ABSTRACT
Cyber-physical systems (CPSs) are tightly coupled cyber and physical intelligent systems of collaborating computational units that monitor and control physical elements. Smart grid (SG), medical cyber-physical system (MCPS), unmanned aerial vehicle (UAV), and intelligent transportation system (ITS) are all representatives of CPSs, among which smart grid is the most typical form. The smart grid CPS takes advantages of information and communication technologies (ICTs) to provide reliable, efficient, and accurate power generation, transmission, and distribution services. Nevertheless, as a result of the advancement of ICTs, an increasing number of cyber attacks have targeted the smart grid due to the fact that thousands of electronic devices are interconnected via widely deployed communication networks. This makes the whole power system more vulnerable to attacks from cyber space. Therefore, cyber security is an emergent critical issue in the smart grid. In addition, since the attacks come from not only the outsider world, but also insider systems, it is quite a challenging task to guarantee security in the smart grid. Even though great efforts have been made to resist outsider attacks, less attention has been paid to insider ones. In fact, according to the 2013 U.S. State Cybercrime Survey, insider attacks constitute 34% of all surveyed attacks (external constitute 31%, and the remaining 35% have
surprisingly shows that insider attacks already become one of the main sources of threats to cyber and cyber-physical systems. Among various insider attacks, false data injection (FDI) attacks are the most substantial and fatal ones. FDI attackers report falsified measurement data to the system control center (CC); therefore, energy generation, transmission, and distribution could be erroneous due to responses to the false commands from CC, resulting in unnecessary costs, system outages, or fatal consequences. To mitigate FDI threats, a number of signature-based and anomaly-based methods have been proposed over the past few years. However, they suffer from some drawbacks, such as their inability to detect some source-unknown threats and high false alarm probability. To cope with such challenges, in this chapter, we introduce a behavior rule specification-based detection technique for insider threats (e.g., FDI attacks) in smart grid CPSs, which can improve the accuracy of detection and decrease false alarms.
