CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

1

Contents 1.1 Abstract: .................................................................................................................................. 2

1.2 Introduction: ........................................................................................................................... 2

1.2.1 Power Grid Data: ............................................................................................................... 3

1.2.2 Simulation Tool ................................................................................................................. 3

1.3 Problem Definition .................................................................................................................. 4

1.4 Model and Analysis ................................................................................................................. 4

1.4.1Visualization: ...................................................................................................................... 4

1.4.2 US Power Grid Network Analysis: .................................................................................... 6

1.4.2.1 Comparison to other network ..................................................................................... 6

1.4.2.2 Degree Distribution: ................................................................................................... 7

1.4.2.3 Betweenness:............................................................................................................... 8

1.4.3 Node Failure Analysis: ...................................................................................................... 8

1.5 Implementation: Cyber-physical Vulnerability Assessment: ........................................... 11

1.5.1 Security Mechanism: ....................................................................................................... 13

1.5.2 Exposure Graph: .............................................................................................................. 14

1.5.3 Graph Resistance: ............................................................................................................ 15

1.5.4 Flow chart of cyber physical vulnerability assessment: .................................................. 17

1.6 Result Analysis and Discussion of Cyber-physical Vulnerability Assessment: ............... 17

1.6.1 Limitation:........................................................................................................................ 19

1.7 Related Work ........................................................................................................................ 19

1.8 Conclusion ............................................................................................................................. 20

Future plan: ............................................................................................................................... 20

1.9 Bibliography: ......................................................................................................................... 20

Appendix: MATLAB & R Code ................................................................................................ 21

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

2

1.1 Abstract:

Every single moment, our society is completely depending upon electricity. Hence, power grid

functioning is very critical. Our US power grid network is very vulnerable from both intentional

and unintentional cyber-attack. As we know that this network is very complex, so it very difficult

to analyze. In this project, we will examine key attribute of the US power grid system, including

betweenness and degree distribution, compare this result with different network. We also examine

the effect of node failure according to removing high degree and high betweenness respectively.

Finally, we proposed a new approach to calculate the cyber-physical vulnerability assessment of

power system.

1.2 Introduction:

More than a decade ago, On August 2003, a large portion of the Midwest and Northwest United

States, Ontario and Canada experienced a power blackout. This blackout affected more than a 55

million people and contributed to at least 12 death [9]. The blackout mainly happens due to the

cascading failure of the electric power grid. So, after this blackout, analysis of cascading failure in

electrical power grid gain attention for the scientist and researcher. This motivate us to analyze

node failure in US Power grid. Also, recently On December 2015, the hacker struck the power

center in Ukraine- the first confirmed hack that take down power grid [10]. This event motivate us

to analyze cyber-physical vulnerability assessment of power system.

Our modern power system consists of three important parts: generator, transmission and

distribution substation where generator and distribution substation are connected with the high

voltage transmission line. Figure 1 shows the general layer of power grid network.

Figure 1: General layer of Power Grid network

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

3

If we look at the geographical coordinated of the power system, we will observe that each generator

or substation not connected more than six nodes (either generator or substation). Most of the nodes

maintain six degree separation. Hence, power grid referred as a ‘Small-world” network.

Our power grid network is consists of n vertices and m edges. Here vertices are generator,

transmission substation and distribution substation, and edges are transmission line. We treated

each vertices/buses equally whether their performance. So our basic approach of this project is to

consider US power grid as a graph theory network.

From this project, we successfully able to visualize US power grid network using ‘Gephi’. After

comparing our US grid network to other network, we conclude that our US grid network show the

property of “small world network”. Next simulate the node removal analysis using Gephi and find

out that it will create a detrimental effect on the power system. Finally, we proposed a cyber-

physical vulnerability assessment in IEEE 30 bus system and find out the network criticality using

graph resistance.

1.2.1 Power Grid Data:

United States power grid is built by three regional interconnections - the Western Interconnection,

the Eastern Interconnection, and the Texas Interconnection. All this interconnection are made of a

large number of nodes and edge. A node is either a generator, a transformer or a substation and an

edge is the transmission line. In this project, we will analyze the data of Western Interconnection

of the United States of America. This network is undirected and contains 4,941 nodes and 6594

edges. We collect the western interconnection data from the below link:

http://www-personal.umich.edu/~mejn/netdata/

Here, we download the “Power grid” which represent the Western State Power Grid of United

States. Also the IEEE 30 bus system data are collected from this link:

https://www.ee.washington.edu/research/pstca/pf30/pg_tca30bus.htm

1.2.2 Simulation Tool

For this project, we have use 3(three) simulation tool and those are:

Gephi: A network visualization tool

R language-Igraph package

Matlab

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

4

1.3 Problem Definition

In this section we precisely describe what the goal of our project is:

Objective 1: Visualize the Western US power grid network through Gephi

Visualization is very important part of analyzing the network and analyze visualization is very

complex too. By visualizing we can able to compare our network to other network such as random

network and scale free network

Objective 2: Compare our US grid network attribute to the same type of random graph and

scale-free network

Our plan is to compare our power grid network with other network type of network such as:

random graph and scale free graph. By doing this we can able to find out the actual properties of

the network which will be useful in further research

Objective 3: Analyze the failure of node (generator or substation) and edge (transmission

line) respectively on the US power grid network.

Recently, the study of blackout or cascading failure in power grid made the attention to the

researcher for several reason and this study is very complicated. So in this project, we try to find

out what will happen in the network if node failure happen in the system.

Objective 4: Proposed a new cyber-physical vulnerability assessment method based on

graph resistance.

Finally we proposed a cyber-physical vulnerability assessment method which will be helpful to

allocate the security mechanism according to the need.

1.4 Model and Analysis

1.4.1Visualization:

To visualize the US grid network, we use Gephi, a network visualization tool. The nodes were

colored by modularity class and sized by degree. Then the nodes were positioned using Yifan Hu’s

multilevel layout and contraction method. The overall US grid network is visualized in figure 2. If

we look figure 3, a small part of figure 2, we observed that most of the node are connected like a

string. Except the top most nodes in the string, most of the nodes are connected with other two

nodes.

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

5

Figure 2 : US Power grid Network Visualization using Gephi

As we know, our system consists of three main parts: Generation, transmission and distribution.

From figure 3, we found three distinction type of node: Generator, transmission and distributed

substation. That node which is big circle compare to other node is generator. Generators provide

the source of electricity and are connected to a large number of transmission substation, therefore

they commonly have a high degree. Transmission substation is connected to one to three

substations. From the figure, it is difficult to distinguish between transmission substations and

distributed substation. The top most string in the node is distributed substation. The connecting

edge between nodes is transmission line.

Figure 3: One string of the entire network

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

6

1.4.2 US Power Grid Network Analysis:

1.4.2.1 Comparison to other network

In this section, we show how power grid is similar to and different from other abstract network.

Hence, compared our US power grid network model with random network and scale free network.

This network analysis start through comparison of the average degree, shortest path length and

clustering co-efficient. We choose this parameter because our power grid network is a “small-

world” network and this small world network related to shortest path length and clustering co-

efficient. Table I shows the parameter of power network and various network model.

Table I: Comparison of different network model

Power Grid Random Scale free

Nodes 4941 4941 4941

Edges 6594 6594 4941

Degree 2.67 2.67 2

Average Path length 18.9891 8.3553 3.149

Clustering Co-efficient 0.106 0.000155 0

From this table we observe that clustering co-efficient is much higher for power grid network

which satisfy the condition of small world network model. Also to visualize power network model

as small world, we simulate our network in Gephi simulation tool.

Figure 4: US grid network as a small world model

From this figure 4 we observed that most of node distributed in boundary and form a ring model.

This figure shows the similarity of small world network model

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

7

1.4.2.2 Degree Distribution:

Now, we compared the degree distribution of our network to random and scale free network. To

analysis this degree distribution we plot this degree distribution in log-log curve which is shown

in figure 5. From degree distribution, we able to find out that how many nodes have similar

degree. In a power network, most nodes have a relatively small degree, but a few nodes will have

very large degree, being connected to many other nodes. These large-degree nodes are often

referred to as “Generator”.

Figure 5: Compare degree distribution with different network.

Next we try to find out that which analytical solution fit in our power network degree distribution.

We compare our degree distribution model with exponential distribution and power law

distribution and we find out that our model somehow fit with exponential curve (figure 6).

Figure 6: Exponential fit for power grid data

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

8

1.4.2.3 Betweenness:

One of the most common parameter to network analysis is Betweenness. We measure the

Betweenness centrality of a node by calculating the number of shortest path from a node to all

other that passes through that node. Figure 7 is a log-log graph of Betweenness distribution of

power grid network. From this figure we conclude that in US power grid network there exist a

large number of node with low Betweenness and few number of nodes with high Betweenness. As

we mention before that in power grid network, transmission substation located between the

generator and distributed substation. As transmission substation located between them it may have

high betweenness. By using between centrality we also able to rank the entire network. There are

two type of betweenness: vertex betweenness and edge betweenness.

Figure 7: Betweenness distribution of US power grid network

1.4.3 Node Failure Analysis:

In this section, we will examine what will examine the effects of US power grid network after

removing high degree and high betweenness. To do this, let us assume the accidental or intentional

failure happen in the network. As we know, random node removal will cause minimal impact of

the system and intentional attack may have larger effect on the power system.

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

9

Figure 8: Removing 10 (ten) random nodes from the network

In simulate node failure analysis in Gephi, we use the force-atlas properties. From figure 8, we

observed that after removing 10 (ten) random node from the network, the network remain same

which conclude that removing random node have minimal impact of the network.

There is very less correlation between degree and betweenness. Hence two method of node

removal is applied: removing 10 nodes first with highest degree and removing 10 nodes first with

highest betweenness. First we remove only the highest degree and observed (figure 9) that no

change happen in the network because it is only one node whether it is highest.

Figure 9: After removing the highest degree node

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

10

Figure 10: After removing the first 10(ten) highest degree node

When we removed first 10 nodes with highest degree, in figure 10, we observed that our network

spilt into 33 connected (based on modularity class), where 51 node are isolated from the rest of the

network. This is happen because those 51 node are connected to the highest degree node. This is

very trivial, because remove some highest degree in US power grid may cause severe detrimental

effect of the power system. As we know degree distribution has less relation with average path

length, removing first 10 highest degree node had little effect on average path length.

Then, if we remove first 10 highest betweenness, it will create impact on average shortest path

length. So from figure 11, we observed that our network split into two connected component,

disconnecting only five nodes from the network. As we know node with high betweenness

connected to a larger number of node. Hence removing 10 node with betweenness is not sufficient

enough to disconnect this network.

Figure 11: After removing the first 10(ten) highest betweenness node

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

11

Removing 10 (ten) nodes with highest betweenness create a large effect on average path length.

Without the first 10 (ten) high betweenness path length become 22.05. Removing high

betweenness create a serious impact in the transmission line. In power system, if a line become

overload, an automatic shut-down occur. Increasing shortest path length means more power will

travel through the connection. Table II shows the network parameter after removing the degree

and betweenness.

Table II: The network parameter after removing degree and betweenness

After

Operations

Removing

highest degree

Removing 10

degrees

Removing

random 10

Removing

highest

betweenness

Removing

highest 10

betweeness nodes

Nodes 4940 4931 4931 4940 4931

Edges 6575 6450 6566 6588 6549

Degree 2.67 2.62 2.67 2.67 2.65

Average Path

length

18.9891 19.24 19.09 19 22.05

Clustering

Co-efficient

0.105 0.101 0.106 0.107 0.105

1.5 Implementation: Cyber-physical Vulnerability Assessment:

In this section, graph theory based betweenness centrality measure are calculated for power system

vulnerability analysis. To do this we have use Matlab Simulation tool. As we see in previous

section, before an attack take place attacker select a target that will cause high level service

disruption. In power system, the loss of branch component or generator considered as the most

common contingency that causes adverse reliability impact. Our power system network can be

evaluated either based on their degree, closeness or betweenness. In this project we use

betweenness to rank our power system. A vertex betweeness of an n bus power system defined as:

Here, 𝜎𝑗𝑘(𝑖) is the number of shortest path between bus k and bus j pass through bus i. Similarly

the edge betweeness centrality of a n branch power system is:

Our US power grid network is very large and full data are not available to analysis. So we choose

IEEE 30 bus system (figure 12) to analyze power system vulnerability.

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

12

Figure 12: IEEE 30 bus system

In this IEEE 30 bus system, we consider each bus as a node and branch as an edge. Now using

Matlab we calculated the vertex betweenness and edge betweenness of the entire model and sorted

out the highest impact bus in the system. Table III gives the most impact bus of IEEE 30 bus

system.

Table III: Bus number and their respective betweenness

Bus Number Betweenness Bus Number Betweenness

1 2 16 20.833

2 81 17 31.833

3 8 18 22.833

4 179.50 19 22.833

5 2 20 52.500

6 353.166 21 0

7 17 22 69.833

8 0 23 62.500

9 56 24 112.83

10 231.33 25 97.666

11 0 26 0

12 175 27 153.666

13 0 28 145.666

14 0 29 0

15 108 30 0

From this table we conclude that most vulnerable bus is bus number 6, 10, 4, 12, 27, 28 and so on.

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

13

1.5.1 Security Mechanism:

Determining the set of security mechanism is challenging area. It is not feasible to give same type

of security mechanism in every bus because it is costly. The effective way to put firewall,

authentication and encryption mechanism based on their impact of the system. For this reason we

gave a threshold limit in betweenness. According to NERC (North American Electric Reliability

Corporation), our substation should be in medium or low impact factor. In this project, we assume

that betweenness threshold is 100. Those buses which have betweenness less than this threshold is

low impact substation and other is high impact substation. Next we place security mechanism

according to the impact factor. Figure 13 shows the network architecture after adding security

mechanism. This figure shows a prototype of overall network.

Figure 13: Network Architecture

Figure 14 shows original model of security mechanism to protect the substation and SCADA

(supervisory control and data acquisition) from malicious attack.

Figure 14: Data flow diagram with security mechanism

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

14

Here, in Table IV, the new security mechanism presented in greater detail.

Table IV: Security mechanism of IEEE 30 bus system in greater detail

Systems Sec Mech/ privilage Description

VPN 1 ( Con)

Enc1

Ath 1

Enc 2

VPN 2 Encryption Algorithm

Management Authentication

VPN 3 Encryption Algorithm

P1

P2

P3

VPN 2 Network Access privilege

VPN 3 Network Access privilege

VPN management privilege

VPN2(Sub1)

Enc1

Ath 2

Enc 3

VPN Encryption Algorithm

Management Authentication

Management Encryption Alg

P1

P4

VPN Network Access privilege

VPN management privilege

VPN 3

(Sub 2)

Enc2

Ath 3

Enc 4

VPN Encryption Algorithm

Management Authentication

Management Encryption Alg

P2

P5

VPN Network Access privilege

VPN management privilege

VPN 4

(Sub 2)

Ath 4

Enc 5

Management Authentication

Management Encryption Alg

P6 VPN management privilege

…………. ……………. ………………………..

VPN 37

(SUB 30)

………….. …………..

SCADA

Server

Ath 5

AC1

Administrative Authentication

OS Access Control

P7 Server Access privilege

HMI Ath 6 operator Authentication

P8 HMI Access privilege

1.5.2 Exposure Graph:

This section introduces the exposure graph which formulate the relationship between security

mechanism, privilege and information object. Using this exposure graph an attacker able to find

the suitable attack path to get the information object. The exposure graph is directed graph defined

as; 𝐺 = (𝑆𝑀, 𝑃, 𝐼𝑂, 𝐸) contain the following vertex and edge definition:

SM: Security mechanism (vertex)

P: System privilege (vertex)

IO: Information object (vertex)

E : Edge

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

15

We start to build our exposure graph by identifying the untrusted data flow which is an node called

‘attacker’. This attacker node is connected to all possible system access point. In the whole

exposure graph, we apply edge weight of 1 to represent the attack effort to bypass the security

mechanism. Each node is SM is connected to the set of privilege node, P. This is because if the

security mechanism fails, the attacker gets the access of privilege. Figure 15 shows the exposure

graph of our prototype network shown in figure 13.

Figure 15: Exposure graph of our prototype network with security mechanism

1.5.3 Graph Resistance:

To analysis exposure graph, we use graph resistance, a graph measure which is highly important

to analysis network behavior. We get the idea of graph resistance by the paper of Klein and Randic

[6]. In this graph resistance, resistance between two vertices of a network, considered as an

electrical circuit which calculated by the well-known series and parallel manipulations. In graph

resistance, resistance between two vertexes is considered 1 ohm. Just like resistance in electrical

circuit, two edges in series can be replaced by one edge with effective resistance 2 (1+1=2) and

two edges in parallel can be replaced by one edge with effective resistance 0.5(1−1 + 1−1 = 𝑟−1 =

0.5). In paper [7], author mentioned that network criticality is equal to the total resistance distance

and this network criticality made an impact on average travel cost, congestion, connectivity, etc.

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

16

The resistance-distance matrix of a vertex-labeled connected graph G, denoted by Ω, is a real

symmetric V × V matrix defined as:

Where, ωij is resistance-distance between vertices i and j in G.

An algorithm based on the laplacian matrix is proposed to calculate the resistance-distance for

connected graph. Here is given step-wise procedure how to calculate resistance distance [8]:

Consider our exposure graph G with V vertices (security mechanism, privilege and

information object).

Then, construct the Laplacian matrix L for G.

Set up an auxiliary matrix Φ of G. Matrix Φ is a V × V matrix all of whose elements are

equal to one.

Construct the sum-matrix ξ = [L + x Φ/V] with x having a nonzero arbitrary value bigger

than 0. For our network, we assume x=1.

Compute the inverse of ξ' = 1/[L + x Φ/V]. The inverse is nonsingular for exposure

graphs.

Compute the resistance-distance matrix Ω using the elements of the ξ' matrix: [Ω]ij=

[ξ']ii - 2 [ξ']ij+ [ξ']jj

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

17

1.5.4 Flow chart of cyber physical vulnerability assessment:

This flow chart showed in figure 16 demonstrate how the overall process have been done to

estimate cyber-physical assessment of IEEE 30 bus system.

Figure 16: Flow chart of Cyber-physical vulnerability assessment of IEEE 30 bus system

1.6 Result Analysis and Discussion of Cyber-physical Vulnerability

Assessment:

In this project, we use resistance distance to estimate cyber-physical vulnerability assessment. So

far our goal is to find the network criticality of the IEEE 30 bus system. Those bus which have

more resistance distance from the attacker means more critical and more critical bus is easier to

attack means more vulnerable. To find the resistance distance, we have use Matlab simulation tool.

Figure 17 shows the resistance distance from attacker to different bus. From this figure, we

observed that resistance distance from attacker to bus 11, bus 13 and bus 26 are the most.

According to network criticality, this highest resistance conclude that those buses are most critical,

more vulnerable to attack while bus 6 is less critical according to resistance distance value. Figure

18 shows the resistance distance from attacker to different information object. Here the resistance

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

18

is more because if attacker need to go the SCADA, they first need to exploit bus, then server and

then information object. Hence this resistance distance is actually an effective graph resistance.

Figure 17: Resistance from attacker to different bus

Figure 18: Resistance from attacker to information Object through OS and different bus

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

19

From the figure 18, it is easier to conclude that if an attacker want to attack an information object,

it is easier to attack first bus 11, bus 13 and bus 26. Then they get access the privilege of these bus

and go to information object through server. Figure 19 combined all the different scenario for the

attacker to attacker either bus or server/HMI or information object. So after analysis all the graph

we conclude that most critical bus is number 11, 13 and 26 and less critical bus is 6. So in this

project, this is how we assess the vulnerability of cyber-physical system.

Figure 19: Resistance distance from attacker to different area.

1.6.1 Limitation:

There are some limitation in this proposed method. As we know in power system it is not essential

that those bus which have high betweenness is most critical because some bus are connected to the

slack generator which control the overall voltage stability of the system and also in this project we

didn’t consider about the impact factor of a bus which is built on a correlation between

betweenness and resistance distance. This is completed to correlate because in this proposed

method there exist two different graph: one is IEEE 30 bus system and other one is exposure graph.

1.7 Related Work

Watts and Strogatz [1] in his paper first introduced the ‘small-world’ network. In this paper, author

tell that power grid network also show the property of small world network. In [2], Pagani and

Aiello present a detailed survey of power grid as a complex network. Here author introduced

different topological properties of complex network by using the power grid network. Wang et.al.

[3] analyze the robustness of power grid under random and selective node breakdown. From this

paper, author concludes that even a small failure or attack in nodes of largest degree can cause a

dramatic damage, and also, author showed that node degree in power grid follows pure Geometric

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

20

distribution. In their paper [4], Lu and Meng analysis the cascading failure in bulk power system

using small world network model. In this paper, they modeled node and edge failure respectively,

and then proposed a Monte-Carlo simulation process to search root causes of cascading failure.

Hahn et.al.[5] presents the cyber-attack exposure evaluation framework for smart grid. He

proposed an exposure analysis algorithm which used exposure metric to calculate the vulnerability

of the system. In this project, we get the graph resistance idea from the paper of Klein and Randic

[6]. In paper [7], author proposed the network criticality of a communication network based on

betweenness centrality and resistance distance. This network criticality has been used to find

average travel cost, congestion, connectivity, etc. Finally, we have use the paper of Babic and

Klein [8] to calculate the resistance distance.

1.8 Conclusion

In conclusion, from our analysis of node removal, it is observed that if we remove a small number

of node according to highest degree and highest betweenness, it will create a large impact on the

overall system. If we remove highest degree, this will result a loss of connectivity of few nodes

within the network and removing highest betweenness increases the average path length. This

increasing average path length also effect the overall system.

In cyber-physical vulnerability assessment, we use graph resistance method. The result in this part

shows that in IEEE 30 bus system, bus 11, bus 13 and bus 26 is most critical bus and bus 6 is less

critical bus after adding security mechanism according to the betweenness ranking. This will give

a very good understanding of the overall power system.

Future plan:

To overcome the limitation, we have plan to do the AC power flow in IEEE 30 bus system and

according to line outage and generator outage calculate the critical bus and still we are working on

how to correlate between betweenness and graph resistance.

1.9 Bibliography:

[1] D. J. Watts and S. H. Strogatz, "Collective dynamics of ‘small-world’ networks," Nature, vol.

393, no. 6, pp. 440-442, June 1998.

[2] G. A. Pagani and M. Aiello, “The power grid as a complex network: a survey,” Physica A:

Statistical Mechanics and its Applications, vol. 392, no. 11, pp. 2688 – 2700, 2013.

[3] Z. Wang, A. Scaglione, and R. Thomas, “The node degree distribution in power grid and its

topology robustness under random and selective node removals,” in Communications

Workshops (ICC), 2010 IEEE International Conference on, may 2010, pp. 1 –5.

[4] L. Zongxiang, M. Zhongwei, Z. Shuangxi, “Cascading failure analysis of bulk power system

using small-world network model,” Proceedings of 8th International Conference on

Probabilistic Methods Applied to Power Systems, pp. 635-640, Iowa State University, Ames,

Iowa, 2004.

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

21

[5] A. Hahn and M. Govindarasu, “Cyber attack exposure evaluation framework for the smart

grid,” IEEE Trans. Smart Grid, vol. 2, no. 4, pp. 835–843, Jun. 2011.

[6] D.J. Klein and M. Randic, “Resistance Distance,” J. Math. Chemistry, vol. 12, pp. 81-95, 1993.

[7] A. Tizghadam and A. Leon-Garcia, “Betweenness centrality and resistance distance in

communication networks,” IEEE Netw., vol. 24, no. 8, pp. 10–16, Nov./Dec. 2010.

[8] D. Babić, D J Klein, I. Lukovits , S. Nikolić and N. Trinajstić, “Resistance-distance matrix: a

computational algorithm and its application,” Int. J. Quantum Chem. 90 166-76, 2002

[9] “Final report on the August 14, 2003 Blackout in the United States and Canada: Causes and

Recommendation” U.S.-Canada Power System Outage Task Force, April, 2004

[10] http://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/

Appendix:

Matlab Code of Cyber-physical vulnerability assessment:

%%%% Find the betweenness centrality of IEEE 30 bus system and using this %%%% centrality find the ranking of the bus

clc; clear all; close all;

%% read IEEE 30 bus branch data

[data,txtdata]=xlsread('IEEE_30bus.xlsx'); inbus=data(:,1); outbus=data(:,2); nbus=max(max(inbus),max(outbus)); nbranch=length(outbus); Adjunct=zeros(nbus,nbus); %off diagonal value for k=1:nbranch Adjunct(inbus(k),outbus(k))= 1; Adjunct(outbus(k),inbus(k))=Adjunct(inbus(k),outbus(k)); end

%%%%end build adjunct matrix

%% find betweenness centrality

s =sparse(Adjunct); bc_IEEE30 = betweenness_centrality(s); [sorted,Rank] = sort(bc_IEEE30, 'descend'); % sort data from large to small

%% find edge Betweenness ew = edge_betweenness(Adjunct); %plot(Rank,sorted,'*')

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

22

%%%%draw graph name=zeros(30,1); for i=1:30 name(i,1)=i; end

%gObj = biograph(Adjunct,name); %gObj = view(gObj);

%% after Adding Security [data1,txtdata]=xlsread('IEEE_30bus_including_security.xlsx'); inbus1=data1(:,1); outbus1=data1(:,2); nbus1=max(max(inbus1),max(outbus1)); nbranch1=length(outbus1); Adjunct1=zeros(nbus1,nbus1); %off diagonal value for k=1:nbranch1 Adjunct1(inbus1(k),outbus1(k))= 1; Adjunct1(outbus1(k),inbus1(k))=Adjunct1(inbus1(k),outbus1(k)); end

degree=zeros(nbus1,1); for i=1:nbus1 for j=1:nbus1 degree(i,1)=degree(i,1)+Adjunct1(i,j); end end degree_matrix=diag(degree);

Laplacian=degree_matrix-Adjunct1;

%% resistance distance Auxi=ones(nbus1,nbus1); V=nbus1; sum= Laplacian + Auxi/V; invsum=inv(sum);%%%inverse of sum matrix omega=zeros(nbus1,nbus1);

for i=1:nbus1 for j=1:nbus1 if i == j omega(i,j)=0; else omega(i,j)=invsum(i,i)- 2*invsum(i,j)+invsum(j,j); %%%

calculating resistance distance end end end

%% find resistance distance from attacker to any bus resistance_attacker_bus=zeros(30,1); resistance_attacker_server=zeros(30,1); resistance_attacker_HMI=zeros(30,1);

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

23

resistance_attacker_OS_server=zeros(30,1); i=61; %%% attacker node number for j=1:30 resistance_attacker_bus(j,1)=omega(i,j); resistance_attacker_server(j,1)=omega(i,j)+omega(j,100)+omega(100,102); resistance_attacker_HMI(j,1)=omega(i,j)+omega(j,101)+omega(101,104);

resistance_attacker_OS_server(j,1)=omega(i,j)+omega(j,101)+omega(101,104)+ome

ga(104,103)+omega(103,102); end [sorted_attacker_bus,bus_impact] = sort(resistance_attacker_bus, 'descend'); x=1:1:30; new=[resistance_attacker_bus,resistance_attacker_server,resistance_attacker_H

MI,resistance_attacker_OS_server]; figure bar(x,new) title('Resistance Distance from Attacker to different area such as

bus,priviledge and Information') figure bar(x,resistance_attacker_bus) title('Resistance Distance from Attacker to Different bus') figure bar(x,resistance_attacker_OS_server) title('Resistance Distance from Attacker to Information Object through OS and

Different bus')

R Code:

library(igraph)

g1<-read.graph("power.gml",format = c("gml"))

g5<-read.graph("betweenness_minus_highest_10.gml",format = c("gml"))

####### Summary and graph exploration

g(g5)

g<-function(g1){

print("summary")

x1<-summary(g1)

print(x1)

print("components-weak")

x2<-components(g1, mode=("weak"))$no

print(x2)

print("components-strong")

x3<-components(g1, mode=c( "strong"))$no

x4<-mean(degree(g1))

print("mean degree")

print(x4)

x6<-average.path.length(g1)

print("average path length")

print(x6)

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

24

x7<-diameter(g1)

print("diameter")

print(x7)

x8<-transitivity(g1,type="localaverage")

print("cc local")

print(x8)

x9<-transitivity(g1,type="global")

print("cc global")

print(x9)

###### eig value #############################

lap<-graph.laplacian(g1)

eig<-eigen(lap)

eigv<-eig$values

seigv<-sort(eigv,decreasing = F)

sec_eigv<-seigv[2]

print("second smallest eig value")

print(sec_eigv)

leigv<-sort(eigv,decreasing = T)

lar_eigv<-leigv[1]

print("largest eig value")

print(lar_eigv)

print("eigen centrality")

x10<-eigen_centrality(g1)

print(x10$value)

######################################################

x11<-max(betweenness(g1))

print("betweenness")

print(x11)

}

######## Graph Transformations

x<-degree(g1)

y1<-subset(x,x!=9) ############## removing node with degree 9

y2<-subset(x,x!=19) ############## removing node with highest degree - 19

y3<-subset(x,x!=18) ############## removing node with highest degree - 18

x1<-sample(x,replace = FALSE) ########## randomly selecting 10 nodes

x2<-sample(x1,10)

y<-y1%in%x ########### selecting nodes without degree 9

table(y)

y2<-x[y]

x1<-sort(x,decreasing =F)

x1[1:10]###################### selecting highest 10 degree nodes

CptS 580-04/EE 582-03 Md Touhiduzzaman and Viresh Duvvuri

25

x2<-factor(y1)

table(x2)

x2<-x1[-(1226:1656)]

z1<-betweenness(g1)

z2<-max(betweenness(g1))

z<-subset(z1,z1!=z2)

z3<-sort(z1,decreasing =F)

z3[1:10] ################### selecting nodes with highest 10 betweeness

g5<-graph.adjlist(y1) ###### creating a graph with the selected nodes

write.graph(g5,"Degree_minus_9.gml",format = c("gml"))

######### operations on random graphs ########################

g2<-erdos.renyi.game(4941,0.00053)

V(g1)$name <- 1:vcount(g1)

V(g1)$name[degree(g1)==max(degree(g1))]<-NULL

g1[2554]<-NULL

summary(g2)

d<-min(degree(g1))

d$name

average.path.length(g1)

diameter(g2)

bet<-betweenness(g1)

s_bet<-sort(bet, decreasing = F)

s_bet[3]

min(betweenness(g1))

####################################