The widespread use of cyber-physical systems (CPS) not only brings new opportunities with it but also introduces the risk of cyber attacks on the system. One of the most dangerous and sophisticated ...types of attacks are the stealthy attacks that can hide their influence and are not detectable by conventional anomaly detection schemes. In this paper, a detection method for the replay attack and the covert attack on discrete event systems is proposed. Unexpected behavior is introduced into the transmitted signals by the integration of permutation matrices into the sensor and actuator channels. The permutation disrupts the stealthiness of an attacker and allows the detection of cyber attacks. Moreover, an attack localization scheme is proposed, which allows to determine which signals are attacked in case that the attacker only attacks a subset of communication channels and not the whole system.
In a false data injection attack (FDIA), an adversary stealthily compromises measurements from electricity grid sensors in a coordinated fashion, with a view to evading detection by the power system ...bad data detection module. A successful FDIA can cause the system operator to perform control actions that compromise either the physical or economic operation of the power system. In this letter, we consider some implications for FDIAs arising from the late 2015 Ukraine Blackout event.
Grid-tied power electronic converters are key enabling technologies for interfacing renewable energy sources, energy storage, electrical vehicles, microgrids, and high-voltage dc transmission lines ...with the electrical power grid. As the number of power converters in modern grids continually increases, their monitoring and coordinated control in a way to support the grid have become topics of increased practical and research interest. In connection with this, latest standards have also defined a mandatory set of control parameters for grid-tied converters, which should be adjustable by a remote entity that sends commands through a communication network. While such a remote control capability allows many new control functions in grid-tied converters, it also renders them vulnerable to cyber-attacks. The aim of this article is first to shed light on the portions of the power converter control systems that are vulnerable to cyber-attacks. Next, typical cyber-attacks are overviewed by considering different applications of the grid-tied converters. Further, the impact of different types of cyber-attacks on grid support functions is studied. Finally, this article is concluded with summary and recommendation for further research.
This paper investigates the recursive filtering problem with fading measurements and cyber attacks for multisensor multirate networked systems (MRNSs) under Round-Robin protocol (RRP). By exploiting ...the lifting technique, the sampling periods for both sensors and the state of the system are uniformed. It is assumed that the phenomenon of fading measurements which better describes practical engineering arises stochastically, and the attenuation coefficients of which are described by a set of random variables with known statistical properties. In order to fully utilize the limited communication resources, RRP is introduced in the sensor-to-filter channel. Considering the measurement outliers, a saturation function is adopted in the filter structure to suppress the anomalous innovations, so as to reduce the negative impact of the outliers. By means of matrix difference equation, an upper bound is first obtained on the filtering error covariance, and the filter gain is designed to minimize the obtained upper bound by partial derivation. Moreover, the exponential boundedness of the filtering error dynamics is analyzed in the mean square sense. Finally, a numerical simulation example is given to demonstrate the validity of the proposed recursive security filtering scheme.
In this article, the reachability analysis is investigated for the linear discrete-time systems in the presence of malicious cyber attacks. Moreover, the system disturbance and measurement noise are ...assumed to be unknown-but-bounded (UBB). Then, the attack model is built and a novel attack detector, which depends on the estimate residue is developed. Based on the stealthy cyber-attack set, reachability analysis is done, and the corresponding reachable set is computed. In order to reduce the computation burden, a recursive reachable set computation algorithm is proposed. Finally, an example is provided to illustrate the validity of main results.
This paper investigates the adaptive event-triggered consensus control problem for a class of linear multi-agent systems subject to cyber attacks and communication delays. To effectively alleviate ...unnecessary signals transmission among the agents and achieve the reasonable allocation of resources, an adaptive event-triggering scheme, whose threshold parameters are adaptively adjusted based on system performance needs, is proposed. The event-triggering scheme can achieve the discontinuous communication and significantly reduce the number of signals transmission while ensuring the desired control performance. By considering the communication scheme and consensus control protocol in a unified framework, the linear multi-agent system is reformulated as a time-delay error system. Sufficient conditions are developed to guarantee the asymptotical stability and security of time-delay error system. Moreover, a co-design for the gain of the controller and the parameters of the adaptive event-triggering scheme is provided. Finally, an example on the tunnel diode circuit system is given to show the effectiveness and advantages of the proposed method.
The smart grid is one of the most significant applications of the Internet of Things (IoT). As information and communication technologies (ICT) developed and applied in traditional power systems, the ...improvement of smart grid cyber-physical-systems (CPS) increases too. IoT-based smart grid systems are critical infrastructures, also they have complex architectures and include critical devices. They contain communication systems that can lead to national security deficits, disruption of public order, loss of life or large-scale economic damage when the confidentiality, integrity, or availability of the communication is broken down. These huge systems may be vulnerable to cyber-attacks. Therefore, there is a lot of research effort to enhance smart grid security in industry, government, and academia. The security approaches are important to improve solutions against cyber-attacks in smart grid applications. We present a comprehensive survey supported by a wide review of earlier work. Additionally, recent advances and countermeasures are presented on smart grid cyber-security. In this paper, the threats and potential solutions of the IoT-based smart grid are analyzed. We focus on cyber-attack types and provide an in-depth of the cyber-security state of the smart grid. Particularly, we concentrate on the discussion and examination of network vulnerabilities, attack countermeasures, and security requirements. We aim to supply a deep understanding of cyber-security vulnerabilities and solutions and give a guide on future research directions for cyber-security in smart grid applications.
Cyber resilience quantification is the process of evaluating and measuring an organisation’s ability to withstand, adapt to, and recover from cyber-attacks. It involves estimating IT systems, ...networks, and response strategies to ensure robust defence and effective recovery mechanisms in the event of a cyber-attack. Quantifying cyber resilience can be difficult due to the constantly changing components of IT infrastructure. Traditional methods like vulnerability assessments and penetration testing may not be effective. Measuring cyber resilience is essential to evaluate and strengthen an organisation’s preparedness against evolving cyber-attacks. It helps identify weaknesses, allocate resources, and ensure the uninterrupted operation of critical systems and information. There are various methods for measuring cyber resilience, such as evaluating, teaming and testing, and creating simulated models. This article proposes a cyber resilience quantification framework for IT infrastructure that utilises a simulation approach. This approach enables organisations to simulate different attack scenarios, identify vulnerabilities, and improve their cyber resilience. The comparative analysis of cyber resilience factors highlights pre-configuration’s robust planning and adaptation (61.44%), buffering supported’s initial readiness (44.53%), and network topologies’ robust planning but weak recovery and adaptation (60.04% to 77.86%), underscoring the need for comprehensive enhancements across all phases. The utilisation of the proposed factors is crucial in conducting a comprehensive evaluation of IT infrastructure in the event of a cyber-attack.
This paper investigates the problem of decentralized secure load frequency control (LFC) for multi-area power systems (MAPSs) under complex cyber attacks launched by a malicious attacker. Firstly, a ...novel model is developed, encapsulating complex cyber attacks comprising both Denial of Service (DoS) attacks and deception attacks. These sophisticated attacks possess compound characteristics across the time and spatial domains. This implies that a single area within an MAPS may face diverse cyber attacks at different times, while different areas within the same MAPS might experience varying attacks simultaneously. To reflect real-world scenarios, we consider the malicious attacker alternating between active and sleep modes. In the active mode, the attacker randomly launches either DoS attacks or deception attacks. In the sleep mode, no attacks are executed. Secondly, a decentralized secure LFC scheme is devised to mitigate the detrimental impact of complex cyber attacks. The mean-square exponential stability of the closed-loop system with a prescribed H∞ performance level is established using Lyapunov stability theory and the switching system method. Moreover, the control gain matrices are determined through the linear matrix inequality technique. Finally, the effectiveness of the proposed method is verified by an IEEE 39 bus test system.
For the implementation of distributed cooperative control of the dc microgrid (DCMG), dependency on the communication layer is inevitable. Consequently, the DCMG, a typical cyber-physical system, is ...susceptible to cyber-attacks, which can hinder the achievement of overall control objectives, and the system may even get destabilized. To detect and mitigate cyber-attacks on actuators as well as sensors, a resilient mechanism is proposed in this article. First, the detection mechanism is proposed using a finite-state machine model-based technique that exploits a dynamic function. This function keeps investigating the actual and estimated values of actuator and sensor signals to authenticate the attack detection. Second, mitigation of attacks is carried out using a robust sliding-mode functional observer (SMFO). The signal of the compromised node is replaced by the SMFO estimated value in the event of an attack detection. The SMFO-based proposed technique is insensitive to measurement noise and parametric variations. The proposed approach is validated by simulation as well as experimental studies on a prototype of a 4-node DCMG.
PDF
