Modeling, analysis and countermeasures for attack propagation in wide area measurement systems

Abstract

Power grids are critical cyber-physical systems that employ advanced Information and Communication Technologies (ICTs), such as Wide Area Measurement Systems (WAMSs), to deliver the energy to end users reliably and efficiently. WAMSs are used to collect real-time data from Phasor Measurement Units (PMUs) to improve the operator’s situational awareness, as well as to enhance real-time monitoring and control of power systems. The WAMS, however, is vulnerable to cyber-attacks due to the susceptibility of its components—such as PMUs and Phasor Data Concentrators (PDCs)—and the lack of embedded security mechanisms in its communication protocols. Some more-destructive cyber-attacks, such as malware injection, can propagate themselves into the components of a WAMS through the communication network. Thus, in such attacks, an attacker can compromise a larger number of components, resulting in more-severe consequences. Therefore, investigating the propagation of cyber-attacks in WAMSs and devising effective counter-measures for this problem are of paramount importance. On this basis, this thesis initially develops a model to analyze cyber-attack propagation in WAMS. Then, the impacts of the attacker’s capability and the network operator’s defensive ability on attack propagation are investigated in detail. Such a study can elucidate the required security measures and defensive strategies to prevent the spread of cyber-attacks in WAMSs. Finally, a Learning-Based Framework (LBF) is developed to estimate the attacker’s capability. [...]