cyber physical security
play

Cyber Physical Security Analytics for Transactive Energy Systems - PowerPoint PPT Presentation

Cyber Physical Security Analytics for Transactive Energy Systems Adam Hahn, Anurag Srivastava, Yue Zhang, WSU: Vignesh Venkata Gopala Krishnan, Kudrat Kaur, Siemens: Jiaxing Pi, Minh Nguyen, Sindhu Suresh 1 Overview Introduction


  1. Cyber Physical Security Analytics for Transactive Energy Systems Adam Hahn, Anurag Srivastava, Yue Zhang, WSU: Vignesh Venkata Gopala Krishnan, Kudrat Kaur, Siemens: Jiaxing Pi, Minh Nguyen, Sindhu Suresh 1

  2. Overview • Introduction • Transactive Energy and Emerging Challenges • Cyber Threat for TE • TESP-based Simulation Environment • Data Analytics Approaches for Security • Conclusion 2

  3. Introduction • The significant increase distributed energy resources (PV, storage, electric vehicles) • Transition from “consumer” to “prosumers” that buy and sell electricity • Transactive Energy Systems employ economic and control mechanisms to dynamically balance the demand and supply • Depends on a large number of distributed edge-computing and consumer controlled Internet of Things. • IoT systems and the electric grid cyber assets are increasingly vulnerable to attack. • New analytical methods are needed to monitor these system’s operations and detect malicious activity . 3

  4. TE Infrastructure Overview Communication Transmission Prosumer Agent Prices Bids/ LMP Market Demands Agent Bids/Demands Distribution 4

  5. Baseline Model for TE System • A baseline model for Transactive Energy has been utilized to study the effects of cyber threats on TE system. • Incorporates – Transmission Model – Distribution Model with prosumers, distributed energy sources – Communication network – Auction houses • Incorporated using TESP[1], an open source platform developed by PNNL. [1] https://github.com/pnnl/tesp

  6. Possible Events in Cyber part Cyber Events Cyber Analytics using: Log data files Communication Bad Data Denial-of-Service Data Spoofing line failure Data traffic Noise or bad Malicious Data Packet Loss Huge latency sensors Attack IDS data Threat sharing False data Man-in-the- injection middle

  7. Cyber Threats Communication Transmission Prosumer Agent Malicious Signals Prices Bids/ LMP Market Demands Agent Bids/Demands 1) DoS Distribution 2) MitM/Tampering 3) Routing 1) Malware Manipulation 1) Malware 2) Targeted Intrusion 2) Targeted Intrusion 7

  8. TESP Test Environment TESP is a framework designed by PNNL that simulates transactive systems. It includes various software modules and a number of agents in the form of smart houses. TE Agents Manipulated House Values Controller Mininet Attack Source: http://tesp.readthedocs.io/en/latest/TESP_DesignDoc.html 8

  9. Power System Model The simulated power system includes a 9-bus transmission system and one feeder with transactive components at node 7. The HVAC devices in each house will patriate in the power market. 7200V/120V 10 houses for phase A Source: http://tesp.readthedocs.io/en/latest/TESP_DesignDoc.html …… 230kV/12.47kV 7200V/120V 10 houses for phase B 12.47kV/480V …… Node 7200V/120V 7 1.3 MW peak 10 houses for phase C unresponsive load …… Large Building

  10. Impact of Manipulating the bid price and quantity Under this scenario, the bid price and quantity signals communicated from the HVAC controller are manipulated and changed to an arbitrary value. the HVAC temperature setting point gets manipulated consequently, which impacts the overall system operation. Generator output Overall Demand Local Marginal Price 10

  11. Cyber-Physical Analytics Physical/cyber system Data acquisition Physical signals Physical layer (V, I, P) Simulated/ measured data Cyber signals Cyber layer (data traffic) Market signals Market layer (LMP, bids) Anomaly classifier Decision/ Metrics control (Cyber, Physical) 11

  12. Event Classification NO Anomaly YES NO NO Cyber Event Physical Event Ph YES YES NO YES YES NO YES YES NO NO Normal Ope peration Physical Event Cyber ber-Physic ical al Event ent Cyber ber Event ent Status Stat 12

  13. Anomaly Detection via Deep Learning • Why deep learning? – Feature extraction (local patterns, such as spikes) from multi-channel time series data – Doesn’t need domain expert to define features – High accuracy with sufficient number of layers – High level generalized features can be used to detect unknown attacks

  14. Convolutional Neural Network for Anomaly Detection • Supervised Learning: use normal and outliers to train • Able to create high level generalized features • Use generalized features to detect anomalies in the testing data

  15. Deep Autoencoder for Anomaly Detection • Unsupervised Learning: use normal data to train • Learn a low level representation and reconstruct original data • Anomaly scores are measured by the reconstruction error | 𝑦 − 𝑦 ′ | • Anomalous data has different low level structure and thus anomaly scores are high.

  16. Conclusion • Transactive Energy Systems employ economic and control mechanisms to dynamically balance the demand and supply. • Significant increase in DER • Devices are increasingly vulnerable to cyberattack. • New analytical methods are needed to monitor these system’s operations and detect malicious activity. • Combination of supervised and unsupervised deep learning algorithms • Algorithms must incorporate cyber, physical, and market parameters 16

  17. 17

Recommend


More recommend