تشخیص و حذف تاثیر یک حمله سایبری ترکیبی به سیستم کنترل خودکار تولید
محورهای موضوعی : مهندسی برق و کامپیوترتینا حاجیعبداله 1 , حسین سیفی 2 * , سید حامد دلخوش اباتری 3
1 - دانشگاه تربیت مدرس،دانشكده مهندسي برق و كامپيوتر
2 - دانشگاه تربیت مدرس،دانشكده مهندسي برق و كامپيوتر
3 - تربیت مدرس،دانشكده مهندسي برق و كامپيوتر
کلید واژه: حمله تأخیر, حمله تزریق دادههای اشتباه, حمله سایبری ترکیبی, دفاع سایبری, فیلتر کالمن, کنترل خودکار تولید,
چکیده مقاله :
پیشرفتهای اخیر در سیستمهای نظارت و کنترل شبکههای قدرت، نیازمند زیرساخت مخابراتی برای ارسال و دریافت دادههای اندازهگیری و فرامین کنترلی است. این تعاملات سایبری-فیزیکی، علیرغم افزایش کارایی و قابلیت اطمینان، شبکههای قدرت را در معرض حملات سایبری قرار داده است. سیستم کنترل خودکار تولید (AGC)، یکی از مهمترین حلقههای کنترلی شبکه قدرت است که نیازمند زیرساخت مخابراتی بوده و بسیار مورد توجه حملهکنندگان سایبری قرار گرفته است؛ زیرا یک حمله موفق به سیستم AGC، نه تنها تأثیر مستقیمی بر فرکانس سیستم دارد، بلکه میتواند پایداری و عملکرد اقتصادی شبکه برق را نیز تحت تأثیر قرار دهد. لذا، آشنایی با تاثیر حملات سایبری به AGC و تبیین راهکارهایی بهمنظور دفاع در برابر آنها دارای ضرورت و اهمیت تحقیقاتی است. در غالب تحقیقات صورتگرفته در حوزه حمله-دفاع سیستم AGC، از محدودیتهای سیستم AGC نظیر باند راکد گاورنر و تاخیر انتقال شبکه مخابراتی در مدلسازی چشمپوشی شده است. از طرفی، تاکنون درنظرگرفتن همزمان دو حمله سایبری مختلف به سیستم AGC و ارائه روشی به منظور دفاع در برابر آنها مورد بررسی واقع نشده است. در این مقاله، با توجه به کمبودهای پژوهشهای پیشین، ضمن استفاده از مدل بهبودهیافته AGC شامل باند راکد گاورنر و تاخیر انتقال شبکه مخابراتی، به بررسی تأثیر دو حمله تزریق دادههای اشتباه (FDI) و تأخیر که از مهمترین حملات سایبری به سیستم AGC هستند و همچنین، تأثیر همزمان این دو حمله تحت عنوان حمله سایبری ترکیبی، پرداخته شده است. روش دفاع سهمرحلهای مبتنی بر فیلتر کالمن بهمنظور تشخیص، تخمین و حذف تاثیر حمله پیشنهاد شده و کارآیی آن بر روی سیستم AGC دوناحیهای مورد آزمایش قرار گرفته است.
Recent advances in power system monitoring and control require communication infrastructure to send and receive measurement data and control commands. These cyber-physical interactions, despite increasing efficiency and reliability, have exposed power systems to cyber attacks. The Automatic Generation Control (AGC) is one of the most important control systems in the power system, which requires communication infrastructure and has been highly regarded by cyber attackers. Since a successful attack on the AGC, not only has a direct impact on the system frequency, but can also affect the stability and economic performance of the power system. Therefore, understanding the impact of cyber attacks on AGC and developing strategies to defend against them have necessity and research importance. In most of the research in the field of attack-defense of AGC, the limitations of AGC in modeling such as governor dead band and communication network transmission delay have been ignored. On the other hand, considering two cyber attacks on the AGC and proposing a way to defend against them simultaneously, have not been considered. In this paper, while using the improved AGC model including governor dead band and communication network transmission delay, the effect of two attacks - data injection attack (FDI) and delay attack which are the most important cyber attacks on AGC - has been investigated. Also, the simultaneous effect of these two attacks is discussed as a combined cyber attack. The Kalman filter-based three-step defense method has been proposed to detect, estimate and mitigate the impact of the attacks and its effectiveness has been tested on the two-area AGC system.
[1] X. Wang, X. Luo, M. Zhang, Z. Jiang, and X. Guan, "Detection and isolation of false data injection attacks in smart grid via unknown input interval observer," IEEE Internet of Things Journal, vol. 7, no. 4, pp. 3214-3229, Apr. 2020.
[2] A. J. E. Dagoumas, "Assessing the impact of cybersecurity attacks on power systems," Energies, vol. 12, no. 4, Article ID: 12040725, 2019.
[3] G. Wu, J. Sun, and J. Chen, "Optimal data injection attacks in cyber-physical systems," IEEE Trans. on Cybernetics, vol. 48, no. 12, pp. 3302-3312, Dec. 2018.
[4] A. M. Mohan, N. Meskin, and H. J. E. Mehrjerdi, "A comprehensive review of the cyber-attacks and cyber-security on load frequency control of power systems," Energies, vol. 13, no. 15, Article ID: 13153860, 2020.
[5] S. Sridhar and G. Manimaran, "Data integrity attacks and their impacts on SCADA control system," in Proc. IEEE PES General Meeting, 6 pp., Minneapolis, MN, USA, 25-29 Jul. 2010.
[6] S. Sridhar and M. Govindarasu, "Model-based attack detection and mitigation for automatic generation control," IEEE Trans. on Smart Grid, vol. 5, no. 2, pp. 580-591, Mar. 2014.
[7] L. Shi, L. Xie, and R. Murray, "Kalman filtering over a packet-delaying network: a probabilistic approach," Automatica, vol. 45, no. 9, pp. 2134-2140, Sept. 2009.
[8] S. Akhlaghi, N. Zhou, and Z. Huang, "A multi-step adaptive interpolation approach to mitigating the impact of nonlinearity on dynamic state estimation," IEEE Trans.on Smart Grid, vol. 9, no. 4, pp. 3102-3111, Jul. 2016.
[9] M. Khalaf, A. Youssef, and E. El-Saadany, "Joint detection and mitigation of false data injection attacks in AGC systems," IEEE Trans. on Smart Grid, vol. 10, no. 5, pp. 4985-4995, Sept. 2018.
[10] A. Ayad, M. Khalaf, and E. El-Saadany, "Detection of false data injection attacks in automatic generation control systems considering system nonlinearities," in Proc. IEEE Electrical Power and Energy Conf., EPEC'18, 6 pp. Toronto, Canada, 10-11 Oct. 2018.
[11] F. Hou and J. Sun, "Fasle data injection attacks in cyber-physical systems based on inaccurate model," in Proc. 43rd Proc. Annual Conf. of the IEEE Industrial Electronics Society, IECON'17, pp. 5791-5796, Beijing, China, 29 Oct.-1 Nov. 2017.
[12] A. Ameli, A. Hooshyar, E. F. El-Saadany, and A. Youssef, "Attack detection and identification for automatic generation control systems," IEEE Trans. on Power Systems, vol. 33, no. 5, pp. 4760-4774, Sept. 2018.
[13] C. Chen, K. Zhang, K. Yuan, L. Zhu, and M. Qian, "Novel detection scheme design considering cyber attacks on load frequency control," IEEE Trans. on Industrial Informatics, vol. 14, no. 5, pp. 1932-1941, May 2017.
[14] A. Sargolzaei, A. Abbaspour, M. A. Al Faruque, A. S. Eddin, and K. Yen, "Security challenges of networked control systems," In Sustainable Interdependent Networks: Springer, pp. 77-95, 2018.
[15] A. Ashok, P. Wang, M. Brown, and M. Govindarasu, "Experimental evaluation of cyber attacks on automatic generation control using a CPS security testbed," in Proc. IEEE Power & Energy Society General Meeting, 5 pp., Denver, CO, USA, 26-30 Jul. 2015.
[16] R. Tan, et al., "Modeling and mitigating impact of false data injection attacks on automatic generation control," IEEE Trans. on Information Forensics and Security, vol. 12, no. 7, pp. 1609-1624, Jul. 2017.
[17] K. Rahimi, A. Parchure, V. Centeno, and R. Broadwater, "Effect of communication time-delay attacks on the performance of automatic generation control," in Proc. IEEE North American Power Symp., NAPS'15), 6 pp., Charlotte, NC, USA,4-6 Oct. 2015.
[18] A. Sargolzaei, K. K. Yen, M. N. Abdelghani, S. Sargolzaei, and B. Carbunar, "Resilient design of networked control systems under time delay switch attacks, application in smart grid," IEEE Access, vol. 5, pp. 15901-15912, 2017.
[19] X. Yu and K. Tomsovic, "Application of linear matrix inequalities for load frequency control with communication delays," IEEE Trans. on Power Systems, vol. 19, no. 3, pp. 1508-1515, Aug. 2004.
[20] L. Jiang, W. Yao, Q. Wu, J. Wen, and S. Cheng, "Delay-dependent stability for load frequency control with constant and time-varying delays," IEEE Trans. on Power Systems, vol. 27, no. 2, pp. 932-941, May 2011.
[21] A. Sargolzaei, K. K. Yen, and M. N. Abdelghani, "Preventing time-delay switch attack on load frequency control in distributed power systems," IEEE Trans. on Smart Grid, vol. 7, no. 2, pp. 1176-1185, Mar. 2016.
[22] A. Sargolzaei, K. K. Yen, M. N. Abdelghani, A. Mehbodniya, and S. Sargolzaei, "A novel technique for detection of time delay switch attack on load frequency control," Intelligent Control and Automation, vol. 6, no. 4, Article ID: 60844, 9 pp., Nov. 2015.
[23] H. Bevrani, Robust Power System Frequency Control, Springer, 2009.
[24] ب. همایی، "تشخیص حمله سایبری تزریق داده غلط در شبکه برق مبتنی بر PMU با استفاده از فیلتر کالمن،" مجله مهندسی برق دانشگاه تبریز، جلد 49، شماره 4، صص. 1903-1895، اسفند 1398.
[25] M. Khalaf, A. Youssef, and E. El-Saadany, "Detection of false data injection in automatic generation control systems using kalman filter," in Proc. IEEE Electrical Power and Energy Conf., EPEC'17, 6 pp., Saskatoon, Canada, 22-25 Oct. 2017.
[26] B. Safarinejadian and M. Mozaffari, "A new Kalman filter based state estimation method for multi-input multi-output unit time-delay systems," Indian Journal of Science and Technology, vol. 6, no. 3, pp. 4205-4212, Mar. 2013.
[27] S. Wang, S. Bi, and Y. Zhang, "Locational detection of the false data injection attack in a smart grid: a multilabel classification approach," IEEE Internet of Things Journal, vol. 7, no. 9, pp. 8218-8227, Sept. 2020.
[28] ت. حاجیعبداله، طراحی و پیادهسازی یک روش حمله و دفاع سایبری جدید به سیستم کنترل خودکار تولید، پاياننامه كارشناسي ارشد، دانشگاه تربیت مدرس، 1400.