PhD Oral Exam - Mostafa Ansari, Information and Systems Engineering

When studying for a doctoral degree (PhD), candidates submit a thesis that provides a critical review of the current state of knowledge of the thesis subject as well as the student’s own contributions to the subject. The distinguishing criterion of doctoral graduate research is a significant and original contribution to knowledge.

Once accepted, the candidate presents the thesis orally. This oral exam is open to the public.

Abstract

The accelerating integration of wind energy into modern power grids has transformed electricity generation while introducing significant cybersecurity challenges. Wind power plants (WPPs), which are geographically distributed and rely on cyberinfrastructure, are particularly vulnerable to cyberattacks targeting both information technology (IT) and operational technology (OT) domains. While IT security emphasizes data confidentiality and integrity, OT systems control the real-time operation of turbines using specialized protocols optimized for fast data exchange, often lacking cybersecurity safeguards. Existing solutions have primarily focused on specific subsystems, with comparatively less emphasis on control-aware, multi-layer frameworks. As a result, unified approaches integrating physics-informed detection with robust mitigation strategies across the wind turbine (WT), WPP, and grid levels have received limited attention, especially with respect to system stability, operational considerations, and compliance with industry standards.

This thesis develops a comprehensive, multi-layered framework for cyber-resilient control and monitoring of wind-integrated power systems, with a particular focus on OT systems. The proposed framework addresses three hierarchical levels: (i) WT level, focusing on securing local control loops and sensors; (ii) WPP level, emphasizing coordinated attack detection and mitigation across multiple WTs within a WPP; and (iii) system-wide power grid level, countering resonance-type cyberattacks that cause low-frequency oscillations and destabilize renewable-integrated grids. The framework integrates advanced detection schemes, including physics-informed and AI-based methods, with robust control strategies such as H∞, LQR, Kalman filter, and state-observer-based controllers to ensure operational performance under adversarial conditions.

Through a series of contributions this research: (i) identifies critical cyberattack vectors, assesses their impact on WPP and grid stability, and designs adaptive data-driven–physics-informed detection schemes for real-time monitoring; and (ii) proposes control-oriented mitigation strategies capable of counteracting attacks that destabilize the system, such as those inducing oscillations. The resulting hierarchical framework establishes a scalable and resilient defense architecture, advancing both the theory and practice of cybersecurity in wind-integrated power systems. This work provides a foundation for ensuring reliable, secure, and resilient operation of future wind-dominated electricity grids.