Abstract
In last years, an increasing incorporation of Information and Communication Technologies (ICT) into the power systems has been evidenced. ICT have enabled improving the control of the power grid and by consequence the reliability and the flexibility of these systems. Presently, ICT are a key aspect in the smart grids development. Today’s power systems depend on ICT. However, these technologies can fail and are also exposed to threats that can affect their functioning and the operation of the power system. Therefore, it is very important to consider both interconnected infrastructures (electrical power grid and its information and communication system (ICS)) in the modeling, design and security analysis of electrical power systems. In this chapter, some approaches on the interdependencies modeling between these infrastructures are presented. In addition, some methods based in risk and criticality assessment with regards cyber attacks and ICT failures are proposed.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Low-level modeling means that the description is complete and simplifications are avoided. On the contrary, high-level modeling describes only some phenomena or characteristics about the studied system.
References
Shahidehpour, M., Wang, Y.: Communication and control in electric power systems. IEEE Press Power Engineering Series (2003)
Ekstedt, M., Sommestad, T.: Enterprise architecture models for cyber security analysis. Proceedings of Power System Conference and Exposition, Seattle USA (2009)
European Commission: Terms of reference feasibility study: European network of secure test centers for reliable ICT-controlled critical energy infrastructures, July 2007
IEEE Working Group: Reliability indices for use in bulk power system supply adequacy evaluation. IEEE Trans. Power Apparatus Syst. 97(4), 1097-1103 (1978)
Mussington D.: Concepts for enhancing critical infrastructure protection: relating Y2K to CIP research and development. RAND: Science and Technology Institute, Santa Monica CA, 29 (2002)
GRID consortium: ICT vulnerabilities of power systems: a roadmap for future research. European Communities, ISBN 978-92-79-07138-6 (2007)
Kundur, P.: Power system stability and control. EPRI Editors and McGraw-Hill, New York (1993)
Bjorn, T., Fontela, M., Mellstrand, P., Gustavsson, r., Andrieu, C., Bacha, S., Hadjsaid, N., Besanger, Y.: Overview of ICT components and its application in electric power systems. In: Proceedings of 2nd International Conference on Critical Infrastructures, Grenoble, France (2004)
Zima M., Bockarjova, M: Operation, monitoring and control technology of power systems. EEH Power Systems Laboratory, ETH Zurich. http://www.eeh.ee.ethz.ch (2007). Accessed March 2007
Andersson, L., Brand, K.P., Wimmer, W.: The impact of the coming standard IEC61850 on the life-cycle of open communication systems in substations. In: Proceedings of Transmission and Distribution, Brisbane, Australia. http://www.nettedautomation.com/download/mannheim-2003-03/Brisbane_Brand_2002-08.pdf (2001). Accessed 7 Dec 2009
Gupta, R.P.: Substation automation using IEC61850 standard. In: Proceedings of 15th National Power Systems Conference, Bombay. http://www.ee.iitb.ac.in/∼npsc2008/NPSC_CD/Data/Oral/DIC4/p107.pdf (2008). Accessed 7 Dec 2009
Wu, F.F., Moslehi, K. Bose, A.: Power system control centers: past, present, and future. Proc. IEEE (2005). doi: 10.1109/JPROC.2005.857499
Wehenkel, L.: Systèmes de conduite des grands réseaux électriques. http://www.montefiore.ulg.ac.be/∼lwh/SCGRE/ Accessed 7 Dec 2009
Wood, A., Wollenberg B.: Power generation, operation, and control, 2nd ed. Wiley-Interscience, New York (1996)
Grigsby, L.: Electric Power Engineering Handbook: Power System Stability and Control, 2nd edn. CRC Press, Boca Raton, FL (2007)
CIGRE WG 38-03, McGillis, D.: Power system reliability analysis application guide. CIGRE, Paris (1987)
IEC: International Electrotechnical Vocabulary: Dependability and quality of service. In: International Standard 60050-191, 191, Geneva, Switzerland (1999)
Tranchita, C., HadjSaid, N., Torres, A.: Risk assessment for power system security with regard to intentional events. Thesis to obtain the degree of Doctor from the Grenoble Institute of Technology and the Los Andes University (2008)
Shaw, W.T.: Cybersecurity for SCADA Systems. PennWell Books, Tulsa, OK (2006)
Stamp, J., Dillinger J., Young, W., DePoy, J.: Common vulnerabilities in critical infrastructure control systems. Sandia National Laboratories report SAND2003-1772C: Albuquerque, New Mexico. http://www.oe.netl.doe.gov/docs/prepare/vulnerabilities.pdf (2003). Accessed 7 Dec 2009
Howard, J.D., Longstaff, T.A.: A common language for computer security incidents. Sandia National Laboratories, Report SAND98-8667, USA (1998)
Tranchita, C., HadjSaid, N., Torres, A.: Overview of the power systems security with regard to cyberattacks. In: Proceedings of 4th International CRIS Conference on Critical Infrastructures, Sweden (2009). doi: 10.1109/CRIS.2009.5071500
National Security Telecommunications Advisory Committee: Electric power risk assessment. http://www.aci.net/Kalliste/electric.htm (1997)
Dacey, R.F: Critical infrastructure protection - challenges and efforts to secure control systems. Technical Report GAO-04-354, United States General Accounting Office (GAO), Washington (2004)
Gursesli, O., Desrochers, A.A.: Modeling infrastructure interdependencies using Petri nets. In: Proceedings of IEEE International Conference on Systems, Man and Cybernetics, vol. 2, 1506-1512 (2003)
Krings, A., Oman, P.: A simple GSPN for modeling common mode failures in critical infrastructures. In: Proceedings of 36th Hawaii Conference on System Sciences (2003)
Schneider, K., Liu, C.C., Paul, J.P.: Assessment of interactions between power and telecommunications infrastructures. IEEE Trans. Power Syst. 21(3), 1123-1130 (2006)
Macal, C., Sallach, D.: Workshop on agent simulation: applications, models, and tools, University of Chicago, Chicago, IL (1999)
Bonabeau, E.: Agent-based modeling: methods and techniques for simulating human systems. Proc. Natl. Acad. Sci. U S A 99, 7280-7287 (2002)
Grimm, V.: Ten years of individual-based modeling in ecology: what have we learned and what could we learn in the future? Ecol. Model. 115(2-3), 129-148 (1999)
Barton, D.C., Stamber, K.L.: An agent-based microsimulation of critical infrastructure systems. In: Proceedings of 8th International Energy Forum, International Energy Foundation’s ENERGEX (2000)
Macal, C., North, M.: Tutorial on agent-based modeling and simulation. In: Proceedings of the 2005 Winter Simulation Conference (2005)
Hopkinson, K., Wang, X., Giovanni, R., Thorp, J., Birman, K., Coury, D.: Epochs: a platform for agent-based electric power and communication simulation built from commercial off-the-shelf components. IEEE Trans. Power Syst. 21(2), 548-558 (2006)
Panzieri, S., Setola, R., Ulivi, G.: An agent based simulator for critical interdependent infrastructures. In: Proceedings of 2nd Conference on Securing Critical Infrastructures (2004)
Panzieri S., Setola R., Ulivi G.: An approach to model complex interdependent infrastructures. In: Proceedings of 6th IFAC World Congress 2005 (2005)
Tolone, W.J., Wilson, D., Raja, A., Xiang, W., Hao, H., Phelps, S., Johnson, E.W.: Critical infrastructure integration modeling and simulation. H. Chen et al. (Eds.), Intelligence and Security Informatics, Lecture Notes in Computer Science, LNCS 3073, pp. 214-225, Springer-Verlag Berlin Heidelberg 2004
Zhang, P., Peeta, S., Friesz, T.: Dynamic game theoretic of multilayer infrastructure networks. In: Proceedings of 10th Conference on Travel Behavior Research, Lucerne (2003)
Casalicchio, E., Galli, E., Tucci, S.: Federated agent-based modeling and simulation approach to study interdependencies in its critical infrastructure. In: Proceedings of 11th IEEE International Symposium of Distributed Simulation and Real-Time Applications, 182-189 (2007)
Kim, H.M., Biehl, M., Buzacott, J.A.: M-ci2: modeling cyber interdependencies between critical infrastructures. In: Proceedings of 3rd IEEE Conference on Industrial Informatics, 644-648 (2005)
Lee, E.E., Mendonça, D.J., Mitchell, J.E., Wallace, W.A.: Restoration of services in interdependent infrastructure systems: a network flows approach. Technical Report 38-03-507, Rensselaer Polytechnic Institute, USA (2003)
Lee, E.E., Mitchell, J.E., Wallace, W.A.: Assessing vulnerability of proposed designs for interdependent infrastructure systems. In: Proceedings of 37th Hawaii Conference on System Sciences (2004)
Lee, E.E., Mitchell, J.E., Wallace, W.A.: Restoration of services in interdependent infrastructure systems: a network flows approach. IEEE Trans. Syst. Man Cybern. 37(6), 1303-1317 (2007)
Wolthusen, S.D.: GIS-based command and control infrastructure for critical infrastructure protection. In: Proceedings of 1st Workshop on Critical Infrastructure Protection (2005)
Johnson, C.W., Williams, R.: Computational support for identifying safety and security related dependencies between national critical infrastructures. In: Proceedings of 3rd IET International Conference on System Safety (2008)
Zimmerman, R.: Decision-making and the vulnerability of interdependent critical infrastructures. In: Proceedings of IEEE Conference on Systems, Man and Cybernetics, vol. 5, 4059-4063 (2004)
Permann, M.R.: Toward developing genetic algorithms to aid in critical infrastructure modeling. In: Proceedings of IEEE Conference on Technologies for Homeland Security, 192-197 (2007)
Panzieri S., Setola R.: Failures propagation in critical interdependent infrastructures. Int. J. Model. Identif. Control 3(1) (2008)
Pederson, P., Permann, M.: Interdependency modeling: a survey of U.S. and international research. Idaho National Laboratory, USA (2006)
Rozel, B., Viziteu, M., Caire, R., Hadjsaid, N., Rognon, J.P.: Towards a common model for studying critical infrastructure interdependencies. In: Proceedings of IEEE Power and Energy Society General Meeting (2008)
Milano, F.: An open source power system analysis toolbox. Trans. Power Syst. 20(3):1199-1206 (2005)
Muller, K.: Advanced systems simulation capabilities in SimPy. In: EuroPython, Gothenburg, Sweden (2004)
Boccaletti, S., Latora, V., Moreno, Y., Chavez, M., Hwanga, D.U.: Complex networks: structure and dynamics. Phys. Rep. 424(4-5), 175-308 (2006)
Reinhard, D.: Graph Theory, 2nd ed. Springer-Verlag, New York (1997)
Albert, R., Barabási, A.: Statistical mechanics of complex networks. Rev. Mod. Phys. 74, 47-97 (2002)
Dorogovtsev, S.N., Mendes, J.F.F.: Evolution of networks with aging of sites, Phys. Rev. E, 62(2):1842-1845 (2000)
Newman, M.E.J.: The structure and function of complex networks. SIAM Rev. 45(2), 167-256 (2003)
Barrat, A., Barthélemy M., Vespignani A.: Réseaux complexes et physique statistique. Images de la Physique (2006)
Lai, Y.C., Motter, A.E., Nishikawa, T.: Attacks and cascades in complex networks. Physics Lectures Notes, Springer, 650, 299-310 (2004)
Motter, A.E., Lai, Y.C.: Cascade-based attacks on complex networks. Phys. Rev. E 66(6) (2002)
Holmgren, A.J.: Using graph models to analyze the vulnerability of electric power networks. J. Risk Anal. 26(4), 955-969 (2006)
Carreras, B.A., Lynch, V.E., Dobson, I., Newman, D.E.: Critical points and transitions in an electric power transmission model for cascading failure blackouts. CHAOS 12(4), 985-994 (2002)
Kinney, R., Crucitti, P., Albert, R., Latora, V.: Modeling cascading failures in the North American power grid. Eur. Phys. J. B 46(1), 101-107 (2005)
Sun, K.: Complex networks theory: a new method of research in power grid. In: Proceedings of Transmission and Distribution Conference and Exhibition: Asia and Pacific, 1-6 (2005)
Sun, K., Han, Z.X.: Analysis and comparison on several kinds of models of cascading failure in power system. In: Proceedings of Transmission and Distribution Conference and Exhibition: Asia and Pacific, 1-7 (2005)
Chen, X., Sun, K., Cao, Y., Wang, S.: Identification of vulnerable lines in power grid based on complex network theory. In: Proceedings of IEEE Power Engineering Society General Meeting, 1-6, (2007)
Newman, D.E., Nkei, B., Carreras, B.A., Dobson, I., Lynch, V.E., Gradney, P.: Risk assessment in complex interacting infrastructure systems. In: Proceedings of 39th Hawaii Conference on System Sciences (2005)
Carreras, B.A., Newman, D.E., Gradney, P., Lynch, V.E., Dobson, I.: Interdependent risk in interacting infrastructure systems. In: Proceedings 40th Hawaii Conference on System Sciences (2007)
Kurant, M., Thiran, P.: Layered complex networks. Phys. Rev. Lett. 96, 138701 (2006)
Kurant, M., Thiran, P., Hagmann, P.: Error and attack tolerance of layered complex networks. Phys. Rev. E. 76, 026103 (2007)
Hadjsaid, N., Tranchita, C., Rozel, B., Viziteu, M., Caire, R.: Modeling cyber and physical interdependencies - applications in ICT and power grids. Proc. Power Syst. Conf. Expos. (2009). doi:10.1109/PSCE.2009.4840183
Jensen, H.J., Goddard, P., Yeomans, J.: Self-organized Criticality Emergent Complex Behavior in Physical and Biological Systems. Cambridge: Cambridge University Press, 1-6 (1998)
McLaughlin, T.P., Monahan, S.P., Pruvost, N.L., Frolov, V.V., Ryazanov, B.G., Sviridov, V.I: A review of criticality accidents: 2000 revision. Los Alamos National Laboratory Report LA-13638 (2000)
O’Connor, P., Newton, D., Bromley, R.: Practical Reliability Engineering, pp. 206-214. Wiley, New York (2002)
Matthew, G.: GRID Consortium, A survey of ICT vulnerabilities of power systems and relevant defense methodologies. In: Proceedings of IEEE Power Engineering Society General Meeting (2007)
Stamatis, D.H.: Failure Mode and Effect Analysis: FMEA from Theory to Execution. American Society for Quality (ASQ), Milwaukee, WI (1995)
Gaudoin, O., Ledoux, J.: Modélisation aléatoire en fiabilité des logiciels. Hermès Science Publications-Lavoisier, Paris (2007)
Giorgio, I.: Introduction to distributed systems and networking. http://www.cis.temple.edu. Accessed 5 January 2009
Elmasri, R., Navathe, S.: Fundamentals of Database Systems. pp. 570-591. Addison-Wesley, Upper Saddle River, NJ (2004)
Viziteu, M., Caire, R., Georges, D., HadjSaid, N.: Criticality hierarchy procedure applied to software applications for electrical networks management. In: Proceedings of 4th CRIS Conference on Critical Infrastructures, Sweden (2009)
Pearl, J.: Probabilistic Reasoning in Intelligent Systems: Networks of Plausible Inference. Morgan Kaufmann, San Mateo, CA (1988)
Pearl J.: Bayesian networks. In: Arbib, M. (ed.) Handbook of Brain Theory and Neuronal Networks, MIT Press, Cambridge, MA (2000)
U.S. Nuclear Regulatory Commission NRC: Information Notice 2003-14. http://www.nrc.gov/reading-rm/doc-collections/gen-comm/info-notices/2003/in200314.pdf (2003)
North American Electric Reliability Council NERC: Permanent cyber security standard. SAR Drafting Team, USA (2003)
Weisman, R.: California power grid hack underscores threat to U.S. http://www.newsfactor.com/perl/story/11220.html (2001)
Greene, T.: Civilization hanging by a thread. White papers, Washington, USA. http://www.theregister.co.uk (2000). Accessed 7 Dec 2009
Roche P.: Cyber security considerations in power system operations. CIGRE Joint Working Group Security for Information Systems and Intranets in Electrical Power Systems, JWG D2/B3/C2.01 (2005)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
5.1 Appendix 1: ICT Failures and Cyber Attacks
In the following, some cyber-incidents that have interfered power systems’ communications security during the last few years are mentioned
-
Tom Donahue, a CIA analyst, in January 2008 warned the electric power sector that cyber attackers had hacked into the computer systems of utility companies outside the United States and made demands, in at least one case causing a power outage that affected multiple cities. He said “We do not know who executed these attacks or why, but all involved intrusions through the Internet”.
-
January 2003, an incident occurred when the worm “Slammer” of the Internet infected the monitoring network of the nuclear plant Davis-Besse of First Energy Corporation in Ohio, the reactor happened to be offline. The worm entered the plant network via a contractor’s infected computer connected through a T1 line (telephone dial-up) directly to the plant network, thus bypassing the firewall [82]. The electric utility company lost control of their EMS/SCADA for system nearly 5 h. A later report made by North American Electric Reliability Council (NERC) reached the conclusion that while nothing serious happened as a result, the EMS/SCADA system was not able to communicate with substations and plants, forcing the company operations staff to resort to manual operation of their transmission and generation assets until control could be restored.
-
In September 2001, the Nimda worm was circulated widely throughout the world. The NERC know of an electric utility whose EMS/SCADA network was compromised by the Nimda worm. The worm then propagated itself and spread to the internal project network of a major EMS/SCADA vendor via the vendors’ support communications circuit, devastating the EMS vendors’ internal network and launching further attacks against the EMS/SCADA networks of all other customers of the vendor with support communications circuits [83].
-
In August 2001, the Code Red II worm successfully compromised the internal network of a company that provides services to NERC and numerous electric utility companies. This worm then attacked customers connected to this company, successfully compromising an exposed web server at one of the utility control centers. It is important to note that the compromised server was presumed to be protected, as it was not exposed to the Internet. This attack was propagated via the private frame relay network connecting the service company, the impacted utility, and the other connected utility companies [83].
-
For 17 days, between April 25 and May 11 of 2001, hackers managed to remain undetected after they breached the network of the Folsom, based California Independent System Operator. However, the attacks were limited to a “practice network” and so they posed no threat to the real power grid or the primary power distribution network that handles the Western USA. Although no damage was reported, officials traced the intrusion back to a system in China [84].
-
In December 2000 the National Infrastructure Protection Center (NIPC), said that “A regional entity in the electric power industry has recently experienced computer intrusions through anonymous FTP (File Transfer Protocol) login exploitation and the intruders used the hacked FTP site to store and play interactive games that consumed 95% of the organization’s Internet bandwidth”. NIPC added that “the compromised bandwidth threatened the regional entity’s ability to conduct bulk power transactions [85].
A document prepared for the CIGRE Joint Working Group-Security for Information Systems and Intranets in Electrical Power Systems- entitled “Cyber security considerations in power system Operations” said that a significant number of cyber incidents have taken place but only some have been admitted to or described [86]. A sample of incidents showed in this document is given as follows:
-
Large Generating Plant Output Reduced to Zero: The control system of a large generating plant operating at a number of 100 MW was infected by a virus and its output was reduced to virtually zero in a few seconds. The infection came from a connected corporate IT network. The solution was to rigorously separate the real-time and corporate networks [86].
-
Distribution SCADA System Partly Disabled: A virus infected a lap-top which was used by a maintenance technician to modify a telecoms router. The virus affected all telecom nodes, including some used by a SCADA system. The SCADA system was rendered partially inoperable for a number of days. A partial solution required better management of virus protection on lap-tops [86].
-
Unauthorised Access to EMS Applications: A utility gave remote access rights to an EMS supplier. It was observed that application patches had been applied without agreement. No problems arose, but the situation revealed that continuous, non-verified access had remained open to an external [86].
Other Important Facts
-
Idaho National Laboratory in USA performed an experiment for the Department of Homeland Security (DHS) in March 2007 in order to evaluate the potential damage resulting from cyberattacks. The laboratory successfully destroyed a generator while conducting an experimental cyberattack. The attack involved the controlled hack of a replicated control system commonly found throughout the American power systems. Members of the House Committee on Homeland Security are concerned that malicious actors could use the same attack vector against large generators and other critical rotating equipment that could cause widespread and long-term damage to the electric infrastructure of the United States.
The following failures or disoperation of ICT functions, which threatened the security of the power system, were cited by the GRID consortium [6, 74].
-
Tripping of six 400 kV systems in Vallée du Rhône, France, due to time delay in communication
-
Substation outages initiated by transfer trip in Froncle and Pont la Ville, France, due to replayed information by the communication grid operator
-
Cyber-security problems in China, two events: loss of measurements from a large number of digital recorders, uncontrolled ramp-up and ramp-down of several hundred megawatts at a hydro power plant
-
Loss of dual server at control center due to software changeover
-
Loss of communications due to third party lines becoming faulty
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media B.V.
About this chapter
Cite this chapter
Tranchita, C., Hadjsaid, N., Viziteu, M., Rozel, B., Caire, R. (2010). ICT and Powers Systems: An Integrated Approach. In: Lukszo, Z., Deconinck, G., Weijnen, M. (eds) Securing Electricity Supply in the Cyber Age. Topics in Safety, Risk, Reliability and Quality, vol 15. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-3594-3_5
Download citation
DOI: https://doi.org/10.1007/978-90-481-3594-3_5
Published:
Publisher Name: Springer, Dordrecht
Print ISBN: 978-90-481-3593-6
Online ISBN: 978-90-481-3594-3
eBook Packages: EngineeringEngineering (R0)