Abstract

Smart grid is a typical cyber-physical system that presents the dependence of power system operations on cyber infrastructure for control, monitoring, and protection purposes. The rapid deployment of phasor measurements in smart grid transmission system has opened opportunities to utilize new applications and enhance the grid operations. Thus, the smart grid has become more dependent on communication and information technologies such as Wide Area Measurement Systems (WAMS). WAMS are used to collect real-time measurements from different sensors such as Phasor Measurement Units (PMUs) installed across widely dispersed areas. Such system will improve real-time monitoring and control; however, recent studies have pointed out that the use of WAMS introduces significant vulnerabilities to cyber-attacks that can be leveraged by attackers. Therefore, preventing or reducing the damage of cyber attacks onWAMS is critical to the security of the smart grid. In this thesis, we focus our attention on the relation between WAMS security and the IP routing protocol, which is an essential aspect to the collection of sensors measurements.
Synchrophasor measurements from different PMUs are transferred through a data network and collected at one or multiple data concentrators. The timely collection of phasors from PMU dispersed across the grid allows to maintain system observability and take corrective actions when needed. This collection is made possible through Phasor Data Concentrators (PDCs) that time-align and aggregate phasor measurements, and forward the resulting stream to be used by monitoring and control applications. WAMS applications relying on these measurements have strict and stringent delay requirements, e.g., end-to-end delay as well as delay variation between measurements from different PMUs. Measurements arriving past a predetermined time period at a data concentrator will be dropped, causing incompleteness of data and affecting WAMS applications and hence the system’s operations. It has been shown that non-functional properties, such as data delay and packet drops, have a negative impact on the system functionality.
We show that simply forwarding measurements from PMUs through shortest routes to phasor data collectors may result in data being dropped at their destinations. We believe therefore that there is a strong interplay between the routing paths (delays along the paths) for gathering the measurements and the value of timeout period. This is particularly troubling when a malicious attacker deliberately causes delays on some communication links along the shortest routes. Therefore, we present a mathematical model for constructing forwarding trees for PMUs’ measurements which satisfy the end to end delay as well as the delay variation requirements of WAMS applications at data concentrators. We show that a simple shortest path routing will result in larger fraction of data drop and that our method will find a suitable solution. Then, we study the relation between cyber-attack propagation and IP multicast routing. To this extent, we formulate the problem as the construction of a multicast tree that minimizes the propagation of cyber-attacks while satisfying real-time and capacity requirements. The proposed attack propagation multicast tree is evaluated using different IEEE test systems. Finally, cyber-attacks resulting in the disconnection of PDC(s) from WAMS initiate a loss of its phasor stream and incompleteness in the observability of the power system. Recovery strategies based on the re-routing of lost phasors to other connected and available PDCs need to be designed while considering the functional requirements of WAMS. We formulate a recovery strategy from loss of compromised or failed PDC(s) in the WAMS network based on the rerouting of disconnected PMUs to functional PDCs. The proposed approach is mathematically formulated as a linear program and tested on standard IEEE test systems. These problems will be extensively studied throughout this thesis.