-
A Novel Mutual Insurance Model for Hedging Against Cyber Risks in Power Systems Deploying Smart Technologies
Authors:
Pikkin Lau,
Lingfeng Wang,
Wei Wei,
Zhaoxi Liu,
Chee-Wooi Ten
Abstract:
In this paper, a novel cyber-insurance model design is proposed based on system risk evaluation with smart technology applications. The cyber insurance policy for power systems is tailored via cyber risk modeling, reliability impact analysis, and insurance premium calculation. A stochastic Epidemic Network Model is developed to evaluate the cyber risk by propagating cyberattacks among graphical vu…
▽ More
In this paper, a novel cyber-insurance model design is proposed based on system risk evaluation with smart technology applications. The cyber insurance policy for power systems is tailored via cyber risk modeling, reliability impact analysis, and insurance premium calculation. A stochastic Epidemic Network Model is developed to evaluate the cyber risk by propagating cyberattacks among graphical vulnerabilities. Smart technologies deployed in risk modeling include smart monitoring and job thread assignment. Smart monitoring boosts the substation availability against cyberattacks with preventive and corrective measures. The job thread assignment solution reduces the execution failures by distributing the control and monitoring tasks to multiple threads. Reliability assessment is deployed to estimate load losses convertible to monetary losses. These monetary losses would be shared through a mutual insurance plan. To ensure a fair distribution of indemnity, a new Shapley mutual insurance principle is devised. Effectiveness of the proposed Shapley mutual insurance design is validated via case studies. The Shapley premium is compared with existent premium designs. It is shown that the Shapley premium has high indemnity levels closer to those of Tail Conditional Expectation premium. Meanwhile, the Shapley premium is nearly as affordable as the coalitional premium and keeps a relatively low insolvency probability.
△ Less
Submitted 16 March, 2024;
originally announced March 2024.
-
Cyber-Induced Risk Modeling for Microprocessor-Based Relays in Substations
Authors:
Zhiyuan Yang,
Chee-Wooi Ten
Abstract:
Once critical substations are compromised, attack agents can coordinate among their peers to plot for maximizing disruption using local control devices. For defenders, it is critical to enumerate and identify all digital relays to determine the systemic risks. Any combination of disruptive switching via the compromised relays can result in misoperation or immediate effect to the system. The result…
▽ More
Once critical substations are compromised, attack agents can coordinate among their peers to plot for maximizing disruption using local control devices. For defenders, it is critical to enumerate and identify all digital relays to determine the systemic risks. Any combination of disruptive switching via the compromised relays can result in misoperation or immediate effect to the system. The resulting consequence of these attack's initial events would possibly incur cascading failure to a grid. This paper quantifies the criticality of substation protective relays with the combination of the outage level and its corresponding severity risk index. The proposed hypothesized outages are based on the type of protective relaying, bus configuration of a substation, and commonly implemented relaying schemes, such as bus differential, directional overcurrent, and distance relays, are studied. This preliminary work also provides three approaches of determination in probabilities for sensitivity analysis. The proposed risk indices are evaluated using IEEE test systems.
△ Less
Submitted 8 January, 2018;
originally announced January 2018.
-
Impact Assessment of Hypothesized Cyberattacks on Interconnected Bulk Power Systems
Authors:
Chee-Wooi Ten,
Koji Yamashita,
Zhiyuan Yang,
Athanasios V. Vasilakos,
Andrew Ginter
Abstract:
The first-ever Ukraine cyberattack on power grid has proven its devastation by hacking into their critical cyber assets. With administrative privileges accessing substation networks/local control centers, one intelligent way of coordinated cyberattacks is to execute a series of disruptive switching executions on multiple substations using compromised supervisory control and data acquisition (SCADA…
▽ More
The first-ever Ukraine cyberattack on power grid has proven its devastation by hacking into their critical cyber assets. With administrative privileges accessing substation networks/local control centers, one intelligent way of coordinated cyberattacks is to execute a series of disruptive switching executions on multiple substations using compromised supervisory control and data acquisition (SCADA) systems. These actions can cause significant impacts to an interconnected power grid. Unlike the previous power blackouts, such high-impact initiating events can aggravate operating conditions, initiating instability that may lead to system-wide cascading failure. A systemic evaluation of "nightmare" scenarios is highly desirable for asset owners to manage and prioritize the maintenance and investment in protecting their cyberinfrastructure. This survey paper is a conceptual expansion of real-time monitoring, anomaly detection, impact analyses, and mitigation (RAIM) framework that emphasizes on the resulting impacts, both on steady-state and dynamic aspects of power system stability. Hypothetically, we associate the combinatorial analyses of steady state on substations/components outages and dynamics of the sequential switching orders as part of the permutation. The expanded framework includes (1) critical/noncritical combination verification, (2) cascade confirmation, and (3) combination re-evaluation. This paper ends with a discussion of the open issues for metrics and future design pertaining the impact quantification of cyber-related contingencies.
△ Less
Submitted 3 January, 2018;
originally announced January 2018.