An Improved Grid Security Infrastructure by Trusted Computing

Current delegation mechanism of grid security infrastructure （GSI） can＇t satisfy the requirement of dynamic, distributed and practical security in grid virtual organization. To improve this situation, a TC-enabled GSI is discussed in this paper. With TC-enabled GSI, a practical delegation solution is proposed in this paper through enforcing fine granularity policy over distributed platforms with the emerging trusted computing technologies. Here trusted platform module is treated as a tamper-resistance module to improve grid security infrastructure. With the implement of Project Daonity, it is demonstrated that the solution could gain dynamic and distributed security in grid environment.

An In-Depth Study of Complex Power System Dynamic Behavior Characteristics for Chinese UHV Power Grid Security

In this paper,a series of major policy decisions used to improve the power grid reliability,reduce the risk and losses of major power outages,and realize the modernization of 21st century power grid are discussed. These decisions were adopted by American government and would also be helpful for the strategic development of Chinese power grid. It is proposed that China should take precaution,carry out security research on the overall dynamic behaviour characteristics of the UHV grid using the complexity theory,and finally provide safeguard for the Chinese UHV grid. It is also pointed out that,due to the lack of matured approaches to controll a cascading failure,the primary duty of a system operator is to work as a "watchdog" for the grid operation security,eliminate the cumulative effect and reduce the risk and losses of major cascading outages with the help of EMS and WAMS.

Integrated Wide Area Protection and Control for Power Grid Security

The traditional“three defense lines”for power systems are based on local information and static protection&control strategy,which are not suitable to modern large-scale power systems.In order to improve the security of UHV hybrid power grids,the Integrated Wide Area Protection&Control(IWAPC)is proposed in this paper by applying the new technologies of synchronized high-speed communication,which integrates“three defense lines”and promotes existing wide area protection only for security control.The IWAPC is the hierarchical protection and control system which provides the protection and control for wide area power networks to improve their reliability and security.It is divided into three levels,the local bay level,the substation integrated protection level and the wide area protection level.The wide area real-time protection and control information platform is the most important part of the IWAPC,which is based on a synchronized wide area communication network.The key technologies and new development trends include network topology analysis,wide area backup protection,wide area intelligent reclosing,wide area load shedding,wide area auto-switching,overload cutoff and transfer,transmission section protection,intelligent system splitting and dynamic stability control.It cannot only integrate three lines of defense for power system protection and control,but also improve security of the power grid.

Dynamically Authorized Role-Based Access Control for Grid Applications

Grid computing is concerned with the sharing and coordinated use of diverse resources in distributed “virtual organizations”. The heterogeneous, dynamic and multi-domain nature of these environments makes challenging security issues that demand new technical approaches. Despite the recent advances in access control approaches applicable to Grid computing, there remain issues that impede the development of effective access control models for Grid applications. Among them there are the lack of context-based models for access control, and reliance on identity or capability-based access control schemes. An access control scheme that resolve these issues is presented, and a dynamically authorized role-based access control (D-RBAC) model extending the RBAC with context constraints is proposed. The D-RABC mechanisms dynamically grant permissions to users based on a set of contextual information collected from the system and user’s environments, while retaining the advantages of RBAC model. The implementation architecture of D-RBAC for the Grid application is also described.

Renewable and Storage Energy Integration for Smart Grid Housing

This paper presents the design, implementation and testing of an embedded system that integrates solar and storage energy resources to smart homes within the smart mierogrid. The proposed system provides the required home energy by installing renewable energy and storage devices. It also manages and schedules the power flow during peak and off-peak periods. In addition, a two-way communication protocol is developed to enable the home owners and the utility service provider to improve the energy flow and the consumption efficiency. The system can be an integral part for homes in a smart grid or smart microgrid power networks. A prototype for the proposed system was designed, implemented and tested by using a controlled load bank to simulate a scaled random real house consumption behavior. Three different scenarios were tested and the results and findings are reported. Moreover, data flow security among the home, home owners and utility server is developed to minimize cyber-attaeks.

A policy-based automated negotiation for privileges in grid environments

To maintain the global consistency of the authorizing is a challenge when the system authorization is changed in grid environments. This paper proposes a policy-based automatically negotiating method to deal with this issue. An effective system framework, which includes the certificate management, the access policy repertory, the negotiator and the automatically negotiating mechanism, is designed and implemented. The experimental results show that automated negotiation can quickly regain the global authorization consistency and only cause a little system overhead increasing. Compared with the manual authorization maintaining, the presented method can reduce the negotiating time significantly, and reduce the meaningless grid jobs because the inconsistent privileges are controlled timely.

Task-and-role-based access-control model for computational grid

Access control in a grid environment is a challenging issue because the heterogeneous nature and independent administration of geographically dispersed resources in grid require access control to use fine-grained policies. We established a task-and-role-based access-control model for computational grid (CG-TRBAC model), integrating the concepts of role-based access control (RBAC) and task-based access control (TBAC). In this model, condition restrictions are defined and concepts specifically tailored to Workflow Management System are simplified or omitted so that role assignment and security administration fit computational grid better than traditional models; permissions are mutable with the task status and system variables, and can be dynamically controlled. The CG-TRBAC model is proved flexible and extendible. It can implement different control policies. It embodies the security principle of least privilege and executes active dynamic authorization. A task attribute can be extended to satisfy different requirements in a real grid system.

Influence and hazard of disastrous space weather on power grid in China

Based on the measured data of geomagnetically induced currents （GIC） in Guangdong Ling＇ ao 500 kV power networks during several magnetic storms at the peak years of 23rd Solar Cycle, the GIC calculation results of 750 kV planning power grid in Shartxi, Gansu, Qinghai and Ningxia, the structure and characteristics of power networks from 500 kV to 1 000 kV, and super magnetic storm in 1859 are analyzed in this paper. Through the analysis, the possible impacts of extreme space weather on the future ultra-high voltage （UHV） grid, the security of large-scale power system in China are expounded, and the research suggestions coping with the strong solar storms are proposed.

A Distributed Transactive Energy Mechanism for Integrating PV and Storage Prosumers in Market Operation

The decreasing cost of solar photovoltaics(PVs)and battery storage systems is driving their adoption in the residential distribution system,where more consumers are becoming prosumers.Accompanying this trend is the potential roll-out of home energy management systems(HEMSs),which provide a means for prosumers to respond to externalities such as energy price,weather,and energy demands.However,the economic operation of prosumers can affect grid security,especially when energy prices are extremely low or high.Therefore,it is paramount to design a framework that can accommodate the interests of the key stakeholders in distribution systems—namely,the network operator,prosumer,and aggregator.In this paper,a novel transactive energy(TE)-based operational framework is proposed.Under this frame-work,aggregators interact with the distribution grid operator through a negotiation process to ensure network security,while at the lower level,prosumers submit their schedule to the aggregator through the HEMS.If network security is at risk,aggregators will send an additional price component representing the cost of security(CoS)to the prosumer to stimulate further response.The simulation results show that the proposed framework can effectively ensure the economic operation of aggregators and prosumers in distribution systems while maintaining grid security.

Active resilient defense control against false data injection attacks in smart grids

The emerging of false data injection attacks(FDIAs)can fool the traditional detection methods by injecting false data,which has brought huge risks to the security of smart grids.For this reason,a resilient active defense control scheme based on interval observer detection is proposed in this paper to protect smart grids.The proposed active defense highlights the integration of detection and defense against FDIAs in smart girds.First,a dynamic physical grid model under FDIAs is modeled,in which model uncertainty and parameter uncertainty are taken into account.Then,an interval observer-based detection method against FDIAs is proposed,where a detection criteria using interval residual is put forward.Corresponding to the detection results,the resilient defense controller is triggered to defense the FDIAs if the system states are affected by FDIAs.Linear matrix inequality(LMI)approach is applied to design the resilient controller with H_(∞)performance.The system with the resilient defense controller can be robust to FDIAs and the gain of the resilient controller has a certain gain margin.Our active resilient defense approach can be built in real time and show accurate and quick respond to the injected FDIAs.The effectiveness of the proposed defense scheme is verified by the simulation results on an IEEE 30-bus grid system.

Fuzzy Logic-Based Secure and Fault Tolerant Job Scheduling in Grid

The uncertainties of grid sites security are main hurdle to make the job scheduling secure, reliable and fault-tolerant. Most existing scheduling algorithms use fixed-number job replications to provide fault tolerant ability and high scheduling success rate, which consume excessive resources or can not provide sufficient fault tolerant functions when grid security conditions change. In this paper a fuzzy-logic-based self-adaptive replication scheduling (FSARS) algorithm is proposed to handle the fuzziness or uncertainties of job replication number which is highly related to trust factors behind grid sites and user jobs. Remote sensing-based soil moisture extraction (RSBSME) workload experiments in real grid environment are performed to evaluate the proposed approach and the results show that high scheduling success rate of up to 95% and less grid resource utilization can be achieved through FSARS. Extensive experiments show that FSARS scales well when user jobs and grid sites increase.