Matching Items (4)
Filtering by
- All Subjects: Electric power systems--Security measures.
- Creators: Kosut, Oliver
- Creators: Hirte, Amanda
- Creators: Salloum, Ahmed
- Resource Type: Text
Description
The electric power system is one of the largest, most complicated, and most important cyber-physical systems in the world. The link between the cyber and physical level is the Supervisory Control and Data Acquisition (SCADA) systems and Energy Management Systems (EMS). Their functions include monitoring the real-time system operation through state estimation (SE), controlling the system to operate reliably, and optimizing the system operation efficiency. The SCADA acquires the noisy measurements, such as voltage angle and magnitude, line power flows, and line current magnitude, from the remote terminal units (RTUs). These raw data are firstly sent to the SE, which filters all the noisy data and derives the best estimate of the system state. Then the estimated states are used for other EMS functions, such as contingency analysis, optimal power flow, etc.
In the existing state estimation process, there is no defense mechanism for any malicious attacks. Once the communication channel between the SCADA and RTUs is hijacked by the attacker, the attacker can perform a man-in-middle attack and send data of its choice. The only step that can possibly detect the attack during the state estimation process is the bad data detector. Unfortunately, even the bad data detector is unable to detect a certain type of attack, known as the false data injection (FDI) attacks.
Diagnosing the physical consequences of such attacks, therefore, is very important to understand system stability. In this thesis, theoretical general attack models for AC and DC attacks are given and an optimization problem for the worst-case overload attack is formulated. Furthermore, physical consequences of FDI attacks, based on both DC and AC model, are addressed. Various scenarios with different attack targets and system configurations are simulated. The details of the research, results obtained and conclusions drawn are presented in this document.
In the existing state estimation process, there is no defense mechanism for any malicious attacks. Once the communication channel between the SCADA and RTUs is hijacked by the attacker, the attacker can perform a man-in-middle attack and send data of its choice. The only step that can possibly detect the attack during the state estimation process is the bad data detector. Unfortunately, even the bad data detector is unable to detect a certain type of attack, known as the false data injection (FDI) attacks.
Diagnosing the physical consequences of such attacks, therefore, is very important to understand system stability. In this thesis, theoretical general attack models for AC and DC attacks are given and an optimization problem for the worst-case overload attack is formulated. Furthermore, physical consequences of FDI attacks, based on both DC and AC model, are addressed. Various scenarios with different attack targets and system configurations are simulated. The details of the research, results obtained and conclusions drawn are presented in this document.
ContributorsLiang, Jingwen (Author) / Sankar, Lalitha (Thesis advisor) / Kosut, Oliver (Thesis advisor) / Hedman, Kory (Committee member) / Arizona State University (Publisher)
Created2015
Description
The large distributed electric power system is a hierarchical network involving the
transportation of power from the sources of power generation via an intermediate
densely connected transmission network to a large distribution network of end-users
at the lowest level of the hierarchy. At each level of the hierarchy (generation/ trans-
mission/ distribution), the system is managed and monitored with a combination of
(a) supervisory control and data acquisition (SCADA); and (b) energy management
systems (EMSs) that process the collected data and make control and actuation de-
cisions using the collected data. However, at all levels of the hierarchy, both SCADA
and EMSs are vulnerable to cyber attacks. Furthermore, given the criticality of the
electric power infrastructure, cyber attacks can have severe economic and social con-
sequences.
This thesis focuses on cyber attacks on SCADA and EMS at the transmission
level of the electric power system. The goal is to study the consequences of three
classes of cyber attacks that can change topology data. These classes include: (i)
unobservable state-preserving cyber attacks that only change the topology data; (ii)
unobservable state-and-topology cyber-physical attacks that change both states and
topology data to enable a coordinated physical and cyber attack; and (iii) topology-
targeted man-in-the-middle (MitM) communication attacks that alter topology data
shared during inter-EMS communication. Specically, attack class (i) and (ii) focus on
the unobservable attacks on single regional EMS while class (iii) focuses on the MitM
attacks on communication links between regional EMSs. For each class of attacks,
the theoretical attack model and the implementation of attacks are provided, and the
worst-case attack and its consequences are exhaustively studied. In particularly, for
class (ii), a two-stage optimization problem is introduced to study worst-case attacks
that can cause a physical line over
ow that is unobservable in the cyber layer. The long-term implication and the system anomalies are demonstrated via simulation.
For attack classes (i) and (ii), both mathematical and experimental analyses sug-
gest that these unobservable attacks can be limited or even detected with resiliency
mechanisms including load monitoring, anomalous re-dispatches checking, and his-
torical data comparison. For attack class (iii), countermeasures including anomalous
tie-line interchange verication, anomalous re-dispatch alarms, and external contin-
gency lists sharing are needed to thwart such attacks.
transportation of power from the sources of power generation via an intermediate
densely connected transmission network to a large distribution network of end-users
at the lowest level of the hierarchy. At each level of the hierarchy (generation/ trans-
mission/ distribution), the system is managed and monitored with a combination of
(a) supervisory control and data acquisition (SCADA); and (b) energy management
systems (EMSs) that process the collected data and make control and actuation de-
cisions using the collected data. However, at all levels of the hierarchy, both SCADA
and EMSs are vulnerable to cyber attacks. Furthermore, given the criticality of the
electric power infrastructure, cyber attacks can have severe economic and social con-
sequences.
This thesis focuses on cyber attacks on SCADA and EMS at the transmission
level of the electric power system. The goal is to study the consequences of three
classes of cyber attacks that can change topology data. These classes include: (i)
unobservable state-preserving cyber attacks that only change the topology data; (ii)
unobservable state-and-topology cyber-physical attacks that change both states and
topology data to enable a coordinated physical and cyber attack; and (iii) topology-
targeted man-in-the-middle (MitM) communication attacks that alter topology data
shared during inter-EMS communication. Specically, attack class (i) and (ii) focus on
the unobservable attacks on single regional EMS while class (iii) focuses on the MitM
attacks on communication links between regional EMSs. For each class of attacks,
the theoretical attack model and the implementation of attacks are provided, and the
worst-case attack and its consequences are exhaustively studied. In particularly, for
class (ii), a two-stage optimization problem is introduced to study worst-case attacks
that can cause a physical line over
ow that is unobservable in the cyber layer. The long-term implication and the system anomalies are demonstrated via simulation.
For attack classes (i) and (ii), both mathematical and experimental analyses sug-
gest that these unobservable attacks can be limited or even detected with resiliency
mechanisms including load monitoring, anomalous re-dispatches checking, and his-
torical data comparison. For attack class (iii), countermeasures including anomalous
tie-line interchange verication, anomalous re-dispatch alarms, and external contin-
gency lists sharing are needed to thwart such attacks.
ContributorsZhang, Jiazi (Author) / Sankar, Lalitha (Thesis advisor) / Hedman, Kory (Committee member) / Kosut, Oliver (Committee member) / Arizona State University (Publisher)
Created2015
Description
Lossy compression is a form of compression that slightly degrades a signal in ways that are ideally not detectable to the human ear. This is opposite to lossless compression, in which the sample is not degraded at all. While lossless compression may seem like the best option, lossy compression, which is used in most audio and video, reduces transmission time and results in much smaller file sizes. However, this compression can affect quality if it goes too far. The more compression there is on a waveform, the more degradation there is, and once a file is lossy compressed, this process is not reversible. This project will observe the degradation of an audio signal after the application of Singular Value Decomposition compression, a lossy compression that eliminates singular values from a signal’s matrix.
ContributorsHirte, Amanda (Author) / Kosut, Oliver (Thesis director) / Bliss, Daniel (Committee member) / Electrical Engineering Program (Contributor, Contributor) / Barrett, The Honors College (Contributor)
Created2021-05
Description
Constraint relaxation by definition means that certain security, operational, or financial constraints are allowed to be violated in the energy market model for a predetermined penalty price. System operators utilize this mechanism in an effort to impose a price-cap on shadow prices throughout the market. In addition, constraint relaxations can serve as corrective approximations that help in reducing the occurrence of infeasible or extreme solutions in the day-ahead markets. This work aims to capture the impact constraint relaxations have on system operational security. Moreover, this analysis also provides a better understanding of the correlation between DC market models and AC real-time systems and analyzes how relaxations in market models propagate to real-time systems. This information can be used not only to assess the criticality of constraint relaxations, but also as a basis for determining penalty prices more accurately.
Constraint relaxations practice was replicated in this work using a test case and a real-life large-scale system, while capturing both energy market aspects and AC real-time system performance. System performance investigation included static and dynamic security analysis for base-case and post-contingency operating conditions. PJM peak hour loads were dynamically modeled in order to capture delayed voltage recovery and sustained depressed voltage profiles as a result of reactive power deficiency caused by constraint relaxations. Moreover, impacts of constraint relaxations on operational system security were investigated when risk based penalty prices are used. Transmission lines in the PJM system were categorized according to their risk index and each category was as-signed a different penalty price accordingly in order to avoid real-time overloads on high risk lines.
This work also extends the investigation of constraint relaxations to post-contingency relaxations, where emergency limits are allowed to be relaxed in energy market models. Various scenarios were investigated to capture and compare between the impacts of base-case and post-contingency relaxations on real-time system performance, including the presence of both relaxations simultaneously. The effect of penalty prices on the number and magnitude of relaxations was investigated as well.
Constraint relaxations practice was replicated in this work using a test case and a real-life large-scale system, while capturing both energy market aspects and AC real-time system performance. System performance investigation included static and dynamic security analysis for base-case and post-contingency operating conditions. PJM peak hour loads were dynamically modeled in order to capture delayed voltage recovery and sustained depressed voltage profiles as a result of reactive power deficiency caused by constraint relaxations. Moreover, impacts of constraint relaxations on operational system security were investigated when risk based penalty prices are used. Transmission lines in the PJM system were categorized according to their risk index and each category was as-signed a different penalty price accordingly in order to avoid real-time overloads on high risk lines.
This work also extends the investigation of constraint relaxations to post-contingency relaxations, where emergency limits are allowed to be relaxed in energy market models. Various scenarios were investigated to capture and compare between the impacts of base-case and post-contingency relaxations on real-time system performance, including the presence of both relaxations simultaneously. The effect of penalty prices on the number and magnitude of relaxations was investigated as well.
ContributorsSalloum, Ahmed (Author) / Vittal, Vijay (Thesis advisor) / Hedman, Kory (Thesis advisor) / Heydt, Gerald (Committee member) / Ayyanar, Raja (Committee member) / Arizona State University (Publisher)
Created2016