Towards Real-Time Distinction of Power System Faults and Cyber Attacks

This paper presents a methodology to distinguish between three-phase faults and GOOSE cyber attacks, aimed at opening the circuit breakers in the power grid. We propose a scheme that utilizes Phasor Measurement Unit (PMU)-enabled monitoring of power grid states, and communication network packet logs in the substation. In this scheme, by...

Cyber Forensic Analysis for Operational Technology Using Graph-Based Deep Learning

The cyber attacks in Ukraine in 2015 and 2016 demonstrated the vulnerability of electrical power grids to cyber threats. They highlighted the significance of Operational Technology (OT) communication-based anomaly detection. Many anomaly detection methods are based on real-time traffic monitoring, i.e., Intrusion Detection Systems (IDS) that may...

Cyber Attacks on Power Grids: Causes and Propagation of Cascading Failures

Cascading effects in the power grid involve an uncontrolled, successive failure of elements. The root cause of such failures is the combined occurrence of multiple, statistically rare events that may result in a blackout. With increasing digitalisation, power systems are vulnerable to emergent cyber threats. Furthermore, such threats are not...

Attack Graph Model for Cyber-Physical Power Systems Using Hybrid Deep Learning

Electrical power grids are vulnerable to cyber attacks, as seen in Ukraine in 2015 and 2016. However, existing attack detection methods are limited. Most of them are based on power system measurement anomalies that occur when an attack is successfully executed at the later stages of the cyber kill chain. In contrast, the attacks on the Ukrainian...

A Blueprint for Cyber Security of Brownfield Substations in Power Systems using IEC 62443

Paper ID – 0348

Quantitative Risk Assessment of Cyber Attacks on Cyber-Physical Systems using Attack Graphs

Over the past decade, the number of cyber attack incidents targeting critical infrastructures such as the electrical power system has increased. To assess the risk of cyber attacks on the cyber-physical system, a holistic approach is needed that considers both system layers. However, the existing risk assessment methods are either qualitative in...

Cyber Attacks on Protective Relays in Digital Substations and Impact Analysis

Power systems automation and communication standards are crucial for the transition of the conventional power system towards a smart grid. The IEC 61850 standard is widely used for substation automation and protection. It enables real-time communication and data exchange between critical substation automation devices. IEC 61850 serves as the...

Cyber Attacks on Power System Automation and Protection and Impact Analysis

Power system automation and communication standards are spearheading the power system transition towards a smart grid. IEC 61850 is one such standard, which is widely used for substation automation and protection. It enables real-time communication and data exchange between critical substation automation and protection devices within digital...