Power Control Systems-Resilience Testing (PCS-ResTest Lab)
The lab carries out activities aimed to experimentally assess the impact of cyber attacks to the systems governing the operation of active distribution grids, as well as the effectiveness of the security countermeasures embedded in their architecture.
The experimental activity focuses on the communication requirements peculiar of the SCADA (Supervision, Control and Data Acquisition) systems deployed in smart grid control, such as continuous availability of the communication services for the transmission of measurements, states, asynchronous events and commands; stringent constraints on the response times for protection, automation and control actions; authenticity and integrity of transmitting and receiving data.
The power grid operation procedures require the undisturbed execution of acquisition and actuation sequences based on ordered flows of measurements, events and commands.
Further data flows for the remote monitoring of communication and control devices are implemented to evaluate possible interferences between ICT management and grid control communication interfaces.
Any recovery action of the communication anomalies has to meet the response time requirements of the most critical control application served by the network.
In order to satisfy the most critical cases, the final objective of the security countermeasures for grid control systems is to withstand data losses, spurious data and transmission delays.
The lab experiments cover physical anomalies and cyber attacks to ICT network and control components, such as routers and SCADA system components, having a critical role in power grid operation. View more
Testbed ICT infrastructure and technologies
Sample high ranking threats are experimented in the lab by configuring selected attack processes to the testbed communication and control components of active distribution grids operating HV/MV substations and Distributed Energy Resources connected to MV lines. View more
The experiment evaluation is performed by defining a set of protocol-specific communication performance indicators elaborated from test traces and logs. The communication indicators from the attack experiments are exploited for identifying the architectural tuning points in relation to possible mitigation actions of residual risks, and also for providing input values to monitoring, fault management and model based assessment tools for detection, recovery and impact evaluation tools.
ICT Monitoring and Fault Management
The test bed communication infrastructure supports the remote monitoring and control of the ICT infrastructures through the ICT Management Centre where network probes allow capturing and analysing the data flows on the different subnets. The sniffing activity allows gaining first hand knowledge of the workings of the protocols employed that constitutes the basis for the monitoring, detection and diagnosis of undergoing malicious actions.
Operator HMI support the visualization of control values and detected ICT anomalies.
Related Research Projects