DESIGNING AN INTRUSION DETECTION SCHEME FOR INDUSTRIAL ADJUSTABLE SPEED DRIVE SYSTEMS

Abstract

This dissertation proposes a detection method for cyber intrusions on sensor measurement of an adjustable speed drive (ASD) system controlling a critical process and a grid-following PV inverter system. The proposed detection method is injecting a random private low-amplitude signal with a zero mean Gaussian distribution, “watermark”, into one of the input phase voltages that power the system or to the control input signal of a system. This watermark signal propagates through the system, then ultimately appears in the sensor measurements. By deploying two statistical dynamic watermarking tests with two proper thresholds, the system can detect potential cyber-intrusions or unobservable cyber-attacks such as replay attacks. In Chapter 2, we described the modeling and V/f control for the industrial ASD system, and then we illustrated the behaviors of the industrial ASD system under false data injection attacks (FDIA). FDIA is an attacker adding false data into the feedback control loop, which can cause the system to act abnormally and possibly lead to dangerous consequences such as equipment damage and system instability. Therefore, we need to develop a detection method for cyber intrusions. Chapter 3 presented the proposed Dynamic Watermarking approach on the industrial ASD system with the injection of the watermark signal into the control input signal, which is the modulation index of the inverter. The approach is validated using Hardware-in-the-Loop (Typhoon HIL) setup with the implementation of several attack scenarios, such as replay attacks. The proposed Dynamic Watermarking approach was experimentally tested on a commercial ASD system in Chapter 4. The watermark signal here is injected into one of the input phase voltages that power the system. This system, powered by a commercial PWM drive operating at 208 V, 3-phase, and 3.7 kW, served as our experimental platform. Furthermore, the approach is examined on multiple ASD systems controlling a critical process through Hardware-in-the-Loop (HiL). Chapter 5 proposed a method to detect a man-in-the-middle attack (MiTM) on a grid following PV inverter system. The control objective of the grid following inverter is to utilize the measurement data from the smart meter to supply the maximum available solar power at any given point to a residential load, while simultaneously preventing any reverse power flow to the grid. FDIA is envisioned on the smart meter data communicated to the inverter by malicious actors. A Hardwarein-the-Loop (HIL) implementation reveals that the detection method effectively identifies FDIA and unobservable FDIA, such as replay attacks.