Behind Closed Doors: Process-Level Rootkit Attacks in Cyber-Physical Microgrid Systems
Authors:
Suman Rath,
Ioannis Zografopoulos,
Pedro P. Vergara,
Vassilis C. Nikolaidis,
Charalambos Konstantinou
Abstract:
Embedded controllers, sensors, actuators, advanced metering infrastructure, etc. are cornerstone components of cyber-physical energy systems such as microgrids (MGs). Harnessing their monitoring and control functionalities, sophisticated schemes enhancing MG stability can be deployed. However, the deployment of `smart' assets increases the threat surface. Power systems possess mechanisms capable o…
▽ More
Embedded controllers, sensors, actuators, advanced metering infrastructure, etc. are cornerstone components of cyber-physical energy systems such as microgrids (MGs). Harnessing their monitoring and control functionalities, sophisticated schemes enhancing MG stability can be deployed. However, the deployment of `smart' assets increases the threat surface. Power systems possess mechanisms capable of detecting abnormal operations. Furthermore, the lack of sophistication in attack strategies can render them detectable since they blindly violate power system semantics. On the other hand, the recent increase of process-aware rootkits that can attain persistence and compromise operations in undetectable ways requires special attention. In this work, we investigate the steps followed by stealthy rootkits at the process level of control systems pre- and post-compromise. We investigate the rootkits' precompromise stage involving the deployment to multiple system locations and aggregation of system-specific information to build a neural network-based virtual data-driven model (VDDM) of the system. Then, during the weaponization phase, we demonstrate how the VDDM measurement predictions are paramount, first to orchestrate crippling attacks from multiple system standpoints, maximizing the impact, and second, impede detection blinding system operator situational awareness.
△ Less
Submitted 20 February, 2022;
originally announced February 2022.
Towards Plug-and-Play Protection for Meshed Distribution Systems with DG
Authors:
Aristotelis M. Tsimtsios,
Vassilis C. Nikolaidis
Abstract:
Future distribution systems are expected to display increased complexity, mainly due to looped/meshed operation, switch between grid-connected and islanded mode and considerable integration of distributed generation. This paper investigates a plug-and-play protection solution for overhead distribution systems with such variable operation conditions, employing existing numerical relay capabilities.…
▽ More
Future distribution systems are expected to display increased complexity, mainly due to looped/meshed operation, switch between grid-connected and islanded mode and considerable integration of distributed generation. This paper investigates a plug-and-play protection solution for overhead distribution systems with such variable operation conditions, employing existing numerical relay capabilities. This solution is applied by designing plug-and-play, communication-assisted, multifunctional relays with integrated protection element settings, which apply universally to all distribution system conditions, rendering the protection scheme independent of a specific system. Hence, the need for user-defined settings or future revisions due to system changes is eliminated. The scheme ensures coordination between main line relays and backup protection of laterals, without a coordination study. There is no need to replace or modify existing lateral protection means for this purpose; only their known time-overcurrent curves are uploaded to the relays by the user. The scheme is described and evaluated through simulations in two test systems. Meaningful conclusions are finally derived.
△ Less
Submitted 6 October, 2019; v1 submitted 11 December, 2018;
originally announced December 2018.