Top

Published in:

2012 | OriginalPaper | Chapter

Risk Analysis of Coordinated Cyber Attacks on Power Grid

Authors : Siddharth Sridhar, Manimaran Govindarasu, Chen-Ching Liu

Published in: Control and Optimization Methods for Electric Smart Grids

Publisher: Springer New York

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The supervisory control and data acquisition (SCADA) network provides adversaries with an opportunity to perform coordinated cyber attacks on power system equipment as it presents an increased attack surface. Coordinated attacks, when smartly structured, can not only have severe physical impacts, but can also potentially nullify the effect of system redundancy and other defense mechanisms. This chapter proposes a vulnerability assessment framework to quantify risk due to intelligent coordinated attacks, where risk is defined as the product of probability of successful cyber intrusion and resulting power system impact. The cyber network is modeled using Stochastic Petri Nets and the steady-state probability of successful intrusion into a substation is obtained using this. The model employs a SCADA network with firewalls and password protection schemes. The impact on the power system is estimated by load unserved after a successful attack. The New England 39-bus system is used as a test model to run Optimal Power Flow (OPF) simulations to determine load unserved. We conduct experiments creating coordinated attacks from our attack template on the test system and evaluate the risk for every case. Our attack cases include combinations of generation units and transmission lines that form coordinated attack pairs. Our integrated risk evaluation studies provide a methodology to assess risk from different cyber network configurations and substation capabilities. Our studies identify scenarios, where generation capacity, cyber vulnerability, and the topology of the grid together could be used by attackers to cause significant power system impact.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Optimal Charging Control for Plug-In Electric Vehicles

next chapter Synchronous Measurements in Power Distribution Systems

Presidents Commission on Critical Infrastructure Protection, Critical Foundations: Protecting Americas Infrastructures (1997). [Online]. Available at: http://www.ciao.gov/

Motorola SCADA Products: RTU ACE3600

Clarke G, Reynders D (2004) Practical modern SCADA protocols: DNP3, 60870.5 and related systems (IDC Technology). September 2004

Shaw WT (2008) Cybersecurity for SCADA systems. PennWell Corp., July 28, 2006

Ten C-W, Liu C-C, Manimaran G (2008) Vulnerability assessment of cybersecurity for SCADA systems. IEEE Trans Power Syst 23(4):1836–1846CrossRef

Stamp J, McIntyre A, Richardson B (2009) Reliability impacts from cyber attack on electric power systems. In: IEEE PES power systems conference and exposition, PSCE ’09, March 15–18, 2009, pp 1–8

Salmeron J, Wood K, Baldick R (2004) Analysis of electric grid security under terrorist threat. IEEE Trans Power Syst 19(2):905–912CrossRef

Patel S, Stephan K, Bajpai M, Das R, Domin TJ, Fennell E, Gardell JD, Gibbs I, Henville C, Kerrigan PM, King HJ, Kumar P, Mozina CJ, Reichard M, Uchiyama J, Usman S, Viers D, Wardlow D, Yalla M (2004) Performance of generator protection during major system disturbances. IEEE Trans Power Deliv 19(4):1650–1662CrossRef

Cheminod M, Bertolotti I, Durante L et al (2009) Detecting chains of vulnerabilites in industrial networks. IEEE Trans Ind Inf 5(2):181–193CrossRef

10.

Leon RA, Vittal V, Manimaran G (2007) Application of sensor network for secure electric energy infrastructure. IEEE Trans Power Deliv 22(2):1021–1028CrossRef

11.

Ye N, Giordano J, Feldman J (2001) A process control approach to cyber attack detection. Commun ACM 44(8):76–82CrossRef

12.

Braynov S, Jadliwala M (2003) Representation and analysis of coordinated attacks. In: Proceedings of the 2003 ACM workshop on Formal methods in security engineering (FMSE ’03). ACM, New York, NY, USA, pp 43–51

13.

Rinaldi SM, Peerenboom JP, Kelly TK (2001) Identifying, understanding and analyzing critical infrastructure interdependencies. IEEE Contr Syst 21(6):11–25CrossRef

14.

McDermott J (2005) Attack-potential-based survivability modeling for high-consequence systems. In: Proceedings of the 3rd IEEE international workshop on information assurance, IWIA ’05, pp 119–130

15.

Amin M (2003) North America’s electricity infrastructure: are we ready for more perfect storms? IEEE Security Privacy 1(5):19–25CrossRef

16.

Goetz E (2002) Cybersecurity for electric power industry. In: Report of investigative research for infrastructure assurance (IRIA), Institute for Security Technology Studies, Dartmouth College, December 2002

17.

Amin M (2002) Security challenges for the electricity infrastructure. Computer 35(4):8–10CrossRefMathSciNet

18.

Steps to improve Cyber Security of SCADA Networks. Department of Energy, September 2002

19.

Leversage DJ, James E (2008) Estimating a system’s mean time to compromise. IEEE Security Privacy 6(1):52–60CrossRef

20.

Krutz RL (2008) Securing SCADA Systems, 1st edn. Wiley, New York

21.

McDonald JD (2007) Power substations engineering, 2nd edn. CRC Press, Boca RatonCrossRef

22.

Coates GM, Hopkinson KM, Graham SR, Kurkowski SH (2008) Collaborative, trust-based security mechanisms for a regional utility intranet. IEEE Trans Power Syst 23(3):831–844CrossRef

23.

Coates GM, Hopkinson KM, Graham SR, Kurkowski SH (2010) A trust system architecture for SCADA network security. IEEE Trans Power Deliv 25(1):158–169CrossRef

24.

Dondossola G, Garrone F, Szanto J, Fiorenza G (2007) Emerging information technology scenarios for the control and management of the distribution grid. In: Proceedings of 19th international conference and enhibition on electricity distribution, Vienna, Austria, March 21–24, 2007.

25.

Sommestad T, Ekstedt M, Nordstrom L (2009) Modeling security of power communication systems using defense graphs and influence diagrams. IEEE Trans Power Deliv 24(4):1801–1808CrossRef

26.

Huang Y-H, Cardenas AA et al (2009) Understanding the physical and economic consequences of attacks on control systems. Int J Critical Infrastructure Protection 2(3):72–83

27.

Kirschen D, Bouffard F (2009) Keep the lights on and the information flowing. IEEE Power Energ Mag 7(1):55–60

28.

Giri J, Sun D, Avila-Rosales R (2009) Wanted: a more intelligent grid. IEEE Power and Energy Magazine 7(2):34–40CrossRef

29.

Choi D, Kim H, Won D, Kim S (2009) Advanced key-management architecture for secure SCADA communications. IEEE Trans Power Deliv 24(3):1154–1163CrossRef

30.

Girault C, Valk R (2003) Petri nets for systems engineering. Springer, New York

31.

Ajmone Marsan M, Balbo G, Conte G, Donatelli S, Franceschinis G (1995) Modeling with generalized stochastic petri nets, 1st edn. Wiley, New York

Title: Risk Analysis of Coordinated Cyber Attacks on Power Grid
Authors: Siddharth Sridhar
Manimaran Govindarasu
Chen-Ching Liu
Publisher: Springer New York
Book: Control and Optimization Methods for Electric Smart Grids
Print ISBN: 978-1-4614-1604-3

Electronic ISBN: 978-1-4614-1605-0

Copyright Year: 2012
DOI: https://doi.org/10.1007/978-1-4614-1605-0_14