Identifying critical components for system reliability in power transmission systems

Setréus, Johan

January 2011

Large interruptions of power supply in the transmission system have considerable impact on modern society. The goal for the transmission system operator (TSO) is to prevent and mitigate such events with optimal decisions in design, planning, operation and maintenance. Identifying critical power components for system reliability provides one important input to this decision-making. This thesis develops quantitative component reliability importance indices applicable for identifying critical components in real transmission systems. Probabilistic models with component failure statistics are combined with detailed power system models evaluated with the AC power flow technique. In the presented method each system component is assigned three importance indices based on outage events expected probability and consequence to (i) reduced system security margin, (ii) interrupted load supply and (iii) disconnected generation units. By ranking components by each of the three interests, a more complete view of the risks to system reliability can be assessed than if, as traditionally, only (ii) is modelled. The impact on security margin is studied in well established critical transfer sections (CTS) supervised by the TSO. TSOs set the CTSs limits [MW] based on deterministic security criteria, with regard to thermal, voltage level, and system stability limits, and the CTSs' condition at post-contingency state is in the method used as an indicator of the system security margin. The methodology is extended with three indices modified to quantify the component importance for common-cause events initiated by acts of sabotage. The developed methods are applied on a significant part of the Great Britain transmission system, modelling 7000 components and 107 substation layouts. The study includes several load demand scenarios, 200 million initiating outage events and non-functioning protection equipment. The resulting component ranking provides an important input to the TSO's decision-making, and could be implemented as a complement to the existing deterministic N-1 criterion. With the methods applied a TSO can perform further and more detailed assessments on a few critical components in order to enhance system reliability for equipment failures and strengthen the system vulnerability against sabotage. / QC 20110920

transmission system reliability

component reliability importance index

Great Britain power system

power flow analysis

system adequacy

system security

system vulnerability

大台北地區系統保全定價策略 / The pricing strategy for system security industry in Taipei district

高國峰, Kao, Kuo Feng

Unknown Date

保全業近年來在消費者認同度上升以及政府輔導下，以快速的成長達到目前的成熟市場，進入了完全競爭的市場結構。但保全業的種類繁多，各類經營模式與獲利方式皆不同，可惜多數的業者多以削價競爭為期主要競爭策略。 目前保全業者以系統保全與駐警保全為主要兩大服務項目，因其經營特性與方向大不相同，故業者多單獨經營單項業務。而系統保全業者具有資本集中、技術密集及市場應用領域廣泛的特性；其經營特殊性在於初期必須投入龐大的資金，待達到經濟規模後，獲利的成長比率將遠高於營業額的成長比率，其潛在價值在於所擁有的客戶數。所以系統保全業者在經營上所需考量的角度與變化更多，頗值得討論；又系統保全另一特色為區域精耕，大台北地區又為各家保全業者必爭之地，故本研究就鎖定大台北地區的系統保全業者為研究範疇。 目前市場現況因陷入降價促銷的競爭策略，導致公司獲利大幅下降，只能變相降低人力成本，致使服務品質不佳，人員流動過大的惡性循環中。所以本研究將利用在財務會計領域中最常見的損益兩平計算概念，以政府法規規定的最低資本額設算，輔以實務上的經營現況假設，加以分析、整理後，尋找出在競爭市場中的合理價格區間。 本研究在找出結論後，希望能提供以下建議供業者與相關政府單位參考： 1.定價策略不宜大幅偏離常軌。 2.應合理合法提供人員薪資與福利，壓低人力成本創造盈餘容易造成人員流動過大 與違法之嫌。 3.獲利若遠低於市場報酬率時，應考量資金妥善配置。 4.應提昇消費者對合理保全價格的認同。 5.法規應更詳細區分系統保全業者所必須擔負的責任義務。 / In recent years, the security services industry has been rapidly growing and become mature and keenly competitive through the consumers’ highly demand and supports from the government. Due to the huge variety of the of security services category, the model of business operations and strategy of margins are also different accordingly. In such circumstances, unfortunately, price reduction becomes one of the main strategies to win the competitiveness for most of the security services company in the market. In the current market, there are two major services category which are system security and on-site guardians. In terms of the nature of the services for these two categories are varied, the security services company basically operate only one single category. The system security requires huge capital investment in the initial stage to establish the application system and its growth ratio of profitability will become higher than the growth ratio of sales revenue after its client size reaches certain economic scale. The characteristics of system security are obviously based upon the intensiveness of capital, high density of technology and wide scale of application. The potential value of system security depends upon the number of clients which company possess. Therefore, the system security company has to consider more and put more efforts on the complexity of business operations, and which is one the key subject being studied. This research and study will be focused on the category of system security and Taipei district based upon two major reasons: one is the degree of the penetration of system security in the market and the other is Taipei is most competitive district in this industry. As mentioned, price reduction becomes the key strategy to gain the market share but this also results in the drastic dropping of profitability which forces the company to reduce the personnel cost. Such kind of cost reduction approaches also bring out the worse service quality and high personnel turnover. Thus the purpose of this study is to figure out the most feasible and applicable pricing strategy in such competitive market by using the general accounting concept of break-even methodology under the considerations of minimum regulatory capital requirement and the current operational practice. I hope that the findings of this study can provide the following suggestions to the industry and government: 1.The pricing strategy should not far deviate from the market norms。 2.The company should offer reasonable and legitimate compensation package to the employees. To make profits by lower down the personnel costs will cause the high turnover rate and bear the risks of violating the labor law. 3.The capital allocation must be carefully reviewed and allocated if the net profit is much lower than returns. 4.It is necessary to promote the concept of reasonable pricing to gain the acceptance of consumers. 5.There should be clear and crystal regulations to stipulate the liability and obligation of system security company.

系統保全

競爭策略

保全定價策略

system security

competitiveness

security pricing strategy

A Stochastic Control Approach to Include Transfer Limits in Power System Operation

Perninge, Magnus

January 2011

The main function of the power grid is to transfer electric energy from generating facilities to consumers. To have a reliable and economical supply of electricity, large amounts of electric energy often have to be transferred over long distances. The transmission system has a limited capacity to transfer electric power, called the transfer capacity. Severe system failures may follow if the transfer capacity is reached during operation. Due to uncertainties, such as the random failure of system components, the transfer capacity for the near future is not readily determinable. Also, due to market principles, and reaction times and ramp rates of production facilities, power flow control is not fully flexible. Therefore, a transfer limit, which is below the transfer capacity, is decided and preventative actions are taken when the transfer reaches this limit. In this thesis an approach to deciding an optimal strategy for power flow control through activation of regulating bids on the regulating power market is outlined. This approach leads to an optimal definition of transfer limits as the boundary between the domain where no bid should be activated and the domains where bids should be activated. The approach is based on weighing the expected cost from system failures against the production cost. This leads to a stochastic impulse control problem for a Markov process in continuous time. The proposed method is a novel approach to decide transfer limits in power system operation. The method is tested in a case study on the IEEE 39 bus system, that shows promising results. In addition to deciding optimal transfer limits, it is also investigated how the transfer capacity can be enhanced by controlling components in the power system to increase stability. / QC 20111010

Frequency control

power regulating market

power system operation

power system security

stochastic impulse control

transfer capacity

transfer limit

Secure communications for critical infrastructure control systems

Dawson, Robert Edward

January 2008

In March 2000, 1 million litres of raw sewage was released into the water system of Maroochy Shire on Queensland’s sunshine coast. This environmental disaster was caused by a disgruntled ex-contractor using a radio transmitter to illicitly access the electronically controlled pumps in the control system. In 2007 CNN screened video footage of an experimental attack against a electrical generator. The attack caused the generator to shake and smoke, visually showing the damage caused by cyber attack. These attacks highlight the importance of securing the control systems which our critical infrastructures depend on. This thesis addresses securing control systems, focusing on securing the communications for supervisory control and data acquisition (SCADA) systems. We review the architectures of SCADA systems and produce a list of the system constraints that relate to securing these systems. With these constraints in mind, we survey both the existing work in information and SCADA security, observing the need to investigate further the problem of secure communications for SCADA systems. We then present risk modelling techniques, and model the risk in a simple SCADA system, using the ISM, a software tool for modelling information security risk. In modelling the risk, we verify the hypothesis that securing the communications channel is an essential part of an effective security strategy for SCADA systems. After looking at risk modelling, and establishing the value of securing communications, we move on to key management for SCADA systems. Appropriate key management techniques are a crucial part of secure communications, and form an important part of the contributions made in this work. We present a key management protocol that has been designed to run under the constraints specific to SCADA systems. A reductionist security proof is developed for a simplified version of the protocol, showing it is secure in the Bellare Rogaway model.

Approche algorithmique pour l’amélioration des performances du système de détection d’intrusions PIGA / Algorithmic approach for perfomance improvement of the intrusion detection system PIGA

Clairet, Pierre

24 June 2014

PIGA est un outil permettant de détecter les comportements malicieux par analyse de trace système. Pour cela, il utilise des signatures représentant les comportements violant une ou plusieurs propriétés de sécurité définies dans la politique. Les signatures sont générées à partir de graphes modélisant les opérations entre les différentes entités du système et sont stockées en mémoire pendant la détection d’intrusion. Cette base de signatures peut atteindre une taille de plusieurs Mo et ainsi réduire les performances du système lorsque la détection d’intrusion est active. Durant cette thèse, nous avons mis en place plusieurs méthodes pour réduire la mémoire nécessaire pour stocker les signatures, tout en préservant leur qualité. La première méthode présentée est basée sur la décomposition modulaire des graphes. Nous avons utilisé cet outil de la théorie des graphes pour réduire la taille du graphe et, ainsi, diminuer le nombre de signatures, ainsi que leur longueur. Appliquée à des propriétés de confidentialité sur un système servant de passerelle, cette méthode divise par 20 le nombre de signatures générées. La seconde méthode réduit directement la base de signatures en supprimant des signatures inutiles lorsque PIGA est en mode IPS. Appliquée sur les mêmes propriétés, cette méthode divise par 5 le nombre de signatures générées. En utilisant les deux méthodes, on divise le nombre de signatures par plus de 50. Ensuite, nous avons adapté le mécanisme de détection afin d’utiliser les nouvelles signatures générées. Les expérimentations que nous avons effectuées montrent que notre système est équivalent à l’ancien système. De plus, nous avons réduit le temps de réponse de PIGA. / PIGA is a tool for detecting malicious behaviour by analysing system activity. This tool uses signatures representing illegal behaviours that violate security properties defined in the policy. The signatures are generated from graphs modelling the operation between different system entities and stored in the memory during the intrusion detection. The signature base can take up several MB (Megabytes). This will reduce system performance when the intrusion detection is running. During this thesis, we set up two methods to reduce the memory used to store the signatures while also preserving their quality. The first method is based on the modular decomposition of graphs. We used this notion of graph theory to reduce the size of the graph and lower the number and length of signatures. Applied to confidentiality properties on a gateway system, this method divides by 20 the number of generated signature. The second method reduces directly the signature base by deleting useless signatures when PIGA is used as an IPS. Applied to the same properties, this method divides by 5 the number of generated signatures. Using both methods together, the number of signatures is divided by more than 50. Next, we adapted the detection mechanism to use the new generated signatures. The experiments show that the new mechanism detects the same illegal behaviours detected by the previous one. Furthermore, we reduced the response time of PIGA.

Détection d’intrusions

Décomposition modulaire

Compression

Signatures

Sécurité sys tème

Intrusion detection

Modular decomposition

Compression

Signatures

System security

Implementando segurança e controle em redes de computadores / Implementing security and control in computer networks

Bertholdo, Leandro Márcio

January 1997

O crescimento e proliferação da Internet nos últimos anos tem trazido à tona vários problemas relativos à segurança e operacionabilidade das máquinas de universidades e empresas. Inúmeras invasões são realizadas anualmente. Entretanto, a grande maioria delas não possui registro algum, sendo muitas vezes de total desconhecimento do administrador local. Para prover soluções para estes problemas foi realizado um estudo, aqui apresentado, que tem como principal objetivo propor uma filosofia de gerência de segurança. São utilizados para isso conceitos de gerenciamento de redes como SNMPv2, aliado à implementação de um conjunto de ferramentas que garantam a integridade dos vários sistemas envolvidos. O resultado foi um sistema denominado CUCO1, que alerta sobre tentativas de ataque e situações de risco. CUCO foi projetado para permitir a um administrador, protegido ou não por uma firewall, dispor de um controle maior e melhor sobre acessos e tentativas de acessos indevidos à sua rede. O sistema usa uma estratégia de monitoração de eventos em diferentes níveis e aplicações, tentando com isto detectar e alertar a ocorrência de ataques tradicionais. Também está incorporado um bloco de funções que visam identificar um agressor situado em algum lugar da Internet, e obter maiores informações sobre ele e o domínio onde esta localizado. / The Internet increase and proliferation in the last years has brought a lot of problems related to the security and handling of hosts in universities and corporations. Many break-ins are done each year, without any record or knowledge by the site’s administrator. To give solutions to this problems was made up a study, here presented, has as the main goal the proposal of a security management philosophy. Are used network management concepts, joined with a toolkit to ensure the integrity of many systems envolved. The result was a system named CUCO2, that alerts about attacks and risks situations. CUCO was designed to allow an administrator, protected or not by firewall, to have a bigger and better access control in his network. The system uses an event monitor strategy in different levels and applications, trying to detect and alert the occurrence of common attacks. Moreover, it is also incorporated by a set of functions that attempt to identify aggressor’s location in any place in the Internet, and get information about him and the domain where he is located.

Redes : Computadores

Seguranca : Redes : Computadores

Gerencia : Redes : Computadores

Firewall

Computer networks

Network management

Data security

System security

Security management

Tools

Risk-Based Dynamic Security Assessment of the Electricity Grid with High Penetration of Renewable Generation

January 2017

abstract: Electric power system security assessment is one of the most important requirements for operational and resource planning of the bulk power system ensuring safe operation of the power system for all credible contingencies. This deterministic approach usually provides a conservative criterion and can result in expensive bulk system expansion plans or conservative operating limits. Furthermore, with increased penetration of converter-based renewable generation in the electric grid, the dynamics of the grid are changing. In addition, the variability and intermittency associated with the renewable energy sources introduce uncertainty in the electricity grid. Since security margins have direct economic impact on the utilities; more clarity is required regarding the basis on which security decisions are made. The main objective of this work is to provide an approach for risk-based security assessment (RBSA) to define dynamic reliability standards in future electricity grids. RBSA provides a measure of the security of the power system that combines both the likelihood and the consequence of an event. A novel approach to estimate the impact of transient stability is presented by modeling several important protection systems within the transient stability analysis. A robust operational metric to quantify the impact of transient instability event is proposed that incorporates the effort required to stabilize any transiently unstable event. The effect of converter-interfaced renewable energy injection on system reliability is investigated us-ing RBSA. A robust RBSA diagnostics tool is developed which provides an interactive user interface where the RBSA results and contingency ranking reports can be explored and compared based on specific user inputs without executing time domain simulations or risk calculations, hence providing a fast and robust approach for handling large time domain simulation and risk assessment data. The results show that RBSA can be used effectively in system planning to select security limits. Comparison of RBSA with deterministic methods show that RBSA not only provides less conservative results, it also illustrates the bases on which such security decisions are made. RBSA helps in identifying critical aspects of system reliability that is not possible using the deterministic reliability techniques. / Dissertation/Thesis / Doctoral Dissertation Electrical Engineering 2017

Electrical engineering

Energy

Future Grid

Power Generation Reliability

Power System Security

Power System Transient Stability

Renewable Generation

Risk Analysis

Implementando segurança e controle em redes de computadores / Implementing security and control in computer networks

Bertholdo, Leandro Márcio

January 1997

O crescimento e proliferação da Internet nos últimos anos tem trazido à tona vários problemas relativos à segurança e operacionabilidade das máquinas de universidades e empresas. Inúmeras invasões são realizadas anualmente. Entretanto, a grande maioria delas não possui registro algum, sendo muitas vezes de total desconhecimento do administrador local. Para prover soluções para estes problemas foi realizado um estudo, aqui apresentado, que tem como principal objetivo propor uma filosofia de gerência de segurança. São utilizados para isso conceitos de gerenciamento de redes como SNMPv2, aliado à implementação de um conjunto de ferramentas que garantam a integridade dos vários sistemas envolvidos. O resultado foi um sistema denominado CUCO1, que alerta sobre tentativas de ataque e situações de risco. CUCO foi projetado para permitir a um administrador, protegido ou não por uma firewall, dispor de um controle maior e melhor sobre acessos e tentativas de acessos indevidos à sua rede. O sistema usa uma estratégia de monitoração de eventos em diferentes níveis e aplicações, tentando com isto detectar e alertar a ocorrência de ataques tradicionais. Também está incorporado um bloco de funções que visam identificar um agressor situado em algum lugar da Internet, e obter maiores informações sobre ele e o domínio onde esta localizado. / The Internet increase and proliferation in the last years has brought a lot of problems related to the security and handling of hosts in universities and corporations. Many break-ins are done each year, without any record or knowledge by the site’s administrator. To give solutions to this problems was made up a study, here presented, has as the main goal the proposal of a security management philosophy. Are used network management concepts, joined with a toolkit to ensure the integrity of many systems envolved. The result was a system named CUCO2, that alerts about attacks and risks situations. CUCO was designed to allow an administrator, protected or not by firewall, to have a bigger and better access control in his network. The system uses an event monitor strategy in different levels and applications, trying to detect and alert the occurrence of common attacks. Moreover, it is also incorporated by a set of functions that attempt to identify aggressor’s location in any place in the Internet, and get information about him and the domain where he is located.

Redes : Computadores

Seguranca : Redes : Computadores

Gerencia : Redes : Computadores

Firewall

Computer networks

Network management

Data security

System security

Security management

Tools

Implementando segurança e controle em redes de computadores / Implementing security and control in computer networks

Bertholdo, Leandro Márcio

January 1997

O crescimento e proliferação da Internet nos últimos anos tem trazido à tona vários problemas relativos à segurança e operacionabilidade das máquinas de universidades e empresas. Inúmeras invasões são realizadas anualmente. Entretanto, a grande maioria delas não possui registro algum, sendo muitas vezes de total desconhecimento do administrador local. Para prover soluções para estes problemas foi realizado um estudo, aqui apresentado, que tem como principal objetivo propor uma filosofia de gerência de segurança. São utilizados para isso conceitos de gerenciamento de redes como SNMPv2, aliado à implementação de um conjunto de ferramentas que garantam a integridade dos vários sistemas envolvidos. O resultado foi um sistema denominado CUCO1, que alerta sobre tentativas de ataque e situações de risco. CUCO foi projetado para permitir a um administrador, protegido ou não por uma firewall, dispor de um controle maior e melhor sobre acessos e tentativas de acessos indevidos à sua rede. O sistema usa uma estratégia de monitoração de eventos em diferentes níveis e aplicações, tentando com isto detectar e alertar a ocorrência de ataques tradicionais. Também está incorporado um bloco de funções que visam identificar um agressor situado em algum lugar da Internet, e obter maiores informações sobre ele e o domínio onde esta localizado. / The Internet increase and proliferation in the last years has brought a lot of problems related to the security and handling of hosts in universities and corporations. Many break-ins are done each year, without any record or knowledge by the site’s administrator. To give solutions to this problems was made up a study, here presented, has as the main goal the proposal of a security management philosophy. Are used network management concepts, joined with a toolkit to ensure the integrity of many systems envolved. The result was a system named CUCO2, that alerts about attacks and risks situations. CUCO was designed to allow an administrator, protected or not by firewall, to have a bigger and better access control in his network. The system uses an event monitor strategy in different levels and applications, trying to detect and alert the occurrence of common attacks. Moreover, it is also incorporated by a set of functions that attempt to identify aggressor’s location in any place in the Internet, and get information about him and the domain where he is located.

Redes : Computadores

Seguranca : Redes : Computadores

Gerencia : Redes : Computadores

Firewall

Computer networks

Network management

Data security

System security

Security management

Tools

Um modelo discricionário de delegação e revogação / A discretionary model of delegation and revocation

Negrello, Fabio

14 May 2007

Orientador: Jacques Wainer / Dissertação (mestrado) - Universidade Estadual de Campinas, Instituto de Computação / Made available in DSpace on 2018-08-08T19:38:38Z (GMT). No. of bitstreams: 1 Negrello_Fabio_M.pdf: 913255 bytes, checksum: eed18216c9a5ecc1e0eadf834fed5bc5 (MD5) Previous issue date: 2007 / Resumo: Esta dissertação apresenta um modelo discricionário de delegação que permite controlar a formação de cadeias de delegações, tanto através da limitação no comprimento de tais cadeias, como através da definição de condições para utilização e aceitação de novas delegações. Juntamente com o mecanismo de delegação proposto, é apresentado um mecanismo de revogação que considera o máximo comprimento de cada cadeia de delegações, e a relação de força entre delegações, permitindo assim que os sujeitos existentes permaneçam com o maior conjunto de direitos após uma revogação. Uma das principais vantagens em relação à definição de condições associadas à cada delegação é possibilidade de reforçar restrições por conteúdo e contexto. Enquanto o controle de acesso por conteúdo permite que o acesso a determinado objeto, ou recurso, seja controlado com base em atributos e características do próprio objeto em questão, o controle de acesso por contexto considera características de contexto relativas ao sistema como um todo, ou referentes ao contexto em que o usuário solicitou determinado acesso. Será apresentado um mecanismo que permite a utilização deste tipo de informação na definição de condições em delegações. Será apresentado um mecanismo para definição de proibições, que torna possível proibir que usuários utilizem determinadas direitos, mesmo que estes usuários tenham recebido, tais direitos através de delegaçõesde outros usuários do sistema. Através da utilização de condições também é possível a definição de delegações temporais, que são delegações que devem ser consideradas válidas somente durante determinados períodos de tempo, ou enquanto condições de dependência em relação a outras delegações forem atendidas, como será discutido. Finalmente, será apresentado um arcabouço de um servidor de autorizações, que permitiu avaliar o modelo proposto. Neste arcabouço foram implementados os principais algoritmos apresentados, e foi formulada uma arquitetura unificada para criação e revogação de delegações, bem como para verificação de autorizações / Abstract: This thesis presents a model of delegation that makes it possible to control the creation of delegation chains, both by limiting the lenght of such chains, and by defining restrictions for the use and acceptance of new delegations. Together with the proposed delegation mechanism, it is presented a revocation mechanism that considers the maximum length of each delegation chain, and the strength relation between delegations, allowing the existing subjects to retain the maximum set of rights after a revocation. One of the biggest advantages regarding the definition of conditions associated with each delegation is the possibility of enforcing context and content based restrictions. While the content based access control allows the access to a specific object to be controlled based on its attributes and characteristics, the context based access control considers context information related to the system as a whole, or regarding the context in which a user made an access request. It will be presented a mechanism that allows the use of this type of information in the definition of conditions in delegations. A prohibition mechanism will be presented, which prevents users from using certain rights, even though these users have received such rights through other users delegations. As it will be discussed, it is also possible, through the use of conditions, to define temporal delegations, which are delegations that must be considered valid only during specific periods of time, or while dependency condition regarding other delegations are met. Finally, it will be presented a prototype of an authorization server, that was used to validate the proposed model. In this prototype, the main algorithms were implemented, and a unified architecture was formulated both for the creation and recation of delegations, as well as for the verification of authorizations / Mestrado / Mestre em Ciência da Computação

Computadores - Controle de acesso

Computadores - Medidas de segurança

Banco de dados - Medidas de segurança

Computers - Acess control

Computer - System security

Data bases - Security measures