modeling, analysis and countermeasures for attack propagation in wide area measurement systems
abstract
power grids are critical cyber-physical systems that employ advanced information and
communication technologies (icts), such as wide area measurement systems (wamss),
to deliver the energy to end users reliably and efficiently. wamss are used to collect
real-time data from phasor measurement units (pmus) to improve the operator’s situational awareness, as well as to enhance real-time monitoring and control of power systems. the wams, however, is vulnerable to cyber-attacks due to the susceptibility of
its components—such as pmus and phasor data concentrators (pdcs)—and the lack
of embedded security mechanisms in its communication protocols. some more-destructive
cyber-attacks, such as malware injection, can propagate themselves into the components of
a wams through the communication network. thus, in such attacks, an attacker can compromise a larger number of components, resulting in more-severe consequences. therefore,
investigating the propagation of cyber-attacks in wamss and devising effective counter-measures for this problem are of paramount importance. on this basis, this thesis initially
develops a model to analyze cyber-attack propagation in wams. then, the impacts of the
attacker’s capability and the network operator’s defensive ability on attack propagation
are investigated in detail. such a study can elucidate the required security measures and
defensive strategies to prevent the spread of cyber-attacks in wamss. finally, a learning-based framework (lbf) is developed to estimate the attacker’s capability. [...]