Modeling, Simulation and Analysis of Cyber

Modeling, Simulation and Analysis
of Cyber-Power System
Dr. Anurag K. Srivastava
Assistant Professor, The School of Electrical Engineering and Computer Science
Director, Smart Grid Demonstration and Research Investigation Lab (SGDRIL)
[email protected]
May 15, 2014
Outline
§  Smart Grid and Cyber-Power System
§  Cyber-Power Security Analysis with Incomplete
Information
§  Real Time Cyber Power Test Bed
§  Modeling and Simulation Using Real Time Test Bed
§  Summary
Outline
§  Smart Grid and Cyber-Power System
§  Cyber-Power Security Analysis with Incomplete
Information
§  Real Time Cyber Power Test Bed
§  Modeling and Simulation Using Real Time Test Bed
§  Summary
Future Electric Power Grid
IEEE
•  A next-generation electrical power system that is
typified by the increased use of communications
and information technology in the generation,
delivery and consumption of electrical energy
DOE
•  “Smart grid” generally refers to a class of technology
people are using to bring utility electricity delivery
systems into the 21st century, using computer-based
remote control and automation. These systems are
made possible by two-way communication technology
and computer processing that has been used for
decades in other industries.
§ Smart Grid is not a single technology. It’s a
evolving concept with set of technologies.
4 of 30
Smart Grid Layers
5 of 30
Outline
§  Smart Grid and Cyber-Power System
§  Cyber-Power Security Analysis with Incomplete
Information
§  Real Time Cyber Power Test Bed
§  Modeling and Simulation Using Real Time Test Bed
§  Summary
Cyber-Power Security
Smart Grid Security= Information + infrastructure + application security
Source: Manimaran Govindrasu, Iowa State
7 of 30
Security Analysis with Incomplete Information
Graph Theory based Attack Model
þ  Outsider cyber attacker will have limited information
þ  A framework for modeling a cyber attack based on limited information.
þ  Develop metrics based on existing contingency ranking tools to validate
alternative vulnerability analysis algorithms based on limited information.
þ  Develop and validate N-1 and N-X contingency screening algorithm based on
relevant centrality measures.
8 of 30
Graph Model of Power System
A graph can be represented as an nxn matrix.
Adjacency
Distance Matrix
Matrix
1
2
3
4
5
6
Edge Edge Weight 1-­‐2 0.20 1-­‐4 0.20 1-­‐5 0.30 2-­‐3 0.25 2-­‐4 0.10 2-­‐5 0.30 2-­‐6 0.20 3-­‐5 0.26 3-­‐6 0.10 4-­‐5 0.40 5-­‐6 0.30 9 of 30
Centrality Measures
• Four centrality measures to generate ranking
indices of buses (verticies)
1. 
2. 
3. 
4. 
Degree Centrality (CD)
Eigenvector Centrality (CE)
Closeness Centrality (CC)
Vertex Betweeness Centrality (CBv)
• One centrality measure to generate a ranking
index of branches (edges).
1. 
Edge Betweeness Centrality (CBe)
•  CD and CE are based on terms in the Ybus
•  CC, CBv, and CBe based on distance matrix
populated from branch impedances.
10 of 30
Centrality Measures
Aij = Yij with diagonal
elements set to zero
dG(i,j) = shortest path
between bus i and bus j
σjk (i) = total number
of shortest paths
using vertex/edge i
σjk = total number of shortest
paths between buses j and k
11 of 30
BIIF Compared to Vertex Centrality Measures
• Can five centrality measures be used for contingency
screening?
• Validate Bus Injection Impact Factor (BIIF) values with each
of the four vertex centrality measures.
• Validate Line Outage Impact Factor (LOIF) values with the
edge betweeness centrality measure.
• Perform correlation statistical tests.
Bus Injection Shift Factor
(BISF)
Line Outage Impact Factor
(LOIF)
?
?
Degree Centrality
Eigenvector Centrality
Closeness Centrality
Vertex Betweeness Centrality
(CD)
(CE)
(CC)
(CBv)
Edge Betweeness Centrality
(CBv)
12 of 30
Vertex Centrality vs. BIIF Correlations
Polish-2383
UGLY
UGLY
Correlation
Coefficients
range from
-1 to +1
R = -0.059
R = -0.096
Determine if
Relationship
is linear and
able to be
ranked.
NICE!
R = -0.635
INTERESTING
R = -0.357
cannot
rank
13 of 30
Edge Betweeness Centrality vs. LOIF
• The edge betweeness centrality measure is a decent predictor of the
sensitivity of a power system to branch outages.
• The four vertex centrality techniques did not appear to reliably
reflect the sensitivity of a power system to bus injection outages.
However, the closeness centrality measure was close enough to
merit further consideration.
R = 0.66
R = 0.60
14 of 30
N-X Centrality Impact Algorithms
• Bus injection outage does not change the bus/branch
(or edge/vertex) topology.
• N-X closeness centrality impact (CIC) based on
summing closeness centrality values.
• Branch outages more complicated, since the topology
changes when lines (edges) removed.
• Formulation of N-X edge betweeness centrality
impact (CIBe) formed by summing components from X
subgraphs.
*Anurag Srivastava, T. Morris, T. Ernster, C. Vellaithurai, S. Pan and U. Adhikari, “Modeling Cyber-Physical
Vulnerability of the Smart Grid with Incomplete Information”, IEEE Transactions on Smart Grid
15 of 30
Correlation of CIC and MBIIF
Test System N-2 R coeff p-value N-3 R coeff p-value IEEE-14 -0.5503 1.7916 × 10-7 IEEE-30 -0.6920 3.7530 × 10-59 -0.6831 0 IEEE-57 -0.6682 9.4216 × 10-200 -0.6679 0 IEEE-118 -0.5981 0 -0.5495 ----- 5.7545 × 10-24 ----- Surprisingly Decent
16 of 30
Outline
§  Smart Grid and Cyber-Power System
§  Cyber-Power Security Analysis with Incomplete
Information
§  Real Time Cyber Power Test Bed
§  Modeling and Simulation Using Real Time Test Bed
§  Summary
Cyber-Power Test Bed
18 of 30
Cyber Power Test Bed Using NS3
and RTDS
•  Network Simulator 3 (NS3) is a open source
software which supports emulation feature.
• Supports Multiprotocol labeled Switching (MPLS).
This feature has not yet been used.
• Protocol entities are designed to be closer to real
implementation.
• NS3 is run in Schweitzer Engineering Lab (SEL) 3354
Substation Computer or Linux computer which is
also time synchronized to the GPS clock in the test
bed. This takes care of maintaining same timescale
across the test bed.
19 of 30
Application Layer
Control
Center
OpenPDC
RT-VSM
NS 3
Communication Layer
Subsystem
Sensor and Control Layer
Database
PDC
PMU
Hardware Interface/Ethernet Internet
Power system Layer
RSCAD
RTDS
20 of 30
Outline
§  Smart Grid and Cyber-Power System
§  Cyber-Power Security Analysis with Incomplete
Information
§  Real Time Cyber Power Test Bed
§  Modeling and Simulation Using Real Time Test Bed
§  Summary
Modeling Using Real Time Simulation
Aurora Attack
þ  Aurora attack demonstration by INL
þ  Switching action to physically damage generator
þ  Switching action possible by hacking into relay and closing and opening
breaker before back up relay operates
þ  Demonstrated using RTDS
þ  Integrated with cyber physical contingency ranking
þ  http://www.youtube.com/watch?v=fJyWngDco3g
22 of 30
Real Time Simulation for Aurora Attack
Model IEEE-14 bus system
in RTDS to simulate the
effects of attack/defense
actions during a
coordinated attack.
23 of 30
Real Time Simulation for Aurora Attack
Aurora attack with local
beaker opening
Aurora attack with remote beaker opening
Breaker opening and out of synchronism reclosing
24 of 30
Real Time Simulation for Aurora Attack
N-3 Generator Outage Contingency Ranking for The IEEE 14 Bus
Top five N-3 Generator Outage Contingency Ranking for The IEEE
118 bus system
*Anurag Srivastava, T. Morris, T. Ernster, C. Vellaithurai, S. Pan and U. Adhikari, “Modeling Cyber-Physical
Vulnerability of the Smart Grid with Incomplete Information”, IEEE Transactions on Smart Grid
25 of 30
Real Time Simulation for Aurora Attack
Breaker opened for 0.25 seconds and closed for 0.75 seconds, two
generator attack (G3 and G5)
Power Output, Current, Torque in RTDS
26 of 30
Real Time Simulation for Aurora Attack
•  Top ranked cyber-physical vulnerability will be combination of G3, G4 and G5
based on the cyber-power vulnerability ranking.
•  It was observed that N-3 contingency would lead to massive load shedding and
drop in voltage.
Power Output, Current, Torque in RTDS
27 of 30
Outline
§  Smart Grid and Cyber-Power System
§  Cyber-Power Security Analysis with Incomplete
Information
§  Real Time Cyber Power Test Bed
§  Modeling and Simulation Using Real Time Test Bed
§  Summary
Summary and Other Smart Grid Projects @WSU
Summary:
•  Two projects related to cyber-power attack analysis and real time
modeling for aurora attack have been discussed
•  Cyber and power experts need to interact closely to develop
theoretical aspects of cyber-power analysis
•  Federated test bed are required for scalability and diversity
Partial list of other Research Cyber-Physical Projects:
•  TCIPG Project, communication for smart grid (With UIUC)
•  Gridsim, Real Time Smart Grid Simulation ($2M, DoE)
•  Diagnosis and Prognosis for Cyber-Physical System ($1M with NSF)
•  Cyber impact on power grid with real time test bed for wide area network
and and Microgrid
•  Smart Grid Training and Synchrophasor Education Grant ($1.3M, DOE)
29 of 30