While smart grid technologies are deployed to help achieve improved grid resiliency

and efficiency, they also present an increased dependency on cyber resources which may

be vulnerable to attack. This dissertation introduces three components that provide new

methods to enhancing the cyber security of the smart grid.

First, a quantitative exposure analysis model is presented to assess risks inherited

from the communication and computation of critical information. An attack exposure

metric is then presented to provide a quantitative means to analyze the model. The

metric's utility is then demonstrated by analyzing smart grid environments to contrast

the effectiveness of various protection mechanisms and to evaluate the impact of new

cyber vulnerabilities.

Second, a model-based intrusion detection system is introduced to identify attacks

against electric grid substations. The system expands previous research to incorporate

temporal and spatial analysis of substation control events in order to differentiate attacks

from normal communications. This method also incorporates a hierarchical detection

approach to improve correlation of physical system events and identify sophisticated

coordinated attacks.

Finally, the PowerCyber testbed is introduced as an accurate cyber-physical envi-

ronment to help facilitate future smart grid cyber security research needs. The testbed

implements a layered approach of control, communication, and power system layers while

incorporating both industry standard components along with simulation and emulation

techniques. The testbed's efficacy is then evaluated by performing various cyber attacks

and exploring their impact on physical grid simulations.