Physical-Model-Checking to Detect Switching-Related Attacks in Power Systems
Recent public disclosures on attacks targeting the power industry showed that savvy attackers are now capable of occulting themselves from conventional rule-based network intrusion detection systems (IDS), bringing about serious threats. In order to leverage the work of rule-based IDS, this paper pr...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2018-07-01
|
| Series: | Sensors |
| Subjects: | |
| Online Access: | http://www.mdpi.com/1424-8220/18/8/2478 |
| _version_ | 1811185311848333312 |
|---|---|
| author | Mohamad El Hariri Samy Faddel Osama Mohammed |
| author_facet | Mohamad El Hariri Samy Faddel Osama Mohammed |
| author_sort | Mohamad El Hariri |
| collection | DOAJ |
| description | Recent public disclosures on attacks targeting the power industry showed that savvy attackers are now capable of occulting themselves from conventional rule-based network intrusion detection systems (IDS), bringing about serious threats. In order to leverage the work of rule-based IDS, this paper presents an artificially intelligent physical-model-checking intrusion detection framework capable of detecting tampered-with control commands from control centers of power grids. Unlike the work presented in the literature, the work in this paper utilizes artificial intelligence (AI) to learn the load flow characteristics of the power system and benefits from the fast responses of the AI to decode and understand contents of network packets. The output of the AI is processed through an expert system to verify that incoming control commands do not violate the physical system operational constraints and do not put the power system in an insecure state. The proposed content-aware IDS is tested in simulation on a 14-bus IEEE benchmark system. Experimental verification on a small power system, with an IEC 61850 network architecture is also carried out. The results showed the accuracy of the proposed framework in successfully detecting malicious and/or erroneous control commands. |
| first_indexed | 2024-04-11T13:27:22Z |
| format | Article |
| id | doaj.art-fb87693f7b6242f6aadd3965a83f95fd |
| institution | Directory Open Access Journal |
| issn | 1424-8220 |
| language | English |
| last_indexed | 2024-04-11T13:27:22Z |
| publishDate | 2018-07-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Sensors |
| spelling | doaj.art-fb87693f7b6242f6aadd3965a83f95fd2022-12-22T04:22:00ZengMDPI AGSensors1424-82202018-07-01188247810.3390/s18082478s18082478Physical-Model-Checking to Detect Switching-Related Attacks in Power SystemsMohamad El Hariri0Samy Faddel1Osama Mohammed2Energy Systems Research Laboratory, Department of Electrical and Computer Engineering, Florida International University, Miami, FL 33174, USAEnergy Systems Research Laboratory, Department of Electrical and Computer Engineering, Florida International University, Miami, FL 33174, USAEnergy Systems Research Laboratory, Department of Electrical and Computer Engineering, Florida International University, Miami, FL 33174, USARecent public disclosures on attacks targeting the power industry showed that savvy attackers are now capable of occulting themselves from conventional rule-based network intrusion detection systems (IDS), bringing about serious threats. In order to leverage the work of rule-based IDS, this paper presents an artificially intelligent physical-model-checking intrusion detection framework capable of detecting tampered-with control commands from control centers of power grids. Unlike the work presented in the literature, the work in this paper utilizes artificial intelligence (AI) to learn the load flow characteristics of the power system and benefits from the fast responses of the AI to decode and understand contents of network packets. The output of the AI is processed through an expert system to verify that incoming control commands do not violate the physical system operational constraints and do not put the power system in an insecure state. The proposed content-aware IDS is tested in simulation on a 14-bus IEEE benchmark system. Experimental verification on a small power system, with an IEC 61850 network architecture is also carried out. The results showed the accuracy of the proposed framework in successfully detecting malicious and/or erroneous control commands.http://www.mdpi.com/1424-8220/18/8/2478agent systemscyber-physical securitydecentralized controlintelligent systems |
| spellingShingle | Mohamad El Hariri Samy Faddel Osama Mohammed Physical-Model-Checking to Detect Switching-Related Attacks in Power Systems Sensors agent systems cyber-physical security decentralized control intelligent systems |
| title | Physical-Model-Checking to Detect Switching-Related Attacks in Power Systems |
| title_full | Physical-Model-Checking to Detect Switching-Related Attacks in Power Systems |
| title_fullStr | Physical-Model-Checking to Detect Switching-Related Attacks in Power Systems |
| title_full_unstemmed | Physical-Model-Checking to Detect Switching-Related Attacks in Power Systems |
| title_short | Physical-Model-Checking to Detect Switching-Related Attacks in Power Systems |
| title_sort | physical model checking to detect switching related attacks in power systems |
| topic | agent systems cyber-physical security decentralized control intelligent systems |
| url | http://www.mdpi.com/1424-8220/18/8/2478 |
| work_keys_str_mv | AT mohamadelhariri physicalmodelcheckingtodetectswitchingrelatedattacksinpowersystems AT samyfaddel physicalmodelcheckingtodetectswitchingrelatedattacksinpowersystems AT osamamohammed physicalmodelcheckingtodetectswitchingrelatedattacksinpowersystems |