Illinois 200-Bus Cyber-Physical System under Node2vec Risk Analysis

Citation Author(s):
Shining
Sun
Texas A&M University
Hao
Huang
Princeton University
Emily
Payne
Texas A&M University
Shamina
Hossain-McKenzie
Sandia National Laboratory
Nicholas
Jacobs
Sandia National Laboratory
H. Vincent
Poor
Princeton University
Astrid
Layton
Texas A&M University
Katherine
Davis
Texas A&M University
Submitted by:
Shining Sun
Last updated:
Wed, 05/08/2024 - 18:13
DOI:
10.21227/0r4n-a079
License:
0
0 ratings - Please login to submit your rating.

Abstract 

The Illinois 200-Bus Cyber-Physical System (CPS) serves as an important case for studying risk analysis through the integration of physical and cyber components. This system designed to reflect real-world architectures. Access Complexity scores are assigned to its network edges based on the Common Vulnerability Scoring System (CVSS) Access Complexity (AC), allowing for the simulation of adversarial pathways within the system. This integration lays the foundation for a comprehensive exploration of the Node2vec-based risk analysis framework under varying operational conditions and threat scenarios, providing insights into situational awareness and adaptive responses.

Instructions: 

The CPS graph integrates both the physical system and the cyber networks respecting their specific components, making them heterogenous networks instead of assuming the same or oversimplified topological properties. By bridging the gap between different metrics evaluating physical and cyber components. The cyber topologies are designed based on the architectures in large-scale electric power systems. The substation level typically includes equipment such as Human-Machine Interfaces (HMI), Relays (R), and Ethernet Switches (SW). The HMI is used for monitoring and controlling the substation equipment. The relays are responsible for protecting and automating the load and bus elements of the substation. All the data is transmitted through substation firewalls to the Utility Control Center (UCC) and Independent System Operator (ISO) level. The UCC level includes additional firewalls, indicating that security measures are in place to protect network communications between the substation and utility level. The UCC has its own generation control and distribution management for operational control and data acquisition. The ISO level gets the SCADA (Supervisory Control and Data Acquisition) system, which is critical for centralized control and utility monitoring. Firewalls at the ISO level are recommended to separate the utility network from the ISO network, ensuring that communications between the two are controlled and secured.