Hardware-In-The-Loop Vulnerability Analysis of a Single-Machine Infinite-Bus Power System

TL;DR

This paper analyzes the vulnerability of a power grid's generator frequency stability to cyber attacks using a Hardware-In-The-Loop testbed, demonstrating how coordinated attacks can destabilize the system without continuous signal injection.

Contribution

It introduces a novel vulnerability analysis method for power systems using HITL testing and reachability analysis to identify optimal attack strategies.

Findings

Coordinated attacks can destabilize the system without continuous signals.

Optimal attack timing can maximize system destabilization.

HITL testbed effectively simulates real-world cyber-physical attack scenarios.

Abstract

The dynamic performance of the generators is a critical factor for the safe operation of the power grid. To this extent, the stability of the frequency of generators is the target of cyber attacks since its instability may lead to sizable cascade failures in the whole network. In this paper, we perform the vulnerability analysis in a developed power grid Hardware-In-The-Loop (HITL) testbed with a Wago 750-881 PLC sending control commands to the generators and a 750 Feeder Management Relay connected to a local load. A process-aware coordinated attack is demonstrated by spoofing control commands sent by the PLC and the relay to the simulated power system which is modeled as a single-machine infinite-bus (SMIB). Based on the reachability analysis, the attacker can find the optimal attack signal to drive the system state out of their safe set of values. Thereafter, it is experimentally demonstrated that the attacker does not need to send attack signal continuously if he implements a carefully designed coordinated attack on the PLC and the relay. The presented assessments provide information about the best time to launch an attack in order to destabilize the power system.