LEE- Hesaplamalı Bilim ve Mühendislik-Doktora
Bu koleksiyon için kalıcı URI
Gözat
Konu "electric vehicles" ile LEE- Hesaplamalı Bilim ve Mühendislik-Doktora'a göz atma
Sayfa başına sonuç
Sıralama Seçenekleri
-
ÖgeA risk management framework for smart distribution systems(Graduate School, 2021-03-08) Soykan Üstündağ , Elif ; Bağrıyanık, Mustafa ; 702052002 ; Computational Science and Engineering ; Hesaplamalı Bilim ve MühendislikSmart grid enables an intelligent, effective, and reliable way of delivering energy by using information and communication technologies (ICT). It addresses environmental requirements with the integration of green energy resources and paves the way for new consumption areas like electric vehicles. The increased adoption of ICT, on the other hand, makes the smart grid assets a prime target for cyber threats. Therefore, having a proper cybersecurity strategy with the defined risk management processes has become more crucial for power distribution operators. Additionally, assessing the security with the customer perspective brings random behavior and needs several computational simulations to represent this behavior. Smart grid distribution systems employ demand response programs to manage consumer demand with the timely adjustment of the demand by encouraging consumers. Demand response programs enable distribution operators to balance the power grid load with the planned and implemented methodologies. To achieve this, operator-consumer cooperation is inevitable so that utilities can guide consumers to change their consumption tendency by adopting price-based or incentive-based programs. Incentive-based programs are used to attract the consumers via contract-based or notification-based incentives e.g., when the peak load occurs operator can send an SMS message to inform the consumer regarding the demand response event. Although SMS notifications are very common and effective way to reach the consumer they open a new attack surface. The first part of this study concentrates on the risk assessment of demand response for smart grid distribution systems. A new domain-specific risk assessment methodology based on the combination of the methodologies of Smart Grid Information Security (SGIS) risk toolbox and the Open Web Application Security Project (OWASP) methodology is proposed to identify the threats and their impacts. Proposing a new approach, the deficiency of SGIS risk methodology is complemented by OWASP methodology as the SGIS does not directly provide a method for likelihood analysis. A five-scale likelihood method is developed to accomplish the likelihood analysis in a broader sense. Based on the proposed risk assessment, a new threat to disturb the power grid reliability using SMiShing (SMS Phishing) is explored. It is revealed that SMiShing attacks can damage the power grid through customer behavior by victimizing customers even if the attacker has no access to the power grid communication domain. In the second part, the newly identified attack is simulated for the defined demand response use case, Demand Response for Residential Customers and attack simulation is extended with a second use case, Demand Response for Electric Vehicle (EV) Charging, to analyze the impacts on the power grid. This is the first implementation in the smart distribution domain that focuses impacts of SMiShing attacks via use case realization. In the first use case, residential customers that are enrolled in an incentive based demand response program are the target for the SMiShing attack. The implementation is simulated on a test system to analyze the reaction of the system under attack. The European Low Voltage Feeder Test System provided by IEEE is utilized for deterministic and randomized attack scenarios. For the second use case, first, the security requirements and threats for the EV ecosystem that originated from different interfaces are investigated. Then the attack targetting to change the EV charging behavior of the EV owners is simulated using the test system taking the stochastic EV charging characteristics into account. In both use cases, the simulations performed so that the attacker launches SMiShing attacks with fake incentives aiming to change residential customer's/EV owner's behavior to create a high the residential/EV charging load leading to power grid disruptions. To measure how the attack scenarios affect the power grid the open-source Gridlab-D power system simulator is used with the load profiles produced by attack scenarios. The power flow solutions are evaluated using voltage, current, and power outputs to observe if any voltage imbalance, line failure, or transformer loading are occurring. For both use cases, the analyzes set out that attacks can severely affect the grid when the voltage and current values cannot stay within the tolerable limits. These consequences affect the delivery of power, distribution operator's business and reputation, and consumer's service quality. Based on the these outcomes and our findings, we proposed some mitigation strategies that are beneficial for both operators and customers. To mitigate beforementioned consequences and prevent possible attacks, some countermeasures are provided for both attack scenarios, from both the operator and customer perspectives. Some solutions and discussion are given on how the distribution operators should handle the attack, how they should interact with the consumer to prevent attacks, what kind of preventive actions they can take on the power grid to mitigate the attacks, and what the customer should do to protect themselves from SMiShing attacks. It is concluded that SMiShing attacks are important as the security vulnerability originates from external sources not directly from the power grid or smart grid ICT components. Although the attack target is the power grid, the distribution operator may not realize the root cause of the anomalies as the consumer is the decisive actor and can act unintentionally. As the load demand is increasing, especially the rapid penetration of EVs and controllable smart appliances will put more load and challenge on the power grid. Disruptions like voltage collapse, transformer overloading, and line failures may cascade to larger areas and lead to a significant negative impact on the operation of the power grid. Therefore, distribution operators should consider the SMiShing threat via demand response notifications and address the necessary countermeasures.