Analysis On Cyber-attack Mode To Cyber-physical System And The Smart Meter Research On Intrusion Detection

Power system is a critical infrastructure of modern society. Recently, developing smart grid has been a consensus in the world. A smart power grid is an example of a large cyber-physical system. The tight coupling between information and communication technologies and physical systems introduces new security concerns. An attack on the cyber system can severely compromise the physical system, so information security has evolved into the current urgent problem.A variety of motivations exist for launching an attack on the power grid, ranging from economic reasons to terrorism, herein the cyber-attacks in electrical CPS are classified into three categories. Firstly, based on the collected data related to blackouts in North America, the impacts of the cyber-attack without special aim and the random failure and anomaly of cyber system itself on power grid are analyzed; then the methods to detect the electricity theft by the cyber-attack to seek economic interests are summarized; finally, assuming that the malware could intrude into real-time controlling area by the propagation mode of stuxnet. The attack objects and attack modes, as well as the consequences of the attack are analyzed.It's proved that critical facilities are unprotected when stuxnet appears. Cyber attackers could initiate selective attack on SCADA. The information of transmission lines and the IP and controlling port could be get from SCADA with background information of structure of database table. Thereafter, it can analyze structural vulnerability of the power grid and trip several key transmission lines according to communication protocol, which could trigger catastrophic blackout. Thereafter the feasible strategies of selective attack with different level of information available are discussed. The work in this paper is helpful to develop defensive approaches.To meet the need of two-way interaction in smart grid, the power company developed and implemented AMI. As the foundation, smart meter play a key role in AMI. Meanwhile, it provides adversaries with many new opportunities. In the paper, according to the structure of AMI and the path of data transmission, smart meter security threats were analyzed. As a source of threat, network virus is hard to be detected. At last, intrusion detection based on SM CPU load ratio was designed.