tcipg.org

Trustworthy Cyber Infrastructure for the Power Grid (TCIPG)

Pete Sauer

May 20, 2011

Power Affiliates Program

University of Illinois • Cornell University • Dartmouth College • University of California Davis • Washington State University

tcipg.org

TCIPG Seminar Series on Technologies for a Resilient Power Grid

A new monthly TCIPG Seminar Series is presented live and webcast to an academic/government/industry audience – First Fridays at 1 central

2

tcipg.org

New TCIPG Website

3

tcipg.org

TCIPG Technical Clusters and Threads

Clusters

Trustworthy cyber infrastructure and

technologies for wide-area monitoring and control

Threads

Architectures design and tools for wide area

communication networks

Trust in PMU Networks

Trustworthy cyber infrastructure and

technologies for active demand management

Thread Advanced monitoring and control for distribution

networks

Responding to and managing cyber events Thread

Design of semi-automated intrusion detection and

response techniques

Risk and security assessment Threads

Model-based Assessment Tools

Experiment-based Assessment Tools

4

tcipg.org 5

Smart-Grid-Enabled Distributed Voltage Support

Objectives

Recent Achievements

• Develop an authenticated framework for mobilizing distribution-level devices to provide reactive support.

• Facilitate near real-time reactive control at residential level.

• Validate simulated control algorithms in a laboratory setting with actual power system devices.

• A framework and algorithm to coordinate reactive load control were developed and the researchers are building an inverter-battery device that will be capable of providing reactive power support.

• The researchers are working to implement the ideas presented in the papers for application on the University of Illinois campus distribution system.

• The algorithms can then be used to dispatch this device. A paper was accepted for publication in the IEEE Transactions on Smart Grid.

tcipg.org 6

Specification-based IDS for AMI

Objectives

• Design an efficient monitoring architecture to detect and potentially prevent intrusions targeting or originating from an AMI.

• Implement a prototype of this monitoring solution and validate its accuracy and applicability.

Recent Achievements

• Presented a paper about the project at IEEE SmartGridComm 2010. • Developed a working prototype of a network sensor in Python. • Tested the prototype with an emulated AMI using Trilliant Table Testbench. • Designed and implemented a visualization console, and demonstrated the

monitoring architecture during the annual TCIPG workshop. • Established a connection with Robert Former from Itron to test the prototype on real

hardware meters.

tcipg.org 7

Non-Intrusive Load Monitoring

Objectives

Approach/Research Plan

• To develop more effective techniques to safeguard privacy in the face of expanding data collection.

• To utilize existing meter technologies to track the characteristics of home appliances and verify energy-saving measures.

• Develop load signal masking techniques to thwart invasions of privacy with minimal distortion of the signal.

• Develop more accurate load models of specific appliances by observing characteristics over time.

Recent Achievements

• Recently developed a Hidden Markov Model toolkit that will facilitate the analysis of data that have been collected from various residences. This method is showing improvement over the clustering methods that were previously attempted.

tcipg.org 8

V2G Cyber Security

Objectives • To show that the cyber security protection of the

V2G communication layer can be cast into a form so that the Least Privilege Architecture (LPA) provides an appropriate structure to protect the cyber security of the grid.

• To adapt LPA to specific needs of V2G problem. • To demonstrate the ability of the adapted LPA to

operate effectively in the V2G framework.

Recent Achievements • LPA provides mechanisms to effectively limit the privileges of each service so that it can only access the

functions it needs to fully complete its tasks. • LPA provides restricted access to the database to each service at a level commensurate with the

requirements to complete the service tasks. • LPA facilitates the decomposition of the Aggregator’s functions into logically disjoint services, leading to

enhanced security. • LPA minimizes the impact of a successful attack on a single service. • LPA allows room to expand services to third-party vendors. • LPA facilitates the easy expansion of the number of BVs and parking lots in the aggregation.

tcipg.org 9

Agent Technologies for Active Control Applications in the Power Grid

Objectives

• Study the application of agent technologies for used in the power distribution and transmission network to perform control actions.

• This research is also investigating decentralized control optimization algorithms suitable for agent applications.

Recent Achievements

• A framework and algorithm to coordinate reactive load control were developed. • The algorithm is based on a layered architecture that would follow a chain of command from the

top layer (transmission grid) to the bottom layer (distribution grid). • A reactive load control optimization algorithm to improve the voltage profile in the distribution

grid was developed. The entire framework integrates agent-based technologies to manage the data and control actions required to operate this type of architecture in both of the power networks.

• A paper was accepted for publication in the IEEE Transactions on Smart Grid.

Computer A

FR_6

Central EMS

Transmission Network Matlab and

Agents

Matlab and Agents

2

1

SS

4

3

8

7

5

9

6

10 11 12

13

14 15 16 17 18

19

20

23

24

22 21

26

27

28

29

25

31 30

TFR_1

CR_1

CR_2

CR_3

CR_4

Distribution Network

FR_7

Computer B

tcipg.org 10

Quantifying the Impacts on Reliability of Coupling between Cyber and Physical Components

Objectives

• Construct models to analyze the impact of PMU misbehavior:

• GPS spoofing affects the synchronization of PMUs.

• Filtering algorithm implementation affects the quality of the phasor measurement.

• Data transmission limitations and communication failures affect continuous measurement availability.

Recent Achievements

• Formulation of maximum achievable GPS time-synchronization error.

• Development of MATLAB code for maximizing GPS time-synchronization error under constraints.

PMU

GPS Spoofer

• Satellite provides time synchronization for PMUs.

• GPS spoofer overpowers satellite signal and provides the wrong time-synchronization information to the PMU.

tcipg.org

TCIPG Testbed • Goals and Approach

– Provision for experimental support and integration of TCIPG projects

– Serve as national resource for experimental work in analysis of power grid system resiliency

– A Simulation and emulation environment with real hardware and software used in the power grid

– Span Transmission, Distribution & Metering, Distributed Generation and Home Automation and Control

• FY 11 Plans – Mid-term

– Develop new modeling and evaluation technologies to enhance evaluation capabilities of the testbed

– Develop integration glue to further link new components into the testbed

– Short-term – Expand testbed through software and hardware

augmentation to flush out the defined modules (Transmission, Distribution, Home Area Monitoring and Control, and Distributed Generation)

• Senior researchers: David Nicol, Bill Sanders, Tim Yardley

11

tcipg.org

Testbed • Achievements

– Continued involvement in Deter Enabled Federated Testbeds (DEFT) Consortium

– Progress made on bringing in new software and hardware to support our growing TCIPG research needs

– Remote access to the TCIPG testbed is available now – Testbed related staffing proceeding well

• Publications – Extended open-source CORE emulation engine to support

virtual time [ZhengN1] – Investigated susceptibility of data aggregators to buffer

flooding attacks [JinNY1] 12

tcipg.org 13

Education and Engagement

Project Objectives

• Link researchers, educators, consumers, and students.

• Develop pedagogically and technologically sound curriculum materials relating math and science to power, energy, and cyber communication issues and utilize these materials to connect with middle and high school teachers and students.

• Create interest in STEM disciplines and careers.

• Illustrate issues necessary for consumer acceptance and use of smart grid technologies.

Advanced metering technologies allow two-way communication between the utility and the consumer.

tcipg.mste.illinois.edu

tcipg.org

2011 TCIPG Summer School

• Title: Cyber Security for Smart Energy Systems – Basics of Cyber Security and Electric Energy Systems – Emerging Smart Grid Technologies and Cyber Security Challenges

• Dates: June 13th through June 17th • Venue: Q-Center St. Charles, IL

– < 1 hour from Chicago O’hare and Midway airports – www.qcenter.com – Capacity: 250

• Student Scholarships – DOE & DHS supported

• Professional Development Hours (PDH)tion Credits (CEUs) – From University of Illinois

http://www.qcenter.com

tcipg.org

Agenda, Speakers and Registration

• Agenda – 4.5 days; ~4 talks a day – INL Intermediate SCADA Security Hands-on Session (6+

hours) on Tue. & Thu. afternoon in a parallel track • Speakers

– 20+ speakers from academia, national labs, industry, government, and non-profits

• 35% Industry, 15% National Labs, 20% Academia, 15% non-profits, 15% Govt.

• Registration – Open at www.tcipg.org/2011SummerSchool – 100 registrants so far – see me for a discount!

http://www.tcipg.org/2011SummerSchool

tcipg.org

Confirmed Speakers

• Anjan Bose, Washington State University

• Jeff Dagle, Pacific Northwest National Laboratory (PNNL)

• Herbert Falk, Systems Integration Specialists Company (SISCO)

• Carol Hawk, United States Department of Energy (DOE)

• Darren Highfill, Utilisec • Diane Hooie, United States

Department of Energy (DOE) • Hank Kenchington, United States

Department of Energy (DOE) • Himanshu Khurana, Honeywell • Annabelle Lee, Electric Power

Research Institute (EPRI)

• Wayne Manges, Oak Ridge National Laboratory (ORNL)

• Scott Mix, North American Electric Reliability Corporation (NERC)

• Liam O Murchu, Symantec • William H. Sanders, University of

Illinois at Urbana-Champaign (UIUC) • David Schooley, Commonwealth

Edison (ComEd) • Sean Smith, Dartmouth College • Rita Wells, Idaho National

Laboratory (INL) • Dave Whitehead, Schweitzer

Engineering Laboratories (SEL) • Andrew Wright, N-Dimension

tcipg.org

Schedules

• Sunday: 17:00 to 19:00 reception • Monday: Background talks, introductions to power

systems, cyber security, power flow • Tuesday: Wide-area stability, regulation, grid

vulnerabilities, synchrophasor technologies, INL SCADA hands on security training

• Wednesday: Grid communication protocols, secure network architectures, smart grid security, Stuxnet

• Thursday: Software security, design principles for smart grid security, wind integration, INL SCADA hands on security training

• Friday: Resilient infrastructures for smart energy systems

Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) ��Pete Sauer��May 20, 2011�Power Affiliates ProgramTCIPG Seminar Series on Technologies for a Resilient Power GridNew TCIPG WebsiteTCIPG Technical Clusters and ThreadsSmart-Grid-Enabled Distributed Voltage SupportSpecification-based IDS for AMISlide Number 7V2G Cyber SecurityAgent Technologies for Active Control Applications in the Power GridQuantifying the Impacts on Reliability of Coupling between Cyber and Physical Components TCIPG TestbedTestbedEducation and Engagement2011 TCIPG Summer SchoolAgenda, Speakers and RegistrationConfirmed SpeakersSchedules