Metrics and Tools for Measuring Cyber Resiliency of Electric Grids

s
Industry Collaborators: 
  • Siemens
  • Currently seeking additional collaborators from industry, power utilities, and national labs. If interested, contact Adam Hahn. 
Summary Statement: 

The approach used in this activity focuses on the identification and validation of metrics and tools for cyber resilience to directed attacks on power grid systems, with particular attention paid to networked transmission systems. The effort relies on testbed-based analysis using RTDS, OPAL-RT, communication emulators, hardware intelligent electronic devices, amplifiers, and hardware controllers to model time-critical power grid applications which will be most impacted by cyber attacks. In developing the metrics, we will extend and combine common impact metrics from both the cyber-domain (e.g., common vulnerability scoring system (CVSS), Common Weakness Scoring System (CWSS)) and the power-domain (e.g., topological and system resiliency). In addition, we will develop new metrics for devices not yet covered by standards (e.g., PLCs). We will develop tools that measure the metrics and analyze cyber resiliency, and use these tools to quantify the improvements in security that are brought about by techniques such as reconfiguration, redundancy, partitioning, non-persistence and automated response. Cyber-vulnerabilities, cyber attacks and cyber-defense mechanisms and their impact on power grid resiliency will be studied using the hardware-in-the-loop capability of CREDC testbeds.

Energy Delivery System (EDS) Gap Analysis: 

The power grid currently lacks metrics, tools or technology for quantifying operation technologies (OT) with respect to cyber resiliency to attack. These must be developed and integrated into the grid’s design and operational processes to enable resilient transmission, distribution and microgrid systems. While previous work has explored both resilience in cyber systems and in the physical grid, there remains a need to develop cyber-physical metrics. Research is needed to provide a cyber-physical system model, alternative attack models, alternative metrics to analyze the impact on resiliency of the system, and tools that use those metrics to aid in the design of OT systems, as well as identify security problems after the system is installed and is running.

Reference the research activity fact sheet (PDF) for an extended gap analysis and bibliography.

How does this research activity address the Roadmap to Achieve Energy Delivery Systems Cybersecurity?
This research activity addresses one of the top priorities: metrics to measure security to assess and monitor risks as identified by participants at the September 2009 Roadmap Update Workshop and available as exhibit 4.3.1 of the Roadmap. Additionally, the need for testbed validation of the developed tools for resilience testing and assessment is identified in exhibit 4.4.1, which will be one of the research activities to support the developed resiliency assessment metrics tools.

Status of Activity: 
Active