Here is the Demo of our Final Project:
Here is a link to our Final Design Document
For a full run-down on our project, please see Here
Project Overview
Our project aims to simulate potential cyber attacks on an electrical power grid. The electrical grid is a high impact target, which makes it very enticing for attackers. Disrupting an electrical grid can have catastrophic effects for a city and it's citizens, and making it important to keep it secured. Our project will allow city planners, electric companies, and security firms a tool that will allow them to test the impact of cyber attacks against the electrical grid, and help them enhance and validate security measures for their own electric grid. The simulated electrical grid will be created using the following open source projects:
- pandapower to simulate a transmission grid
- dss-python for modeling a distribution grid
- OpenDER to simulate users of the power grid
- HELICS Co-Simulation to facilitate the simulation between all of these programs.
A topological diagram of our architecture is as follows:
Software Architecture
Power-Plot for OpenDSS Distribution Model
For the attack side of things:
We were able to come up with 3 different attack outcomes that we could feasibly implement. The attack outcomes are line tripping, generator short circuit, and load shedding. Due to time constraints we weren’t able to get everything implemented that we had initially planned on. We were only able to get the line tripping implemented and working. Our future work included implementing the other 2 attacks. One of the attacks is simulating a generator short-circuit in Pandapower. According to Pandapower documentation, there is a function built into the library that allows for the simulation of a generator short-circuiting. Our implementation plan was to modify the pandapower code to have this function run when specified to run this specific scenario. The other attack is to emulate a data integrity attack by causing load shedding. According to Pandapower documentation, there is a function built into the library that allows for State Estimation, which is an attack vector for data integrity attacks that was found using the research stated above. By trying to falsify State Estimation data, we could get the transmission model to cause load shedding leading to less power on the grid than is needed by the distribution model.
To simulate attacks on certain lines of the power-grid, we are disabling certain lines based on how much power goes through them and how vital they are to the grid.
Low Severity Line Trip
Medium Severity Line Trip
High Severity Line Trip
Team Members
I am a senior in cyber security engineering and I will be a concurrent student next semester going for my Masters of Science in Cyber Security. I currently have my Sec+ certification and am working with Kingland Systems as a SOC Tier-1 Analyst on the Security Operations team.
Zach Hirst
I am a senior in cyber security engineering working towards my graduation in May. I've had an internship at Ag Leader Inc in Ames as a Software Engineer. After graduation I plan to enter the workforce after moving to Denver.
I am an Electrical Engineering undergraduate student with an expected graduation of May 2024. I am graduating with a focus on power systems and have experience in substation design.
Matt Nevin
My name is Matthew Nevin, I am a senior in Electrical Engineering at Iowa State University with a focus on power systems. I have industry experience with the power grid and substation design. I currently work remotely for Electrical Consultants Inc. as a Substation Design Intern.
Hi! I am a Cyber Security Engineer at Iowa State, I have worked 2 internships at Principal Financial Group as both a Cyber Defense Analyst and Engineer. I have a focus in Cyber Defense Architecture and Forensics relating to said architecture or incidents.
Kaya Zdan
I am a Software Engineering major with a minor in Cyber Security. Last summer I worked at PwC with their Cyber Penetration Testing Team, and will be returning fulltime after graduation in May.