Securing Substations through Command Authentication Using On-the-fly Simulation of Power System Dynamics Daisuke Mashima, Binbin Chen, Toby Zhou (ADSC)

Slides:



Advertisements
Similar presentations
1. AGENDA History. WHAT’S AN IDS? Security and Roles Types of Violations. Types of Detection Types of IDS. IDS issues. Application.
Advertisements

Fundamentals of Computer Security Geetika Sharma Fall 2008.
Copyright (c) 2008, All Rights Reserved. Iowa State University G. Manimaran & Chen-Ching LiuCPS-Energy Workshop-2009Page  1 SCADA control network.
Greenbench: A Benchmark for Observing Power Grid Vulnerability Under Data-Centric Threats Mingkui Wei, Wenye Wang Department of Electrical and Computer.
A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.
Cyber Security of Smart Grid Systems
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
Clemson University Electric Power Research Association CHANDANA BOMMAREDDY CLEMSON UNIVERSITY DG VOLTAGE CONTROL IN AN ISLANDING MODE OF OPERATION.
Organizational Risk and the Costs and Benefits of Biometrics Presentation to the European Union Biometrics Group May 14, 2004 Virginia Franke Kleist, Ph.D.
Frankfurt (Germany), 6-9 June 2011 M. Khederzadeh Power & Water University of Technology (PWUT) Tehran, IRAN. M.Khederzadeh – IRAN – RIF S3 – Paper 0066.
Information Technology Needs and Trends in the Electric Power Business Mladen Kezunovic Texas A&M University PS ERC Industrial Advisory Board Meeting December.
©2009 Mladen Kezunovic. Improving Relay Performance By Off-line and On-line Evaluation Mladen Kezunovic Jinfeng Ren, Chengzong Pang Texas A&M University,
CIP 2015 Smart Grid Vulnerability Assessment Using National Testbed Networks IHAB DARWISHOBINNA IGBETAREQ SAADAWI.
LOBSTER: Large Scale Monitoring of Broadband Internet Infrastructure Evangelos Markatos The LOBSTER Consortium Institute.
B O N N E V I L L E P O W E R A D M I N I S T R A T I O N Page 1 Pacific Northwest Smart Grid Demonstration Project  Largest Smart Grid Demonstration.
Grid Defense Against Malicious Cascading Failure Paulo Shakarian, Hansheng Lei Dept. Electrical Engineering and Computer Science, Network Science Center,
1 © A. Kwasinski, 2015 Cyber Physical Power Systems Fall 2015 Security.
Virtualized Execution Realizing Network Infrastructures Enhancing Reliability Application Communities PI Meeting Arlington, VA July 10, 2007.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
UC Marco Vieira University of Coimbra
Cyber Security of SCADA Systems Testbed Development May1013 Group Members: Ben Kregel Justin Fitzpatrick Michael Higdon Rafi Adnan Adviser: Dr. Manimaran.
Daisuke Mashima Prageeth Gunathilaka Binbin Chen
Lessons Learned Implementing an IEC based Microgrid Power-Management System October 12, 2015 Presented by: Jared Mraz, P.E.
Database and Cloud Security
Presented by Edith Ngai MPhil Term 3 Presentation
Prageeth Gunathilaka Daisuke Mashima Binbin Chen
Latency and Communication Challenges in Automated Manufacturing
Minimizing latency of critical traffic through SDN
Analysis and Mitigation of Harmonic Currents due to Clustered Distributed Generation on the Low Voltage Network Authors: Ehab Shoubaki, Somasundaram.
Products/Solutions/Expertise of C-DAC Mumbai in Smart City Domain
Selected ICT-based Wide-Area Monitoring Protection and Control Systems (WAMPAC) applications
Managing Secure Network Systems
Security of Grid Computing Environments
Feasibility of Real Time Control
The Role of Smart Transformers within Microgrids
Cyber Physical Attack Detection
Subteam 1a Competitive Solicitations Framework Working Group Meeting
Outline Introduction Characteristics of intrusion detection systems
ISO New England System R&D Needs
Presentation of the three technological pilots
ECEN 460 Power System Operation and Control
Presented by: LADWP November 14, 2017
John Grosh Lawrence Livermore National Laboratory July 20, 2017
Optical Networks & Smart Grid Lab.
Project WECC-0100 Update Load Modeling Task Force
I have many checklists: how do I get started with cyber security?
A Grid-wide, High-fidelity Electrical Substation Honeynet
Soummya Kar NAS, Data Science Symposium Jun. 14, 2018
The Extensible Tool-chain for Evaluation of Architectural Models
James D. McCalley, Iowa State University, System Stem Leader
Mobile ad hoc networking: imperatives and challenges
A Distributed Two-Level PMU-Only Linear State Estimator
Peak’s Synchronized Measurements and Advanced Real-time Tools (SMART) Working Group (initiated in Oct-2017) Focus on operationalizing Synchrophasor tools.
Integrated Distribution Planning Process
NASPI PMU Data Application Classification
A Novel Latin Square-based Secret Sharing for M2M Communications
EE362G Smart Grids: Architecture
Cybersecurity ATD technical
Resilient Information Architecture Platform for Smart Grid
Net301 LECTURE 11 11/23/2015 Lect13 NET301.
Wenyu Ren, Timothy Yardley, Klara Nahrstedt
NASPI PMU Data Application Classification
Adaptive Data Refinement for Parallel Dynamic Programming Applications
Project WECC-0100 Update Load Modeling Task Force
Cyber Security of SCADA Systems Remote Terminal Units (RTU)
Waleed Iftikhar Michel Mabano
The Archipelago ™ RAMS Scenario
Electricity Distribution and Energy Decarbonisation
Presentation transcript:

Securing Substations through Command Authentication Using On-the-fly Simulation of Power System Dynamics Daisuke Mashima, Binbin Chen, Toby Zhou (ADSC) Ramkumar Rajendran and Biplab Sikdar (National University of Singapore) This research is supported in part by the National Research Foundation, Prime Minister's Office, Singapore under the Energy Programme and administrated by the Energy Market Authority (EP Award No. NRF2014EWT-EIRP002-040) and is also partly supported by the National Research Foundation, Prime Minister’s Office, Singapore under its Campus for Research Excellence and Technological Enterprise (CREATE) programme.

Recent Cybersecurity Incidents Ukraine attack in 2015 Control center was hacked and became malicious CrashOverride (Industroyer) Reported that it was used in Ukraine attack in 2016 Abuses widely-used ICS protocols, including IEC 104 and IEC 61850 (https://www.youtube.com/watch?v=8ThgK1WXUgk)

Command Authentication Validate legitimacy of incoming control commands based on power grid status and context Complementary to existing security solutions: Industrial firewall, data diode Intrusion / anomaly detection TLS (IEC 62351) Security measures at control center (user authentication, access control, anti-virus, etc.)

State-of-the-arts Centralized approach Decentralized approach Hui Lin, Adam Slagell, Zbigniew Kalbarczyk, Peter W. Sauer, and Ravishankar K. Iyer, Runtime Semantic Security Analysis to Detect and Mitigate Control-related Attacks in Power Grids, in IEEE Transactions on Smart Grid D. Mashima, P. Gunathilaka, and B. Chen, “Artificial command delaying for secure substation remote control: Design and implementation,” to appear in IEEE Transactions on Smart Grid. Decentralized approach S. Meliopoulos, G. Cokkinides, R. Fan, L. Sun, and B. Cui, “Command authentication via faster than real time simulation,” in Power and Energy Society General Meeting (PESGM), 2016. IEEE, 2016, pp. 1–5.

Steady-state Power Flow Simulation Fast to calculate, good for real-time operation But has potential limitation Frequency violation in term of WECC Category C limit (59Hz over 7 second)

Power System Dynamics Simulation Can simulate behavior in transient state as well as cascading failure Transmission line overload Out-of-sync generators As expected, takes time longer time to run simulation and evaluation

Command Authentication Based on Power System Dynamics Simulation For each command of interest, run 2 simulations: One without command execution (Res0) The other with command execution(Rescmd) Compare Res0 and Rescmd to make a decision Any (additional) stability violation? Dynamics simulation was aborted? (i.e., islanding?) Duration till islanding Magnitude of frequency/voltage/power flow violation

Execution Example with 3 Commnds Power grid mode for simulation is updated. 2 simulations with and without C1 execution are run in parallel 4 simulations ({no cmd, C2 only}, {C1 only, C1+C2}) are started in parallel Decision on C2 also depends on the decision on C1

Architecture Consideration A*CMD (Active Command Mediation Defense) with artificial command-delaying [*] Can delay command probabilistically or in a selective way Run command authentication system in a centralized manner [*] Daisuke Mashima, Prageeth Gunathilaka, and Binbin Chen, "Artificial Command Delaying for Secure Substation Remote Control: Design and Implementation." In press for IEEE Transactions on Smart Grid.

False Positives / Negatives For N-1 generator-loss contingencies, define legitimate recovery commands Execute command authentication to evaluate false positive No false positive was observed False negative may occur when malicious commands does not make the situation worse

Comparison with Steady-state based Approach Assume the load shedding controls listed in the table are the legitimate Randomly injected other control commands (e.g., commands to open irrelevant circuit breakers and transformers) Considered as malicious / anomalous control commands Evaluated whether they are flagged by each scheme

Preliminary Measurements with Larger Power Grid Model

Conclusions Use of power system dynamics simulation can be a good addition for securing remote control infrastructure of smart grid. Longer latency should be taken care of for practical operation (Integration to A*CMD was discussed). Latency required can be too long depending on model size and complexity. Exploring tradeoff between simulation fidelity and performance is an interesting future work.

Thank you very much! Questions? Email: daisuke.m@adsc-create.edu.sg We are hiring full-time researchers for the government-funded smart grid security & resilience research projects in Singapore. For details, please feel free to contact me or refer to http://www.mashima.us/daisuke/files/adsc-hiring.pdf