NSF Proposal ID: 1929183 (Previously 1657302)

Principal Investigator: Mohammad Ashiqur Rahman

Scholarship Amount: $174,973.00

Scholarship Period: May 2017 – December 2018 (Tennessee Tech) and January 2019 – April 2021 (Florida International University)

Overview

A smart grid provides efficient and cost-effective management of the electric energy grid by allowing real-time monitoring, coordinating, and controlling of the system using communication networks among physical components. A smart grid exhibits complex configurations due to the coexistence of legacy systems with modern technologies and the interdependency between different cyber and physical components. This inherent complexity significantly increases the vulnerabilities and attack surface in smart grids due to misconfigurations or the lack of security hardening. In a smart grid, a security breach can be devastating. Therefore, it is important to ensure secure and resilient operation of smart grids by proactive identification of potential threats, impact assessment, and cost-efficient mitigation planning. This proposal aims to achieve these goals through the development of an efficient security framework for the Energy Management System (EMS), a core smart grid component.

The objective of this research is to provide a framework for characterizing stealthy attacks by verifying the details of an attack and determining its consequences depending on various adversarial attributes, thus identifying the resiliency of the grid. The proposed work aims to develop a comprehensive formal model for stealthy attack verifications and design an efficient formal mechanism for impact-based threat analysis. The proposed work has the key features of providing a logic-based model of cyber and physical properties of the EMS modules, formally representing stealthy attacks and adversary attributes, and assessing critical threats by characterizing impacts of the potential attacks on economic and secure operations of the grid. The attack verification and impact assessment will be unified into a single framework to develop necessary security analytics. The core of this formal design is Satisfiability Modulo Theories (SMT), an efficient formal tool for constraint satisfaction problems. To deal with various nonlinear control mechanisms in EMS, MATLAB Simulink will be integrated with SMT. In this integration, SMT provides the test cases to be systematically inspected by Simulink for further verification and impact assessment. This work is a unique approach toward establishing formal security analytics in the core of the secure and dependable operation of Cyber-Physical Systems (CPSs).

Research Outcome:

1. 1. Nur Imtiazul Haque, Mohammad Ashiqur Rahman, Dong Chen, and Hisham Kholidy, “BIoTA: Control-Aware Attack Analytics for Building Internet of Things,” in the 18th IEEE International Conference on Sensing, Communication, and Networking (SECON), July 2021 (acceptance rate~ 26%). [Accepted]
   2. Md Hasan Shahriar, Mohammad Ashiqur Rahman, Nur Imtiazul Haque, and Badrul Chowdhury, “DDAF: Deceptive Data Acquisition Framework against Stealthy Attacks in Cyber-Physical Systems,” in the 45th IEEE Computer Society International Conference on Computers, Software, and Applications (COMPSAC), July 2021 (acceptance rate~ 27%). [Accepted]
   3. Nur Imtiazul Haque*, Mohammad Ashiqur Rahman, and Hossain Shahriar, “Ensemble-based Efficient Anomaly Detection for Smart Building Control Systems,” in the 45th IEEE Computer Society International Conference on Computers, Software, and Applications (COMPSAC), July 2021 (acceptance rate~ 27%). [Accepted]
   4. A H M Jakaria, Mohammad Ashiqur Rahman, and Aniruddha Gokhale, “Resiliency-Aware Deployment of SDN in Smart Grid SCADA: A Formal Synthesis Model,” IEEE Transactions on Network and Service Management (TNSM), January 2021. [Early/Online Access]
   5. Amarjit Datta, Mohammad Ashiqur Rahman, and Hossain Shahriar, “WTC2: Impact-Aware Threat Analysis for Water Treatment Centers,” 44th IEEE Computer Society International Conference on Computers, Software, and Applications (COMPSAC), July 2020.
   6. A H M Jakaria, Mohammad Ashiqur Rahman, and Gokhale, Aniruddha. “A Formal Model for Resiliency-Aware Deployment of SDN: A SCADA-Based Case Study,” 15th International Conference on Network and Service Management (CNSM), Halifax, Canada, October 2019.
   7. Mohammad Ashiqur Rahman, Md Hasan Shahriar, and Rahat Masum. “False data injection attacks against contingency analysis in power grids: poster,” ACM Conference on Security and Privacy in Wireless and Mobile Networks, POSTER, Miami, Florida, USA, May 2019.
   8. Mohammad Ashiqur Rahman, Amarjit Datta, and Ehab Al-Shaer, Security Design against Stealthy Attacks on Power System State Estimation: A Formal Approach, Computers & Security, Elsevier, Vol. 84, July 2019 (Early Access: April 2019 ).
      Abstract: State estimation is very important for securely, reliably, and efficiently maintaining a power grid. If state estimation is not protected, an attacker can compromise meters or communication systems and introduce false measurements, which can evade existing Bad Data Detection (BDD) algorithms and lead to incorrect state estimation. This kind of attack is stealthy and widely known as an Undetected False Data Injection (UFDI) attack. Attackers are limited by different attributes, in terms of knowledge, capabilities, resources, and attack targets, that are important to consider for realizing the potential attack vectors and, thereby, the security measures. In this paper, we present a formal framework for the automatic synthesis of security architectures that will guard the grid against potential UFDI attacks on state estimation. In this approach, we first formalize UFDI attacks with respect to the grid topology, electrical properties, and different attack attributes. The solution to the model derives from the attack vectors that exist in the formalized scenario. These attack vectors are considered by a second formal model, the security architecture synthesis model, to design the security measures (i.e., a set of measurements to be protected against false data injection). We enhance the performance of the security architecture synthesis mechanism by performing parallel and stepped execution of the formal models. We demonstrate the proposed mechanism through case studies and evaluate the performance of the proposed model by running experiments on different IEEE test systems.
   9. A H M Jakaria, Mohammad Ashiqur Rahman, and MGM Mehedi Hasan Safety Analysis of AMI Networks through Smart Fraud Detection, in the Workshop on Cyber-Physical Systems Security (CPS-Sec) (in conjunction with IEEE CNS), Washington, DC, USA, June 2019.
      Abstract: Advanced metering infrastructure (AMI) is a critical part of a modern smart grid that performs the bidirectional data flow of sensitive power information such as smart metering data and control commands. The real-time monitoring and control of the grid are ensured through AMI. While smart meter data helps to improve the overall performance of the
      grid in terms of efficient energy management, it has also made the AMI an attractive target of cyber attackers with a goal of stealing energy. This is performed through the physical or cyber tampering of the meters, as well as by manipulating the network infrastructure to alter collected data. Proper technology is required for the identification of energy fraud. In this paper, we propose a novel technique to detect fraudulent data from smart meters based on the energy consumption patterns of the consumers by utilizing deep learning techniques. We also propose a method for detecting the suspicious relay nodes in the AMI infrastructure that may manipulate the data while forwarding it to the aggregators. We present the performance of our proposed technique, which shows the correctness of the models in identifying the suspicious smart meter data.
   10. Mohammad Ashiqur Rahman and Amarjit Datta, Impact of Stealthy Attacks on Optimal Power Flow, IEEE Transactions on Dependable and Secure Computing (TDSC), February 2018.
       Abstract: Optimal Power Flow (OPF) is a crucial part of the Energy Management System (EMS) as it determines individual generator outputs that minimize generation cost while satisfying transmission, generation, and system-level operating constraints. OPF relies on a core EMS routine, namely state estimation, which calculates system states, principally bus voltages/phase angles at the buses. However, state estimation is vulnerable to false data injection attacks in which an adversary can alter certain measurements to corrupt the estimator’s solution without being detected. It is also shown that such a stealthy attack on state estimation can increase the OPF cost. However, the impact of stealthy attacks on the economic and secure operation of the system cannot be comprehensively analyzed due to the very large size of the attack space. In this paper, we present a hybrid framework that combines formal analytics with Simulink-based system modeling to investigate the feasibility of stealthy attacks and their influence on OPF in a time-efficient manner. The proposed approach is illustrated on synthetic case studies demonstrating the impact of stealthy attacks in different attack scenarios. We also evaluate the impact analysis time by running experiments on standard IEEE test cases and the results show significant scalability of the framework.
   11. Amarjit Datta and Mohammad Ashiqur Rahman, Cyber Threat Analysis Framework for the Wind Energy Based Power System, ACM Workshop on Cyber-Physical Systems Security & Privacy (CPS-SPC) (in conjunction with the 24th ACM CCS), Dallas, Texas, USA, November 2017.
       Abstract: Wind energy is one of the major sources of renewable energy. Countries around the world are increasingly deploying large wind farms that can generate a significant amount of clean energy. A wind farm consists of many turbines, often spread across a large geographical area. Modern wind turbines are equipped with meteorological sensors. The wind farm control center monitors the turbine sensors and adjusts the power generation parameters for optimal power production. The turbine sensors are prone to cyber attacks and with the evolution of large wind farms and their share in power generation, it is crucial to analyze such potential cyber threats. In this paper, we present a formal framework to verify the impact of a false data injection attack on the wind farm meteorological sensor measurements. The framework designs this verification as a maximization problem where the adversary’s goal is to maximize the wind farm power production loss with its limited attack capability. Moreover, the adversary wants to remain stealthy to the wind farm bad data detection mechanism while it is launching its cyber attack on the turbine sensors. We evaluate the proposed framework for its threat analysis capability as well as its scalability by executing experiments on synthetic test cases.

   Current Project Members:

    

   Former Project Members:

2. Md Hasan Shahriar (PhD/MS Student)Rahat Masum (MS Student, Tennessee Tech)
   A H M Jakaria (PhD Student, Tennessee Tech)
   Amarjit Datta (MS Student, Tennessee Tech)