Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

access icon openaccess Cyber-physical attacks and defences in the smart grid: a survey

The smart grid is arguably one of the most complex cyber-physical systems (CPS). Complex security challenges have been revealed in both the physical and the cyber parts of the smart grid, and an integrative analysis on the cyber-physical (CP) security is emerging. This paper provides a comprehensive and systematic review of the critical attack threats and defence strategies in the smart grid. We start this survey with an overview of the smart grid security from the CP perspective, and then focuses on prominent CP attack schemes with significant impact on the smart grid operation and corresponding defense solutions. With an in-depth review of the attacks and defences, we then discuss the opportunities and challenges along the smart grid CP security. We hope this paper raises awareness of the CP attack threats and defence strategies in complex CPS-based infrastructures such as the smart grid and inspires research effort toward the development of secure and resilient CP infrastructures.

References

    1. 1)
      • 112. Grochocki, D., Huh, J.H., Berthier, R., et al: ‘AMI threats, intrusion detection requirements and deployment recommendations’. 2012 IEEE Third Int. Conf. on Proc. Smart Grid Communications (SmartGridComm), 2012, pp. 395400.
    2. 2)
    3. 3)
      • 88. Rahman, M.A., Al-Shaer, E., Kavasseri, R.G.: ‘A formal model for verifying the impact of stealthy attacks on optimal power flow in power grids’. Proc. ICCPS'14: ACM/IEEE Fifth Int. Conf. on Cyber-Physical Systems (with CPSWeek 2014), 2014, pp. 175186.
    4. 4)
      • 4. National Institute of Standards and Technologies (NIST): ‘Framework and roadmap for smart grid interoperability standards – release v3.0’ (NIST Special Publication, Gaithersburg, MD, 2014).
    5. 5)
    6. 6)
    7. 7)
      • 70. Farraj, A.K., Hammad, E.M., Kundur, D., et al: ‘Practical limitations of sliding-mode switching attacks on smart grid systems’. Proc. 2014 IEEE PES General Meeting – Conf. Exposition, 2014, pp. 15.
    8. 8)
    9. 9)
      • 152. Talebi, M., Wang, J., Qu, Z.: ‘Secure power systems against malicious cyber–physical data attacks: protection and identification’. Proc. Int. Conf. on Power Systems Engineering, 2012, pp. 1112.
    10. 10)
      • 61. Hong, J.: ‘Cybersecurity of substation automation systems’. PhD thesis, Washington State University, 2014.
    11. 11)
    12. 12)
    13. 13)
      • 130. Tan, R., Krishna, V.B., Yau, D.K.Y., et al: ‘Integrity attacks on real-time pricing in electric power grids’, ACM Trans. Inf. Syst. Sec. (TISSEC), 2015, 18, (2), pp. 5:15:33.
    14. 14)
      • 71. Abur, A., Exposito, A.G.: ‘Power system state estimation: theory and implementation’ (CRC Press, Boca Raton, FL, 2004, 1st edn.).
    15. 15)
    16. 16)
    17. 17)
    18. 18)
    19. 19)
    20. 20)
    21. 21)
    22. 22)
    23. 23)
    24. 24)
    25. 25)
    26. 26)
    27. 27)
      • 126. Duan, J., Zeng, W., Chow, M.Y.: ‘Economic impact of data integrity attacks on distributed DC optimal power flow algorithm’. Proc. North American Power Symp. (NAPS), 2015, 2015, pp. 17.
    28. 28)
      • 35. Yan, J., Tang, Y., Zhu, Y., et al: ‘Smart grid vulnerability under cascade-based sequential line-switching attacks’. Proc. 2015 IEEE Global Communications Conf. (GLOBECOM), 2015, pp. 17.
    29. 29)
      • 3. Wood, A.J., Wollenberg, B.F.: ‘Power generation, operation, and control’ (John Wiley & Sons, Hoboken, NJ, 2012, 3rd edn.).
    30. 30)
    31. 31)
    32. 32)
    33. 33)
      • 95. Deka, D., Baldick, R., Vishwanath, S.: ‘Optimal data attacks on power grids: leveraging detection & measurement jamming’. Proc. 2015 IEEE Int. Conf. on Smart Grid Communications (SmartGridComm), 2015, pp. 392397.
    34. 34)
    35. 35)
    36. 36)
      • 114. McLaughlin, S., Podkuiko, D., McDaniel, P.: ‘Energy theft in the advanced metering infrastructure’. Proc. Int. Workshop on Critical Information Infrastructures Security, 2009, pp. 176187.
    37. 37)
    38. 38)
    39. 39)
    40. 40)
    41. 41)
    42. 42)
      • 106. Liu, X., Li, Z.: ‘Trilevel modeling of cyber attacks on transmission lines’, IEEE Trans. Smart Grid, 2015, DOI: 0.1109/TSG.2015.2475701.
    43. 43)
      • 89. Rahman, M.A., Al-Shaer, E., Kavasseri, R.: ‘Impact analysis of topology poisoning attacks on economic operation of the smart power grid’. 2014 IEEE 34th Int. Conf. on Proc. Distributed Computing Systems (ICDCS), 2014, pp. 649659.
    44. 44)
      • 153. Etemad, R.H., Lahouti, F.: ‘Resilient decentralized consensus-based state estimation for smart grid in presence of false data’. Proc. 2016 IEEE Int. Conf. on Acoustics, Speech and Signal Processing (ICASSP), 2016, pp. 34663470.
    45. 45)
    46. 46)
    47. 47)
    48. 48)
    49. 49)
    50. 50)
    51. 51)
      • 156. Tsai, J.L., Lo, N.W.: ‘Secure anonymous key distribution scheme for smart grid’, IEEE Trans. Smart Grid, 2016, 7, (2), pp. 906914.
    52. 52)
    53. 53)
      • 167. Pal, S., Sikdar, B.: ‘A Mechanism for detecting data manipulation attacks on PMU data’. 2014 IEEE Int. Conf. on Proc. Communication Systems (ICCS), 2014, pp. 253257.
    54. 54)
    55. 55)
    56. 56)
    57. 57)
      • 166. Yang, Y., McLaughlin, K., Sezer, S., et al: ‘Intrusion detection system for network security in synchrophasor systems’. IET Int. Conf. on Proc. Information and Communications Technologies (IETICT 2013), 2013, pp. 246252.
    58. 58)
    59. 59)
    60. 60)
      • 69. Farraj, A.K., Kundur, D.: ‘On using energy storage systems in switching attacks that destabilize smart grid systems’. 2015 IEEE Power & Energy Society Proc. Innovative Smart Grid Technologies Conf. (ISGT), IEEE, 2015, pp. 15.
    61. 61)
      • 59. Sridhar, S., Manimaran, G.: ‘Data integrity attack and its impacts on voltage control loop in power grid’. Proc. 2011 IEEE Power and Energy Society General Meeting, 2011, pp. 16.
    62. 62)
    63. 63)
      • 72. Liu, Y., Ning, P., Reiter, M.K.: ‘False data injection attacks against state estimation in electric power grids’, ACM Trans. Inf. Syst. Sec. (TISSEC), 2011, 14, (1), p. 13.
    64. 64)
      • 140. Mallouhi, M., Al-Nashif, Y., Cox, D., et al: ‘A testbed for analyzing security of SCA control systems (TASSCS)’. 2011 IEEE PES Proc. Innovative Smart Grid Technologies (ISGT), 2011, pp. 17.
    65. 65)
    66. 66)
    67. 67)
      • 83. Anwar, A., Mahmood, A.N., Pickering, M.: ‘Data-driven stealthy injection attacks on smart grid with incomplete measurements’. Proc. Pacific-Asia Workshop on Intelligence and Security Informatics, 2016, pp. 180192.
    68. 68)
    69. 69)
      • 25. Esfahani, P.M., Vrakopoulou, M., Margellos, K., et al: ‘Cyber attack in a two-area power system: impact identification using reachability’. Proc. of the 2010 American Control Conf., 2010, pp. 962967.
    70. 70)
      • 82. Rahman, M.A., Mohsenian-Rad, H.: ‘False data injection attacks with incomplete information against smart power grids’. Proc. Global Communications Conf. (GLOBECOM), 2012 IEEE, 2012, pp. 31533158.
    71. 71)
      • 9. Govindarasu, M., Hann, A., Sauer, P.: ‘White paper: cyber–physical systems security for smart grid’. 2012.
    72. 72)
    73. 73)
    74. 74)
    75. 75)
    76. 76)
      • 85. Esmalifalak, M., Nguyen, H., Zheng, R., et al: ‘Stealth false data injection using independent component analysis in smart grid’. 2011 IEEE Int. Conf. on Proc. Smart Grid Communications (Smart-GridComm), IEEE, 2011, pp. 244248.
    77. 77)
      • 54. Tweed, K.: ‘Attack on nine substations could take down US grid’ (IEEE Spectrum, 2014). Available at url: http://www.spectrum.ieee.org/energywise/energy/the-smarter-grid/attack-on-nine-substations-could-take-down-us-grid.
    78. 78)
      • 178. Mashima, D., Cárdenas, A.A.: ‘Evaluating electricity theft detectors in smart grid networks’. Proc. Int. Workshop on Recent Advances in Intrusion Detection, 2012, pp. 210229.
    79. 79)
    80. 80)
    81. 81)
    82. 82)
    83. 83)
    84. 84)
    85. 85)
    86. 86)
    87. 87)
      • 121. Yi, P., Zhu, T., Zhang, Q., et al: ‘A denial of service attack in advanced metering infrastructure network’. Proc. 2014 IEEE Int. Conf. on Communications (ICC), 2014, pp. 10291034.
    88. 88)
    89. 89)
    90. 90)
      • 26. Esfahani, P.M., Vrakopoulou, M., Margellos, K., et al: ‘A robust policy for automatic generation control cyber attack in two area power network’. Proc. 49th IEEE Conf. on Decision and Control (CDC), 2010, pp. 59735978.
    91. 91)
    92. 92)
    93. 93)
    94. 94)
    95. 95)
    96. 96)
      • 33. Zhang, Y., Xiang, Y., Wang, L.: ‘Power system reliability assessment incorporating cyber attacks against wind farm energy management systems’, IEEE Trans. Smart Grid, 2016, PP, (99), pp. 115(early access), DOI: 10.1109/TSG.2016.2523515.
    97. 97)
      • 65. Liu, S., Mashayekh, S., Kundur, D., et al: ‘A smart grid vulnerability analysis framework for coordinated variable structure switching attacks’. Proc. 2012 IEEE Power and Energy Society General Meeting, 2012, pp. 16.
    98. 98)
    99. 99)
    100. 100)
    101. 101)
    102. 102)
    103. 103)
      • 24. Srikantha, P., Kundur, D.: ‘Denial of service attacks and mitigation for stability in cyber-enabled power grid’. Proc. Innovative Smart Grid Technologies Conf. (ISGT), 2015 IEEE Power Energy Society, 2015, pp. 15.
    104. 104)
    105. 105)
    106. 106)
      • 97. Deka, D., Baldick, R., Vishwanath, S.: ‘One breaker is enough: hidden topology attacks on power grids’. Proc. 2015 IEEE Power Energy Society General Meeting, 2015, pp. 15.
    107. 107)
    108. 108)
    109. 109)
    110. 110)
    111. 111)
      • 128. Rangarajan, R.: ‘Quantifying the economic impacts of attacks on competitive energy markets’. Proc. North American Power Symp. (NAPS), 2014, 2014, pp. 16.
    112. 112)
    113. 113)
    114. 114)
    115. 115)
    116. 116)
      • 120. McLaughlin, S., Podkuiko, D., Miadzvezhanka, S., et al: ‘Multi-vendor penetration testing in the advanced metering infrastructure’. ACSAC ’10 Proc. of the 26th Annual Computer Security Applications Conf., Austin, TX, USA, 2010, pp. 107116. Available at url: http://www.doi.acm.org/10.1145/1920261.1920277.
    117. 117)
    118. 118)
    119. 119)
    120. 120)
    121. 121)
    122. 122)
      • 196. Chen, Y., Hong, J., Liu, C.C.: ‘Modeling of intrusion and defense for assessment of cybersecurity at power substations’, IEEE Trans. Smart Grid, 2016, PP, (99), pp. 11(early access), DOI: 10.1109/TSG.2016.2614603.
    123. 123)
    124. 124)
    125. 125)
      • 13. U.S.-Canada Power System Outage Task Force: ‘Final report on the August 14, 2003 blackout in the United States and Canada: causes and recommendations’. 2004.
    126. 126)
    127. 127)
    128. 128)
    129. 129)
    130. 130)
    131. 131)
      • 193. Arroyo, J., Fernández, F.: ‘A genetic algorithm approach for the analysis of electric grid interdiction with line switching’. 15th Int. Conf. on Proc. Intelligent System Applications to Power Systems, 2009. ISAP'09, 2009, pp. 16.
    132. 132)
    133. 133)
    134. 134)
    135. 135)
    136. 136)
      • 14. The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT): ‘Cyber-attack against Ukrainian critical infrastructure’. Alert (IR-ALERT-H-16-056-01), 2016. Available at url: https://www.ics-cert.us-cert.gov/alerts/IR-ALERT-H-16-056-01.
    137. 137)
    138. 138)
    139. 139)
      • 101. Liu, X., Li, Z.: ‘Local topology attacks in smart grids’, IEEE Trans. Smart Grid, 2016, PP, (99), pp. 110(early access), DOI: 10.1109/TSG.2016.2532347.
    140. 140)
    141. 141)
      • 148. Liu, X., Li, Z., Li, Z.: ‘Optimal protection strategy against false data injection attacks in power systems’, IEEE Trans. Smart Grid, 2016, PP, (99), pp. 11(early access), DOI: 10.1109/TSG.2015.2508449.
    142. 142)
    143. 143)
    144. 144)
      • 187. Tang, B., Yan, J., Kay, S., et al: ‘Detection of false data injection attacks in smart grid under colored Gaussian noise’. Arxiv preprint arXiv:1607.06015, 2016.
    145. 145)
      • 34. Zhu, Y., Yan, J., Tang, Y., et al: ‘The sequential attack against power grid networks’. Proc. 2014 IEEE Int. Conf. on Communications (ICC), 2014, pp. 616621.
    146. 146)
      • 19. Zeller, M.: ‘Common questions and answers addressing the aurora vulnerability’. 2011.
    147. 147)
    148. 148)
      • 96. Deka, D., Baldick, R., Vishwanath, S.: ‘Jamming aided generalized data attacks: exposing vulnerabilities in secure estimation’. Proc. 2016 49th Hawaii Int. Conf. on System Sciences (HICSS), 2016, pp. 25562565.
    149. 149)
    150. 150)
    151. 151)
    152. 152)
      • 22. Liu, S., Liu, X.P., Saddik, A.E.: ‘Denial-of-service (DoS) attacks on load frequency control in smart grids’. Proc. Innovative Smart Grid Technologies (ISGT), 2013 IEEE PES, 2013, pp. 16.
    153. 153)
    154. 154)
      • 15. National Institute of Standards and Technologies (NIST): ‘Guidelines for smart grid cybersecurity’ (NIST Special Publication, Gaithersburg, MD, 2014). Available at url: http://www.dx.doi.org/10.6028/NIST.IR.7628r1.
    155. 155)
    156. 156)
      • 94. Kim, J., Tong, L., Thomas, R.J.: ‘Data framing attack on state estimation with unknown network parameters’. Proc. 2013 Asilomar Conf. on Signals, Systems and Computers, 2013, pp. 13881392.
    157. 157)
    158. 158)
    159. 159)
    160. 160)
    161. 161)
      • 146. Deka, D., Baldick, R., Vishwanath, S.: ‘Data attack on strategic buses in the power grid: design and protection’. Proc. 2014 IEEE PES General Meeting — Conf. Exposition, 2014, pp. 15.
    162. 162)
    163. 163)
    164. 164)
      • 63. Liu, S., Feng, X., Kundur, D., et al: ‘Switched system models for coordinated cyber–physical attack construction and simulation’. 2011 IEEE First Int. Workshop on Proc. Smart Grid Modeling and Simulation (SGMS), 2011, pp. 4954.
    165. 165)
    166. 166)
      • 64. Liu, S., Feng, X., Kundur, D., et al: ‘A class of cyber–physical switching attacks for power system disruption’. Proc.of the Seventh Annual Workshop on Cyber Security and Information Intelligence Research, 2011, p. 16.
    167. 167)
    168. 168)
    169. 169)
      • 92. Kim, T., Wright, S.J., Bienstock, D., et al: ‘Vulnerability analysis of power systems’. Arxiv preprint arXiv:1503.02360, 2015.
    170. 170)
    171. 171)
    172. 172)
    173. 173)
    174. 174)
    175. 175)
    176. 176)
    177. 177)
      • 111. Cleveland, F.M.: ‘Cybersecurity issues for advanced metering infrastructure (AMI)’. 2008 IEEE Proc. Power and Energy Society General Meeting – Conversion and Delivery of Electrical Energy in the 21st Century, 2008, pp. 15.
    178. 178)
      • 23. Sargolzaei, A., Yen, K., Abdelghani, M.: ‘Delayed inputs attack on load frequency control in smart grid’. Proc. Innovative Smart Grid Technologies Conf. (ISGT), 2014 IEEE PES, 2014, pp. 15.
    179. 179)
      • 66. Liu, S., Kundur, D., Zourntos, T., et al: ‘Coordinated variable structure switching attack in the presence of model error and state estimation’. 2012 IEEE Third Int. Conf. on Proc. Smart Grid Communications (SmartGridComm), 2012, pp. 318323.
    180. 180)
    181. 181)
      • 75. Liang, G., Zhao, J., Luo, F., et al: ‘A review of false data injection attacks against modern power systems’, IEEE Trans. Smart Grid, 2016, PP, (99), pp. 11(early access), DOI: 10.1109/TSG.2015.2495133.
    182. 182)
    183. 183)
    184. 184)
      • 58. Phillips, L.R., Tejani, B., Margulies, J., et al: ‘Analysis of operations and cybersecurity policies for a system of cooperating flexible alternating current transmission system (facts) devices’. 2005.
    185. 185)
    186. 186)
    187. 187)
    188. 188)
    189. 189)
    190. 190)
      • 162. Lin, H., Slagell, A., Kalbarczyk, Z., et al: ‘Runtime semantic security analysis to detect and mitigate control-related attacks in power grids’, IEEE Trans. Smart Grid, 2016, PP, (99), pp. 11(early access), DOI: 10.1109/TSG.2016.2547742.
    191. 191)
    192. 192)
    193. 193)
      • 102. Liu, X., Li, Z.: ‘False data attacks against AC state estimation with incomplete network information’, IEEE Trans. Smart Grid, 2016, PP, (99), pp. 110(early access), DOI: 10.1109/TSG.2016.2521178.
    194. 194)
    195. 195)
    196. 196)
    197. 197)
      • 18. Kundur, P., Balu, N.J., Lauby, M.G.: ‘Power system stability and control’ (McGraw-Hill, New York, 1994, 1st edn.).
    198. 198)
    199. 199)
      • 168. Pal, S., Sikdar, B., Chow, J.H.: ‘Detecting malicious manipulation of synchrophasor data’. Proc. 2015 IEEE Int. Conf. on Smart Grid Communications (Smart-GridComm), 2015, pp. 145150.
    200. 200)
    201. 201)
    202. 202)
      • 142. Ashok, A., Wang, P., Brown, M., et al: ‘Experimental evaluation of cyber attacks on automatic generation control using a CPS security testbed’. Proc. 2015 IEEE Power Energy Society General Meeting, 2015, pp. 15.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-cps.2016.0019
Loading

Related content

content/journals/10.1049/iet-cps.2016.0019
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
This is a required field
Please enter a valid email address