当前位置:
X-MOL 学术
›
Energy Convers. Manag.
›
论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Unveiling stealthy man-in-the-middle cyber-attacks on energy performance in grid-interactive smart buildings
Energy Conversion and Management ( IF 9.9 ) Pub Date : 2024-08-24 , DOI: 10.1016/j.enconman.2024.118949 Yiyuan Qiao, Dongyu Chen, Qun Zhou Sun, Guanyu Tian, Wenyi Wang
Energy Conversion and Management ( IF 9.9 ) Pub Date : 2024-08-24 , DOI: 10.1016/j.enconman.2024.118949 Yiyuan Qiao, Dongyu Chen, Qun Zhou Sun, Guanyu Tian, Wenyi Wang
Grid-interactive smart buildings integrated with building automation systems (BAS) have gained increasing attention in recent years because of their ability to enable timely data communication that links physical and cyber-based control systems. However, the increasing integration has made both buildings and power grids more vulnerable to cyber-attacks. This study highlights the critical importance of cyber security considering negative energy impacts on grid-interactive buildings, which can severely jeopardize the safety and stability of power grids. This paper first proposes a novel man-in-the-middle (MITM) cyber-attack with specific malicious intent to manipulate the building power demand from the heating, ventilation, and air conditioning (HVAC) systems. The model predictive control (MPC) strategy is implemented to maximize power consumption or load ramp rate while simultaneously ensuring optimal building thermal comfort and evading detection by building occupants. Furthermore, the expert rules, i.e., air handling unit performance assessment rules (APAR), are incorporated as critical constraints in the MPC algorithm to bypass the fault detection alarms. The results demonstrate the capabilities of the proposed MITM cyber-attack scenarios in achieving predetermined objectives without triggering any fault detection alarms. In attack Scenario 1, the total power consumption is increased by up to 55%, and in attack Scenario 2, the load ramp rate is increased by 19 times compared with the fault-free BAS. The comparison between DoS (denial of service), FDI (false data injection), and the proposed cyber-attack, which focuses on their impact on the power grid and concealment analysis, is conducted to raise awareness of the severity and stealthiness of the proposed cyber-attacks. This paper is among the first few developing comprehensive MITM cyber-attacks to intelligently manipulate building power consumption exploiting real-time BAS data. It unveils the important risks associated with BAS and provides valuable insights for further assessment of cyber security of grid-interactive smart buildings.
中文翻译:
揭开对电网交互式智能建筑能源性能的隐形中间人网络攻击
近年来,与楼宇自动化系统(BAS)集成的网格交互智能建筑越来越受到关注,因为它们能够实现连接物理和网络控制系统的及时数据通信。然而,日益一体化使得建筑物和电网更容易受到网络攻击。这项研究强调了网络安全的重要性,考虑到能源对电网互动建筑的负面影响,这可能严重危害电网的安全和稳定。本文首先提出了一种新型中间人 (MITM) 网络攻击,其具有特定的恶意意图,旨在操纵供暖、通风和空调 (HVAC) 系统的建筑电力需求。实施模型预测控制 (MPC) 策略是为了最大限度地提高功耗或负载斜坡率,同时确保最佳的建筑热舒适度并逃避建筑居住者的检测。此外,专家规则,即空气处理机组性能评估规则(APAR),被纳入MPC算法中作为关键约束,以绕过故障检测警报。结果证明了所提出的 MITM 网络攻击场景在不触发任何故障检测警报的情况下实现预定目标的能力。在攻击场景1中,总功耗增加高达55%,在攻击场景2中,负载斜坡率比无故障BAS增加了19倍。 DoS(拒绝服务)、FDI(虚假数据注入)和拟议的网络攻击之间的比较,重点是它们对电网的影响和隐蔽性分析,旨在提高人们对拟议网络攻击的严重性和隐蔽性的认识网络攻击。本文是首批开发综合 MITM 网络攻击的论文之一,旨在利用实时 BAS 数据智能地操纵建筑物功耗。它揭示了与 BAS 相关的重要风险,并为进一步评估电网交互式智能建筑的网络安全提供了宝贵的见解。
更新日期:2024-08-24
中文翻译:
揭开对电网交互式智能建筑能源性能的隐形中间人网络攻击
近年来,与楼宇自动化系统(BAS)集成的网格交互智能建筑越来越受到关注,因为它们能够实现连接物理和网络控制系统的及时数据通信。然而,日益一体化使得建筑物和电网更容易受到网络攻击。这项研究强调了网络安全的重要性,考虑到能源对电网互动建筑的负面影响,这可能严重危害电网的安全和稳定。本文首先提出了一种新型中间人 (MITM) 网络攻击,其具有特定的恶意意图,旨在操纵供暖、通风和空调 (HVAC) 系统的建筑电力需求。实施模型预测控制 (MPC) 策略是为了最大限度地提高功耗或负载斜坡率,同时确保最佳的建筑热舒适度并逃避建筑居住者的检测。此外,专家规则,即空气处理机组性能评估规则(APAR),被纳入MPC算法中作为关键约束,以绕过故障检测警报。结果证明了所提出的 MITM 网络攻击场景在不触发任何故障检测警报的情况下实现预定目标的能力。在攻击场景1中,总功耗增加高达55%,在攻击场景2中,负载斜坡率比无故障BAS增加了19倍。 DoS(拒绝服务)、FDI(虚假数据注入)和拟议的网络攻击之间的比较,重点是它们对电网的影响和隐蔽性分析,旨在提高人们对拟议网络攻击的严重性和隐蔽性的认识网络攻击。本文是首批开发综合 MITM 网络攻击的论文之一,旨在利用实时 BAS 数据智能地操纵建筑物功耗。它揭示了与 BAS 相关的重要风险,并为进一步评估电网交互式智能建筑的网络安全提供了宝贵的见解。
京公网安备 11010802027423号