*********************************
There is now a CONTENT FREEZE for Mercury while we switch to a new platform. It began on Friday, March 10 at 6pm and will end on Wednesday, March 15 at noon. No new content can be created during this time, but all material in the system as of the beginning of the freeze will be migrated to the new platform, including users and groups. Functionally the new site is identical to the old one. webteam@gatech.edu
*********************************
Title: Methods to Attack and Secure the Power Grids and Energy Markets
Committee:
Dr. Raheem Beyah, ECE, Chair , Advisor
Dr. Morris Cohen, ECE, Co-Advisor
Dr. Brendan Saltaformaggio, ECE
Dr. Lukas Graber, ECE
Dr. Alvaro Cardenas, UCSC
Dr. Saman Zonouz, Rutgers
Abstract: The power grid is a highly complex control system and one of the most impressive engineering feats of the modern era. Nearly every facet of modern society critically relies on the proper operation of the power grid such that long or even short interruptions can impose significant economic and social hardship on society. The current power grid is undergoing a transformation to a Smart Grid, that seeks to monitor and track diagnostic and operational information so as to enable a more efficient and resilient system. This significant transformation, however, has made the grid more susceptible to attacks by cybercriminals, as highlighted by several recent attacks on power grids that have exposed the vulnerabilities in modern power systems. Motivated by this, this thesis aims at analyzing the effect of three classes of emerging cyberattacks on smart grids and a set of possible defense mechanisms to prevent them or at least reduce their damaging consequences in the grid. In the first part of the thesis, we analyze the security of the power grid against the attacks targeting the supervisory control and data acquisition (SCADA) network and propose practical solutions for securing the grid against the studied attacks. In the second part of the thesis, we analyze the performance of the existing high-wattage IoT botnet attacks (Manipulation of Demand IoT (MaDIoT)) on power grids and show they are ineffective in most of the cases because of the existence of legacy protection schemes and the randomness of the attacks. We discuss how an attacker can launch more sophisticated attacks in this category which can cause a total collapse of the power system. In the third part of the thesis, we discuss how an smart attacker with access to high-wattage IoT botnet can indirectly manipulate the energy prices in the electricity markets. We name this attack as Manipulation of Market via IoT (MaMIoT). MaMIoT is the first energy market manipulation cyberattack that leverages high-wattage IoT botnets to slightly change the total demand of the power grid with the aim of affecting the electricity prices in the favor of specific market players.