Return to search

Topology Attacks on Power System Operation and Consequences Analysis

abstract: The large distributed electric power system is a hierarchical network involving the

transportation of power from the sources of power generation via an intermediate

densely connected transmission network to a large distribution network of end-users

at the lowest level of the hierarchy. At each level of the hierarchy (generation/ trans-

mission/ distribution), the system is managed and monitored with a combination of

(a) supervisory control and data acquisition (SCADA); and (b) energy management

systems (EMSs) that process the collected data and make control and actuation de-

cisions using the collected data. However, at all levels of the hierarchy, both SCADA

and EMSs are vulnerable to cyber attacks. Furthermore, given the criticality of the

electric power infrastructure, cyber attacks can have severe economic and social con-

sequences.

This thesis focuses on cyber attacks on SCADA and EMS at the transmission

level of the electric power system. The goal is to study the consequences of three

classes of cyber attacks that can change topology data. These classes include: (i)

unobservable state-preserving cyber attacks that only change the topology data; (ii)

unobservable state-and-topology cyber-physical attacks that change both states and

topology data to enable a coordinated physical and cyber attack; and (iii) topology-

targeted man-in-the-middle (MitM) communication attacks that alter topology data

shared during inter-EMS communication. Specically, attack class (i) and (ii) focus on

the unobservable attacks on single regional EMS while class (iii) focuses on the MitM

attacks on communication links between regional EMSs. For each class of attacks,

the theoretical attack model and the implementation of attacks are provided, and the

worst-case attack and its consequences are exhaustively studied. In particularly, for

class (ii), a two-stage optimization problem is introduced to study worst-case attacks

that can cause a physical line over

ow that is unobservable in the cyber layer. The long-term implication and the system anomalies are demonstrated via simulation.

For attack classes (i) and (ii), both mathematical and experimental analyses sug-

gest that these unobservable attacks can be limited or even detected with resiliency

mechanisms including load monitoring, anomalous re-dispatches checking, and his-

torical data comparison. For attack class (iii), countermeasures including anomalous

tie-line interchange verication, anomalous re-dispatch alarms, and external contin-

gency lists sharing are needed to thwart such attacks. / Dissertation/Thesis / Masters Thesis Electrical Engineering 2015

Identiferoai:union.ndltd.org:asu.edu/item:34855
Date January 2015
ContributorsZhang, Jiazi (Author), Sankar, Lalitha (Advisor), Hedman, Kory (Committee member), Kosut, Oliver (Committee member), Arizona State University (Publisher)
Source SetsArizona State University
LanguageEnglish
Detected LanguageEnglish
TypeMasters Thesis
Format100 pages
Rightshttp://rightsstatements.org/vocab/InC/1.0/, All Rights Reserved

Page generated in 0.0021 seconds