Abstract
We present the intelligent governor for the smart grid system (IGNORE) to limit the success of attacks when a grid’s cyber system has been compromised and leveraged by an adversary to mount attacks on the physical system. IGNORE is based on the concept of the security reference monitor. It is a component that serves to protect a system from attacks that are more severe and frequent than is acceptable by enforcing security policies on the actions of the system’s higher-level functions. It enforces security and safety policies by ignoring commands issued by a system’s higher-level functions if by executing those commands may cause violations of its security and safety constraints. The underlying principle for generating security policies is the requirement and safety property that evaluates whether commands issued by a cyber system are required and safe in/for the physical system. Our key contribution is to present the methodology to design a governor for a grid’s higher-level function, that is, demand response. We define a set of attacks prevented by the governor, a set of rules that define the governor, and demonstrate its effectiveness through empirical results. This work sheds light upon how a higher-level functionality of a smart grid system is protected by analyzing the system’s cyber and physical aspects even when some parts of the cyber system are compromised.
Highlights
A smart grid is a cyber–physical System (CPS) where physical processes, such as power demand and supply, are controlled and monitored from the cyber domain through advanced computation and communication technologies with humans in the loop [1]
We present the intelligent governor for the smart grid system (IGNORE) to prevent attacks from a compromised cyber system that is leveraged by an adversary to mount attacks on the physical system
We presented an intelligent governor system to prevent attacks on a smart grid, even when a cyber system is already compromised, and empirically demonstrated the effectiveness of the approach by designing the governor system for demand response (DR) functionality of the grid
Summary
A smart grid is a cyber–physical System (CPS) where physical processes, such as power demand and supply, are controlled and monitored from the cyber domain through advanced computation and communication technologies with humans in the loop [1]. Ryutov et al [24] presented a server that provides a security mechanism to monitor and control load as per the security policies during normal operations as well as in the presence of load-altering attacks The limitation of this approach is that it does not consider the undesired malicious commands that will not physically put the grid in an unsafe state but increase the operational cost in terms of customer dissatisfaction. It does not discuss the following points: (1) a more general case where power utility (PU) is compromised and sends malicious commands to destabilize the grid; (2) a different combination of attacks to trick system administrator and how to prevent them using policy server; and (3) the factors that need to be considered for the implementation of a policy server We address these gaps in this paper by designing an intelligent system that evaluates whether commands issued by a cyber system, which may or may not be compromised, place the grid in an unsafe state.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
