Joint Cyber and Physical Attacks on Power Grids: Graph Theoretical Approaches for Information Recovery

Similar documents
Hearing on Oversight of Federal Efforts to Address Electromagnetic Risks. May 17, 2016

Electromagnetic Pulse: Effects on the U.S. Power Grid

146 FERC 61,166 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION

Background: State Estimation

AIR FORCE INSTITUTE OF TECHNOLOGY

Electric Energy Systems

U.S. DEPARTMENT OF ENERGY ENERGY SECTOR CYBERSECURITY OVERVIEW. November 12, 2012 NASEO

Panel Session: Lessons Learned in Smart Grid Cybersecurity

Social Media Mining. Graph Essentials

Cyber-Security Analysis of State Estimators in Power Systems

Individual security and network design

Single machine models: Maximum Lateness -12- Approximation ratio for EDD for problem 1 r j,d j < 0 L max. structure of a schedule Q...

! Solve problem to optimality. ! Solve problem in poly-time. ! Solve arbitrary instances of the problem. #-approximation algorithm.

STATEMENT OF PATRICIA HOFFMAN ACTING ASSISTANT SECRETARY FOR ELECTRICITY DELIVERY AND ENERGY RELIABILITY U.S. DEPARTMENT OF ENERGY BEFORE THE

(67902) Topics in Theory and Complexity Nov 2, Lecture 7

Synchronized real time data: a new foundation for the Electric Power Grid.

Allen Goldstein NIST Synchrometrology Lab Gaithersburg, MD

Asset Management Challenges and Options, Including the Implications and Importance of Aging Infrastructure

MATHEMATICAL ENGINEERING TECHNICAL REPORTS. Cyber Security Analysis of Power Networks by Hypergraph Cut Algorithms

Distributed Estimation via Iterative Projections with Application to Power Network Monitoring

Lecture 15 An Arithmetic Circuit Lowerbound and Flows in Graphs

MATH 304 Linear Algebra Lecture 18: Rank and nullity of a matrix.

Threat and Hazard Identification and Risk Assessment

Statement of. before the. Committee on Homeland Security Subcommittee on Oversight and Management Efficiency U.S. House of Representatives

September 4, appearing before you today. I am here to testify about issues and challenges in providing for

Permutation Betting Markets: Singleton Betting with Extra Information

Understanding SCADA System Security Vulnerabilities

Scheduling Shop Scheduling. Tim Nieberg

Seismic vulnerability assessment of power transmission networks using complex-systems based methodologies

Addressing Dynamic Threats to the Electric Power Grid Through Resilience

REQUIREMENTS FOR A REAL-TIME RISK MONITORING TOOL TO REDUCE TRANSMISSION GRID NUCLEAR PLANT VULNERABILITIES

S. ll. To amend the Homeland Security Act of 2002 to secure critical infrastructure against electromagnetic threats, and for other purposes.

The Complexity of DC-Switching Problems

ONLINE VERTEX COLORINGS OF RANDOM GRAPHS WITHOUT MONOCHROMATIC SUBGRAPHS

THE PROBLEM WORMS (1) WORMS (2) THE PROBLEM OF WORM PROPAGATION/PREVENTION THE MINIMUM VERTEX COVER PROBLEM

Global secure sets of trees and grid-like graphs. Yiu Yu Ho

EIS. International Infrastructure Security Roadmap ELECTRIC INFRASTRUCTURE SECURITY SUMMIT

What Risk Managers need to know about ICS Cyber Security

A Direct Numerical Method for Observability Analysis

On Integer Additive Set-Indexers of Graphs

Techniques for Supporting Prediction of Security Breaches in. Critical Cloud Infrastructures Using Bayesian Network and. Markov Decision Process

Applied Algorithm Design Lecture 5

Smart Grid Cyber Security. University of Sydney

INSIDE. Information Security Challenges in the Electric Power Industry

PHASOR MEASUREMENT UNIT (PMU) AKANKSHA PACHPINDE

Impact of Remote Control Failure on Power System Restoration Time

Linearly Independent Sets and Linearly Dependent Sets

A Negative Result Concerning Explicit Matrices With The Restricted Isometry Property

Detecting Critical Nodes in Interdependent Power Networks for Vulnerability Assessment

AURORA Vulnerability Background

Algorithm Design and Analysis

The VIKING Project: An Initiative on Resilient Control of Power Networks

Computer Science Department. Technion - IIT, Haifa, Israel. Itai and Rodeh [IR] have proved that for any 2-connected graph G and any vertex s G there

Modeling and Performance Evaluation of Computer Systems Security Operation 1

6. Cholesky factorization

IT Infrastructure Services. White Paper. Cyber Risk Mitigation for Smart Cities

α = u v. In other words, Orthogonal Projection

Assessing Internet Resilience at a Key Node. Michael Thompson Cyber Security Analyst Argonne National Laboratory thompsonm@anl.gov

Minimum Bisection is NP-hard on Unit Disk Graphs

Optimization Models for Advanced Cyber-security in the Smart Grid. Seyedamirabbas Mousavian

Discrete Mathematics & Mathematical Reasoning Chapter 10: Graphs

Network Algorithms for Homeland Security

Resilient Distribution Networks Secure control under DER/PV disruptions

INFORMATION from a single node (entity) can reach other

Efficient Recovery of Secrets

On the Multiple Unicast Network Coding Conjecture

Weakly Secure Network Coding

How To Protect Yourself From Cyber Security Challenges In The Electric Utility Industry

5.1 Bipartite Matching

Critical Asset Security Enhancementation - A Review

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions. Electric Grid Operations

A Cyber Security Study of a SCADA Energy Management System: Stealthy Deception Attacks on the State Estimator

INFORMATION TECHNOLOGY PROGRAM DESCRIPTIONS OPERATIONAL INVESTMENTS

Update On Smart Grid Cyber Security

How To Manage Risk On A Scada System

Cyber Security and Privacy - Program 183

Monitor Placement for Maximal Identifiability in Network Tomography

Graph Classification and Easy Reliability Polynomials

San Diego Gas & Electric Company FERC Order 717 Transmission Function Employee Job Descriptions August 10, Electric Grid Operations

Oil and Gas Industry A Comprehensive Security Risk Management Approach.

Perron vector Optimization applied to search engines

The Importance of Information Technology (IT) for Transportation Security

SCOPE. September 25, 2014, 0930 EDT

Beyond the Stars: Revisiting Virtual Cluster Embeddings

! Solve problem to optimality. ! Solve problem in poly-time. ! Solve arbitrary instances of the problem. !-approximation algorithm.

v w is orthogonal to both v and w. the three vectors v, w and v w form a right-handed set of vectors.

Chapter Load Balancing. Approximation Algorithms. Load Balancing. Load Balancing on 2 Machines. Load Balancing: Greedy Scheduling

ICS Cyber Security Briefing

Approximated Distributed Minimum Vertex Cover Algorithms for Bounded Degree Graphs

Infrastructure Interdependencies

Methods for Assessing Vulnerability of Critical Infrastructure

SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios

State Agency Cyber Security Survey v October State Agency Cybersecurity Survey v 3.4

Approximation Algorithms

PROJECT BOEING SGS. Interim Technology Performance Report 3. Company Name: The Boeing Company. Contract ID: DE-OE

Optimal Resource Allocation for Disaster Recovery

Optimal Index Codes for a Class of Multicast Networks with Receiver Side Information

CRITICAL INFRASTRUCTURE PROTECTION BUILDING ORGANIZATIONAL RESILIENCE

Steiner Tree Approximation via IRR. Randomized Rounding

Deception Attacks on the State Estimator

Transcription:

Joint Cyber and Physical Attacks on Power Grids: Graph Theoretical Approaches for Information Recovery Saleh Soltan 1, Mihalis Yannakakis 2, Gil Zussman 1 1 Electrical Engineering, 2 Computer Science Columbia University, New York, NY

Failures in Power Grids Power grids rely on physical infrastructure Vulnerable to physical attacks/failures Failures may cascade Blackouts (US 03, India 12, Turkey 15) An attack/failure will have a significant effect on many interdependent systems (communications, transportation, gas, water, etc.)

Physical Attacks/Disasters EMP (Electromagnetic Pulse) attack Solar Flares - Federal Energy Regulatory Commission (FERC) has recently issued a rule for transmission grid operators to develop a plan to deal with the Geomagnetic disturbances Source: Report of the Commission to Assess the threat to the United States from Electromagnetic Pulse (EMP) Attack, 2008 Other natural disasters Physical attacks FERC, DOE, and DHS, Detailed Technical Report on EMP and Severe Solar Flare Threats to the U.S. Power Grid, 2010

Power Grid Attack in San Jose A sniper attack in April 2014 that knocked out an electrical substation near San Jose, Calif., has raised fears that the country's power grid is vulnerable to terrorism. The Wall Street Journal

Cyber Attacks on Control Network Federal and industry officials told Congress recently, The U.S. electrical power grid is vulnerable to cyber and physical attacks that could cause devastating disruptions throughout the country. The Washington Times 4/16/2014

Joint cyber and physical attacks Physical Attack Target Cyber Attack Target Commands Data Power Grid Physical Infrastructure Supervisory Control and Data Acquisition (SCADA) system

Power Flow Equations - DC Approximation A power flow is a solution (f, θ) of: v N u f uv = p u, u V θ u : Phase Angle x uv : Reactance θ u θ v x uv = f uv, u, v E Matrix form: A θ = p A is the admittance matrix of the grid defined as: 0, u v and u, v E 1, u v and u, v E a uv = x uv w N u a vw, u = v v u θ u, p u Load (p u < 0) Generator (p u > 0)

Control Network Physical Attack Target Cyber Attack Target Zone 1 PMU PMU PMU PMU PDC Commands PMU Comm. Net. Communication Network Control Center Zone K-1 PMUs PDC Data Zone K PMUs PDC Power Grid Physical Infrastructure Supervisory Control and Data Acquisition (SCADA) system PMU: Phasor Measurement Unit PDC: Phasor Data Concentrators

Attack Model An adversary attacks a zone by Disconnecting some edges within the attacked zone (physical attack) Disallowing the information from the PMUs within the zone to reach the control center (cyber attack) Use the information available outside of the attacked zone and the information before attack Recover the phase angles Detect the disconnected lines G H Objectives: Identify conditions on zones for which this can be done External Conditions Attacked Zone Internal Conditions Develop algorithms to partition the network into attack resilient zones PDC PDC PDC PDC

Notation H : an induced subgraph of G that represents the attacked zone H = G\H A = A H H A H H A H H A H H G H θ = θ H θ H F : Set of failed edges Attacked Zone : The value of after an attack PDC PDC PDC PDC Our Problem: A, θ, θ H, A H H, A H H θ H, A H H

Related Work Vulnerability of networks to attacks was thoroughly studied Percolation Theory and epidemics (Barabasi, Kleinberg, Havlin, etc.) Cascading failures in power grid Probabilistic Models (Albert, Buldryev, Stanly, Havlin, etc.) DC power flows (Dobson, Hines, Bienstock, Pinar, etc.) Malicious data attacks on the power grid control network False data injection (Sandberg, L. Tong, etc.) Modifying the topology estimate of the grid (L. Tong et. al. 2013) Line outage detection from the phase angle measurements Single or double line failures (Tate, Overbye 2009) Heuristic line failure identification in an internal system using the information from an external system (Giannakis et.al. 2012) PMU Location Selection for Line Outage Detection (A. Goldsmith et. al. 2012)

Outline of our approach Method for Recovery of phase angles (External Conditions) θ Method for Failed edges detection (Internal Conditions) Method for Simultaneous phase angles recovery and failed edges detection Less constraints on the graph structure More constraints on F

Recovery of Phase Angles Theorem. θ H can be recovered after any attack on H, if A H H has linearly independent columns. Corollary. θ H can be recovered almost surely if there is a matching between the nodes inside and outside of H that covers V H. Zone H Idea of the proof. A θ = p A θ = p supp A θ θ A H Hθ H =A H Gθ A H Hθ H V H A H G θ θ = 0

Outline of our approach Method for Recovery of phase angles (External Conditions) θ Method for Failed edges detection (Internal Conditions)

Incidence Matrix Assign an arbitrary orientation to the edges of G Denote the set of oriented edges by Ε = {ε 1,, ε m } With this orientation, the (node-edge) incidence matrix of G is denoted by D R n m and defined as follows, d ij = 1, if ε j is coming out of node i 1, if ε j is going into node i 0, if ε j is not incident to node i D = 1 0 1 0 1 1 2 1 3

Detecting Failed Edges Lemma. There exists a vector x R E H such that D H x = A H G θ θ and supp x gives indices of the failed edges. Lemma. The solution x is unique, if and only if H is acyclic. Zone H Failed edges can be detected, if H is acyclic The topology can be less restrictive, if we restrict the attack (sparse) min x 1 s. t. D H x = A H G ( θ θ ) ( ) Lemma. If H is a cycle and less than half of the edges are failed, then the solution x to ( ) is unique and supp x gives indices of the failed edges.

Detecting Failed Edges Theorem. In a planar graph H, the solution x to min x 1 s. t. D H x = A H G ( θ θ ) is unique and supp x gives indices of the failed edges, if the following conditions hold: (i) for any cycle C in H, C F < C /2, (ii) F can be covered by edge-disjoint cycles in H. O 3 Idea of the proof. Faces of the H form a basis for the null-space of D H

Outline of our approach Method for Recovery of phase angles (External Conditions) θ Method for Failed edges detection (Internal Conditions) Method for Simultaneous phase angles recovery and failed edges detection

Simultaneous Phase Angles Recovery and Failed Edges Detection Lemma. There exist vectors x R EH and θ H R VH such that D H x = A H G ( θ θ ) A H G θ θ = 0 Failed edges detection Phase Angle Recovery and supp( x) gives the indices of the failed edges and θ H is the vector of the phase angles of the nodes in H. Solution to the set of equations above is unique if and only if H is acyclic and A H H has linearly independent columns Use similar idea to relax the conditions min x 1 s. t. D H x = A H G ( θ θ ) A H G θ θ = 0 ( )

Simultaneous Phase Angles Recovery and Failed Edges Detection H-inner-connected nodes V H in H-outer-connected nodes V H out Lemma. If v is H-outer-connected, then θ v can be computed uniquely. H Lemma. If H is acyclic, H-inner-connected nodes form an independent set, and v V H in, v F < (v) /2, the solution x, θ to ( ) is unique. H-inner-connected H-outer-connected min x 1 s. t. D H x = A H G ( θ θ ) A H G θ θ = 0 ( ) H (v) : the set of edges connected to node v

Simultaneous Phase Angles Recovery and Failed Edges Detection Theorem. In a planar graph H, the solution x, δ H to ( ) is unique with supp x = {i e i F} and δ H = θ H θ H, if the following conditions hold: (i) v V H in, v F < v \F, (ii) for any cycle C in H, C F < C\F, (iii) F is H -separable, (iv) in A H H, columns associated with nodes that are not H-inner/outer-connected are linearly independent, (v) no cycle in H contains an H-inner connected node, (vi) H-inner-connected nodes form an independent set. H-inner -connected

Summary of Results Divide the graph into attack resilient zones

Minimum Matched-forest Partition Definition. A matched-forest partition of a graph G The subgraph induced by nodes in any partition is acyclic For each partition there is matching between the nodes inside and outside of the partition that covers inside nodes G H 1 H 2 H 3 H 4 Lemma. For all ε > 0, it is NP-hard to approximate the minimum matched-forest partition of a graph G to within n 1 ε.

Zone Selection Algorithm Zone Selection (ZS) Algorithm is a polynomial time algorithm to find a matched-forest partition of a graph Find the optimal matching cover of G in O(n 3 ) Divide the graphs induced on each matched part into acyclic graphs Remark. A planar graph G can be partitioned into at most 3 acyclic subgraphs Lemma. If G is planar, the ZS Algorithm provides a 6-approximation of the minimum matched-forest partition of G.

Colorado State Grid Partitioning of the Colorado state grid into 6 attack-resilient zones

Western Interconnection Partitioning of the U.S. Western Interconnection into 9 attackresilient zones Any subgraph of an attack-resilient zone is also attack-resilient The partitions obtained by the ZS Algorithm can be further divided into smaller zones based on geographical constraints

Conclusion Provided a new model for joint cyber and physical attacks on power grids Developed methods to recover information Developed an approximation algorithm for the partitioning the grid into attack-resilient zones This is one of the first steps towards understanding the vulnerabilities of power grids to joint cyber and physical attacks and developing methods to mitigate their effects

Thank You! saleh@ee.columbia.edu http://wimnet.ee.columbia.edu

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information