Cyber & Physical Security

Background

As the penetration of DERs significantly ramps up in New England region, and our reliance on disaggregated generation increases especially with the retirement of fossil fuel generation – cyber security impacts on both the Distribution as well as the Transmission grid become critical. A combination of DERs being potentially hacked to shut down along with large transmission corridor outages may have a severe adverse impact on the reliability of the grid. This research area would develop a roadmap on cybersecurity for Eversource Energy focusing on the deployment of technologies at Eversource Distribution infrastructure and machine learning-based applications potentially for use within the Eversource control room to continuously monitor the state of the DERs at critical points on our grid, identify and isolate where the cyber intrusion is detected. The main research needs are summarized as follows:

• Develop a hardware and software platform that allows detecting, locating, and mitigating cyberattacks on DERs. This may be achieved using the DER network patterns and physical system unique characteristics, including a reconfigurable network to isolate DER attacks (analogy to BYOS), fusion network and physical systems data and parameters for better cyberattack visibility, and resilient control and optimization against attacks.
• Develop analytical tools to study DER network vulnerabilities, impacts on system security, and tools in detecting them.
• Develop cyber-physical co-simulator that expands RTDS with network simulator to identify system weak points to cyberattack events and inform protection and hardening plans and quantify impacts on system operation.
• Develop grid-edge intelligence solutions, such as AI-chip deployed for anomaly detection and classification, distributed computing and analytics.
• Co-model Eversource transmission-distribution grid for digital twin development and the analysis of distribution network dynamics under different types of attacks.
• Incorporating the climate change impacts on generation resources together with transmission and substation to have overall visibility to disaster outcomes.
• Future projection (50 years) of substation flood vulnerability in the scenario of climate change and sea-level rise, such as 1) Apply hyper resolution flood modeling to evaluate Eversource inland and coastal substation flood vulnerability to the river and coastal flooding associated with future climate (2050) storms and sea-level rise; 2) Integrate surge, the river flows, tides and sea-level rise to computing worse case scenarios of flood inundation at the substation and 3) Use the modeling framework to derive 100-500 year return period flood levels and evaluate the vulnerability of current Eversource infrastructure
• Formal verifications to automatically detect and isolate errors and vulnerabilities in substation automation, protection and control to enable provably correct operations of new facilities
  • Formal verification of substation automation operations and protection functions
  • Formal overseer between substations and control center to detect inconsistencies and anomalies across IP-based substations against coordinated cyber-physical attacks

Expected Deliverables

This work will extend ongoing research for modeling, analysis, and anomaly detection for enhancing the cyber secure Eversource power distribution networks, and will leverage the newly established RTDS testbed for cybersecurity. Deliverables from the new integrated project will include:

• A functional cybersecurity Eversource Energy Testbed with documentation for the cybersecurity testbed federation; an integrated Eversource transmission-distribution grid model on RTDS/DSAT.
• Defense-in-depth hardware and software platform for detecting, locating, isolating, responding, and mitigating cyberattacks on DERs.
• A hybrid system model to analyze the spatial-temporal characteristics and the interaction of the manipulated components with the normal components of the distribution network.
• A cyber-physical hardware device for cyber-physical event detection and classification in substations.
• A predictive model for future flood-inundation risk mapping at very high resolution (VHR, 1 m).
• A report on substation flood-inundation risk under climate change and sea-level rise.
• A formal verification tool that automatically verifies substation protection and switching functions, locates errors and cyber vulnerabilities in substation operating and protection devices to enable provably correct operations of substations.

Points of Contact

• Eversource: Christopher Leigh
• UConn: Junbo Zhao