Research On Cybersecurity Risk Analysis Method For Power Cyber-Physical System

With the rapid advancement of smart gird related technology,especially information and communication technology(ICT),more and more complex components are integrated into the power infrastructure,in which cyber system and physical system are closely interdependent to each other.As a critical infrastructure in national construction and people's living,power system is facing more and more cybersecurity threats for the sake of political,military and economic interests.Considering that power system is cross-regionally distributed and uninterruptable,cyber-attack experiments based on the cyber facilities of real-world power system are infeasible.So the potential cybersecurity risk resulting from cyber-attack against power cyber-physical system(CPS)can only be studied by means of modeling or test bed simulation.A CPS includes two types of systems which are essentially different from each other,i.e.discrete cyber system and continuous physical system.However,at the functional level,there are close interactions and interdependency between cyber system and physical system.In this paper,firstly,a hyper-network model of substation automation system(SAS),a critical component of power CPS,is established.Based on the analysis of the logical function structure of SAS,a mapping from information flow path to logical nodes and physical devices is established.It realizes the comprehensive modeling of the cyber side and physical side of SAS.The centrality method in graph and hypergraph theory is adopted to identify the critical elements in logical function structure of SAS effectively.Then,the method,principle,procedures and paths of cyber-attack against SAS are introduced and analyzed.Also,the cyber-security countermeasures that can be taken by the operators of power grid are also discussed.From the perspective of the attacker and defender,a probability model of successful cyber-attack is established.The optimal strategy of the attacker is obtained by solving the Markov Decision Process(MDP)model.In addition,the evolution mode of the impact on the complex power system after a successful cyber-attack is analyzed,which explains the impact mechanism of the data attack against the power CPS from the micro level.Finally,a cybersecurity risk assessment framework of power CPS is established by quantifying the impact on physical systems resulting from attack against cyber infrastructure.This evaluation framework can quantify cybersecurity risk from a macro perspective,and provide operators(i.e.defenders)with technical suggestions on defense decisions and establishment of security mechanisms.In one word,based on hyper-network modeling and analysis of SAS,this paper carries out research work from the aspects of analysis of target under attack,selection of attack objects,methods and principles of cyber-attack,and decision-making method during attack process,etc.Based on the research above,a comprehensive evaluation framework of cybersecurity for power CPS under cyber-attacks is established,which aims to provide scientific and reasonable support on the development of cybersecurity strategies,and the design and maintenance of ICT systems of power system.The work is detailed listed as below:(1)Modeling of logical structure of SAS based on the modified hypergraph.Firstly,the general definition of power CPS is given,and the structure of power CPS is analyzed from various perspectives.Based on the structure analysis of power CPS above,the logical structure of SAS,which is an important component of power CPS,is deeply analyzed.Also the popular study methods of hyper-network theory are introduced,among which the hypergraph theory is a relatively complete theoretical system.Then the definition of modified hypergraph is proposed.Based on IEC 61850 series standards,the logical structure of SAS is re-modeled from the modified hypergraph perspective.The new model provides a foundation for the analysis and evaluation of the cybersecurity of power CPS with the substation under data attack in the following chapters.(2)An identification method of critical elements in SAS based on modified hypergraph.Considering that a power CPS is a complex system with multiple sub-systems,complex structure and varieties of data types,a method of identifying critical elements of SAS based on hyper-network theory is proposed.In this method,SAS logical topology analysis based on its graph model is carried out firstly.Then some centrality indexes suitable for describing SAS logical structure are selected and re-defined in hypergraph theory.After the selected centrality indexes are applied to the modified hypergraph model of SAS established above,the comparative results of logical nodes in the two models according to the selected centrality indexes are given and analyzed.In addition,some other indexes,such as SAS efficiency and power CPS efficiency loss,are put forward to evaluate the impact when some logical nodes are under abnormal operation state.Finally,a IEEE 14-bus system is used as a case study.The method proposed not only considers the impact on the cyber system functions resulting from abnormal operational state of logical nodes,but also takes into account the possible load losses of physical system.The identification results of critical logical nodes can provide preliminary guidance for vulnerability analysis,planning of system maintenance and upgrade for power CPS.(3)A decision-making method of cyber-attack and defense in substation based on Markov decision process(MDP).Considering that the cyber defense of substation plays an important role in the cybersecurity of power grid,a modeling method of substation cyber-attack and defense strategy based on MDP is proposed.Firstly,the methods,principles and procedures of cyber-attacks is deeply analyzed.In addition,the role of each step in a successful attack is discussed.Then,based on the probability theory,a successful cyber intrusion probability model is established from the perspective of attackers and defenders respectively.Finally,after the possible attack path against the target SAS is obtained,a Markov decision process(MDP)model is established,in which the attacker selects his action strategy trying to intrude the cyber system successfully while the defender tries his best to protect it.This method takes into account the cybersecurity characteristics of the target substation and the technical capabilities of both attacker and defender.By solving the MDP model,the optimal action strategy of the attacker is obtained,which can provide the foundation for the establishment of the cybersecurity risk assessment framework of power CPS.(4)A new evaluation framework and calculation method for cybersecurity risk assessment of power CPS.In view of the situation that cybersecurity experiments cannot be carried out on the real-world power system,a new evaluation framework and calculation method of cybersecurity risk assessment of power CPS are proposed based on the discussions above.This method takes into account the complexity of structure of power CPS,the interdependence and close coupling between cyber and physical systems,as well as the impact of cyber-attacks against SAS on power system.Firstly,the probability model and impact evaluation model of security events are established.Then,the evolution process of cybersecurity events in data jamming attack and tampering attack scenarios is analyzed.Finally,the cybersecurity risk assessment framework and calculation process are present.Based on the analysis of the propagation mechanism of security risks between cyber and physical system which are interdependent,this method considers the probability of a successful cyber intrusion and the subsequent impact on physical systems.It is a scientific and comprehensive framework for cybersecurity risk assessment of power CPS through the quantitatively modeling of cybersecurity threats and the direct or indirect impacts propagation process.