Cyber Physical Security Analytics for Transactive Energy Systems - - PowerPoint PPT Presentation

cyber physical security
SMART_READER_LITE
LIVE PREVIEW

Cyber Physical Security Analytics for Transactive Energy Systems - - PowerPoint PPT Presentation

Sep 19, 2023 105 likes •295 views

Cyber Physical Security Analytics for Transactive Energy Systems Adam Hahn, Anurag Srivastava, Yue Zhang, WSU: Vignesh Venkata Gopala Krishnan, Kudrat Kaur, Siemens: Jiaxing Pi, Minh Nguyen, Sindhu Suresh 1 Overview Introduction

slide-1
SLIDE 1

Cyber Physical Security Analytics for Transactive Energy Systems

Jiaxing Pi, Minh Nguyen, Sindhu Suresh

1

WSU: Siemens:

Adam Hahn, Anurag Srivastava, Yue Zhang, Vignesh Venkata Gopala Krishnan, Kudrat Kaur,

slide-2
SLIDE 2
  • Introduction
  • Transactive Energy and Emerging Challenges
  • Cyber Threat for TE
  • TESP-based Simulation Environment
  • Data Analytics Approaches for Security
  • Conclusion

2

Overview

slide-3
SLIDE 3
  • The significant increase distributed energy resources (PV,

storage, electric vehicles)

  • Transition from “consumer” to “prosumers” that buy and sell

electricity

  • Transactive Energy Systems employ economic and control

mechanisms to dynamically balance the demand and supply

  • Depends on a large number of distributed edge-computing and

consumer controlled Internet of Things.

  • IoT systems and the electric grid cyber assets are increasingly

vulnerable to attack.

  • New analytical methods are needed to monitor these

system’s operations and detect malicious activity.

3

Introduction

slide-4
SLIDE 4

TE Infrastructure Overview

4

Distribution Transmission

Bids/ Demands LMP Prices Bids/Demands

Prosumer Market Communication

Agent Agent

slide-5
SLIDE 5
  • A baseline model for Transactive Energy has been utilized

to study the effects of cyber threats on TE system.

  • Incorporates

– Transmission Model – Distribution Model with prosumers, distributed energy

sources

– Communication network – Auction houses

  • Incorporated using TESP[1], an open source platform

developed by PNNL.

Baseline Model for TE System

[1] https://github.com/pnnl/tesp

slide-6
SLIDE 6

Possible Events in Cyber part

Cyber Events Bad Data Noise or bad sensors Malicious Data Attack False data injection Man-in-the- middle Denial-of-Service Data Spoofing Communication line failure Packet Loss Huge latency

Cyber Analytics using:

Log data files Data traffic IDS data Threat sharing

slide-7
SLIDE 7

Cyber Threats

7

Distribution Transmission

Bids/ Demands LMP Prices Bids/Demands

Prosumer

Malicious Signals

Market

Communication Agent Agent 1) Malware 2) Targeted Intrusion 1) Malware 2) Targeted Intrusion 1) DoS 2) MitM/Tampering 3) Routing Manipulation

slide-8
SLIDE 8

8

TESP Test Environment

TESP is a framework designed by PNNL that simulates transactive systems. It includes various software modules and a number of agents in the form of smart houses.

Source: http://tesp.readthedocs.io/en/latest/TESP_DesignDoc.html

Mininet

House Controller

Attack

TE Agents

Manipulated Values

slide-9
SLIDE 9

7200V/120V 230kV/12.47kV 10 houses for phase A 10 houses for phase B 10 houses for phase C 7200V/120V 7200V/120V …… …… …… 1.3 MW peak unresponsive load 12.47kV/480V Large Building Node 7

The simulated power system includes a 9-bus transmission system and one feeder with transactive components at node 7. The HVAC devices in each house will patriate in the power market.

Source: http://tesp.readthedocs.io/en/latest/TESP_DesignDoc.html

Power System Model

slide-10
SLIDE 10

10

Impact of Manipulating the bid price and quantity

Under this scenario, the bid price and quantity signals communicated from the HVAC controller are manipulated and changed to an arbitrary value. the HVAC temperature setting point gets manipulated consequently, which impacts the overall system operation.

Generator output Overall Demand Local Marginal Price

slide-11
SLIDE 11

11

Decision/ control Data acquisition Physical signals

(V, I, P)

Anomaly classifier (Cyber, Physical) Metrics

Simulated/ measured data

Cyber signals

(data traffic)

Market signals

(LMP, bids)

Physical/cyber system Physical layer Cyber layer Market layer

Cyber-Physical Analytics

slide-12
SLIDE 12

12 Cyber ber-Physic ical al Event ent Cyber ber Event ent

Anomaly Ph Physical Event

NO Physical Event YES

Normal Ope peration Stat Status

YES

YES Cyber Event

NO

NO

YES YES YES NO

NO

NO YES NO

Event Classification

slide-13
SLIDE 13

Anomaly Detection via Deep Learning

  • Why deep learning?

– Feature extraction (local patterns, such as spikes)

from multi-channel time series data

– Doesn’t need domain expert to define features – High accuracy with sufficient number of layers – High level generalized features can be used to

detect unknown attacks

slide-14
SLIDE 14

Convolutional Neural Network for Anomaly Detection

  • Supervised Learning: use normal and outliers to train
  • Able to create high level generalized features
  • Use generalized features to detect anomalies in the testing data
slide-15
SLIDE 15

Deep Autoencoder for Anomaly Detection

  • Unsupervised Learning: use normal

data to train

  • Learn a low level representation and

reconstruct original data

  • Anomaly scores are measured by the

reconstruction error | 𝑦 − 𝑦′ |

  • Anomalous data has different low level

structure and thus anomaly scores are high.

slide-16
SLIDE 16
  • Transactive Energy Systems employ economic and control

mechanisms to dynamically balance the demand and supply.

  • Significant increase in DER
  • Devices are increasingly vulnerable to cyberattack.
  • New analytical methods are needed to monitor these system’s
  • perations and detect malicious activity.
  • Combination of supervised and unsupervised deep learning

algorithms

  • Algorithms must incorporate cyber, physical, and market parameters

16

Conclusion

slide-17
SLIDE 17

17