Load-Altering Attacks Against Power Grids Under COVID-19 Low-Inertia Conditions

Lakshminarayana, Subhash; Ospina, Juan; Konstantinou, Charalambos

doi:10.1109/oajpe.2022.3155973

Cited by 20 publications

(12 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As a cyber-physical system, the power grid, including distribution systems, is vulnerable to various forms of cyberattacks [2]- [3] such as false data injection attacks [4] and load altering attacks [5]. These attacks are threats to the stability and control of the target power grid.…”

Section: A Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Cyberattack Correlation and Mitigation for Distribution Systems via Machine Learning

Appiah-Kubi

Liu

2023

IEEE Open J. Power Energy

View full text Add to dashboard Cite

Cyber-physical system security for electric distribution systems is critical. In direct switching attacks, often coordinated, attackers seek to toggle remote-controlled switches in the distribution network. Due to the typically radial operation, certain configurations may lead to outages and/or voltage violations. Existing optimization methods that model the interactions between the attacker and the power system operator (defender) assume knowledge of the attacker's parameters. This reduces their usability. Furthermore, the trend with coordinated cyberattack detection has been the use of centralized mechanisms, correlating data from dispersed security systems. This can be prone to single point failures. In this paper, novel mathematical models are presented for the attacker and the defender. The models do not assume any knowledge of the attacker's parameters by the defender. Instead, a machine learning (ML) technique implemented by a multi-agent system correlates detected attacks in a decentralized manner, predicting the targets of the attacker. Furthermore, agents learn optimal mitigation of the communication level through Q-learning. The learned attacker motive is also used by the defender to determine a new configuration of the distribution network. Simulations of the technique have been performed using the IEEE 123-Node Test Feeder. The simulation results validate the capability and performance of the algorithm.

show abstract

Section: A Related Workmentioning

confidence: 99%

“…Constraint (5) and the remaining constraints form the inner level optimization problem that characterize what the attacker believes will be the response of the operator to their attack. Constraint (5) maximizes the load served.…”

Section: B Attack Objective Modelmentioning

confidence: 99%

Cyberattack Correlation and Mitigation for Distribution Systems via Machine Learning

Appiah-Kubi

Liu

2023

IEEE Open J. Power Energy

View full text Add to dashboard Cite

show abstract

“…The IoT is a network of connected devices including smart appliances (e.g., smart thermostats, air-conditioning, heat pumps, EVCS points, etc. ), enabling the exchange of information between devices and users leveraging wired and wireless connections [80]- [82]. These IoT-enabled devices are connected to the load-end of DERs and their operation is typically orchestrated remotely by their end users.…”

Section: B Der Device Levelmentioning

confidence: 99%

“…Researchers have demonstrated that attackers can manipulate IoT-connected devices in low-inertia EPS (e.g., relying on renewable generation) and other exogenous conditions to cause unsafe grid operation. That is, in [82], [84], the authors investigate the impact on grid stability of load altering attacks -if multiple IoT-connected high-wattage devices are compromised simultaneously -during the COVID-19 lockdown period. This adversarial behavior is enabled by the absence of overarching defense mechanisms, such as anti-viruses, and the sporadic provision of software/firmware updates and security patches which further weaken the device security posture.…”

Section: B Der Device Levelmentioning

confidence: 99%

Distributed Energy Resources Cybersecurity Outlook: Vulnerabilities, Attacks, Impacts, and Mitigations

Zografopoulos¹,

Konstantinou²,

Hatziargyriou³

2022

Preprint

Self Cite

View full text Add to dashboard Cite

The digitalization and decentralization of the electric power grid are key thrusts towards an economically and environmentally sustainable future. Towards this goal, distributed energy resources (DER), including rooftop solar panels, battery storage, electric vehicles, etc., are becoming ubiquitous in power systems, effectively replacing fossil-fuel based generation. Power utilities benefit from DERs as they minimize transmission costs, provide voltage support through ancillary services, and reduce operational risks via their autonomous operation. Similarly, DERs grant users and aggregators control over the power they produce and consume. Apart from their sustainability and operational objectives, the cybersecurity of DER-supported power systems is of cardinal importance. DERs are interconnected, interoperable, and support remotely controllable features, thus, their cybersecurity should be thoroughly considered. DER communication dependencies and the diversity of DER architectures (e.g., hardware/software components of embedded devices, inverters, controllable loads, etc.) widen the threat surface and aggravate the cybersecurity posture of power systems. In this work, we focus on security oversights that reside in the cyber and physical layers of DERs and can jeopardize grid operations. We analyze adversarial capabilities and objectives when manipulating DER assets, and then present how protocol and device -level vulnerabilities can materialize into cyberattacks impacting power system operations. Finally, we provide mitigation strategies to thwart adversaries and directions for future DER cybersecurity.

show abstract

“…Thus, adversaries can compromise local controllers and sensors to create voltage and frequency instabilities. Additionally, manipulation of load sharing patterns among different power generation resources within the MG can disrupt the optimal scheduling [12]. In Algorithm 1, we present the post-installation attack methodology followed by the rootkit.…”

Section: Introductionmentioning

confidence: 99%

Behind Closed Doors: Process-Level Rootkit Attacks in Cyber-Physical Microgrid Systems

Rath¹,

Zografopoulos²,

Vergara³

et al. 2022

Preprint

Self Cite

View full text Add to dashboard Cite

Embedded controllers, sensors, actuators, advanced metering infrastructure, etc. are cornerstone components of cyber-physical energy systems such as microgrids (MGs). Harnessing their monitoring and control functionalities, sophisticated schemes enhancing MG stability can be deployed. However, the deployment of 'smart' assets increases the threat surface. Power systems possess mechanisms capable of detecting abnormal operations. Furthermore, the lack of sophistication in attack strategies can render them detectable since they blindly violate power system semantics. On the other hand, the recent increase of process-aware rootkits that can attain persistence and compromise operations in undetectable ways requires special attention. In this work, we investigate the steps followed by stealthy rootkits at the process level of control systems pre-and post-compromise. We investigate the rootkits' precompromise stage involving the deployment to multiple system locations and aggregation of system-specific information to build a neural network-based virtual data-driven model (VDDM) of the system. Then, during the weaponization phase, we demonstrate how the VDDM measurement predictions are paramount, first to orchestrate crippling attacks from multiple system standpoints, maximizing the impact, and second, impede detection blinding system operator situational awareness.

show abstract

Load-Altering Attacks Against Power Grids Under COVID-19 Low-Inertia Conditions

Cited by 20 publications

References 30 publications

Cyberattack Correlation and Mitigation for Distribution Systems via Machine Learning

Cyberattack Correlation and Mitigation for Distribution Systems via Machine Learning

Distributed Energy Resources Cybersecurity Outlook: Vulnerabilities, Attacks, Impacts, and Mitigations

Behind Closed Doors: Process-Level Rootkit Attacks in Cyber-Physical Microgrid Systems

Contact Info

Product

Resources

About