In this developer guide we provide information to help those researchers interested in extending the GridAttackSim functionality, for example to add new smart grid topologies and attack types.
The GridAttackSim release contains a large number of files, and we provide an overview below to facilitate further development and extensions of the software.
├── Database # Database folder
│ ├── 13_Nodes_73_Houses # IEEE 13 node test feeder with 73 houses
│ ├── GridLab-D.glm # GridLAB-D main file
│ ├── ns-3.cc # ns-3 main file
│ ├── compile-ns3.sh # Compile ns-3 network model
│ ├── creat_zpl_file.py # Generate fncs.zpl
│ ├── creat_rout_and_subscribe.py # Generate fncs_msg.txt
│ ├── run.sh # Run ns-3, GridLab-D, and fncs_broker
│ ├── fncs_msg.txt # Configure FNCS broker to ns-3 communication
│ ├── fncs.zpl # Configure simulator topic subscription
│ ├── LinkModelGLDNS3.txt # Define number of houses and prefix
│ ├── 13_Nodes_15_Houses # IEEE 13 node test feeder with 15 houses
│ ├── 1_Node_255_Houses # Simple test feeder developed by the FNCS team
│ ├── 4_Nodes_1_House # IEEE 4 node test feeder with 1 house
│ ├── 4_Nodes_492_Houses # IEEE 4 node test feeder with 492 houses
├── GridAttackSim.py # Main application GUI file
├── attack_broker.py # Run attack simulation
├── attack_library.json # Attack library in JSON format
├── glmMap.py # Convert GridLab-D.glm to graph
├── plot_result.py # Plot results
In order to add a new smart grid topology, you need to create a
directory similar to the ones existing in the Database folder. To
set up an existing raw GridLab-D.glm file for use with
GridAttackSim, you need to add fncs_msg and auction objects in it,
so as to configure the GridLAB-D process connection with the FNCS
broker. This can be achieved by running the two scripts shown below:
python3 creat_zpl_file.py
python3 creat_rout_and_subscribe.py
The generation scripts for FNCS communication configuration files use the total number of houses, market ID, and prefix of the controller inside each house as the input. The files generated by these scripts are:
fncs.zpl: Configure the simulator to subscribe to the topics of interest, such as market ID, market-clearing price, submit bid state, etc.; this file uses the ZPL (ZeroMQ Property Language) formatfncs_msg.txt: Configure the communication between the FNCS broker and the ns-3 process
GridAttackSim makes it possible to evaluate the consequences of cyber-attacks in a simulated smart grid environment. These attacks are instantiated through the attack pattern library, which contains descriptions of each attack.
To add a new attack, you need to add new objects to the attack pattern
library file attack_library.json, which contains a representation of
the nature, effects, and schedule of an attack. The attack pattern
library file uses the JSON format, and for each attack the following
information needs to be provided:
├── "Object" # JSON object
│ ├── attack_type # Type of attack to be conducted
│ ├── type_id # ID of the attack
│ ├── type_name # Name of the attack
│ ├── description # Description of the attack
│ ├── affected_value # Parameters affected by the attack and their values
│ ├── attack_component # Smart grid components affected by the attack
│ ├── component_id # ID of the affected component
│ ├── component_name # Name of the affected component
│ ├── description # Description of the affected component
│ ├── file # Core system files to be over-written to conduct the attack
│ ├── attack_schedule # Schedule according to which the attack should happen
│ ├── schedule_id # ID of the attack schedule
│ ├── description # Description of the attack schedule
│ ├── start_time # Starting time of the attack
│ ├── end_time # Ending time of the attack
Below we show a fragment of the attack_library.json file in the
GridAttackSim release, which includes details for the "Channel
Jamming" attack.
{
"type": "attack_library",
"version": "1.0",
"created": "2020-01-01",
"object": [
{
"attack_category": "nefarious_activity",
"attack_id": "1",
"category_name": "Nefarious Activity",
"name": "Channel Jamming - Cluster",
"description": "Nefarious Activity",
"attack_type": [
{
"type_id": "1",
"type_name": "channel_jamming_cluster",
"description": "Since smart grid uses IP protocol and TCP/IP stack,
it becomes subject to DoS attacks and to the vulnerabilities
inherent in the TCP/IP stack. DoS attacks might attempt to delay,
block, or corrupt information transmission in order to make smart grid
resources unavailable",
"affected_value": [
{
"delay_cluster": 100,
"data_rate_cluster": 1000000
}
]
}
],
"attack_component": [
{
"component_id": "1",
"component_name": "Network",
"description": "Network component is affected",
"file": "ns-3.cc"
}
],
"attack_schedule": [
{
"schedule_id": "1",
"description": "Attack Schedule",
"file": "schedule_1",
"start_time": "12:00:00",
"end_time": "18:00:00"
}
]
},
...
The simulation of smart grid cyber-attacks is conducted by altering the input of the GridLAB-D and ns-3 simulators. For each attack, the attack pattern library needs to specify the variables that need to be changed to simulate that particular attack. The table below shows the affected parameters for each of the currently implemented attack type. Note that different types of attacks might affect the same variables, yielding multiple possibilities for diagnosis.
If you simply want to modify the effects of one of the currently implemented attacks, you should change the values of the affected values, then run the simulation to see what are the consequences on the smart grid.