Date of Award

5-2014

Document Type

Thesis

Degree Name

Master of Science (MS)

Legacy Department

Computer Engineering

Advisor

Brooks, Richard R.

Committee Member

Venayagamoorthy , G Kumar

Committee Member

Wang , Kuang-Ching

Abstract

Smart grid technologies such as synchrophasor devices (Phasor Measurement Units (PMUs)), make real-time monitoring, control, and analysis of the electric power grid possible. PMUs measure voltage and current phasors across the electrical power grid, add a GPS time stamps to measurements, and sends reports to the Phasor Data Concentrators (PDCs) in the control centers. Reports are used to make decisions about the condition and state of the power grid. Since this approach relies on Internet Protocol (IP) network infrastructure, possible cybersecurity vulnerabilities have to be addressed to ensure that it is stable, secure, and reliable. In literature, attacks that are relevant to PMUs, are discussed. The system modeled is the benchmark IEEE 68 bus (New England/New York) power system. This document details vulnerability testing performed on a network implemented with a real-time grid simulator, the Real Time Digital Simulator (RTDS), with SEL PMU devices monitoring several bases. The first set of security vulnerabilities were found when running traffic analysis of the network. In using this approach it was found that the system was susceptible to Address Resolution Protocol (ARP) poisoning. This allowed the switch to be tricked so that all network traffic was rerouted through the attack computer. This technique allowed for packet analysis, man-in-the-middle, and denial of service (DOS) attacks. Side channel analysis was used to distinguish PMU traffic across the virtual private network (VPN) established by the security gateways. After the traffic was collected, the inter-packet delays were used to construct a Hidden Markov Model. This model was used to distinguish measurement packets being transported across the VPN. Once the measurements are identified, a DOS attack can be performed on the network. While this document unveils certain security vulnerabilities within the PMU network, further testing is needed to provide a full security vulnerability analysis. A future security agenda is proposed.

Share

COinS