Security and Reliability Perspectives in Cyber

0 downloads 0 Views 273KB Size Report
Keywords—Cyber-physical, reliability, security, smart grids. I. INTRODUCTION .... defense-in-depth framework is usually integrated into smart grids to ..... and N. Bhatt, "Adaptive wide-area damping control using measurement- driven model ...
Security and Reliability Perspectives in CyberPhysical Smart Grids Hangtian Lei, Member, IEEE, Bo Chen, Member, IEEE, Karen L. Butler-Purry, Fellow, IEEE, and Chanan Singh, Fellow, IEEE

to be adequately protected from potential cyber threats, making cybersecurity a critical concern in the implementation of smart grids. The security of cyber-physical systems is becoming a critical concern in both academic and industrial realms [1]-[5]. Without sufficient protection, malicious attackers can successfully launch cyber and physical attacks and cause severe cascading failures that involve both cyber and physical devices and operations. Tremendous efforts have been made on developing cyber resilient smart grids. The vulnerable points in the cyber system of smart grids that can be used for performing cyber-attacks by corrupted personnel and unauthorized parties were summarized in [1] and [4]. Successful cyber-attacks deteriorate power systems in various aspects, such as system stability [3], [6] and power market operations [7]. The detailed considerations of cyber-attack modeling, detection, and mitigation were discussed in [6][12]. Furthermore, cyber-physical testbeds were developed in [13] and [14] to enable researchers to investigate the interoperability between communication systems and power systems. In contrast to the cyber-physical security concerns in smart grids, another topic, cyber-physical reliability, started to receive researchers’ attention in recent years [15]-[22]. The definition of bulk power system reliability is stated in [23] as “the probability that the power system will perform the function of delivering electric power to customers adequately, on a continuous basis and with an acceptable quality.” Methodologies for generation, transmission, and distribution system reliability evaluation were well developed during past decades [24]-[26]. In the process of traditional reliability evaluation, cyber elements’ functionalities were considered perfectly reliable. This assumption may be reasonable for traditional power grids where only limited cyber-physical interdependencies existed. However, with the increasing deployment of cyber infrastructure, modern power grid reliability is more dependent on the availability of cyberenabled functions. It is necessary to include cyber malfunctions in power system reliability evaluation so that more realistic results can be obtained. This topic is generally termed as “cyber-physical reliability” as it investigates the impact of cyber malfunctions on the reliability of composite power systems [15].

Abstract—Information and communication technologies (ICTs) are widely deployed in electric power systems to improve system monitoring, control, protection, and data processing capabilities. However, power systems’ dependency on cyber infrastructure inevitably increases the risk of system degradation resulting from cyber-attacks. In addition, the intrinsic failures of cyber elements and the design defects of cyber-physical system architecture affect power system reliability. These two concerns are generally termed as “cyber-physical security” and “cyberphysical reliability”, respectively. While the two topics have received considerable research efforts in recent years, their distinctions still remain obscure among researchers. This paper succinctly summarizes the scopes, approaches, and major advancements in the two research areas with representative examples provided to clarify their distinctions. By revealing the inherent features of cyber-physical security and cyber-physical reliability in smart grids, this paper is written with the objective of facilitating future studies in these two areas. Keywords—Cyber-physical, reliability, security, smart grids.

I. INTRODUCTION

T

HE increasing demand for reliable, efficient, and sustainable management of electric power and energy systems motivates the concept of smart grid [1]. Information and communication technologies (ICTs) exist extensively in electric power generation, transmission, and distribution systems, as shown in Figs. 1 and 2. ICTs are indispensable for the core functionalities of smart grids and thus they are widely deployed to improve system monitoring, control, protection, and data processing capabilities [2]. However, on the other hand, the increasing dependency of smart grids on the cyber infrastructure also brings about system vulnerabilities to cyber-attacks [1]-[4]. Current communication networks for power systems are not designed This work was supported in part by the National Priorities Research Program (NPRP) under Grant NPRP 7-106-2-053 from the Qatar National Research Fund (a member of Qatar Foundation). H. Lei is with the Department of Electrical and Computer Engineering, University of Idaho, Moscow, ID 83844 USA (e-mail: [email protected]). B. Chen is with the Energy Systems Division, Argonne National Laboratory, Argonne, IL 60439 USA (e-mail: [email protected]). K. L. Butler-Purry and C. Singh are with the Department of Electrical and Computer Engineering, Texas A&M University, College Station, TX 77843 USA (e-mails: [email protected]; [email protected]).

c 978-1-5386-4291-7/18/$31.00 2018 IEEE

42

Transmission and Distribution Operations

Energy Market

Customer Services

Station Application Bus

Wide Area Network

Protection IEDs Voltage Regulator Control

RTU

Switched Capacitor Control

Process Bus

Distributed Generation

Substation Automation Merging Unit

Merging Unit

Smart Metering Merging Unit

Fig. 1. Information and communication technologies in smart grids.

System Operator IndependentIndependent System Operator Information and Control System Domain

Communication System Domain

Physical System Domain

Generation Control Center – Plant Automation – AGC – AVR – Governor Control – etc.

Transmission Control Center – Protective Relay – FACTS – State Estimation – Various Controller – etc.

Load Controller – Demand Response – HMS – Various Controller – etc.

Distribution Control Center – Load Shedding – AMI – DMS – OMS – etc.

Wide Area Network

Neighborhood Area Network

Home Area Network

Satellite, Radio Frequency, Optical Fiber, PMU, PDC, RTU, etc.

Power Line Communication, Radio Frequency, WiMAX, etc.

WiFi, ZigBee, DSL, Coaxial, Cable, Smart Meter, Smart Thermostat, etc.

Generation

Transmission

– Generator – Energy Storage – Wind Farm – Solar Farm – etc.

– Transmission Line – Circuit Breaker – Bus Bar – Transformer – etc.

Distribution

Consumption

– Overhead Line – Underground Cable – Transformer – Capacitor Bank – etc.

– Smart Appliance – Electric Vehicle – Water Pump – Water Heater – etc.

Fig. 2. Smart grid infrastructure from both cyber and physical perspectives.

Although sharing some similarities, cyber-physical security and cyber-physical reliability are two distinct topics in smart grid studies. Ultimately both affect the continuity and quality of power delivery to customers. However, the focus points and modeling approaches are very different in the two areas of research. The focus points of cyber-physical security research are cyber intrusion mechanisms, consequences, and preventive or mitigation strategies. In the process of analysis, specific cyber intrusion scenarios are typically simulated and evaluated. Whereas the focus points of cyber-physical reliability research are the modeling and analysis of cyber components’ or systems’ intrinsic failure modes and their impact on power grid reliability. Probabilistic methodologies are normally used in cyber-physical reliability studies. While the distinctions between the two topics still remain

obscure among researchers, this paper aims to provide insightful illustrations of the scopes, approaches, and major advancements in the two research areas to succinctly summarize their similarities and clarify their distinctions. The remainder of this paper is organized as follows. Section II illustrates cyber-physical security aspects in power systems. Section III introduces cyber-physical reliability studies. Section IV summarizes the similarities and clarifies the distinctions between the two areas. Finally, conclusions are made in Section V. II.CYBER-PHYSICAL SECURITY This section illustrates cyber-physical security aspects in smart grids and summarizes current practices and state-of-theart approaches in this field.

2018 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia)

43

A. Cyber-Physical Security Aspects in Smart Grids Table I shows the classification of typical cyber-physical threats based on different criteria. In addition to void the CIA (i.e., Confidentiality, Integrity, and Availability) triad [27], successfully penetrated cyber-physical attacks can cause a broad spectrum of impact. Major consequences resulting from successful penetration include: • Financial Loss. The information (e.g., market prices, system operational conditions, and equipment settings) can be accessed by unauthorized parties, which will benefit attackers in many ways. Attackers can sell the information or use the information in power market bidding. • Deteriorated services. This issue arises when the information is modified by an unauthorized party. For example, if the Remote Terminal Unit (RTU) values are modified, the state estimator may not converge to a valid solution and the control center cannot accurately analyze grid states. • Physical impact. As the data is modified or the communication is delayed, cyber-attacks can cause physical results (such as equipment damage). A power outage resulting from physical equipment damage will take longer time for restoration. B. Current Practices and State-of-the-Art Approaches 1) Cyber-Physical Security Framework Malicious cyber and physical attacks in the near future are expected to become more sophisticated and dedicated. Utilities and vendors are struggling with improving the cybersecurity of IT systems in view of the upcoming era of Internet of Things (IoT). According to the NISTIR 7628 Guidelines for Smart Grid Cyber Security [28], centralized energy management systems and associated monitoring and control systems are among the key actors for decision making and information exchange. However, existing cybersecurity technologies employed in power systems are not guaranteed to satisfy the Critical Infrastructure Protection (CIP) Reliability Standards introduced by the North American Electric Reliability Corporation. In view of the emerging sophisticated cyber threats and coordinated cyber-physical attacks, a hierarchical defense-in-depth framework is usually integrated into smart grids to address the Cyber-Physical System (CPS) security concerns. A CPS security framework should include several core functions such as identification, protection, detection, mitigation, and restoration [29]. 2) Vulnerability and Impact Analysis Vulnerabilities of legacy communication and networking technologies can be exploited by malicious attackers. The CPS vulnerabilities, which can be leveraged by unintentional or malicious entities to compromise the CPS security, were well studied and analyzed [6]-[12]. Impact analysis, which provides the knowledge of the propagation of potential cyber-physical attacks, is equivalently important. A framework for cyber-

44

attack impact analysis was introduced in [30], in which the interdependency between cyber and physical was considered. Simulation-based [3] and model-based [31] approaches are usually used for studying the impact of CPS incidents. Efficient vulnerability and impact analysis technologies can facilitate the detection and mitigation development and significantly reduce the attack surface. 3) Defense-in-Depth and Proactive Defense Defense-in-depth strategies [32] are still the recommended practice, since they can efficiently implement protection for each network layer and hence increase the efforts required for the adversaries to penetrate all the layers. Currently, cyber security of networks and associated software and hardware is managed by IT professionals. The defenders always play a passive role in the battle of cyber crimes. Specifically, traditional cybersecurity strategies (e.g., firewalls and antivirus) with advanced security (e.g., IPsec) are still susceptible to cyber threats and can no longer provide sufficient protection against the ever-growing sophisticated attacks. Since asset owners must manage the tradeoffs between the investment and the desired level of cybersecurity, they usually fail to catch up the pace of evolving attack tools. Proactive defense is considered as the next-generation technology for evolving threats [32]. In the proactive defense strategies (e.g., predictive intelligence and Moving Target Defense), the defenders can take a proactive role to reverse the adversary’s asymmetric advantage and achieve a higher level of security. 4) Detection and Mitigation Strategies Existing cybersecurity practices [8]-[12] mainly focus on the development of detection methodologies based on the signatures of documented cyber threats and anomaly behaviors. Successfully penetrated cyber attacks may not only cause extended latency and packet losses in measurement/control communication channels but also result in falsified data strategically injected into the SCADA system. While existing state estimation technologies can identify bad data caused by noise and malicious cyber-attacks, researchers have proposed a number of attack modes that can bypass the state-of-the-art bad data detectors (e.g., [10]). New detection (e.g., new state estimation algorithms) and mitigation technologies (e.g., isolation and reconfiguration) that can leverage the characteristics of both cyber and physical systems are desired. 5) Resilient Control Most smart grid applications rely on real-time and/or historical data to perform expected functionalities. However, many existing applications lack flexibility in response to varying communication conditions. Resilient control strategies enable critical smart grid control applications to withstand varying time delay, missing packet, and malicious parameter falsification. For example, authors in [33] and [34] have presented new algorithms to allow wide-area damping controllers to achieve better damping performance in the presence of large time delays and packet loss.

2018 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia)

TABLE I CLASSIFICATION OF TYPICAL CYBER-PHYSICAL THREATS Classification Criteria Interception Modification By Target Interruption Fabrication Active attack By Purpose Passive attack

Insider attack By Origination Outsider attack

Characteristics Attack on confidentiality Passive attack, often cannot be detected but can be prevented with cryptography Attack on integrity Active attack, can be detected with cryptography Attack on availability Active attack, can be detected but often not preventable Attack on authentication Active attack, can be detected with cryptography Attempt to alter system resources or affect the operation Detectable Attempt to learn or make use of information from the system but do not affect system resources Preventable Initiated by an entity that is authorized to access system resources Cannot be prevented Initiated by an unauthorized or illegitimate user of the system Can be prevented

6) Testbeds CPS testbeds are critical for understanding CPS interdependencies and verifying CPS models and solutions. Many testbeds have been developed in various research institutes and companies [35]. A CPS testbed can realize a cyber-physical environment by simulating communication network, power system, comprehensive control algorithms, and cyber-physical incidents simultaneously. Real-time CPS testbeds normally feature hardware/software/human in the loop simulation, and thus supporting validation of real-world CPS security solutions and training. III. CYBER-PHYSICAL RELIABILITY The major task of power system reliability evaluation is to compute reliability indices with the use of probabilistic methods. Such indices are a numerical representation of system reliability. Methodologies and theories have been well developed in the past few decades to compute reliability indices effectively and accurately [24]-[26]. Analytical methods (e.g., state enumeration, fault tree analysis) and Monte Carlo simulation based approaches are widely used in power grid reliability evaluation. A. Cyber-Physical Reliability in Smart Grids An electric power system consists of cyber and physical parts. The physical part (also referred to as the primary side) carries high currents and performs duties of electric power generation and delivery. The cyber part (also termed as the secondary side) transmits measurement and communication signals and performs data acquisition, monitoring, protection, and control duties. Both the cyber and physical parts are indispensable for the proper functioning of a power system. In the process of traditional reliability evaluation, cyber elements’ functionalities are considered perfectly reliable thus the impact of cyber failures or malfunctions is typically neglected in all hierarchical levels’ of evaluation. This

Examples Eavesdropping, fiber tapping, packet sniffing, keystroke logging, surveillance, traffic monitoring Control signal modification, sensor data modification, energy usage modification Communication link jamming, software modification, data erasure Flooding attack, insertion of fake control signals, insertion of fake financial transactions Modification, interruption, fabrication

Interception Corrupted entities trying to modify transactions for profit Hackers trying to trigger a blackout, consumers trying to modify energy usage

assumption may perhaps be reasonable for legacy power grids where only limited cyber-physical interdependencies exist so that the impact of cyber malfunctions on the physical part is relatively less important. However, with the increasing deployment of cyber infrastructure, modern power grid reliability is more dependent on the availability of cyberenabled functions. Therefore, it is necessary to include cyber failures and malfunctions in power system reliability evaluation so that more realistic results can be obtained. It should be noted that the cyber failures and malfunctions mentioned here refer to the malfunctioning of cyber components resulting from components’ own failure modes or communication delays in the network. Such failure modes and communication delays are the intrinsic properties of the cyber part and are distinct from the intentional cyber-attacks and intrusions discussed in Section II of this paper. B. Challenges and Solutions to Incorporate Cyber Part in the Overall System Dimensionality and complexity are the two major challenges to incorporate cyber failures and malfunctions into composite power system reliability evaluation. The issue of dimensionality arises from the size of the system evaluated. For a large power system, even the physical part alone has enormous number of components, requiring significant amounts of computational resources in reliability evaluation. If the cyber part is modeled and analyzed concurrently with the physical part, the number of components will be overwhelmingly large. The issue of complexity is due to the extensive presence of cyber elements over power grids as well as the variety of interdependencies between cyber and physical parts. Typically such interdependencies are not immediate or direct. For example, the failure of a protection Intelligent Electronic Device (IED) may remain undetected until a fault occurs and the protection IED fails to react. Also, the failure of a

2018 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia)

45

monitoring device may impact power grid very differently from the failure of a protection device. Because of the dimensionality and complexity, it is impractical (if not impossible) to model and analyze the entire system, cyber and physical, in one stage. The complete process of analysis has to be divided into several stages and the overall system should also be decoupled into smaller parts. Based on this general idea, two methodologies were proposed in [16]-[21] to evaluate the reliability of cyber-physical power systems. In [16]-[18], the interdependencies between cyber and physical parts were categorized into direct and indirect types, which were further categorized into element-element and network-element subsets. A probability table (P-Table) [17] was created to summarize cyber-physical interdependencies, based on which system-wide reliability indices can be computed. In [19]-[21], a more scalable methodology with the use of Cyber-Physical Interface Matrix (CPIM) was proposed. Reliability analysis was firstly performed at substation level with cyber-physical interdependencies summarized in the CPIM. A composite system reliability evaluation was then performed to obtain system-wide reliability indices. In the composite system reliability evaluation, the entries in the CPIM can be directly utilized without the necessity of considering the details of cyber elements. The CPIM decouples the cyber and physical parts, therefore, the overall evaluation process can be performed in a tractable fashion. The computational efficiency of the CPIM methodology was largely improved in [22] with the use of non-sequential techniques. C.Testbeds The IEEE Reliability Test System (IEEE-RTS) [36] and the Roy Billinton Test System (RBTS) [37] are the two most widely used benchmark test systems for traditional power system reliability research. However, neither of the two test systems has descriptions about the cyber part. This brings about the burden of establishing a new testbed every time an investigator wants to validate or demonstrate a new methodology, which is also a salient obstacle to cyberphysical power system reliability studies. Also, the unavailability of a benchmark cyber-physical reliability testbed makes it difficult to compare the effectiveness and efficiency of different reliability evaluation methodologies developed. The initial thoughts of establishing a benchmark testbed for cyber-physical power system reliability research have been proposed in [38]. A portion of the IEEE RTS was extended in [38] to illustrate this idea, with technical difficulties discussed and possible solutions suggested. Still, tremendous efforts and inputs are needed from both academia and industry to establish a full-fledged testbed. IV. SIMILARITIES AND DISTINCTIONS BETWEEN SECURITY AND RELIABILITY Both cyber-physical security and cyber-physical reliability

46

issues are consequences of the improper functioning of cyber components, thereby affect the continuity and quality of power delivery to customers. However, cyber-physical security and cyber-physical reliability are essentially distinct in origination, modeling, and objectives. Such distinctions still remain obscure among researchers. First, the inherent originations of security and reliability issues are distinct. Security issues arise from external intrusions while reliability issues come from internal factors such as cyber elements’ random failures and malfunctions. Security is a shell that protects the system from external intrusions, while reliability deals with the internal functioning of the system, as shown in Fig. 3. Security

Reliability

Fig. 3. Relationship between security and reliability.

Because of the distinct originations, the scopes of the two areas of studies are also different. Security issues can be resolved by equipping the system with better firewalls or other shielding capabilities, therefore cyber-physical security studies focus on specific cyber intrusion mechanisms, consequences, and preventive or mitigation strategies. In contrast, reliability issues can only be resolved in the design stage as they are associated with the intrinsic structure and topology of the system. Thus, cyber-physical reliability studies focus on intrinsic cyber malfunctions and their impact as well as the design of better system architecture for reliability improvement. Furthermore, the approaches used in the two areas of studies are distinct. In cyber-physical security studies, specific cyber-attack scenarios are simulated on cyber infrastructures to investigate cyber intrusion process and mitigation strategies. As for cyber-physical reliability studies, probabilistic methods are used to quantitatively measure the impact of cyber components’ malfunctions on power grid energy unavailability and such impact is used as one important criterion to compare the reliability of different design architectures. This, however, does not mean that the two disciplines cannot learn from each other. As an example, the concept of minimal cut sets used in reliability studies could potentially be used to anticipate cyber attacks. V.CONCLUSIONS The increasing deployment of information and communication technologies (ICTs) in smart grids brings about cyber-physical security and cyber-physical reliability concerns. Although sharing some similarities, these two topics

2018 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia)

are inherently distinct. Cyber-physical security deals with the external attacks while cyber-physical reliability deals with the intrinsic functioning of the system. This paper succinctly summarizes the scopes, approaches, and major advancements in the two research areas. Representative examples are also provided to reveal the inherent distinctions between cyberphysical security and cyber-physical reliability. The summary and clarification presented in this paper will be very helpful for researchers to perform future studies in these two areas. Although these are two different disciplines, an area of future investigation could be that methodologies developed in the two disciplines can learn from each other. REFERENCES [1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

S. Sridhar, A. Hahn, and M. Govindarasu, “Cyber-physical system security for the electric power grid,” Proceedings of the IEEE, vol. 100, no. 1, pp. 210–224, January 2012. M. Govindarasu, A. Hann, and P. Sauer, “Cyber-physical systems security for smart grid,” in Power Systems Engineering Research Center (PSERC) - Future Grid Initiative White Paper, 2012. B. Chen, S. Mashayekh, K. L. Butler-Purry, and D. Kundur, “Impact of cyber attacks on transient stability of smart grids with voltage support devices,” in Proc. IEEE Power and Energy Society General Meeting, Vancouver, BC, Canada, July 21–25, 2013, pp. 1–5. Y. Yan, Y. Qian, H. Sharif, and D. Tipper, “A survey on smart grid communication infrastructures: Motivations, requirements and challenges,” IEEE Communications Surveys & Tutorials, vol. 15, no. 1, pp. 5-20, 2013. The Smart Grid Interoperability Panel Cyber Security Working Group, “Introduction to NISTIR 7628 guidelines for smart grid cyber security,” National Institute for Standards and Technology, 2010. S. Liu, B. Chen, T. Zourntos, D. Kundur, and K. Butler-Purry, “A coordinated multi-switch attack for cascading failures in smart grid,” IEEE Transactions on Smart Grid, vol. 5, no. 3, pp. 1183-1195, 2014. L. Xie, Y. Mo, and B. Sinopoli, “Integrity data attacks in power market operations,” IEEE Transactions on Smart Grid, vol. 2, no. 4, pp. 659– 666, 2011. S. Sridhar and M. Govindarasu, “Model-based attack detection and mitigation for automatic generation control,” IEEE Transactions on Smart Grid, vol. 5, no. 2, pp. 580-591, March 2014. C.-W. Ten, J. Hong, and C.-C. Liu, “Anomaly detection for cybersecurity of the substations,” IEEE Transactions on Smart Grid, vol. 2, no. 4, pp. 865–873, 2011. O. Kosut, L. Jia, R. J. Thomas, and L. Tong, “Malicious data attacks on the smart grid,” IEEE Transactions on Smart Grid, vol. 2, no. 4, pp. 645–658, 2011. C.-W. Ten, C.-C. Liu, and M. Govindarasu, “Vulnerability assessment of cybersecurity for SCADA systems,” IEEE Transactions on Power Systems, vol. 23, no. 4, pp. 1836-1846, November 2008. H. Lin, A. Slagell, Z. Kalbarczyk, P. Sauer, and R. Iyer, “Runtime semantic security analysis to detect and mitigate control-related attacks in power grids,” IEEE Transactions on Smart Grid, 2016, DOI: 10.1109/TSG.2016.2547742. B. Chen, K. L. Butler-Purry, A. Goulart, and D. Kundur, “Implementing a real-time cyber-physical system test bed in RTDS and OPNET,” in Proc. 2014 North American Power Symposium (NAPS), Pullman, WA, USA, September 7–9, 2014, pp. 1–6. A. Hahn, A. Ashok, S. Sridhar, and M. Govindarasu, “Cyber-physical security testbeds: Architecture, application, and evaluation for smart grid,” IEEE Transactions on Smart Grid, vol. 4, no. 2, pp. 847–855, 2013. C. Singh and A. Sprintson, “Reliability assurance of cyber-physical power systems,” in Proc. IEEE Power and Energy Society General Meeting, Minneapolis, MN, USA, July 2010, pp. 1–6. B. Falahati and Y. Fu, “A study on interdependencies of cyber-power networks in smart grid applications,” in Proc. IEEE Innovative Smart Grid Technologies (ISGT), Washington, DC, USA, 2012.

[17] B. Falahati, Y. Fu, and L. Wu, “Reliability assessment of smart grid considering direct cyber-power interdependencies,” IEEE Transactions on Smart Grid, vol. 3, no. 3, pp. 1515–1524, September 2012. [18] B. Falahati and Y. Fu, “Reliability assessment of smart grids considering indirect cyber-power interdependencies,” IEEE Transactions on Smart Grid, vol. 5, no. 4, pp. 1677–1685, July 2014. [19] H. Lei, C. Singh, and A. Sprintson, “Reliability modeling and analysis of IEC 61850 based substation protection systems,” IEEE Transactions on Smart Grid, vol. 5, no. 5, pp. 2194–2202, 2014. [20] H. Lei, C. Singh, and A. Sprintson, “Reliability analysis of modern substations considering cyber link failures,” in Proc. IEEE Power and Energy Society Innovative Smart Grid Technologies 2015 Asian Conference, Bangkok, Thailand, November 4-6, 2015, pp. 1-5. [21] H. Lei and C. Singh, “Power system reliability evaluation considering cyber-malfunctions in substations,” Electric Power Systems Research, vol. 129, pp. 160–169, December 2015. [22] H. Lei and C. Singh, “Non-sequential Monte Carlo simulation for cyberinduced dependent failures in composite power system reliability evaluation,” IEEE Transactions on Power Systems, vol. 32, no. 2, pp. 1064–1072, March 2017. [23] M. P. Bhavaraju, R. Billinton, R. E. Brown, J. Endrenyi, W. Li, A. P. Meliopoulos, and C. Singh, “IEEE tutorial on electric delivery system reliability evaluation,” in IEEE Power Engineering Society General Meeting, 2005. [24] R. Billinton, Power System Reliability Evaluation. New York: Gordon and Breach, 1970. [25] R. Billinton and R. N. Allan, Reliability Assessment of Large Electric Power Systems. Boston: Kluwer, 1988. [26] R. Billinton and R. N. Allan, Reliability Evaluation of Power Systems, 2nd ed. New York: Plenum Press, 1996. [27] F. Cleveland, “IEC TC57 WG15: IEC 62351 Security Standards for the Power System Information Infrastructure,” International Electrotechnical Commission, June 2012. [28] The National Institute of Standards and Technology (NIST) Smart Grid Interoperability Panel Cyber Security Working Group, “NISTIR 7628: Guidelines for Smart Grid Cyber Security,” September 2010. [29] The National Institute of Standards and Technology, “Framework for Improving Critical Infrastructure Cybersecurity,” February 2014. [30] D. Kundur, X. Feng, S. Liu, T. Zourntos, and K. L. Butler-Purry, “Towards a framework for cyber attack impact analysis of the electric smart grid,” in Proc. the First IEEE International Conference on Smart Grid Communications (SmartGridComm), pp. 244-249, October 2010. [31] A. Teixeira, S. Amin, H. Sandberg, K. H. Johansson, and S. S. Sastry, “Cyber security analysis of state estimators in electric power systems,” in Proc. the 49th IEEE Conference on Decision and Control (CDC), pp. 5991-5998, December 2010. [32] R. Colbaugh and K. Glass, “Proactive defense for evolving cyber threats,” in Proc. the 2011 IEEE International Conference on Intelligence and Security Informatics (ISI), pp. 125-130, July 2011. [33] L. Zhu, H. Liu, Z. Pan, Y. Liu, E. Farantatos, M. Patel, S. McGuinness, and N. Bhatt, "Adaptive wide-area damping control using measurementdriven model considering random time delay and data packet loss," in Proc. the IEEE Power and Energy Society (PES) General Meeting, pp. 1-5, July 2016. [34] J. Duan, H. Xu, and W. Liu, “Q-learning based Damping Control of Wide-area Power Systems under Cyber Uncertainties,” IEEE Transactions on Smart Grid, vol. PP, no. 99, 2017, DOI: 10.1109/TSG.2017.2711599. [35] M. H. Cintuglu, O. A. Mohammed, K. Akkaya, and A. S. Uluagac, “A survey on smart grid cyber-physical system testbeds,” IEEE Communications Surveys & Tutorials, vol. 19, no. 1, pp. 446-464, 2017. [36] IEEE Committee Report, “IEEE reliability test system,” IEEE Trans. Power Apparatus and Systems, vol. PAS-98, no. 6, pp. 2047–2054, November/December 1979. [37] R. Billinton, S. Kumar, N. Chowdhury, K. Chu, K. Debnath, L. Goel, E. Khan, P. Kos, G. Nourbakhsh, and J. Oteng-Adjei, “A reliability test system for educational purposes-basic data,” IEEE Trans. Power Systems, vol. 4, no. 3, pp. 1238–1244, August 1989. [38] H. Lei and C. Singh, “Developing a benchmark test system for electric power grid cyber-physical reliability studies,” in 2016 International Conference on Probabilistic Methods Applied to Power Systems (PMAPS), pp. 1-5, 2016.

2018 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia)

47