©2019 HCRL 1

Graduate School of Cyber Security

HCRL

Anomaly Detection System based on Cross-sectional Data from Renewable Energy Farm in the framework of CPS(Cyber-Physical System)

2019. 08. 09. Dong-Joo Kang

©2019 HCRL 2

CONTENTS

1. CPS Background & Application

2. Decentralization Issue of Smart Grid

3. Research Framework & Development

©2019 HCRL 3

CPS in Movies

A cyber-physical system (CPS) is a mechanism that is controlled or monitored by computer-based algorithms, tightly integrated with the Internet and its users.

©2019 HCRL 4

Digital Twin in CPS context

[출처: https://kr.linkedin.com/pulse/%EA%B0%80%EC%83%81%EB%AC%BC%EB%A6%AC%EC%8B%9C%EC%8A%A4%ED%85%9Ccpscyber-physical-system%EC%9D%B4%EB%9E%80-%EB%AC%B4%EC%97%87%EC%9D%B8%EA%B0%80-hyongsik-cho]

• Physical assets generate more and more digital information from installed IoT sensors, and it is creating digital twins of physical assets in cyber space.

• Digital twin makes it possible to assess the current system status and predict the future trajectory more exactly in connection with A.I.

Digital Twins Combination of IoT, AI and Data Analytics

It is initially a digital copy of the original entity but could be stronger.

©2019 HCRL 5

Digital Twin & Context

Weather Datafrom IoT Sensors (Metered)

From Weather Authority

Mechanical Data: Angle Velocity of Wind Turbine Blade, Vibration of Structure, Other Physical States

Wind Speed & Direction, Temperature, etc.

Electrical Data: Power Output, Voltage, Frequency, etc.

Context

Digital Twin: Group of Characteristic Data

Context is created from relations and interactions between different actors and components.

©2019 HCRL 6

GE’s Commercial Example for Digital Twin

• IoT sensor are collecting more and more data of physical assets and it starts to create digital copies of them.

• Collected data can provide contexts of machine performances and be used for predictive decision-making process. (assessment and prediction on system activities)

Data Platform for Industrial System

Data Analysis Application for Energy Industry Target Area

©2019 HCRL 7

CPS Perspective of Power Grid – Increasing Connectivity

Qiang Yang et al., PMU Placement in Electric Transmission Networks for Reliable State Estimation against False Data Injection Attacks, November 2017

• Connected to public communication networks, IoT sensor networks, power electronics devices

• Physical space open to physical attacks• Social networking in power grid

• Smart home networks vulnerable to cyber threats

SCADA System • Smart homes are accelerating social smart grid

©2019 HCRL 8

Power Plants

Substation (low voltage to high voltage)

Transmission Lines(for long distance

delivery of electricity)Consumer

Distribution Lines

Substation (high voltage to low voltage)

Power Flow(Flow of Electricity)

Conventional Power System – Physical Structure of Power Grid

©2019 HCRL 9

Conventional Power System – Centralized Communication Network

ICCP

ICCP DNP, IEC 61850 DNP/TCP/IPDNP, IEC 61850

IED RTUs (each at a substation)

MODBUS, Harris, FIELDBUS, DNP (→IEC61850)

ICCPTCP/IP

MTUs (Regional SCADA Servers)

EMS (System Operator) Central SCADA Center

Generating Stations / 765, 345kV Substations

System Demand

System Supply Resources

Control Center

©2019 HCRL 10

Decentralization of Power System: Bidirectional Interaction

MARKUS STAEBLEIN AND KRIPA VENKAT (TEXAS INSTRUMENTS (TI)), GREENER POWER REQUIRES SMARTER GRIDS, AUGUST 1, 2014, HTTPS://WWW.EMBEDDED-COMPUTING.COM/EMBEDDED-COMPUTING-DESIGN/GREENER-POWER-REQUIRES-SMARTER-GRIDS

Demand-side also generates electricity and sends to the grid.

Distribution System to Transmission Grid

©2019 HCRL 11

Socializing Power Grid (System Components to Actors)

High-voltage Transmission System- Large-scale generators- High-voltage transmission lines

Low-voltage Distribution System- Distributed Energy Resources (DER)- Electric Vehicles, Smart Homes, Microgrids

Large-scale Power PlantsManufacturing Factories

& Industrial Facilities

Microgrid & CommunityEMS

Factory EMS

EV Charging Stations

BEMS, CEMS, HEMS for Apartments & Aggregated Residential Sector

©2019 HCRL 12

Example of Context from Various User Behaviors

Smart Meter

Smart Meter

Commercial Building

Steel Plant

Self-similarity Analysis on Time-horizon

Spatial Interaction in Power Grid or Power Market

Context between Different Actors

©2019 HCRL 13

▶Brandon J. Murrill, Edward C. Liu, & Richard M. Thompson: Smart Meter Data: Privacy and Cybersecurity, CRS Report for Congress (Prepared for Members and Committees of Congress), Feb. 3rd, 2012

▶Unique usage pattern of individual electronic appliances on daily basis

Usage Pattern from Time & Appliances

Example of Context from Different Usage Pattern of Home Appliances

©2019 HCRL 14

Context Analysis among Various Actors (Home, Appliances, T&D Systems, etc.)

Auto-correlation: Time-series

Distribution Power System

BEMS(APT, Building) Microgrid, CEMS ESCO FEMS

HEMS

Smart Appliances

MicrogridLevel

Transmission Power System

Multi-agent Concepts

Correlation btw. Home

Vertical Analysis by Historical Profile (Time-series Data)

Verification by Summation

Horizontal Analysis by Correlation

(Cross-sectional Data)

KCL & Law of Energy Conservation

©2019 HCRL 15

Example of Context from Network Interconnections

• Each area is required to have an equilibrium between supply and demand

• The summation of (1) produced energy, (2) consumed energy, and (3) exported & imported energy should be zero according to KCL (Kirchhoff’s current law) and the law of energy conservation in physics.

• Tie lines between different areas have certain conditions to be met.

• Different areas will have certain contexts at the market layer, and they should have the compatibility with operation constraints in the physical layer.

Context between Different Domains

©2019 HCRL 16

Example of Context from State Estimation (Power Grid Analysis)

12

3

5253

54 2123

24

45

12

13

16

1718

19

20

57

55

515049

48

4241

3637

35

2633

34

43

4647

Island 1

Island 2

Anomaly (power flow over open circuit)

power flow analysis (analyzed) should be compatible with system situation (monitored)

©2019 HCRL 17

Example of Context between Power Market and Power System

Electricity Prices

Power System Frequency

Context between Different Layers

https://www.semanticscholar.org/paper/Virtual-Power-Plant-for-Grid-Services-Using-IEC-Etherden-Vyatkin/334b91435cb67389dab206c77afb4556982adff0/figure/2

©2019 HCRL 18

Identification of Domains, Actors, Layers, etc.

Generation Domain

Customer SideWeather Data

Demand Response

Wind Generator CHP Generator

Sensing & Metering Domain

IoT sensors and Smart Metering

T&D Network

Market Price

State Estimation

Physical(Spatial) Domain

Historical Data

Functional(Temporal & Conceptual) Zones (Property, State, etc.)

Context between Different DomainsContext between Different Actors

Context between Domain & Zones

©2019 HCRL 19

Basic Framework of ADS for Renewable Energy System

Measured Data (IoT Sensor & Smart Meter)

Communication Data

Power Exchange Data

Cross-Sectional Data

Renewable Energy Farm

Panel Data generated from Individual Actors Overall Context

Weather Data

Time-series Data

Research Issue: Development of Anomaly Detection System

Anomaly DetectionNo

Person-in-charge

Yes

Alarm

Countermeasure ActivatedVerification of Anomaly Detection and Countermeasures

Physical Domain (having multiple actors)

Functional Zone

©2019 HCRL 20

Example of Panel Data Analysis between Loads & Prices

Time-series Data

Cross-sectional Data

Panel Data Analysis

Context Generation

©2019 HCRL 21

Identification of Data Fields & Functional Requirements from Advanced Researches

Cristina Alcaraz(B), Lorena Cazorla, and Gerardo Fernandez, Context-Awareness Using Anomaly-Based Detectors for Smart Grid Domains, http://www.springer.com/978-3-319-17126-5, Risks and Security of Internet and Systems 9th International Conference, CRiSIS 2014, Trento, Italy, August 27-29, 2014, Revised Selected Papers. Lopez, J.; Ray, I.; Crispo, B.(Eds.) 2015, XI

Data Analysis Methodology

Problem Properties

Domains

FunctionalRequirements

©2019 HCRL 22

Quantitative Modeling based on Matrix Algebra

Behavioral Matrix of Actor 1 (Domain, Layer)

Behavioral Matrix of Actor 2 (Domain, Layer)

Time

Variables (Data Items, Property Factors)

Context (A12)Actor 1 Actor 2

TT+1

T+2

T+3

©2019 HCRL 23

Context Generation with Various Analytics Methods

©2019 HCRL 24

Solution Architecture based on Common Database

Common Database (Identification of Individual Datasets & Data Sources)

Web-based User Interface

Dataset 1 Dataset 2 Dataset 3 Dataset 4 Dataset 5

Context Dataset 2Context 1 (analyzed by tools & experts)

Visualization & Customization

User 1 User 2 User 3 User 4 User 5

©2019 HCRL 25

Research Focus & Expansion Strategy

Renewable Energy

ESS

User Group

User 1 User 2

Fuel Cell

Renewable Farm xEMS (Technology Ground) Extension to Other Microgrids & Community MG

Demand Community

Bulk Power Grid

VPP: Virtual Power PlantUser Behavior AnalysisCommunity Analysis

IT Systems of Power Grid (including SCADA, IoT Networks)

ADS (IDS, FDS) Development ofCPS based Cross-Domain Data Analysis Interface to Other Industries

HEMS (Home Energy Management System)

EV Vehicles(V2G, Autonomous Driving)

Renewable Farm of Generation Company

Energy Community

©2019 HCRL 26

Thank you