Abstract
Electric power supply is an essential component for several sectors including manufacturing, healthcare, building management, water distribution, and transportation systems. Hence, any interruption in electric power is likely to have an undesirable impact on the overall operation of any residential or commercial ecosystem. The serious impacts of power supply interruption attacks have been realized in the recent cyber incidents such as the Ukraine power blackout. It is also evident from recent incidents that both network and process vulnerabilities are crucial for an adversary to cause an adverse impact on the operation. This paper reports an investigation into power supply interruption and malicious power generation attacks focusing on process and network vulnerabilities. The investigation was conducted in two steps: First, a vulnerability assessment was conducted on a fully operational electric power testbed. Next, the vulnerabilities discovered were exploited to perform different types of power supply interruption attacks and malicious power generation attacks. The attacks were executed using control code modification and SMA, a PV converter manufacturer, portal manipulation. The attacks reported here are useful for researchers and smart-grid operators to design and develop effective protection, detection, and response mechanisms.
Similar content being viewed by others
Notes
Malicious power generation can subsequently lead to accelerated aging and hence possible power supply interruption. Hence, we have considered it as a stealthy way of achieving power supply interruption.
Generic Object Oriented Substation Events.
Manufacturing Message Specification.
CoDeSys is a development environment for programming controllers such as WAGO PLCs.
The proportion of power sharing could be different, i.e., 60-40, but the logic remains unchanged.
Synchronization is carried out for incoming generators to ensure that the voltage, frequency, and phase angle of the incoming generator are same as those of the existing generators.
An inverse relationship exists between the percentage of overload and tripping time, i.e., the higher the overload, the shorter will be the tripping time.
We did not increase the speed owing to safety concerns; the attack was executed in reverse logic.
Synchronization is carried out for incoming generators to ensure that the voltage, frequency, and phase angle of the incoming generators are the same as the existing generators.
References
Adepu, S., Kandasamy, N.K., Mathur, A.: EPIC: an electric power testbed for research and training in cyber physical systems security. In: Computer Security, pp. 37–52. Springer, Cham (2018)
Adepu, S., Mathur, A.: Generalized attacker and attack models for cyber-physical systems. In: Proceedings of the 40th International Computers, Software and Applications Conference, pp. 283–292. IEEE (2016)
Adepu, S., Mathur, A.: Using process invariants to detect cyber attacks on a water treatment system. In: Proceedings of the 31st International Conference on ICT Systems Security and Privacy Protection—IFIP SEC, pp. 91–104. Springer, New York (2016)
Adepu, S., Mathur, A.: Assessing the effectiveness of attack detection at a hackfest on industrial control systems. IEEE Trans. Sustain. Comput. 1(1), 1–14 (2018)
Adepu, S., Mathur, A.: Distributed attack detection in a water treatment plant: method and case study. IEEE Trans. Dependable Secure Comput. (2018)
Adepu, S., Prakash, J., Mathur, A.: Waterjam: an experimental case study of jamming attacks on a water treatment system. In: IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C), pp. 341–347. IEEE (2017)
Alcaraz, C., Lopez, J.: Wasam: a dynamic wide-area situational awareness model for critical domains in smart grids. Future Gen. Comput. Syst. 30, 146–154 (2014)
Alcaraz, C., Lopez, J., Choo, K.-K.R.: Resilient interconnection in cyber-physical control systems. Comput. Secur. 71, 2–14 (2017)
Amadi, H.N.: Impact of power outages on developing countries: evidence from rural households in Niger Delta, Nigeria. J. Energy Technol. Policy 5(3), 27–38 (2015)
Cárdenas, A.A., Amin, S., Lin, Z.-S., Huang, Y.-L., Huang, C.-Y., Sastry, S.: Attacks against process control systems: risk assessment, detection, and response. In: Proceedings of the 6th ASIACCS, pp. 355–366 (2011)
Chattopadhyay, A., Ukil, A., Jap, D., Bhasin, S.: Towards threat of implementation attacks on substation security: case study on fault detection and isolation. IEEE Trans. Ind. Inform. 14(6), 2442–2451 (2018)
Cintuglu, M.H., Mohammed, O.A., Akkaya, K., Uluagac, A.S.: A survey on smart grid cyber-physical system testbeds. IEEE Commun. Surv. Tutor. 19(1), 446–464 (2017)
CODESYS: CODESYS- industrial IEC 61131-3 PLC programming. https://www.codesys.com/ (2018). Accessed 1 July 2019
CVE-2017-0144: Windows SMB remote code execution vulnerability. https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0144 (2017). Accessed 1 July 2019
FitzPatrick, G.J., Wollman, D.A.: NIST interoperability framework and action plans. In: Power and Energy Society General Meeting, pp. 1–4. IEEE (2010)
Formby, D., Walid, A., Beyah, R.: A case study in power substation network dynamics. Proc. ACM Meas. Anal. Comput. Syst. 1(1), 19 (2017)
Gamage, T., McMillin, B., Roth, T.: Enforcing information flow security properties in cyber-physical systems: a generalized framework based on compensation. In: IEEE 34th Annual Computer Software and Applications Conference Workshops (COMPSACW), pp. 158 –163, July 2010
Govil, N., Agrawal, A., Tippenhauer, N.O.: On ladder logic bombs in industrial control systems. CoRR (2017)
Greenwald, P.W., Rutherford, A.F., Green, R.A., Giglio, J.: Emergency department visits for home medical device failure during the 2003 North America blackout. Acad. Emerg. Med. 11(7), 786–789 (2004)
Hernandez, M., Ramos, G.A., Lwin, M., Siratarnsophon, P., Santoso, S.: Embedded real-time simulation platform for power distribution systems. IEEE Access 6, 6243–6256 (2017)
Homeland Security: DHS common cybersecurity vulnerabilities in ICS. https://ics-cert.us-cert.gov/sites/default/files/recommended_practices/DHS_Common_Cybersecurity_Vulnerabilities_ICS_2010.pdf
Huang, K., Zhou, C., Tian, Y.-C., Yang, S., Qin, Y.: Assessing the physical impact of cyber-attacks on industrial cyber-physical systems. IEEE Trans. Ind. Electron. 65(10), 8153–8162 (2018)
ICS-CERT Advisories: https://ics-cert.us-cert.gov/advisories. Accessed 1 July 2019
Islam, M.A., Ren, S., Wierman, A.: Exploiting a thermal side channel for power attacks in multi-tenant data centers. In: Proceedings of the 2017 ACM SIGSAC, CCS ’17, pp. 1079–1094 (2017)
Kandasamy, N.K., Tseng, K.J., Boon-Hee, S.: Virtual storage capacity using demand response management to overcome intermittency of solar PV generation. IET Renew. Power Gen. 11(14), 1741–1748 (2017)
Kasper Sky: Industrial control systems vulnerabilities statistics. https://kasperskycontenthub.com/securelist/files/2016/07/KL_REPORT_ICS_Statistic_vulnerabilities.pdf. Accessed 1 July 2019
Kriaa, S., Pietre-Cambacedes, L., Bouissou, M., Halgand, Y.: A survey of approaches combining safety and security for industrial control systems. Reliab. Eng. Syst. Saf. 139, 156–178 (2015)
Kwon, C., Liu, W., Hwang, I.: Security analysis for cyber-physical systems against stealthy deception attacks. In: ACC, pp. 3344–3349 (2013)
Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9(3), 49–51 (2011)
Lee, E.A.: Cyber physical systems: design challenges. In: 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC), pp. 363–369. IEEE (2008)
Lin, H., Slagell, A., Kalbarczyk, Z., Sauer, P., Iyer, R.: Runtime semantic security analysis to detect and mitigate control-related attacks in power grids. IEEE Trans. Smart Grid 9(1), 163–178 (2018)
Lin, Q., Adepu, S., Verwer, S., Mathur, A.: Tabor: a graphical model-based approach for anomaly detection in industrial control systems. In: Proceedings of the AsiaCCS, pp. 525–536. ACM, Korea (2018)
Lipovsky, R.: New wave of cyber attacks against Ukrainian power industry. http://www.welivesecurity.com/2016/01/11 (2016). Accessed 1 July 2019
Liu, Y., Ning, P., Reiter, M.: False data injection attacks against state estimation in electric power grids. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 21–32 (2009)
Lopez, J., Alcaraz, C., Roman, R.: Smart control of operational threats in control substations. Comput. Secur. 38, 14–27 (2013)
Lopez, J., Rubio, J.E., Alcaraz, C.: A resilient architecture for the smart grid. IEEE Trans. Ind. Inform. 14(8), 3745–3753 (2018)
Mackiewicz, R.: Overview of IEC 61850 and benefits. In: Power Systems Conference and Exposition, 2006. PSCE’06. 2006 IEEE PES, pp. 623–630 (2006)
McDaniel, P., McLaughlin, S.: Security and privacy challenges in the smart grid. IEEE Secur. Priv. 7, 75–77 (2009)
Meliopoulos, A.S., Cokkinides, G., Fan, R., Sun, L.: Data attack detection and command authentication via cyber-physical comodeling. IEEE Des. Test 34(4), 34–43 (2017)
Mitchell, R., Chen, I.-R.: A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surv. (CSUR) 46(4), 55 (2014)
MITRE: CVE-2012-6068. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6068 (2012). Accessed 1 July 2019
MITRE: CVE-2016-2509. https://cve.circl.lu/cve/CVE-2016-2509 (2016). Accessed 1 July 2019
MITRE: NVD-CVE-2016-7406. https://nvd.nist.gov/vuln/detail/CVE-2016-7406 (2016). Accessed 1 July 2019
MITRE: NVD-CVE-2016-7407. https://nvd.nist.gov/vuln/detail/CVE-2016-7407 (2016). Accessed 1 July 2019
MITRE: NVD-CVE-2016-7408. https://nvd.nist.gov/vuln/detail/CVE-2016-7408 (2016). Accessed 1 July 2019
MITRE: NVD-CVE-2016-7409. https://nvd.nist.gov/vuln/detail/CVE-2016-7409 (2016). Accessed 1 July 2019
MITRE: CVE-2018-5461. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5461 (2018). Accessed 1 July 2019
MITRE: CVE-2018-5465. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5465 (2018). Accessed 1 July 2019
MITRE: CVE-2018-5467. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5467 (2018). Accessed 1 July 2019
MITRE: CVE-2018-5469. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5469 (2018). Accessed 1 July 2019
MITRE: CVE-2018-5471. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5471 (2018). Accessed 1 July 2019
Nakashima, E., Timberg, C.: NSA officials worried about the day its potent hacking tool would get loose. Washington Post. https://www.washingtonpost.com/business/technology/nsa-officials-worried-about-the-day-its-potent-hacking-tool-would-get-loosethen-it-did/2017/05/16/50670b16-3978-11e7-a058-ddbb23c75d82_story.html (2017). Accessed 1 July 2019
PCvue: Versatile HMI-SCADA software. https://www.pcvuesolutions.com/index.php/products-a-technology/pcvue-hmiscada-48583 (2018). Accessed 1 July 2019
Poudineh, R., Jamasb, T.: Electricity supply interruptions: sectoral interdependencies and the cost of energy not served for the scottish economy. Energy J. 38(1), 51–76 (2017)
Pourbabak, H., Chen, T., Zhang, B., Su, W.: Control and energy management system in microgrids. arXiv preprint arXiv:1705.10196 (2017)
Qi, J., Hahn, A., Lu, X., Wang, J., Liu, C.-C.: Cybersecurity for distributed energy resources and smart inverters. IET Cyber Phys. Syst. Theory Appl. 1(1), 28–39 (2016)
Reaves, B., Morris, T.: An open virtual testbed for industrial control system security research. Int. J. Inf. Secur. 11(4), 215–229 (2012)
Rogers, K.M., et al.: An authenticated control framework for distributed voltage support on the smart grid. IEEE Trans. Smart Grid 1, 40–47 (2010)
Saadat, H.: Power Systems Analysis of Mcgraw-Hill Series in Electrical and Computer Engineering. McGraw-Hill, New York (2002)
Schmidthaler, M., Reichl, J.: Assessing the socio-economic effects of power outages ad hoc. Comput. Sci. Res. Dev. 31(3), 157–161 (2016)
Shrivastava, S., Adepu, S., Mathur, A.: Design and assessment of an orthogonal defense mechanism for a water treatment facility. Robot. Autonom. Syst. 101, 114–125 (2018)
SMA: SMA-portal (2019). https://www.sunnyportal.com/. Accessed 1 July 2019
Sridhar, S., Govindarasu, M.: Model-based attack detection and mitigation for automatic generation control. IEEE Trans. Smart Grid 5(2), 580–591 (2014)
Stamp, M.: Information Security: Principles and Practice. Wiley, New York (2011)
Taljegard, M.: The impact of an electrification of road transportation on the electricity system in Scandinavia. Ph.D. thesis, Department of Space, Earth and Environment, Chalmers University of Technology (2017)
Tan, R., Badrinath Krishna, V., Yau, D.K., Kalbarczyk, Z.: Impact of integrity attacks on real-time pricing in smart grids. In: Proceedings of the 2013 ACM CCS, pp. 439–450. ACM (2013)
Tan, R., Nguyen, H.H., Foo, E.Y., Yau, D.K., Kalbarczyk, Z., Iyer, R.K., Gooi, H.B.: Modeling and mitigating impact of false data injection attacks on automatic generation control. IEEE TIFS 12(7), 1609–1624 (2017)
Ten, C.-W., Yamashita, K., Yang, Z., Vasilakos, A., Ginter, A.: Impact assessment of hypothesized cyberattacks on interconnected bulk power systems. IEEE Trans. Smart Grid 9(5), 4405–4425 (2018)
WAGO: Wago programmable logic controllers. http://www.wago.us/products/components-for-automation/modular-io-system-ip-20-750753-series/plc/overview/ (2009). Accessed 1 July 2019
Yuan, Y., Li, Z., Ren, K.: Modeling load redistribution attacks in power systems. IEEE Trans. Smart Grid 2(2), 382–390 (2011)
Zhang, Y., et al.: Inclusion of SCADA cyber vulnerability in power system reliability assessment considering optimal resources allocation. IEEE Trans. Power Syst. 31(6), 4379–4394 (2016)
Zimba, A., Wang, Z., Chen, H.: Multi-stage crypto ransomware attacks: a new emerging cyber threat to critical infrastructure and industrial control systems. ICT Express 4(1), 14–18 (2018)
Acknowledgements
This work was supported by the National Research Foundation (NRF), Prime Minister’s Office, Singapore, under its National Cybersecurity R&D Programme (Award No. NRF2014NCR-NCR001-040), and administered by the National Cybersecurity R&D Directorate. The Electric Power and Intelligent Control (EPIC) testbed was made possible through funding from Ministry of Defence, Singapore, NRF, and the SUTD-MIT International Design Centre (IDC).
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Ethical approval
We did not use animals and Human participants in the study reported in this work.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Adepu, S., Kandasamy, N.K., Zhou, J. et al. Attacks on smart grid: power supply interruption and malicious power generation. Int. J. Inf. Secur. 19, 189–211 (2020). https://doi.org/10.1007/s10207-019-00452-z
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-019-00452-z