Scalable Cyber-Physical Testbed for Cybersecurity Evaluation of Synchrophasors in Power Systems

TL;DR

This paper introduces a scalable, real-time cyber-physical testbed for power systems that enables detailed cybersecurity testing of synchrophasors under various attack scenarios, aiding research and industry.

Contribution

It develops a highly scalable, real-time CPS testbed with attack emulation capabilities and an interactive framework for testing PMU security vulnerabilities.

Findings

Successfully emulated multiple cyber-attack scenarios on power system components.

Demonstrated the testbed's capability with a case study on false data injection attacks.

Analyzed security vulnerabilities of the IEEE C37.118.2 pySynphasor module.

Abstract

This paper presents a real-time cyber-physical (CPS) testbed for power systems with different real attack scenarios on the synchrophasors-phasor measurement units (PMU). The testbed focuses on real-time cyber-security emulation with components including a digital real-time simulator, virtual machines (VM), a communication network emulator, and a package manipulation tool. The script-based VM deployment and the software-defined network emulation facilitate a highly-scalable cyber-physical testbed, which enables emulations of a real power system under different attack scenarios such as Address Resolution Protocol (ARP) poisoning attack, Man In The Middle (MITM) attack, False Data Injection Attack (FDIA), and Eavesdropping Attack. The common synchrophasor, IEEE C37.118.2 named pySynphasor has been implemented and analyzed for its security vulnerabilities. The paper also presented an interactive framework for injecting false data into a realistic system utilizing the pySynphasor module. The framework can dissect and reconstruct the C37.118.2 packets, which expands the potential of testing and developing PMU-based systems and their security in detail and benefits the power industry and academia. A case for the demonstration of the FDIA attack on the linear state estimation together with the bad-data detection procedure are presented as an example of the testbed capability.