Cyber Security of Power System Model Dataset: Threats, Impacts, and Defenses

电力系统模型数据集的网络安全：威胁、影响和防御

• 批准号: 2348991
• 负责人: Yuzhang Lin
• 金额: $ 28.71万
• 依托单位: New York University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2023
• 资助国家: 美国
• 起止时间: 2023-10-01 至 2024-05-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2348991&HistoricalAwards=false
• 关键词: Cyber; Security; Power; System; Model

Electric power systems are the Nation’s critical infrastructures that are indispensable for basic functioning the modern society. In the information era, the operation of power systems is increasingly dependent on cyber technologies such as sensing, communication, computing, and data storage. Consequently, cyber security has become a major concern, which if not properly taken care of, may seriously affect the reliability of power delivery. The power network model dataset, which mathematically describes the electrical characteristics of power systems, serves as the basis for many applications in system operations, such as security assessment, electricity markets, and various control and protection functions. Hence, maintaining accuracy and authenticity of power system model dataset is of ultimate importance. Recently, there have been extensive discussions on the security of other operational datasets such as measurement datasets, but few efforts have been dedicated to studying the security of network model datasets. As have been clearly revealed by cyber-attack events that already happened in other countries, knowledgeable cyber attackers are capable of intruding into the computer networks of control centers and acquire privileges of internal personnel, which can pose great risks on power system model datasets. This project aims to initiate investigation on potential threats against information security of power system model datasets, their possible impacts on electricity market operations, as well as effective defense measures. The proposed framework will help understand the vulnerabilities that may be exploited by cyber adversaries, as well as the economic consequences once electricity markets are manipulated via model data falsification. By developing effective measures against potential threats, the project is expected to provide knowledge on strengthening the cyber-secure operation of power systems, thus benefiting national defense as well as public welfare. The project will also benefit undergraduate and graduate education by introducing cyber-physical perspectives into power system courses.This project aims to develop a comprehensive framework for analyses of the threats, impacts, and defenses regarding the model dataset security issues. We compare the accessibility, modifiability, and attack motivations of model datasets and measurement datasets, and show that the practicality of cyber-attacks against model datasets cannot be overlooked. The proposed work encompasses three closely-related research tasks. In Task 1, various patterns of stealthy attacks against network model datasets will be identified and modeled. The possibility of launching coordinated attacks against measurement and model datasets will also be studied. Task 2 will establish the framework for studying the impacts of model data falsifications on the operation of electricity markets. For quantification of the impacts, a bilevel optimization problem will be formulated, and efficient solution algorithms will be provided. Task 3 will create a systematic security assessment method for identification of all high-impact patterns of model dataset attacks, and develop two measurement-based measures for mitigating the security vulnerabilities in the system planning stage and operation stage, respectively. A proper validation plan will be carried out for validating both the proposed concepts of model data cyber security, and the proposed methods to analyze, quantify, and mitigate the security vulnerabilities. For the first time, the proposed research will formally establish the conceptual linkage between the information security of model dataset and operational security of power networks, and develop systematic methodologies for assessing the security risks and design mitigation measures. The proposed work will bring the community’s attention to the information security of power system model datasets, and initiate the advancement of knowledge along this line.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

电力系统是国家的关键基础设施，是现代社会基本运转所不可缺少的。在信息时代，电力系统的运行越来越依赖于传感、通信、计算和数据存储等网络技术。因此，网络安全已成为一个重大问题，如果处理不当，可能会严重影响供电的可靠性。电力网络模型数据集以数学方式描述电力系统的电气特性，是系统运行中许多应用的基础，例如安全评估、电力市场以及各种控制和保护功能。因此，保持电力系统模型数据的准确性和真实性至关重要。近年来，人们对测量数据集等其他操作数据集的安全性进行了广泛的讨论，但对网络模型数据集安全性的研究却很少。国外已经发生的网络攻击事件已经清楚地表明，知识渊博的网络攻击者能够侵入控制中心的计算机网络并获取内部人员的特权，从而对电力系统模型数据集造成巨大的风险。本项目旨在调查电力系统模型数据集对信息安全的潜在威胁，对电力市场运行可能产生的影响，以及有效的防御措施。拟议的框架将有助于了解网络对手可能利用的漏洞，以及一旦通过模型数据伪造操纵电力市场所造成的经济后果。通过制定针对潜在威胁的有效措施，该项目有望提供加强电力系统网络安全运行的知识，从而有利于国防和公共福利。该项目还将通过将网络物理观点引入电力系统课程，使本科和研究生教育受益。该项目旨在开发一个全面的框架，用于分析有关模型数据集安全问题的威胁、影响和防御。我们比较了模型数据集和测量数据集的可访问性、可修改性和攻击动机，并表明针对模型数据集的网络攻击的实用性不容忽视。拟议的工作包括三个密切相关的研究任务。在任务1中，将识别和建模针对网络模型数据集的各种隐蔽攻击模式。还将研究针对测量和模型数据集发动协同攻击的可能性。任务2将建立研究模型数据造假对电力市场运行影响的框架。为了量化影响，将制定一个双层优化问题，并提供有效的求解算法。任务3将创建一个系统的安全评估方法，用于识别模型数据集攻击的所有高影响模式，并制定两个基于度量的措施，分别在系统规划阶段和操作阶段减轻安全漏洞。将执行适当的验证计划，以验证所提出的模型数据网络安全概念，以及所提出的分析、量化和减轻安全漏洞的方法。该研究将首次正式建立模型数据集信息安全与电网运行安全之间的概念联系，并制定系统的方法来评估安全风险和设计缓解措施。所提出的工作将引起社会对电力系统模型数据集信息安全的关注，并启动这方面的知识进步。该奖项反映了美国国家科学基金会的法定使命，并通过使用基金会的知识价值和更广泛的影响审查标准进行评估，被认为值得支持。