Browsing by Author "Zhu, Ruoxi"
Now showing 1 - 4 of 4
Results Per Page
Sort Options
- Intrusion Detection Against MMS-Based Measurement Attacks at Digital SubstationsZhu, Ruoxi; Liu, Chen-Ching; Hong, Junho; Wang, Jiankang (2021-01-05)Information and Communications Technology (ICT) supports the development of novel control and communication functions for monitoring, operation, and control of power systems. However, the high-level deployment of ICT also increases the risk of cyber intrusions for Supervisory Control And Data Acquisition (SCADA) systems. Attackers can gain access to the protected infrastructures of the grid and launch attacks to manipulate measurements at the substations. The fabricated measurements can mislead the operators in the control center to take undesirable actions. The Intrusion Detection System (IDS) proposed in this paper is deployed in IEC 61850 based substations. The proposed IDS identifies falsified measurements in Manufacturing Messaging Specification (MMS) messages. By cross-checking the consistency of electric circuit relationships at the substation level in a distributed manner, the falsified measurements can be detected and discarded before the malicious packets are sent out of the substations through DNP3 communication. A cyber-physical system testbed is used to validate the performance of the proposed IDS. Using the IEEE 39-bus test system, simulation results demonstrate high accuracy of the proposed substation-based intrusion detection system.
- Intrusion Detection and Recovery of a Cyber-Power SystemZhu, Ruoxi (Virginia Tech, 2024-06-06)The advent of Information and Communications Technology (ICT) in power systems has revolutionized the monitoring, operation, and control mechanisms through advanced control and communication functions. However, this integration significantly elevates the vulnerability of modern power systems to cyber intrusions, posing severe risks to the integrity and reliability of the power grid. This dissertation presents the results of a comprehensive study into the detection of cyber intrusions and restoration of cyber-power systems post-attack with a focus on IEC 61850 based substations and recovery methodologies in the cyber-physical system framework. The first step of this study is to develop a novel Intrusion Detection System (IDS) specifically designed for deployment in automated substations. The proposed IDS effectively identifies falsified measurements within Manufacturing Messaging Specification (MMS) messages by verifying the consistency of electric circuit laws. This distributed approach helps avoid the transfer of contaminated measurements from substations to the control center, ensuring the integrity of SCADA systems. Utilizing a cyber-physical system testbed and the IEEE 39-bus test system, the IDS demonstrates high detection accuracy and validates its efficacy in real-time operational environments. Building upon the intrusion detection methodology, this dissertation advances into cyber system recovery strategies, which are designed to meet the challenges of restoring a power grid as a cyber-physical system following catastrophic cyberattacks. A novel restoration strategy is proposed, emphasizing the self-recovery of a substation automation system (SAS) within the substation through dynamic network reconfiguration and collaborative efforts among Intelligent Electronic Devices (IEDs). This strategy, validated through a cyber-power system testbed incorporating SDN technology and IEC 61850 protocol, highlights the critical role of cyber recovery in maintaining grid resilience. Further, this research extends its methodology to include a cyber-physical system restoration strategy that integrates an optimization-based multi-system restoration approach with cyber-power system simulation for constraint checking. This innovative strategy developed and validated using an Software Defined Networking (SDN) network for the IEEE 39-bus system, demonstrates the capability to efficiently restore the cyber-power system and maximize restoration capability following a large-scale cyberattack. Overall, this dissertation makes original contributions to the field of power system security by developing and validating effective mechanisms for the detection of and recovery from cyber intrusions in the cyber-power system. Here are the main contributions of this dissertation: 1) This work develops a distributed IDS, specifically designed for the substation automation environment, capable of pinpointing the targets of cyberattacks, including sophisticated attacks involving multiple substations. The effectiveness of this IDS in a real-time operational context is validated to demonstrate its efficiency and potential for widespread deployment. 2) A novel recovery strategy is proposed to restore the critical functions of substations following cyberattacks. This strategy emphasizes local recovery procedures that leverage the collaboration of devices within the substation network, circumventing the need for external control during the initial recovery phase. The implementation and validation of this method through a cyber-physical system testbed—specifically, within an IEC 61850 based Substation Automation System (SAS)—underscores its practicality and effectiveness in real-world scenarios. 3) The dissertation results in a new co-restoration strategy that integrates mixed integer linear programming to sequentially optimize the restoration of generators, power components, and communication nodes. This approach ensures optimal restoration decisions within a limited time horizon, enhancing the recovery capabilities of the cyber-power system. The application of an SDN based network simulator facilitates accurate modeling of cyber-power system interactions, including communication constraints and dynamic restoration scenarios. The strategy's adaptability is further improved by real-time assessment of the feasibility of the restoration sequence incorporating power flow and communication network constraints to ensure an effective recovery process.
- Machine Learning-based Intrusion Detection for Smart Grid Computing: A SurveySahani, Nitasha; Zhu, Ruoxi; Cho, Jin-Hee; Liu, Chen-Ching (ACM, 2023)Machine learning (ML)-based intrusion detection system (IDS) approaches have been significantly applied and advanced the state-of-the-art system security and defense mechanisms. In smart grid computing environments, security threats have been significantly increased as shared networks are commonly used, along with the associated vulnerabilities. However, compared to other network environments, ML-based IDS research in a smart grid is relatively unexplored although the smart grid environment is facing serious security threats due to its unique environmental vulnerabilities. In this paper, we conducted an extensive survey on ML-based IDS in smart grid based on the following key aspects: (1) The applications of the ML-based IDS in transmission and distribution side power components of a smart power grid by addressing its security vulnerabilities; (2) dataset generation process and its usage in applying ML-based IDSs in the smart grid; (3) a wide range of ML-based IDSs used by the surveyed papers in the smart grid environment; (4) metrics, complexity analysis, and evaluation testbeds of the IDSs applied in the smart grid; and (5) lessons learned, insights, and future research directions.
- Online Voltage Stability Monitoring and Control Using Limited Synchrophasor MeasurementsZhu, Ruoxi (Virginia Tech, 2019)As the scale and complexity of an interconnected power grid has increased significantly, power systems can be operated close to the verge of voltage instability. With the application of Phasor Measurement Units (PMUs), dispatchers are able to monitor long term voltage stability in a real time operational environment. This research addresses the critical issues by proposing three different methods. Voltage Stability Assessment Index (VSAI) is a Thévenin Equivalent (TE) based method considering voltage dynamic mechanisms. To extend the model from one load bus to a critical load center, Optimal Power Flow-Loading limit (OPF-LI) is developed to assess the voltage stability margin. To utilize limited available PMU measurements, State Calculator (SC) is included in the algorithm to approximate the dynamic states at the buses where PMU measurements are not available. The online voltage regulating method in terms of On-load Tap Changer (OLTC) control is also investigated. The methods proposed in this research have been validated with the test cases from the WECC 179 bus system.