-
A Game-Theoretic Approach for PMU Deployment Against False Data Injection Attacks
Authors:
Sajjad Maleki,
Subhash Lakshminarayana,
E. Veronica Belmega,
Carsten Maple
Abstract:
Phasor Measurement Units (PMUs) are used in the measurement, control and protection of power grids. However, deploying PMUs at every bus in a power system is prohibitively expensive, necessitating partial PMU placement that can ensure system observability with minimal units. One consequence of this economic approach is increased system vulnerability to False Data Injection Attacks (FDIAs). This pa…
▽ More
Phasor Measurement Units (PMUs) are used in the measurement, control and protection of power grids. However, deploying PMUs at every bus in a power system is prohibitively expensive, necessitating partial PMU placement that can ensure system observability with minimal units. One consequence of this economic approach is increased system vulnerability to False Data Injection Attacks (FDIAs). This paper proposes a zero-sum game-based approach to strategically place an additional PMU (following the initial optimal PMU deployment that ensures full observability) to bolster robustness against FDIAs by introducing redundancy in attack-susceptible areas. To compute the Nash equilibrium (NE) solution, we leverage a reinforcement learning algorithm that mitigates the need for complete knowledge of the opponent's actions. The proposed PMU deployment algorithm increases the detection rate of FDIA by 36% compared to benchmark algorithms.
△ Less
Submitted 18 April, 2024; v1 submitted 16 April, 2024;
originally announced April 2024.
-
Demand-Side Threats to Power Grid Operations from IoT-Enabled Edge
Authors:
Subhash Lakshminarayana,
Carsten Maple,
Andrew Larkins,
Daryl Flack,
Christopher Few,
Anurag. K. Srivastava
Abstract:
The growing adoption of Internet-of-Things (IoT)-enabled energy smart appliances (ESAs) at the consumer end, such as smart heat pumps, electric vehicle chargers, etc., is seen as key to enabling demand-side response (DSR) services. However, these smart appliances are often poorly engineered from a security point of view and present a new threat to power grid operations. They may become convenient…
▽ More
The growing adoption of Internet-of-Things (IoT)-enabled energy smart appliances (ESAs) at the consumer end, such as smart heat pumps, electric vehicle chargers, etc., is seen as key to enabling demand-side response (DSR) services. However, these smart appliances are often poorly engineered from a security point of view and present a new threat to power grid operations. They may become convenient entry points for malicious parties to gain access to the system and disrupt important grid operations by abruptly changing the demand. Unlike utility-side and SCADA assets, ESAs are not monitored continuously due to their large numbers and the lack of extensive monitoring infrastructure at consumer sites. This article presents an in-depth analysis of the demand side threats to power grid operations including (i) an overview of the vulnerabilities in ESAs and the wider risk from the DSR ecosystem and (ii) key factors influencing the attack impact on power grid operations. Finally, it presents measures to improve the cyber-physical resilience of power grids, putting them in the context of ongoing efforts from the industry and regulatory bodies worldwide.
△ Less
Submitted 28 October, 2023;
originally announced October 2023.
-
Localizing Load-Altering Attacks Against Power Grids Using Deep Capsule Nets
Authors:
Hamidreza Jahangir,
Subhash Lakshminarayana,
Carsten Maple
Abstract:
Recent research has shown that the security of power grids can be seriously threatened by botnet-type cyber attacks that target a large number of high-wattage smart electrical appliances owned by end-users. Accurate detection and localization of such attacks is of critical importance in limiting the damage. To this end, the paper proposes a novel technique using capsule networks (CNs) tailored to…
▽ More
Recent research has shown that the security of power grids can be seriously threatened by botnet-type cyber attacks that target a large number of high-wattage smart electrical appliances owned by end-users. Accurate detection and localization of such attacks is of critical importance in limiting the damage. To this end, the paper proposes a novel technique using capsule networks (CNs) tailored to the power grid security application that uses the frequency and phase angle data monitored by phasor measurement units (PMUs). With the benefit of vector output from capsules and dynamic routing agreements between them, CNs can obtain accurate detection and localization performance. To demonstrate the efficiency of the suggested technique, we compare the developed CN with benchmark data-driven methodologies, including two-dimensional convolutional neural networks (2D-CNN), one-dimensional CNN (1D-CNN), deep multi-layer perceptrons (MLP), and support vector machines (SVM). Simulations are performed on IEEE 14-, 39-, and 57-bus systems, considering various real-world issues such as PMU delays, noisy data, and missing data points. The results show that CNs significantly outperform other techniques, thus making them suitable for the aforementioned cyber security applications.
△ Less
Submitted 6 September, 2022;
originally announced September 2022.
-
Data-Driven Detection and Identification of IoT-Enabled Load-Altering Attacks in Power Grids
Authors:
Subhash Lakshminarayana,
Saurav Sthapit,
Hamidreza Jahangir,
Carsten Maple,
H Vincent Poor
Abstract:
Advances in edge computing are powering the development and deployment of Internet of Things (IoT) systems to provide advanced services and resource efficiency. However, large-scale IoT-based load-altering attacks (LAAs) can seriously impact power grid operations, such as destabilising the grid's control loops. Timely detection and identification of any compromised nodes are essential to minimise…
▽ More
Advances in edge computing are powering the development and deployment of Internet of Things (IoT) systems to provide advanced services and resource efficiency. However, large-scale IoT-based load-altering attacks (LAAs) can seriously impact power grid operations, such as destabilising the grid's control loops. Timely detection and identification of any compromised nodes are essential to minimise the adverse effects of these attacks on power grid operations. In this work, two data-driven algorithms are proposed to detect and identify compromised nodes and the attack parameters of the LAAs. The first method, based on the Sparse Identification of Nonlinear Dynamics (SINDy) approach, adopts a sparse regression framework to identify attack parameters that best describe the observed dynamics. The second method, based on physics-informed neural networks (PINN), employs neural networks to infer the attack parameters from the measurements. Both algorithms are presented utilising edge computing for deployment over decentralised architectures. Extensive simulations are performed on IEEE 6-,14- and 39-bus systems to verify the effectiveness of the proposed methods. Numerical results confirm that the proposed algorithms outperform existing approaches, such as those based on unscented Kalman filter, support vector machines (SVM), and neural networks (NN), and effectively detect and identify locations of attack in a timely manner.
△ Less
Submitted 22 March, 2022; v1 submitted 1 October, 2021;
originally announced October 2021.
-
A Comparison of Data-Driven Techniques for Power Grid Parameter Estimation
Authors:
Subhash Lakshminarayana,
Saurav Sthapit,
Carsten Maple
Abstract:
Power grid parameter estimation involves the estimation of unknown parameters, such as inertia and dam** coefficients, using observed dynamics. In this work, we present a comparison of data-driven algorithms for the power grid parameter estimation problem. First, we propose a new algorithm to solve the parameter estimation problem based on the Sparse Identification of Nonlinear Dynamics (SINDy)…
▽ More
Power grid parameter estimation involves the estimation of unknown parameters, such as inertia and dam** coefficients, using observed dynamics. In this work, we present a comparison of data-driven algorithms for the power grid parameter estimation problem. First, we propose a new algorithm to solve the parameter estimation problem based on the Sparse Identification of Nonlinear Dynamics (SINDy) approach, which uses linear regression to infer the parameters that best describe the observed data. We then compare its performance against two benchmark algorithms, namely, the unscented Kalman filter (UKF) approach and the physics-informed neural networks (PINN) approach. We perform extensive simulations on IEEE bus systems to examine the performance of the aforementioned algorithms. Our results show that the SINDy algorithm outperforms the PINN and UKF algorithms in being able to accurately estimate the power grid parameters over a wide range of system parameters (including high and low inertia systems). Moreover, it is extremely efficient computationally and so takes significantly less time than the PINN algorithm, thus making it suitable for real-time parameter estimation.
△ Less
Submitted 8 July, 2021;
originally announced July 2021.
-
A Meta-Learning Approach to the Optimal Power Flow Problem Under Topology Reconfigurations
Authors:
Yexiang Chen,
Subhash Lakshminarayana,
Carsten Maple,
H. Vincent Poor
Abstract:
Recently, there has been a surge of interest in adopting deep neural networks (DNNs) for solving the optimal power flow (OPF) problem in power systems. Computing optimal generation dispatch decisions using a trained DNN takes significantly less time when compared to using conventional optimization solvers. However, a major drawback of existing work is that the machine learning models are trained f…
▽ More
Recently, there has been a surge of interest in adopting deep neural networks (DNNs) for solving the optimal power flow (OPF) problem in power systems. Computing optimal generation dispatch decisions using a trained DNN takes significantly less time when compared to using conventional optimization solvers. However, a major drawback of existing work is that the machine learning models are trained for a specific system topology. Hence, the DNN predictions are only useful as long as the system topology remains unchanged. Changes to the system topology (initiated by the system operator) would require retraining the DNN, which incurs significant training overhead and requires an extensive amount of training data (corresponding to the new system topology). To overcome this drawback, we propose a DNN-based OPF predictor that is trained using a meta-learning (MTL) approach. The key idea behind this approach is to find a common initialization vector that enables fast training for any system topology. The developed OPF-predictor is validated through simulations using benchmark IEEE bus systems. The results show that the MTL approach achieves significant training speeds-ups and requires only a few gradient steps with a few data samples to achieve high OPF prediction accuracy.
△ Less
Submitted 27 September, 2021; v1 submitted 21 December, 2020;
originally announced December 2020.
-
Analysis of IoT-Based Load Altering Attacks Against Power Grids Using the Theory of Second-Order Dynamical Systems
Authors:
Subhash Lakshminarayana,
Sondipon Adhikari,
Carsten Maple
Abstract:
Recent research has shown that large-scale Internet of Things (IoT)-based load altering attacks can have a serious impact on power grid operations such as causing unsafe frequency excursions and destabilizing the grid's control loops. In this work, we present an analytical framework to investigate the impact of IoT-based static/dynamic load altering attacks (S/DLAAs) on the power grid's dynamic re…
▽ More
Recent research has shown that large-scale Internet of Things (IoT)-based load altering attacks can have a serious impact on power grid operations such as causing unsafe frequency excursions and destabilizing the grid's control loops. In this work, we present an analytical framework to investigate the impact of IoT-based static/dynamic load altering attacks (S/DLAAs) on the power grid's dynamic response. Existing work on this topic has mainly relied on numerical simulations and, to date, there is no analytical framework to identify the victim nodes from which that attacker can launch the most impactful attacks. To address these shortcomings, we use results from second-order dynamical systems to analyze the power grid frequency control loop under S/DLAAs. We use parametric sensitivity of the system's eigensolutions to identify victim nodes that correspond to the least-effort destabilizing DLAAs. Further, to analyze the SLAAs, we present closed-form expression for the system's frequency response in terms of the attacker's inputs, hel** us characterize the minimum load change required to cause unsafe frequency excursions. Using these results, we formulate the defense against S/DLAAs as a linear programming problem in which we determine the minimum amount of load that needs to be secured at the victim nodes to ensure system safety/stability. Extensive simulations conducted using benchmark IEEE-bus systems validate the accuracy and efficacy of our approach.
△ Less
Submitted 28 March, 2021; v1 submitted 28 September, 2020;
originally announced September 2020.
-
CyRes -- Avoiding Catastrophic Failure in Connected and Autonomous Vehicles (Extended Abstract)
Authors:
Carsten Maple,
Peter Davies,
Kerstin Eder,
Chris Hankin,
Greg Chance,
Gregory Epiphaniou
Abstract:
Existing approaches to cyber security and regulation in the automotive sector cannot achieve the quality of outcome necessary to ensure the safe mass deployment of advanced vehicle technologies and smart mobility systems. Without sustainable resilience hard-fought public trust will evaporate, derailing emerging global initiatives to improve the efficiency, safety and environmental impact of future…
▽ More
Existing approaches to cyber security and regulation in the automotive sector cannot achieve the quality of outcome necessary to ensure the safe mass deployment of advanced vehicle technologies and smart mobility systems. Without sustainable resilience hard-fought public trust will evaporate, derailing emerging global initiatives to improve the efficiency, safety and environmental impact of future transport. This paper introduces an operational cyber resilience methodology, CyRes, that is suitable for standardisation. The CyRes methodology itself is capable of being tested in court or by publicly appointed regulators. It is designed so that operators understand what evidence should be produced by it and are able to measure the quality of that evidence. The evidence produced is capable of being tested in court or by publicly appointed regulators. Thus, the real-world system to which the CyRes methodology has been applied is capable of operating at all times and in all places with a legally and socially acceptable value of negative consequence.
△ Less
Submitted 3 July, 2020; v1 submitted 26 June, 2020;
originally announced June 2020.
-
Fogbanks: Future Dynamic Vehicular Fog Banks for Processing, Sensing and Storage in 6G
Authors:
A. A. Alahmadi,
M. O. I. Musa,
T. E. H. El-Gorashi,
J. M. H. Elmirghani,
S. Grant-Muller,
D. Hutchison,
A. Mauthe,
M. Dianati,
C. Maple,
L. Lefevre,
A. Lason
Abstract:
Fixed edge processing has become a key feature of 5G networks, while playing a key role in reducing latency, improving energy efficiency and introducing flexible compute resource utilization on-demand with added cost savings. Autonomous vehicles are expected to possess significantly more on-board processing capabilities and with improved connectivity. Vehicles continue to be used for a fraction of…
▽ More
Fixed edge processing has become a key feature of 5G networks, while playing a key role in reducing latency, improving energy efficiency and introducing flexible compute resource utilization on-demand with added cost savings. Autonomous vehicles are expected to possess significantly more on-board processing capabilities and with improved connectivity. Vehicles continue to be used for a fraction of the day, and as such there is a potential to increase processing capacity by utilizing these resources while vehicles are in short-term and long-term car parks, in roads and at road intersections. Such car parks and road segments can be transformed, through 6G networks, into vehicular fog clusters, or Fogbanks, that can provide processing, storage and sensing capabilities, making use of underutilized vehicular resources. We introduce the Fogbanks concept, outline current research efforts underway in vehicular clouds, and suggest promising directions for 6G in a world where autonomous driving will become commonplace. Moreover, we study the processing allocation problem in cloud-based Fogbank architecture. We solve this problem using Mixed Integer Programming (MILP) to minimize the total power consumption of the proposed architecture, taking into account two allocation strategies, single allocation of tasks and distributed allocation. Finally, we describe additional future directions needed to establish reliability, security, virtualisation, energy efficiency, business models and standardization.
△ Less
Submitted 10 May, 2020;
originally announced May 2020.
-
Develo** an Unsupervised Real-time Anomaly Detection Scheme for Time Series with Multi-seasonality
Authors:
Wentai Wu,
Ligang He,
Weiwei Lin,
Yi Su,
Yuhua Cui,
Carsten Maple,
Stephen Jarvis
Abstract:
On-line detection of anomalies in time series is a key technique used in various event-sensitive scenarios such as robotic system monitoring, smart sensor networks and data center security. However, the increasing diversity of data sources and the variety of demands make this task more challenging than ever. Firstly, the rapid increase in unlabeled data means supervised learning is becoming less s…
▽ More
On-line detection of anomalies in time series is a key technique used in various event-sensitive scenarios such as robotic system monitoring, smart sensor networks and data center security. However, the increasing diversity of data sources and the variety of demands make this task more challenging than ever. Firstly, the rapid increase in unlabeled data means supervised learning is becoming less suitable in many cases. Secondly, a large portion of time series data have complex seasonality features. Thirdly, on-line anomaly detection needs to be fast and reliable. In light of this, we have developed a prediction-driven, unsupervised anomaly detection scheme, which adopts a backbone model combining the decomposition and the inference of time series data. Further, we propose a novel metric, Local Trend Inconsistency (LTI), and an efficient detection algorithm that computes LTI in a real-time manner and scores each data point robustly in terms of its probability of being anomalous. We have conducted extensive experimentation to evaluate our algorithm with several datasets from both public repositories and production environments. The experimental results show that our scheme outperforms existing representative anomaly detection algorithms in terms of the commonly used metric, Area Under Curve (AUC), while achieving the desired efficiency.
△ Less
Submitted 23 April, 2021; v1 submitted 3 August, 2019;
originally announced August 2019.
-
A Review of Critical Infrastructure Protection Approaches: Improving Security through Responsiveness to the Dynamic Modelling Landscape
Authors:
Uchenna D Ani,
Jeremy D McK. Watson,
Jason R. C. Nurse,
Al Cook,
Carsten Maple
Abstract:
As new technologies such as the Internet of Things (IoT) are integrated into Critical National Infrastructures (CNI), new cybersecurity threats emerge that require specific security solutions. Approaches used for analysis include the modelling and simulation of critical infrastructure systems using attributes, functionalities, operations, and behaviours to support various security analysis viewpoi…
▽ More
As new technologies such as the Internet of Things (IoT) are integrated into Critical National Infrastructures (CNI), new cybersecurity threats emerge that require specific security solutions. Approaches used for analysis include the modelling and simulation of critical infrastructure systems using attributes, functionalities, operations, and behaviours to support various security analysis viewpoints, recognising and appropriately managing associated security risks. With several critical infrastructure protection approaches available, the question of how to effectively model the complex behaviour of interconnected CNI elements and to configure their protection as a system-of-systems remains a challenge. Using a systematic review approach, existing critical infrastructure protection approaches (tools and techniques) are examined to determine their suitability given trends like IoT, and effective security modelling and analysis issues. It is found that empirical-based, agent-based, system dynamics-based, and network-based modelling are more commonly applied than economic-based and equation-based techniques, and empirical-based modelling is the most widely used. The energy and transportation critical infrastructure sectors reflect the most responsive sectors, and no one Critical Infrastructure Protection (CIP) approach - tool, technique, methodology or framework -- provides a fit-for-all capacity for all-round attribute modelling and simulation of security risks. Typically, deciding factors for CIP choices to adopt are often dominated by trade-offs between complexity of use and popularity of approach, as well as between specificity and generality of application in sectors.
△ Less
Submitted 2 April, 2019;
originally announced April 2019.