TY - JOUR
T1 - SCPSE
T2 - Security-oriented cyber-physical state estimation for power grid critical infrastructures
AU - Zonouz, Saman
AU - Rogers, Katherine M.
AU - Berthier, Robin
AU - Bobba, Rakesh B.
AU - Sanders, William H.
AU - Overbye, Thomas J.
N1 - Funding Information:
Manuscript received October 16, 2011; revised April 23, 2012; accepted August 25, 2012. Date of publication December 11, 2012; date of current version December 28, 2012. This work was supported by the Department of Energy under Award DE-OE0000097. Paper no. TSG-00578-2011.
PY - 2012
Y1 - 2012
N2 - Preserving the availability and integrity of the power grid critical infrastructures in the face of fast-spreading intrusions requires advances in detection techniques specialized for such large-scale cyber-physical systems. In this paper, we present a security-oriented cyber-physical state estimation (SCPSE) system, which, at each time instant, identifies the compromised set of hosts in the cyber network and the maliciously modified set of measurements obtained from power system sensors. SCPSE fuses uncertain information from different types of distributed sensors, such as power system meters and cyber-side intrusion detectors, to detect the malicious activities within the cyber-physical system. We implemented a working prototype of SCPSE and evaluated it using the IEEE 24-bus benchmark system. The experimental results show that SCPSE significantly improves on the scalability of traditional intrusion detection techniques by using information from both cyber and power sensors. Furthermore, SCPSE was able to detect all the attacks against the control network in our experiments.
AB - Preserving the availability and integrity of the power grid critical infrastructures in the face of fast-spreading intrusions requires advances in detection techniques specialized for such large-scale cyber-physical systems. In this paper, we present a security-oriented cyber-physical state estimation (SCPSE) system, which, at each time instant, identifies the compromised set of hosts in the cyber network and the maliciously modified set of measurements obtained from power system sensors. SCPSE fuses uncertain information from different types of distributed sensors, such as power system meters and cyber-side intrusion detectors, to detect the malicious activities within the cyber-physical system. We implemented a working prototype of SCPSE and evaluated it using the IEEE 24-bus benchmark system. The experimental results show that SCPSE significantly improves on the scalability of traditional intrusion detection techniques by using information from both cyber and power sensors. Furthermore, SCPSE was able to detect all the attacks against the control network in our experiments.
KW - Cyber-physical systems
KW - intrusion detection
KW - maliciously corrupted data detection
KW - security-state estimation
UR - http://www.scopus.com/inward/record.url?scp=84872095646&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84872095646&partnerID=8YFLogxK
U2 - 10.1109/TSG.2012.2217762
DO - 10.1109/TSG.2012.2217762
M3 - Article
AN - SCOPUS:84872095646
SN - 1949-3053
VL - 3
SP - 1790
EP - 1799
JO - IEEE Transactions on Smart Grid
JF - IEEE Transactions on Smart Grid
IS - 4
M1 - 6376274
ER -