A framework for cyber security risk modeling and mitigation in smart grid communication and control systems.
Loading...
Date
2023
Authors
Phiri, Lukumba
Journal Title
Journal ISSN
Volume Title
Publisher
The University of Zambia
Abstract
The objective of this research was to present a risk analysis methodology for
enhancing cyber security and defending the crucial parts of Zambia's electric
power grid. By building on the basic concerns of risk assessment and
management and using a Design Science Research Methodology (DSRM) as
a research methodology, this framework tried to advance the current risk
analysis debates on the electric power system. By conducting a review of the
literature and providing a stochastic risk-based framework, this thesis stresses
the need for a coordinated cybersecurity effort toward developing strategies
and actions conducive to defending the nation against attacks on the electric
power infrastructure.
We used PIPE (Platform-Independent Petri Net Editor) and Great Stochastic
Petri Nets (GSPN) to model and analyze the GSPN attack model of the
SCADA network. Additionally, it enables the user to animate the model
through direct user manipulations or the arbitrary firing of transitions. These
instruments' analysis environments include a variety of modules, including
steady-state, steady-space, and GSPN analyses. Fifty simulations of the
designed GSPN model of the DoS attack were performed using various starting
random firings of 100, 300, 500, 700, 1000, and 1200. The transition triggering
rates of the Defense Scenario’s firewall, password, and combined SPN models,
respectively. The results show that the net probability of being attacked with
only a password as an intrusion protection mechanism was 95.59 percent,
compared to 95.11 percent for the firewall model, and 78.902 percent for the
combined model. This indication demonstrates that given a firewall and a
password as a combined intrusion protection mechanism, the probability of
being hit by a cyber-attack is relatively high.
To enable proactive cybersecurity and threat intelligence sharing for the
digitalized power infrastructure, it can be said that there is a need for a general
cybersecurity framework. In contrast to previous efforts on AGC cyber physical security, we model AGC false data injection attacks (FDIA) and
explore the potential vulnerabilities that could result from ignoring them. First,
we showed that the AGC's behavior and, consequently, the control decision,
differ if the FDIA is taken into consideration. We demonstrated that the linear
AGC models that do not account for FDIA do not offer adequate protection
against cyber-physical attacks that work in the nonlinear region of the system.
Second, we suggested and put into practice a two-stage strategy based on
LSTM to identify and reduce the compromised signals to handle these threats.
Its better performance in attack detection with good statistical metrics is
confirmed by the examination of the detection model. The mitigation model
can also improve the system's behavior and dramatically lower the RMSE of
the attacked signals. The results obtained were later compared with findings
from other studies such as PRIME (PNNL cybeR physIcal systeMs tEstbed),
and edge-based multi-level anomaly detection framework for SCADA
networks named EDMAND
Description
Thesis
Keywords
Cyber security. , Cyberspace--Security measures. , Smart grid communication. , Cyber Security -- Risks and mitigation.