Power and energy systems are increasingly interwoven by the expanding cyberspace composed of wide-area monitoring, protection, and control (WAMPAC) systems, machine-to-machine (M2M) communication networks, and advanced metering infrastructures (AMI), among others. Digital assets and network services are being created for the interoperation of power facilities, systems and devices, leading to the arising flows of information and the ongoing development of the smart grids.
However, despite its promises in efficiency and availability, the smart grid will be operating in a complex cyber-physical environment, which makes it hard to effectively screen, monitor, and mitigate disastrous events. The interactions and interdependencies among cyber-physical components, both designed and inherent, are dramatically increasing the difficulty of contingency analysis given the quantity, uncertainty, and complexity of components involved. The growing cyberspace is also inevitably exposing critical systems and processes to the risks of cyber threats, which have become a question of when they will occur, rather than if (according to recent incidences like control center attacks in Ukraine). We will review how both issues have posed significant challenges to the smart grid and explore some promising solutions toward a cyber-physically resilient electrical power infrastructure.
II. Cyber-Physical Contingency Analysis
The fast expansion of interacting CPS in the smart grid is a grand challenge for contingency analysis (CA), which has already been limited to N-1 or N-2 cases due to the number of components interconnected in a physical power grid. In the smart grid, however, more critical components will frequently interact across cyber and physical layers; this will require CA to also investigate failures on both layers with an upsurge of related event categories. In the meantime, the lack of well-defined CPS models has also limited our capacity to analyze the interactions and interdependencies, while the number of N-k cases makes it computationally expensive, if not prohibitive, to screen the contingencies amidst thousands to millions of interoperated components.
The recent progress in digital real-time simulators provides a vital aid to tackle this challenge. The latest high-performance simulators have demonstrated advancements in temporal resolution (microsecond precision), spatial scalability (1,000+ buses), system granularity (circuit-level details), and testing flexibility (rich interfaces). High-fidelity testbeds equipped with these simulators can create digital twins of power and energy systems while running electrical, control, communication hardware (or even human operator) in-the-loop, which enables a microscopic view into the CPS interactions and their potential influences on various failure-triggering events. Realistic datasets can also be collected from the testbeds at multiple megabytes per second, which will enable advanced data analytics on statistical, behavioral, and causal aspects of contingencies across both layers.
With the high-fidelity testbeds and databases, innovative data-driven approaches can be further introduced to discover critical events and paths leading toward massive blackouts. Graphs based on abstract interdependencies instead of actual topologies have been proposed to discover critical links among cyber-physical events. Reinforcement learning methods have also been introduced to efficiently and adaptively explore potential paths of cascading outages so that the risks of massive blackouts can be timely assessed and reduced. Smart agents can be further deployed in the testbeds to automatically evaluate both credibility and consequence of N-k contingencies so that resilience metrics, remedial efforts, and long-term upgrades can be determined proactively.
III. Cyber-Physical Adversarial Threats
Another side-effect of the CPS integration is the increased exposure of critical systems to malicious threats. Shodan.io, a search engine of Internet-connected industrial control systems (ICS), identifies over 14,800 (as of Aug. 29, 2018) Modbus-based ICS around the world, most of which are exposed with limited, outdated, or virtually no cybersecurity; the U.S. also reported in early 2018 that cyber-espionage campaigns had targeted intensively its electrical power grids. The cyber-threats may explore and target critical vulnerabilities to deliver severe blows like a massive blackout, while concealing and masking their traces to make them appear as natural events, as in the Stuxnet attack uncovered in 2010. How to discern and defend against cyber-physical attacks have, thus, become essential to the resilience of the smart grid.
To gain the upper hand, it is important to monitor and profile the potential threats. In the past decade, researchers have put together a tremendous effort in this direction and identified considerable zero-day threats targeting automated substations, automatic generation controls, state estimators, smart meters, and locational marginal prices, among others. Although most studies are based on worst-case scenarios and simulations with computational models, they shed light on how exploits can be employed and what knowledge-base has to be collected from both cyber and physical layers for the defense. Penetration testing of malicious threats shall be further established, in addition to contingency analyses of inadvertent faults, so that prominent threats can be flagged as early as possible with their potential and consequences timely estimated.
The detection and restoration efforts will now require coordinated cyber-physical efforts, as neither layer alone is able to provide the full understanding and solution in the CPS environment. Detectors will need to monitor network traffics, packet headers, as well as physical measurements to pinpoint malignant activities from natural events. Restorations shall now request a green light from detectors to proceed, if a cyber-attack is suspected, or the degraded system may further suffer from subsequent exploits by a persistent threat. Given the volume of data collected in real time, distributed and parallel processing will be essential to detection and mitigation systems due to the stringent latency requirements in the smart grid.
The ongoing CPS integration in the smart grid expands the capabilities of power and energy systems across both cyber and physical layers and strengthens their interdependencies in-between. It is crucial to maximize the utility of our intelligent CPS while minimizing their impact on the resilience of the grid, with the new testbeds and tactics that are being developed against both contingencies and adversaries. Enhancing the cyber-physical resilience of the smart grid will be the key to the assurance of electricity, a resource that has become as substantial as air and water to the modern society.
This work was supported in part by the Office of Naval Research under grant N00014-18-1-2396 and the Natural Sciences and Engineering Research Council of Canada (NSERC) under grant RGPIN-2018-06724.
This article was edited by Geev Mokryani
Dr. Jun Yan is an IEEE Member and assistant professor at the Concordia Institute for Information Systems Engineering at Concordia University, Montréal, Canada. His research interests include smart grid resilience, cyber-physical security, and computational intelligence.
Dr. Haibo He is an IEEE Fellow and the Robert Haas Endowed Chair Professor in Electrical Engineering at the University of Rhode Island, Kingston, USA. His research interests include computational intelligence, machine learning, smart grid, cybersecurity, and various applications. He currently serves as the Editor-in-Chief of IEEE Transactions on Neural Networks and Learning Systems.