Juan Ospina

Subhash Lakshminarayana, Juan Ospina, Charalambos Konstantinou

The COVID-19 pandemic has impacted our society by forcing shutdowns and shifting the way people interacted worldwide. In relation to the impacts on the electric grid, it created a significant decrease in energy demands across the globe. Recent studies have shown that the low demand conditions caused by COVID-19 lockdowns combined with large renewable generation have resulted in extremely low-inertia grid conditions. In this work, we examine how an attacker could exploit these {scenarios} to cause unsafe grid operating conditions by executing load-altering attacks (LAAs) targeted at compromising hundreds of thousands of IoT-connected high-wattage loads in low-inertia power systems. Our study focuses on analyzing the impact of the COVID-19 mitigation measures on U.S. regional transmission operators (RTOs), formulating a plausible and realistic least-effort LAA targeted at transmission systems with low-inertia conditions, and evaluating the probability of these large-scale LAAs. Theoretical and simulation results are presented based on the WSCC 9-bus {and IEEE 118-bus} test systems. Results demonstrate how adversaries could provoke major frequency disturbances by targeting vulnerable load buses in low-inertia systems and offer insights into how the temporal fluctuations of renewable energy sources, considering generation scheduling, impact the grid's vulnerability to LAAs.

Ioannis Zografopoulos, Juan Ospina, XiaoRui Liu et al.

Cyber-physical systems (CPS) are interconnected architectures that employ analog, digital, and communication resources for their interaction with the physical environment. CPS are the backbone of enterprise, industrial, and critical infrastructure. Thus, their vital importance makes them prominent targets for malicious attacks aiming to disrupt their operations. Attacks targeting cyber-physical energy systems (CPES), given their mission-critical nature, can have disastrous consequences. The security of CPES can be enhanced leveraging testbed capabilities to replicate power system operations, discover vulnerabilities, develop security countermeasures, and evaluate grid operation under fault-induced or maliciously constructed scenarios. In this paper, we provide a comprehensive overview of the CPS security landscape with emphasis on CPES. Specifically, we demonstrate a threat modeling methodology to accurately represent the CPS elements, their interdependencies, as well as the possible attack entry points and system vulnerabilities. Leveraging the threat model formulation, we present a CPS framework designed to delineate the hardware, software, and modeling resources required to simulate the CPS and construct high-fidelity models which can be used to evaluate the system's performance under adverse scenarios. The system performance is assessed using scenario-specific metrics, while risk assessment enables system vulnerability prioritization factoring the impact on the system operation. The overarching framework for modeling, simulating, assessing, and mitigating attacks in a CPS is illustrated using four representative attack scenarios targeting CPES. The key objective of this paper is to demonstrate a step-by-step process that can be used to enact in-depth cybersecurity analyses, thus leading to more resilient and secure CPS.

Juan Ospina, XiaoRui Liu, Charalambos Konstantinou et al.

The electric power grid is a complex cyberphysical energy system (CPES) in which information and communication technologies (ICT) are integrated into the operations and services of the power grid infrastructure. The growing number of Internet-of-things (IoT) high-wattage appliances, such as air conditioners and electric vehicles, being connected to the power grid, together with the high dependence of ICT and control interfaces, make CPES vulnerable to high-impact, low-probability load-changing cyberattacks. Moreover, the side-effects of the COVID-19 pandemic demonstrate a modification of electricity consumption patterns with utilities experiencing significant net-load and peak reductions. These unusual sustained low load demand conditions could be leveraged by adversaries to cause frequency instabilities in CPES by compromising hundreds of thousands of IoT-connected high-wattage loads. This paper presents a feasibility study of the impacts of load-changing attacks on CPES during the low loading conditions caused by the lockdown measures implemented during the COVID-19 pandemic. The load demand reductions caused by the lockdown measures are analyzed using dynamic mode decomposition (DMD), focusing on the March-to-July 2020 period and the New York region as the most impacted time period and location in terms of load reduction due to the lockdowns being in full execution. Our feasibility study evaluates load-changing attack scenarios using real load consumption data from the New York Independent System Operator (NYISO) and shows that an attacker with sufficient knowledge and resources could be capable of producing frequency stability problems, with frequency excursions going up to 60.5 Hz and 63.4 Hz, when no mitigation measures are taken.

Ioannis Zografopoulos, Juan Ospina, Charalambos Konstantinou

Electric energy systems are undergoing significant changes to improve system reliability and accommodate increasing power demands. The penetration of distributed energy resources (DERs) including roof-top solar panels, energy storage, electric vehicles, etc., enables the on-site generation of economically dispatchable power curtailing operational costs. The effective control of DERs requires communication between utilities and DER system operators. The communication protocols employed for DER management and control lack sophisticated cybersecurity features and can compromise power systems secure operation if malicious control commands are issued to DERs. To overcome authentication-related protocol issues, we present a bolt-on security extension that can be implemented on Distributed Network Protocol v3 (DNP3). We port an authentication framework, DERauth, into DNP3, and utilize real-time measurements from a simulated DER battery energy storage system to enhance communication security. We evaluate our framework in a testbed setup using DNP3 master and outstation devices performing secure authentication by leveraging the entropy of DERs.