Modeling, Simulation and Analysis of Cyber
Transcription
Modeling, Simulation and Analysis of Cyber
Modeling, Simulation and Analysis of Cyber-Power System Dr. Anurag K. Srivastava Assistant Professor, The School of Electrical Engineering and Computer Science Director, Smart Grid Demonstration and Research Investigation Lab (SGDRIL) [email protected] May 15, 2014 Outline § Smart Grid and Cyber-Power System § Cyber-Power Security Analysis with Incomplete Information § Real Time Cyber Power Test Bed § Modeling and Simulation Using Real Time Test Bed § Summary Outline § Smart Grid and Cyber-Power System § Cyber-Power Security Analysis with Incomplete Information § Real Time Cyber Power Test Bed § Modeling and Simulation Using Real Time Test Bed § Summary Future Electric Power Grid IEEE • A next-generation electrical power system that is typified by the increased use of communications and information technology in the generation, delivery and consumption of electrical energy DOE • “Smart grid” generally refers to a class of technology people are using to bring utility electricity delivery systems into the 21st century, using computer-based remote control and automation. These systems are made possible by two-way communication technology and computer processing that has been used for decades in other industries. § Smart Grid is not a single technology. It’s a evolving concept with set of technologies. 4 of 30 Smart Grid Layers 5 of 30 Outline § Smart Grid and Cyber-Power System § Cyber-Power Security Analysis with Incomplete Information § Real Time Cyber Power Test Bed § Modeling and Simulation Using Real Time Test Bed § Summary Cyber-Power Security Smart Grid Security= Information + infrastructure + application security Source: Manimaran Govindrasu, Iowa State 7 of 30 Security Analysis with Incomplete Information Graph Theory based Attack Model þ Outsider cyber attacker will have limited information þ A framework for modeling a cyber attack based on limited information. þ Develop metrics based on existing contingency ranking tools to validate alternative vulnerability analysis algorithms based on limited information. þ Develop and validate N-1 and N-X contingency screening algorithm based on relevant centrality measures. 8 of 30 Graph Model of Power System A graph can be represented as an nxn matrix. Adjacency Distance Matrix Matrix 1 2 3 4 5 6 Edge Edge Weight 1-‐2 0.20 1-‐4 0.20 1-‐5 0.30 2-‐3 0.25 2-‐4 0.10 2-‐5 0.30 2-‐6 0.20 3-‐5 0.26 3-‐6 0.10 4-‐5 0.40 5-‐6 0.30 9 of 30 Centrality Measures • Four centrality measures to generate ranking indices of buses (verticies) 1. 2. 3. 4. Degree Centrality (CD) Eigenvector Centrality (CE) Closeness Centrality (CC) Vertex Betweeness Centrality (CBv) • One centrality measure to generate a ranking index of branches (edges). 1. Edge Betweeness Centrality (CBe) • CD and CE are based on terms in the Ybus • CC, CBv, and CBe based on distance matrix populated from branch impedances. 10 of 30 Centrality Measures Aij = Yij with diagonal elements set to zero dG(i,j) = shortest path between bus i and bus j σjk (i) = total number of shortest paths using vertex/edge i σjk = total number of shortest paths between buses j and k 11 of 30 BIIF Compared to Vertex Centrality Measures • Can five centrality measures be used for contingency screening? • Validate Bus Injection Impact Factor (BIIF) values with each of the four vertex centrality measures. • Validate Line Outage Impact Factor (LOIF) values with the edge betweeness centrality measure. • Perform correlation statistical tests. Bus Injection Shift Factor (BISF) Line Outage Impact Factor (LOIF) ? ? Degree Centrality Eigenvector Centrality Closeness Centrality Vertex Betweeness Centrality (CD) (CE) (CC) (CBv) Edge Betweeness Centrality (CBv) 12 of 30 Vertex Centrality vs. BIIF Correlations Polish-2383 UGLY UGLY Correlation Coefficients range from -1 to +1 R = -0.059 R = -0.096 Determine if Relationship is linear and able to be ranked. NICE! R = -0.635 INTERESTING R = -0.357 cannot rank 13 of 30 Edge Betweeness Centrality vs. LOIF • The edge betweeness centrality measure is a decent predictor of the sensitivity of a power system to branch outages. • The four vertex centrality techniques did not appear to reliably reflect the sensitivity of a power system to bus injection outages. However, the closeness centrality measure was close enough to merit further consideration. R = 0.66 R = 0.60 14 of 30 N-X Centrality Impact Algorithms • Bus injection outage does not change the bus/branch (or edge/vertex) topology. • N-X closeness centrality impact (CIC) based on summing closeness centrality values. • Branch outages more complicated, since the topology changes when lines (edges) removed. • Formulation of N-X edge betweeness centrality impact (CIBe) formed by summing components from X subgraphs. *Anurag Srivastava, T. Morris, T. Ernster, C. Vellaithurai, S. Pan and U. Adhikari, “Modeling Cyber-Physical Vulnerability of the Smart Grid with Incomplete Information”, IEEE Transactions on Smart Grid 15 of 30 Correlation of CIC and MBIIF Test System N-2 R coeff p-value N-3 R coeff p-value IEEE-14 -0.5503 1.7916 × 10-7 IEEE-30 -0.6920 3.7530 × 10-59 -0.6831 0 IEEE-57 -0.6682 9.4216 × 10-200 -0.6679 0 IEEE-118 -0.5981 0 -0.5495 ----- 5.7545 × 10-24 ----- Surprisingly Decent 16 of 30 Outline § Smart Grid and Cyber-Power System § Cyber-Power Security Analysis with Incomplete Information § Real Time Cyber Power Test Bed § Modeling and Simulation Using Real Time Test Bed § Summary Cyber-Power Test Bed 18 of 30 Cyber Power Test Bed Using NS3 and RTDS • Network Simulator 3 (NS3) is a open source software which supports emulation feature. • Supports Multiprotocol labeled Switching (MPLS). This feature has not yet been used. • Protocol entities are designed to be closer to real implementation. • NS3 is run in Schweitzer Engineering Lab (SEL) 3354 Substation Computer or Linux computer which is also time synchronized to the GPS clock in the test bed. This takes care of maintaining same timescale across the test bed. 19 of 30 Application Layer Control Center OpenPDC RT-VSM NS 3 Communication Layer Subsystem Sensor and Control Layer Database PDC PMU Hardware Interface/Ethernet Internet Power system Layer RSCAD RTDS 20 of 30 Outline § Smart Grid and Cyber-Power System § Cyber-Power Security Analysis with Incomplete Information § Real Time Cyber Power Test Bed § Modeling and Simulation Using Real Time Test Bed § Summary Modeling Using Real Time Simulation Aurora Attack þ Aurora attack demonstration by INL þ Switching action to physically damage generator þ Switching action possible by hacking into relay and closing and opening breaker before back up relay operates þ Demonstrated using RTDS þ Integrated with cyber physical contingency ranking þ http://www.youtube.com/watch?v=fJyWngDco3g 22 of 30 Real Time Simulation for Aurora Attack Model IEEE-14 bus system in RTDS to simulate the effects of attack/defense actions during a coordinated attack. 23 of 30 Real Time Simulation for Aurora Attack Aurora attack with local beaker opening Aurora attack with remote beaker opening Breaker opening and out of synchronism reclosing 24 of 30 Real Time Simulation for Aurora Attack N-3 Generator Outage Contingency Ranking for The IEEE 14 Bus Top five N-3 Generator Outage Contingency Ranking for The IEEE 118 bus system *Anurag Srivastava, T. Morris, T. Ernster, C. Vellaithurai, S. Pan and U. Adhikari, “Modeling Cyber-Physical Vulnerability of the Smart Grid with Incomplete Information”, IEEE Transactions on Smart Grid 25 of 30 Real Time Simulation for Aurora Attack Breaker opened for 0.25 seconds and closed for 0.75 seconds, two generator attack (G3 and G5) Power Output, Current, Torque in RTDS 26 of 30 Real Time Simulation for Aurora Attack • Top ranked cyber-physical vulnerability will be combination of G3, G4 and G5 based on the cyber-power vulnerability ranking. • It was observed that N-3 contingency would lead to massive load shedding and drop in voltage. Power Output, Current, Torque in RTDS 27 of 30 Outline § Smart Grid and Cyber-Power System § Cyber-Power Security Analysis with Incomplete Information § Real Time Cyber Power Test Bed § Modeling and Simulation Using Real Time Test Bed § Summary Summary and Other Smart Grid Projects @WSU Summary: • Two projects related to cyber-power attack analysis and real time modeling for aurora attack have been discussed • Cyber and power experts need to interact closely to develop theoretical aspects of cyber-power analysis • Federated test bed are required for scalability and diversity Partial list of other Research Cyber-Physical Projects: • TCIPG Project, communication for smart grid (With UIUC) • Gridsim, Real Time Smart Grid Simulation ($2M, DoE) • Diagnosis and Prognosis for Cyber-Physical System ($1M with NSF) • Cyber impact on power grid with real time test bed for wide area network and and Microgrid • Smart Grid Training and Synchrophasor Education Grant ($1.3M, DOE) 29 of 30