Cross-Layer Attack Path Exploration for Smart Grid Based on Knowledge of Target Network.

Attack path has obviously changed due to multiple-layer structure and the characteristic of failure cross-layer propagation, which changes from static to dynamic and from single layer to multilayer. Attack path exploration is meaningful for simulating the attacker’s intention and is convenient for the defenders to develop a defense mechanism. In this paper, based on a knowledge of target network (i.e., the state of cyber nodes, power flow, node type, voltage, active power, reactive power and time factor etc.), we firstly propose forward and inverse bi-directional solution model that utilizes thread propagation mechanism in the communication network and failure diffusion mechanism in power grid to explore multiple accessible cross-layer attack paths (CLAPs). Thread propagation mechanism considers system vulnerability, threat propagation, and time factor. Failure diffusion mechanism utilizes power flow to trigger load distribution in order to cause attack targets to fail. Secondly, we describe the concept of cross-layer attack path and classify it as four types: Direct Attack Path (DAP), Threat Propagation Attack Path (TPAP), Failure Diffusion Attack Path (FDAP), and Threat Propagation and Failure Diffusion Attack Path (TPFDAP). Thirdly, we propose an assessment method to evaluate the generation probability of CLAPs. Finally, experimental results show that the CLAP of the smart grid can be accurately identified in time, and the defenders can predict the best possible CLAP according to its generation probability. The CLAPs of the same targets are different at the different times and are easily affected by the state of the cyber layer and the tolerance (alpha ) of the physical layer.