diff options
Diffstat (limited to 'paper/safety-reset-paper.tex')
| -rw-r--r-- | paper/safety-reset-paper.tex | 128 |
1 files changed, 76 insertions, 52 deletions
diff --git a/paper/safety-reset-paper.tex b/paper/safety-reset-paper.tex index 3b7a93e..f4b24e6 100644 --- a/paper/safety-reset-paper.tex +++ b/paper/safety-reset-paper.tex @@ -335,8 +335,8 @@ investment. \section{Grid Frequency as a Communication Channel} We propose to approach the problem of broadcasting an emergency signal to all smart meters within a synchronous area by -using grid frequency as a communication channel. Despite the awesome complexity of large power grids, the physics -underlying their response to changes in load and generation is surprisingly simple. Individual machines (loads and +using grid frequency as a communication channel. Despite the technological complexity of the grid, the physics +underlying its response to changes in load and generation is surprisingly simple. Individual machines (loads and generators) can be approximated by a small number of differential equations and the entire grid can be modelled by aggregating these approximations into a large system of nonlinear differential equations. As a consequence, small signal changes in generation/consumption power balance cause an approximately proportional change in @@ -371,44 +371,61 @@ networks. \label{grid-freq-characterization} In utility SCADA systems, Phasor Measurement Units (PMUs, also called \emph{synchrophasors}) are used to precisely -measure grid frequency among other parameters. This task is much more complicated in practice than it might appear at -first glance since a PMU has to make extremely precise measurements, track fast changes in frequency and handle even -distorted input signals. Detail on the inner workings of commercial phasor measurement units is scarce but there is a -large amount of academic research on sophisticated phasor measurement +measure grid frequency among other parameters. This task is a complicated task since a PMU has to make fast and precise +measurements given a distorted input signal. Details on the inner workings of commercial phasor measurement units are +scarce but there is a large amount of academic research on measurement algorithms~\cite{narduzzi01,derviskadic01,belega01}. -Since we do not need reference standard-grade accuracy for our application we chose to start with a very basic algorithm -based on short-time fourier transform (STFT). Our system uses the universal frequency estimation approach of -experimental physicists Gasior and Gonzalez at CERN~\cite{gasior01}. The Gasior and Gonzalez algorithm~\cite{gasior01} -passes the windowed input signal through a DFT, then interpolates the signal's fundamental frequency by fitting a -wavelet such as a Gaussian to the largest peak in the DFT results. The bias parameter of this curve fit is an accurate -estimation of the signal's fundamental frequency. This algorithm is similar to the simpler interpolated DFT algorithm -used as a reference in much of the phasor measurement literature~\cite{borkowski01}. +In our application, we do not need the same level of precision. For the sake of simplicity, we use the universal +frequency estimation approach of Gasior and Gonzalez~\cite{gasior01}. In this algorithm, the windowed input signal is +processed using a Discrete Fourier Transform (DFT), then the signal's fundamental frequency is interpolated by fitting a +wavelet to the largest peak in the DFT result. The bias parameter of this curve fit is an accurate estimation of the +signal's fundamental frequency. This algorithm is similar to the simpler interpolated DFT algorithm referenced by phasor +measurement literature~\cite{borkowski01}. -To collect ground truth measurements for our analysis of grid frequency as a communication channel, we developed a device -to safely record real mains voltage waveforms. Our system consists of an \texttt{STM32F030F4P6} ARM Cortex M0 +To collect ground truth measurements for our analysis of grid frequency as a communication channel, we developed a +device to safely record mains voltage waveforms. Our system consists of an \texttt{STM32F030F4P6} ARM Cortex M0 microcontroller that records mains voltage using its internal 12-bit ADC and transmits measured values through a galvanically isolated USB/serial bridge to a host computer. We derive our system's sampling clock from a crystal oven to avoid frequency measurement noise due to thermal drift of a regular crystal: \SI{1}{ppm} of crystal drift would cause a -grid frequency error of $\SI{50}{\micro\hertz}$. We validated the performance of our crystal oven solution by -benchmarking it against a GPS 1pps reference. +grid frequency error of $\SI{50}{\micro\hertz}$. We compared our oven-stabilized clock against a GPS 1 pps reference and +found that over a time span of 20 minutes both stayed stable within 5 ppb of each other, which corresponds to the drift +specification of a typical crystal oven. -% FIXME measurement results, spectra +\begin{figure} + \centering + \includegraphics[width=0.8\textwidth]{../notebooks/fig_out/freq_meas_spectrum} + \caption{The spectrum of grid frequency variations measured over a two-day timespan. The raw spectrum is shown in + gray, and a smoothed spectrum is shown in red. The blue line is inversely proportional to frequency and illustrates + the $1/f$ nature of the spectrum. Distinctive peaks in the spectrum are marked with red crosses, and their locations + are given on the bottom of the diagram.} + \label{fig_freq_spec} +\end{figure} + +A number of effects can be seen in our measurement results in Figure~\ref{fig_freq_spec}. Across the frequency range, we +observe a broad $1/f$ noise. Above a period of $\SI{10}{\second}$, this $1/f$ noise dips to a flat noise floor. We +estimate that this low-noise region is caused by the self-regulating effect of loads. %FIXME citation +Above a $\SI{10}{\second}$ period, primary control is activated and thus the $1/f$ noise we observe is the result of the +interaction between primary control and consumer demand. On top of this $1/f$ behavior, the spectrum shows several sharp +peaks at time intervals with a ``round'' number such as $\SI{10}{\second}$, $\SI{60}{\second}$ or multiples of +$\SI{300}{\second}$. These peaks are due to loads turning on- or off depending on wall-clock time. Besides the narrow +peaks caused by this effect we can also observe two wider bumps at $\SI{6.3}{\second}$ and $\SI{3.9}{\second}$. These +bumps closely correlate with continental european synchonous area's oscillation modes at $\SI{0.15}{\hertz}$ (east-west) +and $\SI{0.25}{\hertz}$ (north-south)~\cite{grebe01}. +% FIXME measurement results \section{Grid Frequency Modulation} -Given the grid characteristics we measured using our custom waveform recorder and a model of our transmitter, we can -derive parameters for the modulation of our broadcast system. In its most basic form a transmitter for grid frequency -modulation would be a very large controllable load connected to the power grid at a suitable vantage point. A spool of -wire submerged in a body of cooling liquid such as a small lake along with a thyristor rectifier bank would likely -suffice to perform this function during occasional cybersecurity incidents. We can however decrease hardware and -maintenance investment even compared to this rather uncultivated solution by repurposing large industrial loads -as transmitters. Going through a list of energy-intensive industries in Europe~\cite{ec01}, we found that an aluminium -smelter would be a good candidate. In aluminium smelting, aluminium is electrolytically extracted from alumina solution. -High-voltage mains power is transformed, rectified and fed into about 100 series-connected electrolytic cells forming a -\emph{potline}. Inside these pots alumina is dissolved in molten cryolite electrolyte at about \SI{1000}{\degreeCelsius} -and electrolysis is performed using a current of tens or hundreds of Kiloampère. The resulting pure aluminium settles at -the bottom of the cell and is tapped off for further processing. +In its most basic form a transmitter for grid frequency modulation would be a very large controllable load located +centrally within the grid. A spool of wire submerged in a body of cooling liquid such as a small lake along with a +thyristor rectifier bank would likely suffice. We can however decrease hardware and maintenance investment even compared +to this rather uncultivated solution by repurposing large industrial loads as transmitters. Going through a list of +energy-intensive industries in Europe~\cite{ec01}, we found that an aluminium smelter would be a good candidate. In +aluminium smelting, aluminium is electrolytically extracted from alumina solution. High-voltage mains power is +transformed, rectified and fed into about 100 series-connected electrolytic cells forming a \emph{potline}. Inside these +pots alumina is dissolved in molten cryolite electrolyte at about \SI{1000}{\degreeCelsius} and electrolysis is +performed using a current of tens or hundreds of Kiloampère. The resulting pure aluminium settles at the bottom of the +cell and is tapped off for further processing. Aluminium smelters are operated around the clock, and due to the high financial stakes their behavior under power outages has been carefully characterized by the industry. Power outages of tens of minutes up to two hours reportedly do @@ -439,28 +456,35 @@ relation to the entire grid. \subsection{Parametrizing Modulation for GFM} -Modulating $\SI{25}{\mega\watt}$ of smelter power would yield a frequency shift of $\SI{1}{\milli\hertz}$. At an RMS -frequency noise of around $\SI{10}{\milli\hertz}$ in the band around $\SI{1}{\hertz}$, this results in challenging SNR. -% FIXME properly calculate frequency noise density, SNR -Under such conditions, the obvious choice for modulation are spread-spectrum techniques. Thus, we approached the setting -using Direct Sequence Spread Spectrum for its simple implementation and good overall performance. DSSS chip timing -should be as fast as the transmitter's physics allow to exploit the low-noise region between -$\SI{0.2}{\hertz}$ to $\SI{2.0}{\hertz}$ in the frequency noise spectrum while avoiding any of the grid's oscillation modes. Going -past $\approx\SI{2}{\hertz}$ would put strain on the receiver's frequency measurement subsystem~\cite{belega01}. Using a -spread-spectrum technique allows us to reduce the effect of interference by spurious tones. In addition, spreading our -signal's energy over frequency also reduces the likelihood that we cause the grid to oscillate along any of its modes. - -To test our proposed approach, we wrote a proof-of-concept modulator and demodulator in Python and tested this -proof-of-concept prototype with data captured from our grid frequency sensor. Our simulations covered a range of -parameters in modulation amplitude, DSSS sequence bit depth, chip duration and detection threshold. -Figure~\ref{fig_ser_nbits} shows symbol error rate (SER) as a function of modulation amplitude with Gold sequences of -several bit depths. As can be seen, realistic modulation amplitudes are in the range around $\SI{1}{\milli\hertz}$. In -the continental European synchronous area, this corresponds to a modulation power of approximately -$\SI{25}{\mega\watt}$. Figure~\ref{fig_ser_thf} shows SER against detection threshold relative to background noise. -Figure~\ref{fig_ser_chip} shows SER against chip duration for a given fixed symbol length. As expected from looking at -our measured grid frequency noise spectrum, performance is best for short chip durations and worsens for longer chip -durations since shorter chip durations move our signals' bandwidth into the lower-noise region from $\SI{0.2}{\hertz}$ -to $\SI{2}{\hertz}$. +Given the grid characteristics we measured using our custom waveform recorder and using a model of our transmitter, we +can derive parameters for the modulation of our broadcast system. Modulating $\SI{25}{\mega\watt}$ of smelter power +would yield a frequency shift of $\SI{1}{\milli\hertz}$. At an RMS frequency noise of around $\SI{10}{\milli\hertz}$ in +the band around $\SI{1}{\hertz}$, this results in challenging SNR. A second layer of modulation yielding some modulation +gain is necessary to achieve sufficient overall SNR. + +The grid's frequency noise has significant localized peaks that might interfere with this modulation. Further +complicating things are the oscillation modes. A GFM system must be designed to avoid exciting these modes. However, +since these modes are not static, a modulation method that is designed around a specific assumption of their location +would not be future proof. Given these concerns, the optimal second-level modulation technique for GFM is a +spread-spectrum technique. By spreading signal energy throughout a wide band, both the impact of local noise spikes is +minimized and the risk of mode excitation is reduced since spread-spectrum techniques minimize energy in any particular +sub-band. + +In this paper, we chose to perform simulations using Direct Sequence Spread Spectrum for its simple implementation and +good overall performance. DSSS chip timing should be as fast as the transmitter's physics allow to exploit the low-noise +region between $\SI{0.2}{\hertz}$ to $\SI{2.0}{\hertz}$ in Figure~\ref{fig_freq_spec}. Going past +$\approx\SI{2}{\hertz}$ would complicate frequency measurement at the receiver side. + +We simulated a proof-of-concept modulator and demodulator using data captured from our grid frequency sensor. Our +simulations covered a range of parameters in modulation amplitude, DSSS sequence bit depth, chip duration and detection +threshold. Figure~\ref{fig_ser_nbits} shows symbol error rate (SER) as a function of modulation amplitude with Gold +sequences of several bit depths. As can be seen, realistic modulation amplitudes are in the range around +$\SI{1}{\milli\hertz}$. In the continental European synchronous area, this corresponds to a modulation power of +approximately $\SI{25}{\mega\watt}$. Figure~\ref{fig_ser_thf} shows SER against detection threshold relative to +background noise. Figure~\ref{fig_ser_chip} shows SER against chip duration for a given fixed symbol length. As expected +from looking at our measured grid frequency noise spectrum, performance is best for short chip durations and worsens for +longer chip durations since shorter chip durations move our signals' bandwidth into the lower-noise region from +$\SI{0.2}{\hertz}$ to $\SI{2}{\hertz}$. %FIXME introduce term "chip" somewhere \begin{figure} |