Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Confidentiality-preserving Obfuscation for Cloud-based Power System Contingency Analysis
KTH, School of Electrical Engineering (EES), Communication Networks.
KTH, School of Electrical Engineering (EES), Communication Networks.ORCID iD: 0000-0002-4876-0223
University of Illinois at Urbana-Champaign.
2013 (English)In: 2013 IEEE International Conference on Smart Grid Communications (SmartGridComm), IEEE conference proceedings, 2013, 432-437 p.Conference paper, Published paper (Refereed)
Abstract [en]

Power system operators are looking to adopt and migrate to cloud technologies and third-party cloud services for customer facing and enterprise IT applications. Security and reliability are major barriers for adopting cloud technologies and services for power system operational applications. In this work we focus on the use of cloud computing for Contingency Analysis and propose an approach to obfuscate information regarding power flows and the presence of a contingency violation while allowing the operator to analyze contingencies with the needed accuracy in the cloud. Our empirical evaluation shows, i) that the errors introduced into power flows due to the obfuscation approach are small, and ii) that the RMS errors introduced grow linearly with the magnitude of obfuscation.

Place, publisher, year, edition, pages
IEEE conference proceedings, 2013. 432-437 p.
Keyword [en]
Cloud services, Cloud technologies, Contingency analysis, Empirical evaluations, Operational applications, Power system operators, Security and reliabilities, System contingencies
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:kth:diva-134821DOI: 10.1109/SmartGridComm.2013.6687996ISI: 000330174800073Scopus ID: 2-s2.0-84893549292ISBN: 978-1-4799-1526-2 (print)OAI: oai:DiVA.org:kth-134821DiVA: diva2:668224
Conference
The 4th IEEE International Conference on Smart Grid Communications (SmartGridComm) in Vancouver, Canada, 21-24 October, 2013
Note

QC 20140107

Available from: 2013-11-29 Created: 2013-11-29 Last updated: 2014-09-24Bibliographically approved
In thesis
1. Cyber-security in Smart Grid Communication and Control
Open this publication in new window or tab >>Cyber-security in Smart Grid Communication and Control
2014 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Society is increasingly dependent on the reliable operation of power systems. Power systems, at the same time, heavily rely on information technologies to achieve efficient and reliable operation. Recent initiatives to upgrade power systems into smart grids target an even tighter integration with information technologies to enable the integration of renewable energy sources, local and bulk generation and demand response. Thus for the reliable operation of smart grids, it is essential that its information infrastructure is secure and reliable in the face of both failures and attacks. This thesis contributes to improving the security of power systems against attacks on their information infrastructures. The contributions lie in three areas: data integrity, data condentiality, and data availability of power system applications.

We analyze how characteristics of power system applications can be leveraged for detection and mitigation of data integrity attacks. We consider singleand multi-area power system state estimation. For single-area state estimation, we look at the integrity of measurement data delivered over a wide area communication network. We deffine security metrics that quantify the importance of particular components of the communication network, and that allow us to optimize the deployment of network, transport and application layer security solutions. For multi-area state estimation, we look at the integrity of data exchanged between the control centers of neighboring areas in face of a targeted trojan that compromises an endpoint of the secure communication tunnel. We deffine multiple attack strategies and show that they can signifficantly disturb the state estimation. Moreover, we propose schemes that could be used for detection, localization, and mitigation of data integrity attacks.

We investigate how to provide data confidentiality for power system applications when they utilize cloud computing. We focus on contingency analysis and propose an approach to obfuscate information regarding power flows and the presence of a contingency violation while allowing the operator to analyze contingencies with the needed accuracy in the cloud. Our empirical evaluation shows that the errors introduced into power flows due to the proposed obfuscation are small, and that the RMS errors introduced grow linearly with the magnitude of obfuscation.

We study how to improve data availability in face of gray hole attacks combined with traffic analysis. We consider two cases: SCADA substation to control center communication using DNP3, and inter-control center communication. In the first case, we propose a support vector machine-based traffic analysis algorithm that uses only the information on timing and direction of three consecutive messages, and show that a gray hole attack can be effectively performed even if the traffic is sent through an encrypted tunnel. We discuss possible mitigation schemes, and show that a minor modication of message timing could help mitigate the attack. In the second case, we study how anonymity networks can be used to improve availability at the price of increased communication overhead and delay. We show that surprisingly availability is not always improved with more overhead and delay. Moreover, we show that it is better to overestimate than to underestimate the attacker's capabilities when conguring anonymity networks.

Place, publisher, year, edition, pages
Stockholm: KTH Royal Institute of Technology, 2014. vi, 48 p.
Series
TRITA-EE, ISSN 1653-5146 ; 2014:039
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Research subject
Electrical Engineering
Identifiers
urn:nbn:se:kth:diva-152223 (URN)978-91-7595-250-5 (ISBN)
Public defence
2014-10-07, Hörsal F3, Lindstedtsvägen 26, KTH, Stockholm, 10:00 (English)
Opponent
Supervisors
Note

QC 20140924

Available from: 2014-09-24 Created: 2014-09-23 Last updated: 2014-09-24Bibliographically approved

Open Access in DiVA

Vukovic_SGC2013_CAinCloud_cameraReady(923 kB)110 downloads
File information
File name FULLTEXT01.pdfFile size 923 kBChecksum SHA-512
c0cac03886a818417752fa8cbb51bb721fe10ee47ea46d5301d692ad8ba73884c6186952cff66e30f77a06570a69c2fc21d9655d4c6829d5dc2b53cc62e8e3e4
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopusIEEEXplore

Search in DiVA

By author/editor
Vuković, OgnjenDán, György
By organisation
Communication Networks
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 110 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 175 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf