Machine learning (ML)-based intrusion detection system (IDS) approaches have been significantly applied and advanced the state-of-the-art system security and defense mechanisms. In smart grid ...computing environments, security threats have been significantly increased as shared networks are commonly used, along with the associated vulnerabilities. However, compared to other network environments, ML-based IDS research in a smart grid is relatively unexplored, although the smart grid environment is facing serious security threats due to its unique environmental vulnerabilities. In this article, we conducted an extensive survey on ML-based IDS in smart grids based on the following key aspects: (1) The applications of the ML-based IDS in transmission and distribution side power components of a smart power grid by addressing its security vulnerabilities; (2) dataset generation process and its usage in applying ML-based IDSs in the smart grid; (3) a wide range of ML-based IDSs used by the surveyed papers in the smart grid environment; (4) metrics, complexity analysis, and evaluation testbeds of the IDSs applied in the smart grid; and (5) lessons learned, insights, and future research directions.
Modern industrial systems and critical infrastructures are constantly exposed to malicious cyber-attacks that are challenging and difficult to identify. Cyber-attacks can cause severe economic losses ...and damage the attacked system if not detected accurately and timely. Therefore, designing an accurate and sensitive intrusion detection system is undoubtedly necessary to ensure the productivity and safety of industrial systems against cyber-attacks. This paper first introduces a stacked deep learning method to detect malicious attacks in SCADA systems. We also consider eleven machine learning models, including the Xtreme Gradient Boosting (XGBoost), Random forest, Bagging, support vector machines with different kernels, classification tree pruned by the minimum cross-validation and by 1-standard error rule, linear discriminate analysis, conditional inference tree, and the C5.0 tree. Real data sets with different kinds of cyber-attacks from two laboratory-scale SCADA systems, gas pipeline and water storage tank systems, are employed to evaluate the performance of the investigated methods. Seven evaluation metrics have been used to compare the investigated models (accuracy, sensitivity, specificity, precision, recall, F1-score, and area under curve, or AUC). Overall, results show that the XGBoost approach achieved superior detection performance than all other investigated methods. This could be due to its desirable characteristics to avoid overfitting, decreases the complexity of individual trees, robustness to outliers, and invariance to scaling and monotonic transformations of the features. Unexpectedly, the deep learning models are not providing the best performance in this case study, even with their extended capacity to capture complex features interactions.
Wind turbines are becoming increasingly important in the generation of clean, renewable energy worldwide. To ensure their dependable and accessible operation, advanced real-time condition monitoring ...technology must be implemented to guarantee efficient wind power generation and financial viability. Machine learning (ML) has emerged as a crucial technique for condition monitoring in wind power systems in recent years. This is especially relevant because dedicated condition monitoring systems, primarily focused on vibration measurements, are prohibitively expensive. Preventive maintenance is the most effective way to detect and address issues before they impact performance. This article provides a comprehensive and up-to-date review of the latest condition monitoring technologies for fault detection, diagnosis, and prognosis in wind turbines, with a particular focus on ML algorithms for critical faults and failure modes, preprocessing methods, and evaluation metrics. Numerous references have been analyzed to evaluate past, present, and potential future research and development trends in this field. Most of these references are based on recent journal articles, theses, and reports found in the open literature.
This paper presents a performance analysis of predictive models for the generator module which can be used as a reference for improvement in the condition monitoring system using wind turbines in a ...wind farm in Taiwan. With the generator being a critical component prone to failures, it is important to perform data analysis on its parameters that could be used for condition monitoring. The main innovative feature in this framework is the conduct of performance analysis before the development of the condition monitoring system. Also, the consistency of the performance between the different wind turbines in the wind farm is evaluated. The predictive models are generated using the neural network algorithm with a different combination of parameters from the SCADA system. The correlation of the parameters as well as the mean square error of the predictive models were then computed for analysis. Results showed that pairing of input parameters with a higher correlation to the output parameter would give better performance for the predictive model. Furthermore, the performance of the different models was consistent throughout the different wind turbines in the wind farm which indicates that the same model can be developed and used for wind turbines belonging to the same wind farm. Employing a preliminary performance analysis of different combinations of component parameters could help in optimizing predictive models for condition monitoring.
This paper proposes the description of an original smart-grids test bed aimed at teaching novel feeder automation functions to students from both university and industry origins. With this test bed, ...a lab class proposes to students, first, to develop feeder automation functions using scientific software and, then, to experiment by practically testing them on an emulated distribution grid platform, called PREDIS. This platform includes real medium-voltage reduced-scale loads, generators, and a supervisory control and data acquisition system. The presented lab class is part of a dedicated complete pedagogic module with lectures and experiments. Through the development, the tests and the deployments of their own solutions in an actual distribution grid, the students learn by doing from theory to practice the complete chain of smart-grids solutions: from the electrical to the communication layers.
GPS receiver is the source of synchronization in phasor measurement unit (PMU) networks. While it guarantees time precision, it is vulnerable to cyberattacks, which may modify the time offset and ...results in mismatches in time. This modification (GPS spoofing attack) changes the phase angle of signals measured by PMU. This article deals with three important challenges in GPS spoofing attack detection; first, multiattack detection while there are probable attacks on different PMUs, second, attack detection considering the dynamic model of power systems, and third, measurement correction. For providing solution to the abovementioned problems, an anti-GPS spoofing attack mechanism is suggested, in which, a dynamic filter with the help of PMU and supervisory control and data acquisition (SCADA) systems measurements estimate the phase shifts caused by spoofing attacks. The results of data fusion of PMUs and SCADA in the detection method are shown. Numerical results demonstrate that this approach can detect dynamic spoofing attacks in a reasonable time and as soon as multiple attacks are detected, corrected measurements are provided.
Recently, the number of hacker attacks on industrial production facilities has increased significantly. That growth is associated with the rapid development of information technologies for the ...control systems. The increase in the number of incidents has led to the emergence of cybersecurity – a new field of scientific and technical research that deals with the industrial companies security issues. Several widely discussed incidents are related to cybersecurity. For example, the STUXNET worm has infected Siemens industrial systems and inflicted heavy losses for the Iranian nuclear program. That worm made use of operating system vulnerabilities and the «human factor». The STUXNET worm has been also served as the basis for a number of modified viruses that have been used to successfully attack on various industrial networks. As Siemens is one of the world’s key manufacturers of industrial equipment, the STUXNET has become widespread. Currently, many publications discuss STUXNET from different points of view. Researchers dealing with this problem often overlook the important fact that the existing standard communication protocols, interaction interfaces and embedded algorithms are in most cases unreliable and are not able to provide the proper level of security, but they focus on the vulnerabilities of intrusion detection and prevention systems. With the increasing number of cyber attacks and their expansion, it is necessary to develop secure communication channels and devices to implement the concept of safe industrial manufacturing. This paper analyzes modern process control systems from the point of view of information security.
As key components of the power grid infrastructure, Supervisory Control and Data Acquisition (SCADA) systems are likely to be targeted by nation-state-level attackers willing to invest considerable ...resources to disrupt the power grid. We present Spire, the first intrusion-tolerant SCADA system that is resilient to both system-level compromises and sophisticated network-level attacks and compromises. We develop a novel architecture that distributes the SCADA system management across three or more active sites to ensure continuous availability in the presence of simultaneous intrusions and network attacks. A wide-area deployment of Spire, using two control centers and two data centers spanning 250 miles, delivered nearly 99.999% of all SCADA updates initiated over a 30-hour period within 100ms. This demonstrates that Spire can meet the latency requirements of SCADA for the power grid.
The monitoring and control of all industrial processes in today's society is an essential requirement to achieve efficient productivity. The main objective of the work is to design a SCADA system for ...the chemical water treatment plant of the Thermoelectric Power Plant “José Martí”. For this, the architecture and the SCADA were designed, the results and contributions obtained from the tests carried out were evaluated. In the work, the PLC M221CE24R was used, which has very good computational performance and an adequate cost/benefit ratio. The design was carried out using the Eros Cuban development platform, version 5.11, and the Modbus TCP/IP protocol was used for communication between the automaton and the Eros. The SCADA that was designed allows to know in real time the parameters and alarms of the plant and the same actions can be executed locally and remotely. For what is viable and necessary, because it guarantees technological independence. The simulation and the tests carried out, both in the laboratory and in situ, validate its functionality and it is designed in a scalable and flexible way to assimilate future extensions.
When wind turbine blades are icing, the output power of a wind turbine tends to reduce, thus informing the selection of two basic variables of wind speed and power. Then other features, such as the ...degree of power deviation from the power curve fitted by normal sample data, are extracted to build the model based on the random forest classifier with the confusion matrix for result assessment. The model indicates that it has high accuracy and good generalization ability verified with the data from the China Industrial Big Data Innovation Competition. This study looks at ice detection on wind turbine blades using supervisory control and data acquisition (SCADA) data and thereafter a model based on the random forest classifier is proposed. Compared with other classification models, the model based on the random forest classifier is more accurate and more efficient in terms of computing capabilities, making it more suitable for the practical application on ice detection.