research-article

Cyber–physical risk assessment for false data injection attacks considering moving target defences: Best practice application of respective cyber and physical reinforcement assets to defend against FDI attacks

Authors:

Martin Higgins,

Thomas ParisiniAuthors Info & Claims

International Journal of Information Security, Volume 22, Issue 3

Pages 579 - 589

https://doi.org/10.1007/s10207-022-00621-7

Published: 02 November 2022 Publication History

Abstract

In this paper, we examine the factors that influence the success of false data injection (FDI) attacks in the context of both cyber and physical styles of reinforcement. Existing research considers the FDI attack in the context of the ability to change a measurement in a static system only. However, successful attacks will require first intrusion into a system followed by construction of an attack vector that can bypass bad data detection to cause a consequence (such as overloading). Furthermore, the recent development of moving target defences (MTD) introduces dynamically changing system topology, which is beyond the capability of existing research to assess. In this way, we develop a full service framework for FDI risk assessment. The framework considers both the costs of system intrusion via a weighted graph assessment in combination with a physical, line overload-based vulnerability assessment under the existence of MTD. We present our simulations on a IEEE 14-bus system with an overlain RTU network to model the true risk of intrusion. The cyber model considers multiple methods of entry for the FDI attack including meter intrusion, RTU intrusion and combined style attacks. Post-intrusion, our physical reinforcement model analyses the required level of topology divergence to protect against a branch overload from an optimised attack vector. The combined cyber and physical index is used to represent the system vulnerability against FDIA.

References

[1]

Liang G, Weller SR, Zhao J, Luo F, and Dong ZY The 2015 Ukraine blackout: implications for false data injection attacks IEEE Trans. Power Syst. 2017 32 4 3317-3318

[2]

Liu Y, Ning P, and Reiter MK False data injection attacks against state estimation in electric power grids ACM Trans. Inf. Syst. Secur. 2011 14 1 1-33

[3]

Liu X, Li Z, Liu X, and Li Z Masking transmission line outages via false data injection attacks IEEE Trans. Inf. Forensics Secur. 2016 11 7 1592-1602, 7

[4]

Liang G, Zhao J, Luo F, Weller SR, and Dong ZY A review of false data injection attacks against modern power systems IEEE Trans. Smart Grid 2017 8 4 1630-1638

[5]

Deng R, Xiao G, Lu R, Liang H, and Vasilakos AV False data injection on state estimation in power systems-attacks, impacts, and defense: a survey IEEE Trans. Ind. Inform. 2017 13 2 411-423

[6]

Higgins, M., Zhang, J., Zhang, N., Teng, F.: Topology learning aided false data injection attack without prior topology information. In: IEEE PES General Meeting (GM), vol. 7, p. 1 (2021). arXiv:2102.12248

[7]

Wang S, Ren W, and Al-Saggaf UM Effects of switching network topologies on stealthy false data injection attacks against state estimation in power networks IEEE Syst. J. 2015 11 4 2640-2651, 11

[8]

Morrow, K.L., Heine, E., Rogers, K.M., Bobba, R.B., Overbye, T.J.: Topology perturbation for detecting malicious data injection. In: 2012 45th Hawaii international conference on system sciences (2012)

[9]

Liu, C., Zhou, M., Wu, J., Long, C., Farraj, A., Hammad, E., Kundur, D.: Reactance perturbation for enhancing detection of FDI attacks in power system state estimation. In: 2017 IEEE global conference on signal and information processing (GlobalSIP) (2017)

[10]

Li B, Xiao G, Lu R, Deng R, and Bao H On feasibility and limitations of detecting false data injection attacks on power grid state estimation using D-FACTS devices IEEE Trans. Ind. Inform. 2019 16 1

[11]

Tian J, Tan R, Guan X, and Liu T Enhanced hidden moving target defense in smart grids IEEE Trans. Smart Grid 2019 10 2 2208-2223

[12]

Higgins M, Teng F, and Parisini T Stealthy MTD against unsupervised learning-based blind FDI attacks in power systems IEEE Trans. Inf. Forensics Secur. 2020 16 1275-1287

[13]

Lakshminarayana S and Yau DKY Cost-benefit analysis of moving-target defense in power grids IEEE Trans. Power Syst. 2020 36 1

[14]

Higgins, M., Mayes, K., Teng, F.: Enhanced cyber–physical security using attack-resistant cyber nodes and event-triggered moving target defence. 10 (2020). arXiv:2010.14173

[15]

Hug G and Giampapa JA Vulnerability assessment of AC state estimation with respect to false data injection cyber-attacks IEEE Trans. Smart Grid 2012 3 3 1362-1370

[16]

Sandberg, H., Teixeira, A., Johansson, K.H.: On security indices for state estimators in power networks. Technical Report

[17]

Teixeira A, Sou KC, Sandberg H, and Johansson KH Secure control systems: a quantitative risk management approach IEEE Control Syst. 2015 35 1 24-45, 2

[18]

Pan K, Teixeira A, Cvetkovic M, and Palensky P Cyber risk analysis of combined data attacks against power system state estimation IEEE Trans. Smart Grid 2019 10 3 3044-3056, 5

[19]

Wu, W., Kang, R., Li, Z.: Risk assessment method for cybersecurity of cyber-physical systems based on inter-dependency of vulnerabilities. In: IEEE international conference on industrial engineering and engineering management, vol. 2016-January. IEEE Computer Society, 1, pp. 1618–1622 (2016)

[20]

Chopade, P., Bikdash, M.: Critical infrastructure interdependency modeling: using graph models to assess the vulnerability of smart power grid and SCADA networks. In: 2011 8th international conference and expo on emerging technologies for a smarter world, CEWIT 2011 (2011)

[21]

Davis KR, Davis CM, Zonouz SA, Bobba RB, Berthier R, Garcia L, and Sauer PW A cyber–physical modeling and assessment framework for power grid infrastructures IEEE Trans. Smart Grid 2015 6 5 2464-2475, 9

[22]

Bargiela, A., Irving, M.R., Sterling, M.J.H.: Observability determination in power system state estimation using a network flow technique. Technical Reports 2 (1986)

[23]

Tantawy, A., Erradi, A., Abdelwahed, S., Shaban, K.: Model-based risk assessment for cyber physical systems security. 5 (2020). arXiv:2005.13738.

[24]

Ten CW, Liu CC, and Manimaran G Vulnerability assessment of cybersecurity for SCADA systems IEEE Trans. Power Syst. 2008 23 4 1836-1846

[25]

Wang Yn, Lin Zy, Liang X, Xu Wy, Yang Q, and Yan Gf On modeling of electrical cyber–physical systems considering cyber security Front. Inf. Technol. Electron. Eng. 2016 17 5 465-478, 5

[26]

Barrère, M., Hankin, C., Nicolau, N., Eliades, D.G., Parisini, T.: Identifying security-critical cyber–physical components in industrial control systems. 5 (2019). arXiv:1905.04796

[27]

Ahmad, A., Rizvi, M.A., Al-Lawati A., Mohammed, I., Malik, A.S.: Development of a MATLAB tool based on graph theory for evaluating reliability of complex mechatronic systems. In: 2015 IEEE 8th GCC conference and exhibition, GCCCE 2015. Institute of Electrical and Electronics Engineers Inc., 3 (2015)

[28]

Christie, R.: Power systems test case archive. 1. http://labs.ece.uw.edu/pstca/

[29]

Zimmerman RD, Murillo-Sánchez CE, and Thomas RJ MATPOWER: steady-state operations, planning, and analysis tools for power systems research and education IEEE Trans. Power Syst. 2011 26 1 12-19

[30]

Adepu, S., Kandasamy, N.K., Mathur, A.: EPIC: an electric power testbed for research and training in cyber physical systems security physical layer security for cyber physical systems. Technical Reports (2018). https://itrust.sutd.edu.sg/testbeds/electric-power-intelligent-control-epic/

Cited By

Rekeraho ACotfas DCotfas PBălan TTuyishime EAcheampong R(2024)Cybersecurity challenges in IoT-based smart renewable energyInternational Journal of Information Security10.1007/s10207-023-00732-923:1(101-117)Online publication date: 1-Feb-2024
https://dl.acm.org/doi/10.1007/s10207-023-00732-9

Recommendations

Switching and Data Injection Attacks on Stochastic Cyber-Physical Systems: Modeling, Resilient Estimation, and Attack Mitigation
Special Issue on the Internet of Things: Part 1

In this article, we consider the problem of attack-resilient state estimation, that is, to reliably estimate the true system states despite two classes of attacks: (i) attacks on the switching mechanisms and (ii) false data injection attacks on actuator ...
Hardware Moving Target Defenses against Physical Attacks: Design Challenges and Opportunities
MTD'22: Proceedings of the 9th ACM Workshop on Moving Target Defense

The concept of moving target defense (MTD) has entrenched itself as a viable strategy to reverse the typical asymmetries in cyber warfare. MTDs are technologies that seek to make target systems dynamically change in order to limit the time and ...
Moving Target Defense Against Injection Attacks
Algorithms and Architectures for Parallel Processing
Abstract
With the development of network technology, web services become more convenient and popular. However, web services are also facing serious security threats, especially SQL injection attack(SQLIA). Due to the diversity of attack techniques and the ...

Comments

Information & Contributors

Information

Published In

cover image International Journal of Information Security

International Journal of Information Security Volume 22, Issue 3

Jun 2023

200 pages

ISSN:1615-5262

EISSN:1615-5270

Issue’s Table of Contents

© The Author(s) 2022.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 02 November 2022

Author Tags

Qualifiers

Research-article

Funding Sources

ESRC
Engineering and Physical Sciences Research Council
Italian Ministry for Research

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Rekeraho ACotfas DCotfas PBălan TTuyishime EAcheampong R(2024)Cybersecurity challenges in IoT-based smart renewable energyInternational Journal of Information Security10.1007/s10207-023-00732-923:1(101-117)Online publication date: 1-Feb-2024
https://dl.acm.org/doi/10.1007/s10207-023-00732-9

View Options

View options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents