Diversified Software Deployment for Long-Term Risk Mitigation in Cyber-Physical Power Systems

Abstract

Since modern cyber-physical power systems are vulnerable to coordinated wide-area cyber attacks, it is necessary to mitigate the potential risk as much as possible. At the planning stage, the defender can utilize software diversity, which is a common phenomenon that the cyber software of different substations comes from different competing vendors. Therefore, different kinds of software may not be exposed to the same zero-day security loophole, preventing the attacker from taking charge of multiple substations at the same time. In this paper, the optimal scheme of software deployment considering long-term risk mitigation is studied. Firstly, the framework of diversity-based cyber defense against malicious attacks is formulated. Secondly, the risk index based on representative attack patterns is constructed, which is the objective to be minimized. Thirdly, considering that the deployment scheme is long-term stable while the operating mode varies with time, we construct a multiobjective nonlinear stochastic programming to mitigate the average risk of operating modes. Then the optimization problem is solved by the multiobjective genetic algorithm. Lastly, results of the IEEE 39-node CPPS and and the Virtual European Grid demonstrate that the proposed method can considerably reduce the attack risk.