgrid. This new grid model is highly dependent on the cyber interfaces and communica- tioninfrastructurethatmakesthesystemvulnerabletocyberdisruptionsandthreats. Consideringtheinterconnectednatureofthesemicrogrids,cyberdisordersmaylead to disastrous consequences; therefore, it is essential to know the vulnerabilities of thegridanddesigntoolstoidentifyandmitigatethesethreats.Thischapterspecifi- callyfocusesoncybersecurityissuesofthemicrogridwithinverter-basedresources (IBRs)andEVchargingstations.Duetocomplexityandunknownbehaviorofgrids with IBRs and EV charging stations, a variety of cyber risks can impact the grid. Therefore,thischapterdemonstratesthevulnerabilitiesofthisnewgridarchitecture, includingIBRsandEVchargingstations.Besides,itdiscussestheeffectivemodel- based,ArtificialIntelligence(AI)-basedtechniques,andsometechnologiestodetect andmitigatethesecyberthreats. ChapterImprovingCybersecuritySituationalAwarenessinSmartGridEnviron- ments looks at improving cybersecurity situational awareness in smart grid envi- ronments. Demand response (DR) and peer-to-peer (P2P) energy trading in smart gridsusedistributedarchitecturesandmultipledatasourcestoenablemoreconsumer involvement.Giventherelianceonandbehind-the-meterdataandthedistributedand heterogeneous setups, these data and processes are prone to various cybersecurity attacks.Hence,theidentificationofsecurityrisksandcontinuoussituationalaware- ness are essential to establish system trust and resilience. In such a multi-layered, distributedsystem,dataoriginandthestepsforprocessing,modifying,andaggre- gatingdataarehighlysignificant.Dataprovenancedenotesmetadatadescribingdata derivationthroughoutthedifferentlayersofthesystem.Trackingdataprovenance canprovidevaluableinformationondatahistoryandlineage.However,whileprove- nancegeneratesmetadatafordatahistory,security-relevantinformationtoestimate Preface ix relevantrisksisnotaddressed.Thischapteremphasizestheneedforsecurity-aware data provenance in residential DR and P2P energy trading. Based on the existing Prov-IoT model for security-aware provenance in the Internet of Things applica- tions,wepresentarefinedmodelwithentitiesandmetadataspecifictosmartgrids and microgrids. This instantiation named Prov-IoT-MG, demonstrates the impor- tanceandnecessityofsecurity-awareprovenancegraphsforcontinuouslyestimating risksagainstman-in-the-middle,falsedatainjection,andloadalteringattacks.We illustratehowProv-IoT-MGgraphscanbegeneratedandevaluatedatrun-timeand areusefulinprovidingup-to-dateinformationonactivesecuritycontrolsandother security-relevantinformation.Finally,wediscusshowthesegraphshelptoimprove theresilienceofgridprocesseswithhighersituationalawareness. Chapter Hybrid Physics-Based and Data-Driven Mitigation Strategy for Auto- matic Generation Control Under Cyber Attack proposes a novel technique for defendingagainstcyberattacksonfrequencycontrolsystems.Thefusionofinforma- tion,data,control,andelectricpowerfacilitatestheelectriccyber-physicalsystem (ECPS).IntheECPS,thoughthehigh-levelcyber-physicalinteractionandintegra- tionincreasetheflexibilityandefficiencyofpowersystemoperation,theaccompa- nied cyber perils gradually endanger the system’s security. In fact, several energy sector-targetedattacks,includingtheinfamousUkrainepowergridhack,haveshown the power system vulnerability in cybersecurity incidents. Known as the critical power-balancingoperationinreal-timecontrolsystems,automaticgenerationcontrol (AGC) is a typical ECPS application. Measurements from remote sensors may be manipulated by attackers when telemetered to the AGC center, thereby disrupting thebalanceofpowerandfrequencystability.Inthissituation,cyberattack-tolerant AGC plays an important role in the face of cybersecurity threats. To achieve the cyberattack-tolerant AGC, some strategies including the physics-based and data- driven attack mitigation schemes have been employed. Inthis chapter, inspired by thefaultdetection,diagnosis,andreconfigurationinfault-tolerantcontroltheories, a hybrid physics-based and data-driven mitigation model is developed for AGC under false data injection attacks (FDIAs). A mathematical model is derived to revealthecausalrelationbetweentheFDIAsignalandcompromisedAGCmeasure- ment data. Then, data-driven approaches are employed to establish the mapping betweenthecompromisedmeasurementdataandpowercompensation.Finally,the compensation-basedmitigationmodelisdeveloped. Chapter Data-Driven Cyber-Resilient Control of Wide Area Power Systems suggestsanovelmethodforsecuringfrequencycontrolinwide-areapowersystems. Withtheuptakeofadvancedcommunicationtechnologies,monitoringandoperation ofpowersystemshavebeenexperiencingaparadigmshift.Manycentralizedalgo- rithmscannowbeimplementedinadistributedscheme.Forexample,localdecisions canmakefasteractionsresultinginaresilientpowergrid.Despitetheseadvantages, these communication networks have made power networks vulnerable to cyberat- tacks.Therefore,onlyattack-resilientalgorithmscanbereliablyimplementedusing thesetechnologies.Inthischapter,aData-DrivenCyber-ResilientControl(DDCRC) method is proposed for the frequency stability of wide-area power grids. In the proposed method, the automatic generation control signals are generated without

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.