Cyber-Physical Security for the Energy Grid: Micro to Macro

Energy grid security from micro to macro scale, focusing on attack vectors, protection methods, and a tool for experimentation. Explore vulnerability in AMI infrastructure and the development of SecAMI tool for risk assessment.

• Energy Grid
• Cyber-Physical Security
• Attack Vectors
• Vulnerabilities
• SecAMI

shak_400 Follow

Uploaded on Feb 27, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

Presentation Transcript

1. Cyber-Physical Security for the Energy Grid: From the Micro to the Macro Saurabh Bagchi School of Electrical and Computer Engineering Department of Computer Science Purdue University Joint work with: Alefiya Hussain (USC/ISI), Rakesh Bobba (Oregon), Robin Berthier (Network Perception Inc.) Presentation available at: engineering.purdue.edu/~sbagchi Slide 1/9

2. Motivation Energy grid is the largest interconnected Cyber-Physical System (CPS) today Questions to answer: 1. What are the most likely attack vectors? At a micro scale, such as, within a neighborhood mesh network At a macro scale, such as, individual CPSs of multiple energy producers and utilities 2. What are the most economically beneficial ways of protecting the critical assets? Cost versus benefit tradeoff Degree of cooperation among multiple stakeholders Role of information deception in protection Slide 2/9

3. Security at the Micro-Scale Within the AMI infrastructure The meters are connected via a wireless mesh network to the Data Concentrator Unit (DCU) Vulnerabilities in individual meters can be exploited to gain remote access to them Using compromised nodes, it is possible to launch: Control flow attack:attacker explores the network, taking control of each visited node, until she reaches the DCU and can issue a mass disconnect Data flow attack: attacker injects false data about the load at each meter into the network, eventually causing a failure Slide 3/9

4. Our Contribution: SecAMI We have developed a tool that lets anyone experiment with different attack scenarios to determine Extent of damage, given a particular level of protection Level of protection needed to limit damage to a given level Inputs: Network Topology Timing characteristics of the network: communication latency, time to execute relevant commands Virulence of the spread of the attack Can experiment with different response strategies: disconnect, re-key, Slide 4/9

5. Results SecAMI tool. [Online]. Available: https://github.com/nburow/SecAMI/ Shawly, Tawfeeq, Jun Liu, Nathan Burow, Saurabh Bagchi, Robin Berthier, and Rakesh B. Bobba. "A risk assessment tool for advanced metering infrastructures." In Smart Grid Communications (SmartGridComm), 2014 IEEE International Conference on, pp. 989-994. IEEE, 2014. Network Size does not impact our metric Need 2 : 1 ratio between attack time : detect time Slide 5/9

6. Security at the Macro Scale Cyberattacks in seemingly distant parts of energy grid can have local consequences Model: Autonomous organizations ( actors ) own and operate various assets, and cooperate to provide some end-user visible service Strategic adversaries: Optimally select a subset of actors (i.e., their assets) and targets them to have a large positive benefit to the attacker. Defenders: Estimate the adversary strategy and independently select assets to defend Questions: What is the strategic adversary s rational attack strategy? Under bounded resource considerations? Slide 6/9

7. Security at the Macro Scale Questions: How should defenders cooperate to defend the assets? Remember that impacts cross organizational boundaries. How should deceptive information be used to increase asymmetry of knowledge in defender s favor? How do market forces price of commodity, marginal utility of commodity, level of competition affect the defensive investments Solution approach: Game theoretic model created Can provide optimal decision strategy under given information advantage Can provide semi-optimal decision strategy under real-time considerations (work in progress) Paul Wood, Saurabh Bagchi, and Alefiya Hussain. "Optimizing Defensive Investments in Energy-Based Cyber-Physical Systems" Accepted to appear at the Dependable Parallel, Distributed and Network-Centric Systems (DPDNS) Workshop, to be held with 29th IEEE International Parallel & Distributed Processing Symposium (IPDPS), May 25-29, 2015. Slide 7/9

8. Conclusions Protecting the energy grid needs a rational scientific decision making strategy, i.e., algorithmic support Needs to operate at multiple system scales Needs to consider adversary strategies for rational adversaries Needs to consider real-life constraints on cooperation and information sharing Needs to have a a planning component as well as a real-time component Our contributions Tool for What If attack-defense scenarios in the AMI Game theoretic formulation for system-wide CPS Very much work in progress Slide 8/9

9. Presentation available on: Research group web page engineering.purdue.edu/dcsl Slide 9/9