Impact Evaluation of Malicious Control Commands in Cyber-Physical Smart Grids

Abstract

The Smart Grid is vulnerable to cyber-attacks due to its integration with a variety of information, communication, and control technologies. If undetected by deployed security systems, cyber-attacks could damage critical power system infrastructure and disrupt services to a very large number of energy customers. In particular, cyber attackers could hijack the smart grid by injecting malicious commands. To provide insight into these concerns, we propose an approach that develops a new tool for the real-time Cyber-Physical Security Assessment (CPSA) of malicious control commands that target physical smart grid components. The tool is able to detect and protect the system against known Trojans (such as BlackEnergy). It also efficiently and effectively monitors the health of the power system in real-time and detects the presence of malicious commands. The security analysis of our approach includes a look at three system-generated metrics: system susceptibility, access points, and threat capability. The performance analysis includes a look at the system overhead, scalability, accuracy, robustness, and execution and response times. Our proposed approach was tested on a 42-bus power system with 24 substations. The developed tool could be extended and used by power system operators to assess and mitigate the impact of cyber-attacks on the smart grid.