Impact evaluation of malicious control commands in cyber-physical smart grids.

Abstract

The Smart Grid (SG) is vulnerable to cyber-attacks due to its integration with a variety of information, communication and control technologies. If undetected by deployed security systems, cyber-attacks could damage critical power system infrastructure and disrupt service to a very large number of energy customers. In particular, cyber-attackers could hijack the smart grid by injecting malicious commands. To provide insight into these concerns, we propose an approach that develops a new tool for the real-time Cyber-Physical Security Assessment (CPSA) of malicious control commands that target physical SG components. The tool is able to detect and protect the system against known Trojans (such as BlackEnergy). It also efficiently and effectively monitors the health of the power system in real-time and detects the presence of malicious commands. The security analysis of our approach includes a look at three system-generated metrics: system susceptibility, access points, and threat capability. The performance analysis includes a look at the system overhead, scalability, accuracy, robustness, and execution and response time. Our proposed approach was tested on a 42-bus power system with 24 substations. The developed tool could be extended and used by power system operators to assess and mitigate the impact of cyber-attacks on the smart grid.