Explore the vast range of titles available.

In this paper, a brief survey of measurable factors affecting the adoption of cybersecurity enhancement methods in the smart grid is provided. From a practical point of view, it is a key point to determine to what degree the cyber resilience of power systems can be improved using cost-effective resilience enhancement methods. Numerous attempts have been made to the vital resilience of the smart grid against cyber-attacks. The recently proposed cybersecurity methods are considered in this paper, and their accuracies, computational time, and robustness against external factors in detecting and identifying False Data Injection (FDI) attacks are evaluated. There is no all-inclusive solution to fit all power systems requirements. Therefore, the recently proposed cyber-attack detection and identification methods are quantitatively compared and discussed.

Over the last decade, the number of cyber attacks targeting power systems and causing physical and economic damages has increased rapidly. Among them, false data injection attacks (FDIAs) are a class of cyber-attacks against power grid monitoring systems. Adversaries can successfully perform FDIAs to manipulate the power system state estimation (SE) by compromising sensors or modifying system data. SE is an essential process performed by the energy management system towards estimating unknown state variables based on system redundant measurements and network topology. SE routines include bad data detection algorithms to eliminate errors from the acquired measurements, e.g. in case of sensor failures. FDIAs can bypass BDD modules to inject malicious data vectors into a subset of measurements without being detected, and thus manipulate the results of the SE process. To overcome the limitations of traditional residual-based BDD approaches, data-driven solutions based on machine learning algorithms have been widely adopted for detecting malicious manipulation of sensor data due to their fast execution times and accurate results. This study provides a comprehensive review of the most up-to-date machine learning methods for detecting FDIAs against power system SE algorithms.

The generation of the mix-based expansion of modern power grids has urged the utilization of digital infrastructures. The introduction of Substation Automation Systems (SAS), advanced networks and communication technologies have drastically increased the complexity of the power system, which could prone the entire power network to hackers. The exploitation of the cyber security vulnerabilities by an attacker may result in devastating consequences and can leave millions of people in severe power outage. To resolve this issue, this paper presents a network model developed in OPNET that has been subjected to various Denial of Service (DoS) attacks to demonstrate cyber security aspect of an international electrotechnical commission (IEC) 61850 based digital substations. The attack scenarios have exhibited significant increases in the system delay and the prevention of messages, i.e., Generic Object-Oriented Substation Events (GOOSE) and Sampled Measured Values (SMV), from being transmitted within an acceptable time frame. In addition to that, it may cause malfunction of the devices such as unresponsiveness of Intelligent Electronic Devices (IEDs), which could eventually lead to catastrophic scenarios, especially under different fault conditions. The simulation results of this work focus on the DoS attack made on SAS. A detailed set of rigorous case studies have been conducted to demonstrate the effects of these attacks.

Distribution system resilience is an emerging topic of interest given an increasing number of extreme events and adverse impacts on the power grid (e.g. Hurricane Maria and Ukraine cyber-attack). The concept of resilience poses serious challenges to the power system research community given varied definitions and multivariate factors affecting resilience. The ability of nature or malicious actors to disrupt critical services is a real threat to the life of our citizens, national assets and the security of a nation. Many examples of such events have been documented over the years. Promising research in this area has been in progress focused on the quantification and in enabling resilience of the distribution system. The objective of this study is to provide a detailed overview of distribution system resilience, the classification, assessment, metrics for measuring resilience, possible methods for enabling resilience, and the associated challenges. A new multi-dimensional and multi-temporal resilience assessment framework is introduced along with a research roadmap outlining the future of resilience to help the reader conceptualise the theories and research gaps in the area of distribution system cyber-physical resilience.

This paper is concerned with the issue of the diagnostics of process faults and the detection of cyber-attacks in industrial control systems. This problem is of significant importance to energy production and distribution, which, being part of critical infrastructure, is usually equipped with process diagnostics and, at the same time, is often subject to cyber-attacks. A commonly used approach would be to separate the two types of anomalies. The detection of process faults would be handled by a control team, often with a help of dedicated diagnostic tools, whereas the detection of cyber-attacks would be handled by an information technology team. In this article, it is postulated here that the two can be usefully merged together into one, comprehensive, anomaly detection system. For this purpose, firstly, the main types of cyber-attacks and the main methods of detecting cyber-attacks are being reviewed. Subsequently, in the analogy to “process fault”—a term well established in process diagnostics—the term “cyber-fault” is introduced. Within this context a cyber-attack is considered as a vector containing a number of cyber-faults. Next, it is explained how methods used in process diagnostics for fault detection and isolation can be applied to the detection of cyber-attacks and, in some cases, also to isolation of the components of such attacks, i.e., cyber-faults. A laboratory stand and a simulator have been developed to test the proposed approach. Some test results are presented, demonstrating that, similarly to equipment/process faults, residua can be established and cyber-faults can be identified based on the mismatch between the real data from the system and the outputs of the simulation model.

With the development of synchronous measuring technology and communication technology, the units of measurement, calculation, execution and communication are deeply integrated into energy manage system, which can achieve panoramic state awareness through the fast and accurate state estimation algorithm. Meanwhile, the cyber-attack has become an important issue posing severe threats to the secure operation of power systems. A well-designed false data injection attack (FDIA) against state estimation can effectively bypass the traditional bad data detection methods and interfere with the decision of the control centre, thus causing the power system incidents. This study comprehensively discusses the characteristics of FDIA including not only the goals, construction methods and consequences of FDIA from the perspective of attackers but also the protection and detection countermeasures from the perspective of defenders. Moreover, a game-theory-based FDIA against the substation information network is simulated to reveal the interactions between attackers and defenders.

In this study, an observer based control strategy is proposed for load frequency control (LFC) scheme against cyber-attack uncertainties. Most of research work focused on detection scheme or delay estimation scheme in presence of cyber-attack vulnerabilities and paid less attention on design of counteractive robust control scheme for LFC problem. Thus, observer based control scheme is designed here and provides robust performance against unknown input attack uncertainty and communication time-delay attack uncertainty. The generalized extended state observer (GESO) is used not only for state and disturbance estimation but also for disturbance rejection of the system. The said observer ensures accurate estimation of the actual states leading to convergence of estimation error to zero. So, the observer based linear quadratic regulator (LQR) is used to regulate the closed-loop damping ratio against cyber-attack uncertainty. In addition to fast response in terms of settling time and reduced over/undershoots, the proposed control scheme satisfactorily compensates the cyber-attack uncertainties in power system cyber physical networks and also compared with existing traditional PI and PID controllers. The simulation results demonstrate the robustness in terms of stability and effectiveness in terms of system security with proposed controller when subjected to cyber-attack uncertainties and load disturbances.

The smart grid is one of the core technologies that enable sustainable economic and social developments. In recent years, various cyber attacks have targeted smart grid systems, which have led to severe, harmful consequences. It would be challenging to build a real smart grid system for cybersecurity experimentation and validation purposes. Hence, analytical techniques, with simulations, can be considered as a practical solution to make smart grid cybersecurity experimentation possible. This paper first provides a literature review on the current state-of-the-art in smart grid attack analysis. We then apply graphical security modeling techniques to design and implement a Cyber Attack Analysis Framework for Smart Grids, named GridAttackAnalyzer. A case study with various attack scenarios involving Internet of Things (IoT) devices is conducted to validate the proposed framework and demonstrate its use. The functionality and user evaluations of GridAttackAnalyzer are also carried out, and the evaluation results show that users have a satisfying experience with the usability of GridAttackAnalyzer. Our modular and extensible framework can serve multiple purposes for research, cybersecurity training, and security evaluation in smart grids.

The aim of this research is to present and analyze a set of public or private energy companies that have been victims of cyber-attacks, while identifying various lessons that can guide other companies towards effective crisis management in response to this risk. To achieve this, we have adopted an exploratory approach that involves utilizing, in an original manner, the raw material derived from a collection of published articles and other documents that have addressed and presented the phenomenon of cyber-attacks on private and public energy companies. The main findings of this study demonstrate that, for effective management of a cyber-attack crisis, legislation must serve as a catalyst for anticipating and managing the crisis through innovative and ambitious draft texts. Additionally, companies must possess the necessary skills and expertise to respond to cyberattack crises, including the technical infrastructure and software required to counter cyber incidents. Furthermore, fostering a collaborative and multi-disciplinary team-building capacity led by a pilot with a comprehensive and unified vision, along with the ability to make prompt decisions, is of paramount importance.

As power systems mature into smart grid entities, they face new challenges toward online monitoring and control of the system's behaviour. Burgeoning classes of cyber-attacks are observed which may cause instability of the power grid and system blackouts if not identified. In this study, the authors propose an ensemble Kalman filter based anomaly detector using a relaxation-based solution. Performance of the proposed method is tested with Chi-Square detector and Largest Normalised Residual test. Results of simulations based on real-world data, up to 5000 bus system, demonstrate the effectiveness of the proposed framework over traditional bad data detection in presence of false data injection attack.