Enhanced Cyber-Physical Security Using Attack-resistant Cyber Nodes and Event-triggered Moving Target Defence

TL;DR

This paper proposes a combined cyber-physical security approach for power systems using attack-resistant measurement nodes with cryptographic protection and an event-triggered moving target defense to detect and prevent false data injection attacks.

Contribution

It introduces a novel integration of low-cost secure measurement chips with an event-triggered moving target defense for enhanced power system security.

Findings

The security chips provide cryptographically protected measurements at 12 reports per second.

The distributed anomaly detection scheme effectively detects a wide range of FDI attacks.

The combined cyber-physical approach enhances power system resilience against cyber threats.

Abstract

This paper outlines a cyber-physical authentication strategy to protect power system infrastructure against false data injection (FDI) attacks. We demonstrate that it is feasible to use small, low-cost, yet highly attack-resistant security chips as measurement nodes, enhanced with an event-triggered moving target defence (MTD), to offer effective cyber-physical security. At the cyber layer, the proposed solution is based on the MULTOS Trust-Anchor chip, using an authenticated encryption protocol, offering cryptographically protected and chained reports at up to 12/s. The availability of the trust-anchors, allows the grid controller to delegate aspects of passive anomaly detection, supporting local as well as central alarms. In this context, a distributed event-triggered MTD protocol is implemented at the physical layer to complement cyber side enhancement. This protocol applies a distributed anomaly detection scheme based on Holt-Winters seasonal forecasting in combination with MTD implemented via inductance perturbation. The scheme is shown to be effective at preventing or detecting a wide range of attacks against power system measurement system.