Cyber Physical Security Analytics for Transactive Energy...
Transcript of Cyber Physical Security Analytics for Transactive Energy...
Cyber Physical Security Analytics for Transactive
Energy Systems
Jiaxing Pi, Minh Nguyen, Sindhu Suresh
1
WSU:
Siemens:
Adam Hahn, Anurag Srivastava, Yue Zhang,
Vignesh Venkata Gopala Krishnan, Kudrat Kaur,
• Introduction
• Transactive Energy and Emerging Challenges
• Cyber Threat for TE
• TESP-based Simulation Environment
• Data Analytics Approaches for Security
• Conclusion
2
Overview
• The significant increase distributed energy resources (PV,
storage, electric vehicles)
•
electricity
• Transactive Energy Systems employ economic and control
mechanisms to dynamically balance the demand and
supply
• Depends on a large number of distributed edge-computing and
consumer controlled Internet of Things.
• IoT systems and the electric grid cyber assets are increasingly
vulnerable to attack.
• New analytical methods are needed to monitor these
.
3
Introduction
TE Infrastructure Overview
4
Distribution
Transmission
Bids/ Demands
LMP
Prices
Bids/Demands
Prosumer
Market
Communication
Agent
Agent
• A baseline model for Transactive Energy has been utilized
to study the effects of cyber threats on TE system.
• Incorporates
Transmission Model
Distribution Model with prosumers, distributed energy
sources
Communication network
Auction houses
• Incorporated using TESP[1], an open source platform
developed by PNNL.
Baseline Model for TE System
[1] https://github.com/pnnl/tesp
Possible Events in Cyber part
Cyber Events
Bad Data
Noise or bad sensors
Malicious Data Attack
False data injection
Man-in-the-middle
Denial-of-Service Data Spoofing Communication
line failure
Packet Loss Huge latency
Cyber Analytics using:
Log data files
Data traffic
IDS data
Threat sharing
Cyber Threats
7
Distribution
Transmission
Bids/ Demands
LMP
Prices
Bids/Demands
Prosumer
Malicious Signals
Market
Communication
Agent
Agent
1) Malware 2) Targeted Intrusion 1) Malware
2) Targeted Intrusion
1) DoS 2) MitM/Tampering 3) Routing Manipulation
8
TESP Test Environment
TESP is a framework designed by PNNL that simulates transactive systems. It includes various software modules and a number of agents in the form of smart houses.
Source: http://tesp.readthedocs.io/en/latest/TESP_DesignDoc.html
Mininet
House
Controller
Attack
TE Agents
Manipulated
Values
7200V/120V
230kV/12.47kV
10 houses for phase A
10 houses for phase B
10 houses for phase C
7200V/120V
7200V/120V
……
……
……
1.3 MW peak
unresponsive load
12.47kV/480V
Large Building
Node
7
The simulated power system includes a 9-bus transmission system and one feeder with transactive components at node 7. The HVAC devices in each house will patriate in the power market.
Source: http://tesp.readthedocs.io/en/latest/TESP_DesignDoc.html
Power System Model
10
Impact of Manipulating the bid price and quantity
Under this scenario, the bid price and quantity signals communicated from the HVAC controller are
manipulated and changed to an arbitrary value. the HVAC temperature setting point gets manipulated
consequently, which impacts the overall system operation.
Generator output
Overall Demand
Local Marginal Price
11
Decision/ control
Data acquisition
Physical signals (V, I, P)
Anomaly classifier (Cyber, Physical)
Metrics
Simulated/ measured data
Cyber signals (data traffic)
Market signals (LMP, bids)
Physical/cyber system
Physical layer
Cyber layer
Market layer
Cyber-Physical Analytics
12
Cyber - Physical Event Cyber Event
Anomaly
Physical Event NO
Physical Event
YES
Normal Operation Status
YES
YES
Cyber Event
NO
NO
YES
YES
YES NO NO NO YES NO
Event Classification
Anomaly Detection via Deep Learning
• Why deep learning?
Feature extraction (local patterns, such as spikes)
from multi-channel time series data
High accuracy with sufficient number of layers
High level generalized features can be used to
detect unknown attacks
Convolutional Neural Network for Anomaly Detection
• Supervised Learning: use normal and outliers to train
• Able to create high level generalized features
• Use generalized features to detect anomalies in the testing data
• Transactive Energy Systems employ economic and control
mechanisms to dynamically balance the demand and supply.
• Significant increase in DER
• Devices are increasingly vulnerable to cyberattack.
•
operations and detect malicious activity.
• Combination of supervised and unsupervised deep learning
algorithms
• Algorithms must incorporate cyber, physical, and market parameters
16
Conclusion