Attack-Resilient State Estimation and Testbed-Based Evaluation of Cyber Security for Wide-Area Protection and Contro

Critical infrastructures such as the power grid have been increasingly targeted by advanced and persistent cyber threats making cyber security one of the nation's top research priorities. Traditional information technology (IT)-based cybersecurity measures are no longer adequate to address such threats, and there is a compelling need to develop a multi-layered defense strategy that utilizes a combination of infrastructure and application layer security measures. This dissertation specifically addresses attack-resilient application layer security approaches for critical wide-area monitoring, protection, and control (WAMPAC) applications. The first component, 'Attack-Resilient State Estimation,' addresses the vulnerability of state estimation to stealthy cyber attacks, and discusses two complementary approaches to enhance its resilience. A topology-based attack vector that bypasses bad data detection methods and causes loss of system observability is identified. To mitigate the stealthy attacks on measurements and topology, an offline attack-resilient measurement design methodology is presented. Further, an online attack-resilient anomaly detection method that utilized load forecasts, generation schedules, and synchrophasor data to detect measurement anomalies is described. The second component, 'Testbed-Based Experimentation and Performance Evaluation,' addresses the need to architect, develop, and leverage cyber-physical system (CPS) security testbed environments specifically for performing realistic attack-defense experimentation for WAMPAC use cases. An overview of testbed design objectives and design tradeoffs are discussed for different types of testbeds. A three-layered WAMPAC specific testbed architecture to address critical research challenges is presented. Finally, three experimental case studies that involved realistic coordinated cyber attacks on critical WAMPAC applications such as Automatic Generation Control (AGC) and Remedial Action Schemes (RAS) are described in detail. Further, the hypothesis that timing of attack actions also plays a critical role in the attack impact severity is experimentally validated using the PowerCyber testbed.