Integration of a cyber system and communication systems with the traditional power grid has enabled better monitoring and control of the smart grid making it more reliable and resilient. This empowers the system operators to make informed decisions as a result of better system visibility. The grid has moved from a completely air-gapped structure to a well-connected network. However, this remote-control capability to control distributed physical components in a distribution system can be exploited by adversaries with malicious intent to disrupt the power supply to the customers. Therefore, while taking advantage of the cyber-physical posture in the smart grid for improved controllability, there is a critical need for cybersecurity research to protect the critical power infrastructure from cyberattacks.
While the literature regarding cybersecurity in distribution systems has focused on detecting and mitigating the cyberattack impact on the physical system, there has been limited effort towards a preventive approach for detecting cyberattacks. With this in mind, this dissertation focuses on developing intelligent solutions to detect cyberattacks in the cyber layer of the distribution grid and prevent the attack from impacting the physical grid. There has been a particular emphasis on the impact of coordinated attacks and the design of proactive defense to detect the attacker's intent to predict the attack trajectory.
The vulnerability assessment of the cyber-physical system in this work identifies the key areas in the system that are prone to cyberattacks and failure to detect attacks timely can lead to cascading outages. A comprehensive cyber-physical system is developed to deploy different intrusion detection solutions and quantify the effect of proactive detection in the cyber layer. The attack detection approach is driven by artificial intelligence to learn attack patterns for effective attack path prediction in both a fully observable and partially observable distribution system. The role of effective communication technology in attack detection is also realized through detailed modeling of 5G and latency requirements are validated. / Doctor of Philosophy / The traditional power grid was designed to supply electricity from the utility side to the customers. This grid model has shifted from a one-directional supply of power to a bi-directional one where customers with generation capacity can provide power to the grid. This is possible through bi-directional data flow which ensures the complete power system observability and allows the utility to monitor and control distributed power components remotely. This connectivity depends on the cyber system and efficient communication for ensuring stable and reliable system operations. However, this also makes the grid vulnerable to cyberattacks as the traditional air-gapped grid has evolved into a highly connected network, thus increasing the attack surface for attackers. They might pose the capability to intrude on the network by exploiting network vulnerability, move laterally through different aspects of the network, and cause operational disruption. The type of disruption can be minor voltage fluctuations or even widespread power outages depending on the ultimate malicious attack goal of such adversaries. Therefore, cybersecurity measures for protecting critical power infrastructure are extremely important to ensure smooth system operations.
There has been recent research effort for detecting such attacks, isolating the attacked parts in the grid, and mitigating the impact of the attack, however, instead of a passive response there is a need for a preventive or proactive detection mechanism. This can ensure capturing the attack at the cyber layer before intruders can impact the physical grid. This is the primary motivation to design an intrusion detection system that can detect different coordinated attacks (where different attacks are related and directed towards a specific goal) and can predict the attack path.
This dissertation focuses on first identifying the vulnerabilities in the distribution system and a comprehensive cyber-physical system is developed. Different detection algorithms are developed to detect cyberattacks in the distribution grid and have the intelligence to learn the attack patterns to successfully predict the attack path. Additionally, the effectiveness of advanced communication such as 5G is also tested for different system operations in the distribution system.
| Identifer | oai:union.ndltd.org:VTETD/oai:vtechworks.lib.vt.edu:10919/119308 |
| Date | 05 June 2024 |
| Creators | Sahani, Nitasha |
| Contributors | Electrical Engineering, Liu, Chen-Ching, Centeno, Virgilio A., Mehrizi-Sani, Ali, Cho, Jin-Hee, Ampadu, Paul K. |
| Publisher | Virginia Tech |
| Source Sets | Virginia Tech Theses and Dissertation |
| Language | English |
| Detected Language | English |
| Type | Dissertation |
| Format | ETD, application/pdf |
| Rights | Creative Commons Attribution 4.0 International, http://creativecommons.org/licenses/by/4.0/ |
Page generated in 0.0028 seconds