Resilience enhancement of renewable cyber–physical power system against malware attacks

doi:10.1016/j.ress.2022.108830

Reliability Engineering & System Safety

Volume 229, January 2023, 108830

https://doi.org/10.1016/j.ress.2022.108830 Get rights and content

Highlights

•
Malware attacks and renewable energy uncertainty are considered simultaneously in CPPS..
•
Prevention & restoration methods are proposed to enhance the resilience of renewable CPPS.
•
Factors affecting resilience are further discussed to help build resilient renewable CPPS.

Abstract

The widespread application of cyber technologies and Renewable Energy Sources (RESs) has gradually transformed traditional power systems into renewable Cyber–Physical Power Systems (CPPSs), which are increasingly threatened by malware attacks. In this paper, we develop an original and novel simulation framework with consideration of both malware attack process and the uncertainty of RESs to quantitatively analyze the resilience of renewable CPPS. Based on the framework, we consider different stages of the resilience process and propose corresponding prevention and restoration methods to enhance the resilience of the system. The efficacy and applicability of our proposed methods are demonstrated in a test renewable CPPS formed by coupling the IEEE 39 Bus System with a scale-free communication network. Experimental results reveal that accurate RES output forecast and a disassortative communication network can improve the resilience of renewable CPPS against malware attacks.

Introduction

In modern society, the electric power system is one of the most critical infrastructures that closely related to our daily life. Due to the importance of the system, scholars and engineers have been working together over the past few decades to make our power system works more stably, reliably and efficiently. Therefore, a number of pioneering technologies such as sensing, communication and control are developed and integrated in the power system, making it gradually evolves into a Cyber–Physical Power System (CPPS) [1]. The integration of these new technologies makes CPPS more intelligent than the traditional power system, but at the same time, it also increases the system complexity and brings the new problem of cyber attacks, which poses serious challenge to the reliability and safety of the system [2], [3].

Malware attack is a new kind of cyber attack method against CPPS that has emerged in recent years. As CPPS relies heavily on cyber facilities for wide-area monitoring and control [4], this type of attack often leads to catastrophic consequences [5], [6]. The 2015 blackout in Ukraine [7], for example, was a typical result of such attack, in which hackers forcibly disconnected circuit breakers of the country’s power system by implanting malware in its communication network, resulting in thousands of customers to be deprived of power supply. Since the Ukraine case, malware attacks have been a hot topic in CPPS research. In Ref. [8], Zhang et al. proposed a stochastic state transition model to characterize the malware-induced cascading failures in CPPS, and on this basis they studied the failure propagation patterns in the system. In Ref. [9], Wang et al. analyzed the interaction between malware propagation in the communication network and failure propagation in the power network, and then proposed an interactive cascading failure model to simulate malware attacks in CPPS. Based on these works, the effect of malware incubation period was analyzed in [10] and an optimal coupling strategy was proposed in [11] to further improve the robustness of CPPS. The above works established a fundamental framework for analyzing malware attacks in CPPS, however, most of them only concentrate on modeling the malware attack process, while prevention and restoration methods for such attacks are neglected.

In reality, prevention and restoration methods are a critical part of building a reliable CPPS, enabling the system to obtain the ability to bounce back from malware-caused damage and maintain essential services. In the field of reliability engineering, such ability is called resilience, which refers to the capability of a system to withstand, accommodate and recover from disruptions [12], [13]. Specific to the resilience of power systems, there are a lot of studies that have been conducted. For instance, Senkel et al. [14] developed a simulation framework incorporating the intrinsic dynamics of the power system to assess its resilience. Shen et al. [15] studied the key factors affecting power system’s resilience and found that the power system is less resilient in more urbanized areas. Additionally, in terms of resilience-enhancing methods, Zhang et al. [16] developed a double-loop optimization method to help power systems better recover from external attacks. Jalilpoor et al. [17] developed a two-stage optimization method to strengthen and optimize the configuration of power system components. Wu et al. [18] established a defense–attack–recovery tri-level game optimization method to allocate defensive and restorative resources against consecutive attacks. However, all the above studies are about standalone power systems, which cannot well characterize the CPPS.

Regarding the resilience of CPPS, the interdependence between the power network and the communication network is a key factor to be considered. In the literature, Ouyang et al. [19] and Almoghathawi et al. [20] studied cascading failures in interdependent power infrastructures and proposed joint restoration strategies to reinforce the resilience of the system. Mana et al. [21] presented a co-simulation model that took into account the operational mechanisms of both power and communication networks to evaluate the impact of different communication technologies on CPPS resilience. Similarly, Wu et al. [22] modeled the cascading failures in CPPS and optimized the repair sequence of the power and communication components to achieve a better recovery of the entire system. The aforementioned works are insightful, however, most of them only focus on studying one aspect of the resilience process (i.e., recovery), lacking a holistic and systematic approach. Furthermore, when considering malware attacks, to the best of the authors’ knowledge, the resilience of CPPS to against such attacks is still rarely investigated in the existing literature.

More importantly, in order to reduce greenhouse gas emissions, more and more Renewable Energy Sources (RESs) such as wind energy and photovoltaics are now integrated in the power system, turning the CPPS further into renewable CPPS. However, the stochastic nature of the RESs drives the renewable CPPS works closer to its limits and introduces plenty of uncertainty factors, which poses new threat to the stability of the system [23], [24], [25]. Therefore, renewable CPPS is more vulnerable to malware attacks and requires a better resilience to resist such attacks. In this field, although several works [26], [27] have studied the resilience of renewable energy penetrated power systems, research on renewable CPPS is still relatively lacking.

To bridge the gap, in this paper, we develop resilience enhancement methods for renewable CPPS to defend against malware attacks. Our main contributions are summarized as follows.

•
Compared with previous studies, we first establish a novel simulation framework to analyze the resilience of renewable CPPS, taking into account both the malware attack process and the uncertainty of RESs.
•
We consider multiple stages in the resilience process of renewable CPPS. According to the characteristics of different stages, we put forward corresponding prevention and restoration methods to enhance the resilience of the system, providing a holistic and systematic methodology.
•
Based on the proposed simulation framework, we evaluate the effectiveness of the resilience enhancement methods and show how external factors influence it. Our findings provide practical insights for building a resilient renewable CPPS.

The rest of the paper is organized as follows. Section 2 presents the modeling methodology for renewable CPPS, and Section 3 describes the malware attack process in the system. In Section 4, we introduce the resilience process of the system and develop resilience enhancement methods based on it. Finally, we conduct case studies in Section 5 and draw conclusions in Section 6.

Section snippets

System configuration

In this paper, we consider a renewable CPPS consisting of a power network and a communication network, whose structure can be represented by the two-layer model of Fig. 1. Topologically, the power network shown by the physical layer in Fig. 1 can be abstracted as a graph $G_{p} = (N_{p}, E_{p})$ , in which $N_{p}$ is the node set corresponding to the power nodes, and $E_{p}$ is the edge set corresponding to the transmission lines. According to the function, we classify the power nodes in $N_{p}$ into three categories,

Malware attacks in renewable CPPS

Comparing with conventional power systems, CPPS works more intelligently and efficiently with the assistance of communication network. However, just like every coin has two sides, the introduction of the cyber layer in CPPS also exposes the internal interface to the outside world, provides external access for attackers, and brings new problems of cyber security.

Among the cyber security issues of CPPS, malware attack is a new type of cyber attack method that has emerged in recent years [10].

Methods to enhance resilience against malware attacks

As discussed in the previous section, malware attacks can inflict massive damage on renewable CPPS and lead to disastrous results. To alleviate the disruption caused by the attacks, it is imminent to develop resilience-enhancing methods for the system to help it better withstand and bounce back from malware attacks.

Case studies

In this section, we conduct case studies using the aforementioned simulation algorithm to research the resilience enhancement methods and investigate the factors that influence their effectiveness. The simulations are performed in a test renewable CPPS generated by randomly coupling the IEEE 39 Bus System [37] with a communication network. In the test IEEE 39 Bus System, as depicted in Fig. 6, nodes 34, 35, 36, 37 and 38 are selected as renewable generation nodes, while nodes 30, 31, 32, 33 and

Conclusions

In this paper, we study resilience enhancement methods for renewable CPPS to against malware attacks. Specifically, we first investigate the resilience process of the system, and then according to the characteristics of different stages of the process, we propose pre-attack and post-attack resilience enhancement methods. We validate and analyze the effectiveness of the proposed methods through simulation. The simulation results show that, compared with the acquaintance protection and random

CRediT authorship contribution statement

Sheng Xu: Writing – original draft, Visualization, Software, Methodology, Investigation, Formal analysis, Data curation. Haicheng Tu: Writing – review & editing, Supervision, Methodology, Investigation, Data curation, Conceptualization. Yongxiang Xia: Writing – review & editing, Supervision.

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgments

This work was supported by the Fundamental Research Funds for the Provincial Universities of Zhejiang, China under Grant GK229909299001-018.

References (43)

BolbotV. et al.
Vulnerabilities and safety assurance methods in cyber-physical systems: A comprehensive review
Reliab Eng Syst Saf
(2019)
ZhangX. et al.
An integrated modeling framework for cascading failure study and robustness assessment of cyber-coupled power grids
Reliab Eng Syst Saf
(2022)
OuyangM.
Review on modeling and simulation of interdependent critical infrastructure systems
Reliab Eng Syst Saf
(2014)
ArghandehR. et al.
On the definition of cyber-physical resilience in power systems
Renew Sustain Energy Rev
(2016)
SenkelA. et al.
Quantification of the resilience of integrated energy systems using dynamic simulation
Reliab Eng Syst Saf
(2021)
ShenL. et al.
Understanding key factors affecting power systems resilience
Reliab Eng Syst Saf
(2021)
ZhangX. et al.
Braess paradox and double-loop optimization method to enhance power grid resilience
Reliab Eng Syst Saf
(2021)
JalilpoorK. et al.
Network hardening and optimal placement of microgrids to improve transmission system resilience: A two-stage linear program
Reliab Eng Syst Saf
(2022)
WuY. et al.
Allocation of defensive and restorative resources in electric power system against consecutive multi-target attacks
Reliab Eng Syst Saf
(2022)
OuyangM. et al.
Resilience assessment of interdependent infrastructure systems: With a focus on joint restoration modeling and analysis
Reliab Eng Syst Saf
(2015)

AlmoghathawiY. et al.

Resilience-driven restoration model for interdependent infrastructure networks

Reliab Eng Syst Saf

(2019)

GaoX. et al.

Impact of wind power uncertainty on cascading failure in cyber–physical power systems

Physica A

(2021)

BeyzaJ. et al.

The effects of the high penetration of renewable energies on the reliability and vulnerability of interconnected electric power systems

Reliab Eng Syst Saf

(2021)

YangS. et al.

A graph-based method for vulnerability analysis of renewable energy integrated power systems to cascading failures

Reliab Eng Syst Saf

(2021)

ShiL. et al.

Cyber–physical interactions in power systems: A review of models, methods, and applications

Electr Power Syst Res

(2018)

KhaitanS.K.

Cyber physical systems approach to smart electric power grid

(2015)

MoY. et al.

Cyber–physical security of a smart grid infrastructure

Proc IEEE

(2012)

ZhangX. et al.

Assessing the robustness of cyber-physical power systems by considering wide-area protection functions

IEEE J Emerg Sel Top Circ Syst

(2022)

YohanandhanR.V. et al.

Cyber- Physical Power System (CPPS): A review on modeling, simulation, and analysis with cyber security applications

IEEE Access

(2020)

LeeR.M. et al.

Analysis of the cyber attack on the Ukrainian power grid

(2016)

ZhangX. et al.

Effects of cyber coupling on cascading failures in power systems

IEEE J Emerg Sel Top Circ Syst

(2017)

Cited by (18)

A detailed review of power system resilience enhancement pillars
2024, Electric Power Systems Research
The increasing occurrence of extreme vulnerabilities to electric grids due to natural catastrophes and cyber-attacks, has resulted in a rise in global power outages. This has compelled a sense of urgency to investigate resiliency issues and implement risk mitigation strategies. This article conducts a state-of-the-art review of the key pillars of power system resilience, examining the concepts and techniques to improve resilience against low-probability, high-impact events. The highlighted pillars include smartening, hardening, distributing, building, and the corresponding enhancement techniques. The article begins by enlightening the origin of resilience and its relevance in the power system context, followed by an exploration of the four key pillars. Additionally, it investigates the quantification of resilience in different levels of power systems facing diverse sources of extreme events. Emerging technologies that played a crucial role in enhancing resilience are discussed. Furthermore, the paper explores the concept of Greenfield and Brownfield power system design approaches to improve resilience against extreme events. Moreover, a transformative idea extending the conventional resilience philosophy, called antifragility, is clearly stated. The discussion extends to the need for resilience study from global perspectives, state-of-the-art technologies, and challenges and opportunities. To conclude, this review sheds light on the emerging trend of resilience research, paving the way for future research directions.
Dual nature of cyber–physical power systems and the mitigation strategies
2024, Reliability Engineering and System Safety
Cyber–physical power system (CPPS) offers benefits in terms of enhanced grid operation and improved performance, but it also brings forth new threats to the power system posed by digital intelligence. In this paper, we propose a general cascading failure model to analyze the vulnerability of CPPS when facing various attack modes (physical attacks and information attacks). In addition, we introduce an all-type connected islands (ACI) mechanism in model to reflect the fact that a well-working island should contain all types of nodes. Then we conduct experiments under different scenarios, such as different attack modes, different coupling strategies, and different power flow calculation models. Our findings demonstrate that, on the one hand, the introduction of ACI enlarges the cascading failure size in CPPS. On the other hand, the double-edged sword effect of CPPS exists in various scenarios. Furthermore, given the potential threat of information attacks, we propose a fused centrality index from the perspectives of structure and function, and apply it to two mitigation strategies before and during the cascading process. Experimental results show that these strategies are effective in mitigating the damages of the information attacks.
Cyber-constrained load shedding for smart grid resilience enhancement
2024, Reliability Engineering and System Safety
With the further development of information and communication technology and their widespread use in power systems, our networks are moving towards cyber-physical systems. This paper proposes an optimal load flow method considering cyber constraints for the emergency response of smart networks to improve resilience. In the proposed method, not only the effect of cyber systems on physical systems but also the effect of physical systems on cyber systems is considered mutually. The mutual effect is that if the cyber nodes are interrupted, the cyber system can no longer send the information of generators and loads to the central controller. Also, if the load reduction in the bus exceeds a percentage in the physical network, it is practically no longer possible to feed the cyber system in that bus. In the following, the objective function is considered as the minimization of the sum of the cost of load shedding and generator production. Also, fast voltage stability index is used to determine weak buses. Finally, considering that the above model is non-linear, for this purpose, the problem is modeled by the PSO algorithm. Finally, a standard IEEE test system is used to evaluate the effectiveness of the proposed policy.
A network-based approach to improving robustness of a high-speed train by structure adjustment
2024, Reliability Engineering and System Safety
To enhance the ability of a high-speed train (HST) to provide services under various adverse conditions, this paper studies robustness improvement of the HST by adjusting its structure. We model the HST as an interdependent machine-electricity-communication network (IMECN) composed of a machine network (MN), an electricity network (EN) and a communication network (CN), and propose a robustness metric of the IMECN subject to node failures considering failure propagation. Then, a robustness optimization model is constructed for structure adjustment. A Tabu search algorithm with directed and undirected edge exchange operators is designed to solve this problem. A case study on a practical HST is used to verify the feasibility and effectiveness of the proposed method. The results show that robustness of the IMECN is significantly improved by structure adjustment. Furthermore, most nodes have little effect on robustness, and impact of failures on any node is minimized after optimization. In addition, in terms of topology, nodes with low and high degrees in the MN and CN reconnect with those with a similar degree, their clustering coefficients become larger, and closeness of all nodes in the subnetworks increases. Finally, adjusting the structures leads to a slight difference of loads in the EN and CN.
Deep reinforcement learning-based resilience enhancement strategy of unmanned weapon system-of-systems under inevitable interferences
2024, Reliability Engineering and System Safety
Unmanned weapon system-of-systems (UWSoS) is a collection of unmanned weapon systems providing multiple interdependent capabilities to support the mission completion. The soaring number of interconnected systems makes UWSoS vulnerable in the face of inevitable uncertain interferences. Thus, devising an effective resilience enhancement strategy is critical to handling inevitable disruption events. However, preventive and protective methods are not all-inclusive because of the high uncertainty operation environment and the lack of autonomy. Hence, we studied the resilience enhancement problem of UWSoS from the recovery perspective based on deep reinforcement learning (DRL). First, a DRL-based resilience enhancement strategy framework is proposed, combining the graph convolution network and proximal policy optimization algorithm to extract the entities’ representation features and autonomously learn the resilience enhancement strategy to handle various interferences scenarios better. Subsequently, a collaboration action resilience contribution index-guided proximal policy optimization algorithm is proposed to improve training efficiency. Finally, extensive simulation experiments and comparisons with five similar algorithms demonstrate the effectiveness, adaptability, and superiority of the proposed strategy. This work could provide valuable scheduling schemes for decision-makers to guide the reliable operation of UWSoSs.
Modeling offshore wind farm disturbances and maintenance service responses within the scope of resilience
2024, Reliability Engineering and System Safety
Offshore wind farms are becoming ever more important means of energy production. Accordingly, they are started to be considered critical infrastructures with heightened attention on their protection and resilience. This paper studies how the maintenance service can sustain or recover offshore wind farm operations under different stressors. We conduct this study by modeling the failures in an offshore wind farm and how maintenance service is able to correct them. Our model enhances the traditional cause-consequence trees by including dynamical aspects, and the modeling of the maintenance process. Special attention in the maintenance model is given to limited personnel and material resources, as well as limited access to wind turbines. This limit is a result of occasional harsh weather conditions that make conducting repairs unsafe. The model is applied for two representative disturbance scenarios: a cyber-attack leading to high failure rates and a high-impact incident causing numerous simultaneous failures. The second scenario integrates results from a physical power system simulation that are used for depicting the incident. The results show that our model can present scenarios where different stressors challenge the operations. These can be used for testing and defining requirements for future countermeasures to improve the resilience.

View all citing articles on Scopus

View full text

Resilience enhancement of renewable cyber–physical power system against malware attacks

Highlights

Abstract

Introduction

Section snippets

System configuration

Malware attacks in renewable CPPS

Methods to enhance resilience against malware attacks

Case studies

Conclusions

CRediT authorship contribution statement

Declaration of Competing Interest

Acknowledgments

Reliab Eng Syst Saf

Reliab Eng Syst Saf

Reliab Eng Syst Saf

Renew Sustain Energy Rev

Reliab Eng Syst Saf

Reliab Eng Syst Saf

Reliab Eng Syst Saf

Reliab Eng Syst Saf

Reliab Eng Syst Saf

Reliab Eng Syst Saf

Reliab Eng Syst Saf

Physica A

Reliab Eng Syst Saf

Reliab Eng Syst Saf

Electr Power Syst Res

Cyber physical systems approach to smart electric power grid

Cyber–physical security of a smart grid infrastructure

Proc IEEE

Assessing the robustness of cyber-physical power systems by considering wide-area protection functions

IEEE J Emerg Sel Top Circ Syst

Cyber- Physical Power System (CPPS): A review on modeling, simulation, and analysis with cyber security applications

IEEE Access

Analysis of the cyber attack on the Ukrainian power grid

Effects of cyber coupling on cascading failures in power systems

IEEE J Emerg Sel Top Circ Syst