ArticlePDF Available

Wind farm security: Attack surface, targets, scenarios and mitigation

March 2017
International Journal of Critical Infrastructure Protection 17

DOI:10.1016/j.ijcip.2017.03.001

Authors:

David Ferlemann

University of Tulsa

Sujeet Shenoi

University of Tulsa

As modern society grows more reliant on wind energy, wind farm deployments will become increasingly attractive targets for malicious entities. The geographic scale of wind farms, remoteness of assets, flat logical control networks and insecure control protocols expose wind farms to myriad threats. This paper attempts to clarify the gaps in the understanding of wind farm threats and their implications. The paper describes the anatomy of a generic wind farm and the attack vectors that can be leveraged to target its information technology, industrial control system and physical assets. It discusses attack scenarios involving unauthorized wind turbine control, wind turbine damage, wind farm disruption and damage, and substation disruption and damage. Additionally, the paper highlights mitigation techniques that provide robust security coverage and reduce the negative cyber and physical impacts. The attack surface, targets, scenarios and mitigation techniques presented in this paper are common across wind farm deployments. However, it is still possible to add details about the unique aspects of wind farm assets, configurations and operations in order to develop a holistic risk management program geared for a specific wind farm deployment.

Content uploaded by David Ferlemann

Content may be subject to copyright.

ACCEPTED MANUSCRIPT

Power Grid

Substation

Grounding

Transformer

Grounding

Transformer

Step-Up

Transformer

Collector

Step-Up

Transformer

Step-Up

Transformer

Step-Up

Transformer

Wind Farm

ACCEPTED MANUSCRIPT

Operations

Control

System

------------

Wind Farm

Management

Transmission

Control

System

-----------

Energy

Management

Ring Ring Ring

Control Center

ACCEPTED MANUSCRIPT

Nacelle

Gear Box

Generator

Main Bearing

Anemometer

Transformers

Hydraulic Unit

Generator Cooler

Yaw Motor

Brake

Pitch Gears

Rotor

Tower

ACCEPTED MANUSCRIPT

OPC : Request

OPC : Response

PAC/PLC

(Master)

OPC

Server

FTPTelnet HTTP

PLCs

(Slave)

ICS Switch

PAC/PLC

(Master)

OPC

Server

FTPTelnet HTTP

PLCs

(Slave)

ICS Switch

CAN Bus/Modbus

Operations Control Network

Operator/

Engineering

Stations

HMI

Historian

Operations Control Network

Transmission Control Network

ICS Switch

PLCs

Circuits

Relays

Operator/

Engineering

Stations

HMI

DNP3

Historian

ACCEPTED MANUSCRIPT

OPC : Request

OPC : Response

OPC Client

HMI

Attacker

Wind Turbines

ACCEPTED MANUSCRIPT

Attacker

2. OPC:Request

3. Malicious

OPC:Response

3. Malicious

OPC:Request

2. OPC:Response

1. ARP Poison 1. ARP Poison

OPC Client

HMI

Wind Turbines

ACCEPTED MANUSCRIPT

Compromised

Turbine

Targeted Turbines

ACCEPTED MANUSCRIPT

Secure VPN

Tunnels

Substation

Compromised

Turbine

ACCEPTED MANUSCRIPT

Modeling Offshore Wind Farm Disturbances and Maintenance Service Responses within the Scope of Resilience

Preprint

Full-text available

Oct 2023
RELIAB ENG SYST SAFE

Offshore wind farms are becoming ever more important means of energy production. Accordingly, they are started to be considered critical infrastructures with heightened attention on their protection and resilience. This paper studies how the maintenance service can sustain or recover offshore wind farm operations under different stressors. We conduct this study by modeling the failures in an offshore wind farm and how maintenance service is able to correct them. Our model enhances the traditional cause-consequence trees by including dynamical aspects, and the modeling of the maintenance process. Special attention in the maintenance model is given to limited personnel and material resources, as well as limited access to wind turbines. This limit is a result of occasional harsh weather conditions that make conducting repairs unsafe. The model is applied for two representative disturbance scenarios: a cyber-attack leading to high failure rates and a high-impact incident causing numerous simultaneous failures. The second scenario integrates results from a physical power system simulation that are used for depicting the incident. The results show that our model can present scenarios where different stressors challenge the operations. These can be used for testing and defining requirements for future countermeasures to improve the resilience.

International Journal of Dynamics and Control Impact analysis of cyber-attack on MMC-HVDC control system with countermeasures

Article

Full-text available

Oct 2023

With the involvement of cyber-infrastructure, the power grids are susceptible to cyber-attacks, whose consequences can be alarming, especially during attacks on control units. Due to utilizing several control units, the vulnerability of high-voltage direct current (HVDC) transmission systems to cyber-attacks can be severe. Hence, this paper aims to analyze the impacts of cyber-attacks on the well-known modular multilevel converter (MMC) HVDC transmission technology for a smart grid with countermeasures. The ramifications of the false data injection attacks on different control units of the control system of MMC-HVDC are evaluated individually, while introducing the system's vulnerabilities from the control parameters' perspective for voltage controller, current controller, and phase-locked loop. Both positively and negatively biased attacks are considered during investigating the impacts of the false data injection attacks on the controller parameters of the MMC-HVDC transmission system, which can be severe. Hence, a controlled switching unit is proposed as a countermeasure for developing an attack-resilient system. Based on the experimental results using MATLAB/Simulink, the proposed protective system ensures the stable operation of a two-terminal MMC-HVDC transmission system of a wind farm effectively during cyber-attacks. The proposed controlled switching unit-based countermeasure can serve as a guide for attack-resilient applications of MMC-based systems.

When Deep Learning-Based Soft Sensors Encounter Reliability Challenges: A Practical Knowledge-Guided Adversarial Attack and Its Defense

Article

Jul 2023

Deep learning-based soft sensors (DLSSs) have been demonstrated to exhibit significantly improved sensing accuracy; however, their vulnerability to adver-sarial attacks affects their reliability, thus hindering their widespread application. To improve the reliability of DLSSs, in this article, we conducted a systematic investigation of the adversarial attack and defense of DLSSs. By considering the task requirements of DLSSs and the actual scenarios that attackers may encounter, a framework based on black-box attack and proactive defense was proposed to realize the adversarial attack and defense of soft sensors. The adversarial attack was implemented through the proposed knowledge-guided adversarial attack (KGAA) method. By reconstructing the optimization model and introducing the mechanism knowledge into the objective function, the KGAA method could overcome the ill-posed problem of adversarial attack optimization when attacking a regression model. Moreover, based on the KGAA, a corresponding KGAA adversarial training defense method was proposed to achieve proactive defense. The attack and defense methods were verified in terms of the thermal deformation sensing of an air preheater rotor. Compared to other attacks, the KGAA exhibited higher imperceptibility, rationality, and stability; it can thus be considered a practical attack. The implementation of KGAA adversarial training enhances the adversarial robustness of DLSSs, thus aiding the defense of DLSSs to various attacks and improving their reliability. Index Terms-Adversarial attack and defense, air pre-heater, deep learning, soft sensor reliability, soft sensors.

Enhancing Cyber-Resiliency of DER-based SmartGrid: A Survey

Preprint

Full-text available

May 2023

The rapid development of information and communications technology has enabled the use of digital-controlled and software-driven distributed energy resources (DERs) to improve the flexibility and efficiency of power supply, and support grid operations. However, this evolution also exposes geographically-dispersed DERs to cyber threats, including hardware and software vulnerabilities, communication issues, and personnel errors, etc. Therefore, enhancing the cyber-resiliency of DER-based smart grid - the ability to survive successful cyber intrusions - is becoming increasingly vital and has garnered significant attention from both industry and academia. In this survey, we aim to provide a systematical and comprehensive review regarding the cyber-resiliency enhancement (CRE) of DER-based smart grid. Firstly, an integrated threat modeling method is tailored for the hierarchical DER-based smart grid with special emphasis on vulnerability identification and impact analysis. Then, the defense-in-depth strategies encompassing prevention, detection, mitigation, and recovery are comprehensively surveyed, systematically classified, and rigorously compared. A CRE framework is subsequently proposed to incorporate the five key resiliency enablers. Finally, challenges and future directions are discussed in details. The overall aim of this survey is to demonstrate the development trend of CRE methods and motivate further efforts to improve the cyber-resiliency of DER-based smart grid.

A Data Integrity Attack Targeting VSC-HVDC-Connected Offshore Wind Farms

Conference Paper

Oct 2023

Finite-Time Privacy-Preserving Average Consensus Control of Multi-Agent Systems Via Output Mask Approach

Conference Paper

May 2023

Research on wind farm intrusion detection algorithm based on network time protocol message periodic feature

Conference Paper

Oct 2023

Vulnerability analysis and modeling false data injection attack against voltage source converter in renewable generation power system

Article

Sep 2023
ISA T

Adaptive Physical Access Detection against Ambient Temperature Variation

Conference Paper

May 2023

Adaptive Observer-Based Resilient Control Strategy for Wind Turbines Against Time-Delay Attacks on Rotor Speed Sensor Measurement

Article

Jul 2023

With the increasing proportion of wind power generation in the power system, the vulnerabilities of the cyber links of wind turbines (WTs) are gradually exposed. The time-delay attack (TDA) by flooding the communication link between the rotor speed sensor and the controller may reduce the wind generation or overload the WT drive train. This paper attempts to develop an adaptive observer-based resilient control method for WT to defend against TDA. An attack model is established to characterize the behavior which delays the transfer of the rotor speed information to the WT controller, and the real-time adaptive state observers are designed to offset the delayed sensor information caused by the TDA. An adaptive resilient torque control is developed to ensure the optimal rotor speed output, and the attack resilience level of the WT considering the TDA is evaluated. Extensive studies on the 1.5 MW WT illustrate that the proposed resilient control scheme has the ability to mitigate the effect of TDA and guarantee the output performance of the WT system.

ResearchGate has not been able to resolve any references for this publication.

Wind farm security: Attack surface, targets, scenarios and mitigation

Abstract

Recommended publications

Guidelines for realization of wind plants and their integration in the territory

Security analysis of an advanced metering infrastructure

Critical Infrastructure Protection XIV 14th IFIP WG 11.10 International Conference, ICCIP 2020, Arli...

Critical Infrastructure Protection XV 15th IFIP WG 11.10 International Conference, ICCIP 2021, Virtu...

Securing Wireless Coprocessors from Attacks in the Internet of Things