Cascading verification initiated by switching attacks through compromised digital relays

IET Smart Grid, Vol. 5 (2022)

  • Koji Yamashita
  • Department of Electrical and Computer Engineering University of California Riverside Riverside California USA
  • Zhiyuan Yang
  • Department of System Technology Guangdong Electric Power Design Institute Company Guangzhou China
  • Chee‐Wooi Ten
  • Department of Electrical and Computer Engineering Michigan Technological University Houghton Michigan USA
  • Soummya Kar
  • Department of Electrical and Computer Engineering Carnegie Mellon University Pittsburgh Pennsylvania USA
  • Andrew Ginter
  • Waterfall Security Solutions Calgary Alberta Canada


Abstract Attackers are able to enumerate all devices and computers within a compromised substation network. Digital relays deployed in the substation are the devices with IP addresses that can be discovered in the process of trial‐and‐error search. This paper is concerned with studies of cyberattacks manipulating digital relays to disruptively disconnect the associated breakers. The plausible enumeration of such disruptive attack for each relay in a substation is verified with the dynamic simulation studies with the special protection system for frequency, voltage, and rotor angle stability. A pertinent approach with smaller scale contingency analysis results is proposed to reduce the enormous computation burden. The devised enumeration reduction method is evaluated using IEEE test cases. The proposed method provides an extensive enumeration strategy that can be used by utility engineers to identify the pivotal relays in the system and can be further strengthened with security protection.

Read more: fulltext (HTML)