Enhanced cyber‐physical security using attack‐resistant cyber nodes and event‐triggered moving target defence

• Published in: IET cyber-physical systems Vol. 6; no. 1; pp. 12 - 26
• Main Authors: Higgins, Martin, Mayes, Keith, Teng, Fei
• Format: Journal Article
• Language: English
• Published: Southampton John Wiley & Sons, Inc 01.03.2021; Wiley
• Subjects: Anomalies; Authentication; Electricity distribution; Inductance; Moving targets; Nodes; Security; Systems design; Systems stability; Ukraine
• ISSN: 2398-3396; 2398-3396
• DOI: 10.1049/cps2.12002

A cyber‐physical authentication strategy to protect power system infrastructure against false data injection (FDI) attacks is outlined. The authors demonstrate that it is feasible to use small, low‐cost, yet highly attack‐resistant security chips as measurement nodes, enhanced with an event‐triggered moving target defence (MTD), to offer effective cyber‐physical security. At the cyber layer, the proposed solution is based on the MULTOS Trust‐Anchor chip, using an authenticated encryption protocol, offering cryptographically protected and chained reports at up to 12/s. The availability of the Trust‐Anchors allows the grid controller to delegate aspects of passive anomaly detection, supporting local as well as central alarms. In this context, a distributed event‐triggered MTD protocol is implemented at the physical layer to complement cyber side enhancement. This protocol applies a distributed anomaly detection scheme based on Holt‐Winters seasonal forecasting in combination with MTD implemented via inductance perturbation. The scheme is shown to be effective at preventing or detecting a wide range of attacks against power system measurement system.