Lanting Zeng,Dawei Qiu,Mingyang Sun

DOI: https://doi.org/10.1016/j.apenergy.2022.119688

IF: 11.2

2022-01-01

Applied Energy

Abstract:Demand response improves grid security by adjusting the flexibility of consumers meanwhile maintaining their demand–supply balance in real-time. With the large-scale deployment of distributed digital communication technologies and advanced metering infrastructures, data-driven approaches such as multi-agent reinforcement learning (MARL) are being widely employed to solve demand response problems. Nevertheless, the massive interaction of data inside and outside the demand response management system may lead to severe threats from the perspective of cyber-attacks. The cyber security requirements of MARL-based demand response problems are less discussed in the existing studies. To this end, this paper proposes a robust adversarial multi-agent reinforcement learning framework for demand response (RAMARL-DR) with an enhanced resilience against adversarial attacks. In particular, the proposed RAMARL-DR first constructs an adversary agent that aims to cause the worst-case performance via formulating an adversarial attack; and then adopts periodic alternating robust adversarial training scenarios with the optimal adversary aiming to diminish the severe impacts induced by adversarial attacks. Case studies are conducted based on an OpenAI Gym environment CityLearn, which provides a standard evaluation platform of MARL algorithms for demand response problems. Empirical results indicate that the MARL-based demand response management system is vulnerable when the adversary agent occurs, and its performance can be significantly improved after periodic alternating robust adversarial training. It can be found that the adversary agent can result in a 41.43% higher metric value of Ramping than the no adversary case, whereas the proposed RAMARL-DR can significantly enhance the system resilience with an approximately 38.85% reduction in the ramping of net demand.

Kevin A. Melendez,Yolanda Matamala

DOI: https://doi.org/10.1016/j.apenergy.2024.124615

IF: 11.2

2024-10-31

Applied Energy

Abstract:Detecting and characterizing malicious operations in electricity markets presents substantial challenges due to the innate complexity of power networks. This paper explores adversarial attacks in electricity markets, i.e., we consider the scenario in which malicious market participants make undetectable changes to the input data of other participants, resulting in significant negative impacts on their operations. We propose a novel methodology to generate adversarial attacks, which leverages linear optimization theory and statistical learning to generate suboptimal, feasible solutions or super-optimal, infeasible solutions that convincingly resemble optimal solutions. The methodology is general and applicable for generating adversarial attacks on optimization-based decision systems. We use it to analyze the potential economic losses, policy making, and social consequences resulting from compromised demand-side operations. In particular, we focus on scenarios where certain demand side-players, i.e., microgrids, or prosumers in a general sense, engage in malicious activities by targeting other microgrids and the independent system operator. We model the electricity market dynamics using an equilibrium problem with equilibrium constraints (EPEC). To make the model easier to solve, the EPEC is reformulated using a combination of the Fisher–Burmeister function and strong duality theorem. Results show that microgrids can artificially decrease its consumption by up to 12% without triggering alarms. Additionally, this amount can be increased by an additional 14% to 22%, contingent on the strategy employed to monitor the observable variables. We also study the implications of the increasing utilization of solar generation, showing its potential to mitigate the impact of adversarial attacks while also introducing new risks to the system.

energy & fuels,engineering, chemical

Yan Chen,Mingyang Sun,Zhongda Chu,Simon Camal,George Kariniotakis,Fei Teng

DOI: https://doi.org/10.1109/tsg.2022.3207517

IF: 10.275

2023-01-01

IEEE Transactions on Smart Grid

Abstract:With the increasing penetration of renewables, the power system is facing unprecedented challenges of low-inertia levels. The inherent ability of the system to defense disturbance and power imbalance through inertia response is degraded, and thus, system operators need to make faster and more efficient scheduling operations. As one of the most promising solutions, machine learning (ML) methods have been investigated and employed to realize effective inertia forecasting with considerable accuracy. Nevertheless, it is yet to understand its vulnerability with the growing threat of cyberattacks. To this end, this paper proposes a methodological framework to explore the vulnerability of ML-based inertia forecasting models, with a special focus on data integrity attacks. In particular, a cost-oriented false data injection attack is proposed, for the first time, with the primary objective to significantly increase the system operation cost while retaining the stealthiness of the attack via minimizing the differences between the pre-perturbed and after-perturbed inertia forecasts. Moreover, we propose four vulnerability assessment metrics for the ML-based inertia forecasting models. Case studies on the GB power system demonstrate the vulnerability and impact of the ML-based inertia forecasting models, as well as the stealthiness and transferability of the proposed cost-oriented data integrity attacks.

Kostas Hatalis,Parv Venkitasubramaniam,Shalinee Kishore

DOI: https://doi.org/10.48550/arXiv.1909.12894

2019-09-28

Abstract:Demand-Side Management (DSM) is a vital tool that can be used to ensure power system reliability and stability. In future smart grids, certain portions of a customers load usage could be under automatic control with a cyber-enabled DSM program which selectively schedules loads as a function of electricity prices to improve power balance and grid stability. In such a case, the security of DSM cyberinfrastructure will be critical as advanced metering infrastructure, and communication systems are susceptible to hacking, cyber-attacks. Such attacks, in the form of data injection, can manipulate customer load profiles and cause metering chaos and energy losses in the grid. These attacks are also exacerbated by the feedback mechanism between load management on the consumer side and dynamic price schemes by independent system operators. This work provides a novel methodology for modeling and simulating the nonlinear relationship between load management and real-time pricing. We then investigate the behavior of such a feedback loop under intentional cyber-attacks using our feedback model. We simulate and examine load-price data under different levels of DSM participation with three types of additive attacks: ramp, sudden, and point attacks. We apply change point and supervised learning methods for detection of DSM attacks. Results conclude that while higher levels of DSM participation can exacerbate attacks they also lead to better detection of such attacks. Further analysis of results shows that point attacks are the hardest to detect and supervised learning methods produce results on par or better than sequential detectors.

Signal Processing,Machine Learning

Xu Wan,Lanting Zeng,Mingyang Sun

DOI: https://doi.org/10.24963/ijcai.2022/549

2022-01-01

Abstract:Decarbonization of global power systems significantly increases the operational uncertainty and modeling complexity that drive the necessity of widely exploiting cutting-edge Deep Reinforcement Learning (DRL) technologies to realize adaptive and real-time emergency control, which is the last resort for system stability and resiliency. The vulnerability of the DRL-based emergency control scheme may lead to severe real-world security issues if it can not be fully explored before implementing it practically. To this end, this is the first work that comprehensively investigates adversarial attacks and defense mechanisms for DRL-based power system emergency control. In particular, recovery-targeted (RT) adversarial attacks are designed for gradient-based approaches, aiming to dramatically degrade the effectiveness of the conducted emergency control actions to prevent the system from restoring to a stable state. Furthermore, the corresponding robust defense (RD) mechanisms are proposed to actively modify the observations based on the distances of sequential states. Experiments are conducted based on the standard IEEE reliability test system, and the results show that security risks indeed exist in the state-of-the-art DRL-based power system emergency control models. The effectiveness, stealthiness, instantaneity, and transferability of the proposed attacks and defense mechanisms are demonstrated with both white-box and black-box settings.

Zhongwei Li,Yang Liu,Peng Qiu,Hao Yin,Weizhong Xu,Mingyang Sun

DOI: https://doi.org/10.1049/enc2.12086

2023-01-01

Energy Conversion and Economics

Abstract:Abstract With the increase in inverter‐based renewable energy resources, the complexity and uncertainty of low‐carbon power systems have increased significantly. Deep reinforcement learning (DRL)–based approaches have been extensively studied for frequency control to overcome the limitations of traditional model‐based approaches. The goal of DRL‐based methods for primary frequency control is to minimise load shedding while satisfying frequency safety requirements, thereby reducing control costs. However, the vulnerabilities of DRL models pose new security threats to power systems. These threats have not been identified and addressed in the existing literature. Therefore, in this paper, a series of vulnerability assessment methods are proposed for DRL‐based frequency control with a focus on the under‐frequency load shedding (UFLS) problem. Three adversarial sample production methods are designed with different optimisation directions: Q‐value‐based FGSM (Q‐FGSM), action‐based JSMA (A‐JSMA), and state‐action‐based CW (SA‐CW). Furthermore, combining the advantages of the above three attack methods, a hybrid adversarial attack algorithm is designed, Q‐value‐state‐action‐based mix (QSA‐MIX), to significantly affect the decision process of the DRL model. In case studies of the IEEE39 bus system, the proposed attack methods had a severe impact on system operation and control. In particular, the high attack transferability of the proposed attack algorithms in a black‐box setting provides further evidence that the vulnerability of current DRL‐based control schemes is prevalent.

Zhenyong Zhang,Ke Zuo,Ruilong Deng,Fei Teng,Mingyang Sun

DOI: https://doi.org/10.1109/jiot.2023.3264492

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Machine learning-based intelligent systems enhanced with Internet of Things (IoT) technologies have been widely developed and exploited to enable the real-time stability assessment of a large-scale electricity grid. However, it has been extensively recognized that the IoT-enabled communication network of power systems is vulnerable to cyberattacks. In particular, system operating states, critical attributes that act as input to the data-driven stability assessment, can be manipulated by malicious actors to mislead the system operator into making disastrous decisions and thus cause major blackouts and cascading events. In this article, we explore the vulnerability of the data-driven power system stability assessment, with a special emphasis on decision tree-based stability assessment (DTSA) approaches, and investigate the feasibility of constructing a physics-constrained adversarial attack (PCAA) to undermine the DTSA. The PCAA is formulated as a nonlinear programming problem considering the misclassification constraint, power limits, and bad data detection, computing potential adversarial perturbations that reverse the “stable/unstable” prediction of the real-time input while remaining invisible/stealthy. Extensive experiments based on the IEEE 68-bus system are conducted to evaluate the impact of PCAAs on predictions of DTSA and their transferability.

Jiawei Li,Jianxiao Wang,Lin Chen,Yang Yu

DOI: https://doi.org/10.1109/pesgm48719.2022.9917139

2022-01-01

Abstract:Adversarial attacks on data-driven algorithms applied in power system will be a new type of threat on grid security. Literature has demonstrated the adversarial attack on deep-neural network can significantly misleading the load forecast of a power system. However, it is unclear how the new type of attack impact on the operation of grid system. In this research, we point out that adversarial attacks on the algorithms are distinct from traditional attacks. Rather than causing system collapse, the adversarial attacks camouflaged as normal forecast bias and thus is able to continuously cause the economic loss in a system. We manifest that the adversarial algorithm attack induces a significant cost-increase risk which will be exacerbated by the growing penetration of intermittent renewable energy. In Texas, a 5% adversarial attack can increase the total generation cost by 17% in a quarter, which account for around $\$ 2\times 10^{7}$ . When wind-energy penetration increases to over 40%, the 5% adversarial attack will inflate the generation cost by 23%. Our research discovers a novel approach of defending against the adversarial attack: investing on energy-storage system. All current literature focuses on developing algorithm to defending against adversarial attack. We are the first research revealing the capability of using facility in physical system to defending against the adversarial algorithm attack in a system of Internet of Thing, such as smart grid system.

Wangkun Xu,Fei Teng

DOI: https://doi.org/10.48550/arXiv.2301.01832

IF: 5.414

2023-01-04

Machine Learning

Abstract:The forecast of electrical loads is essential for the planning and operation of the power system. Recently, advances in deep learning have enabled more accurate forecasts. However, deep neural networks are prone to adversarial attacks. Although most of the literature focuses on integrity-based attacks, this paper proposes availability-based adversarial attacks, which can be more easily implemented by attackers. For each forecast instance, the availability attack position is optimally solved by mixed-integer reformulation of the artificial neural network. To tackle this attack, an adversarial training algorithm is proposed. In simulation, a realistic load forecasting dataset is considered and the attack performance is compared to the integrity-based attack. Meanwhile, the adversarial training algorithm is shown to significantly improve robustness against availability attacks. All codes are available at https://github.com/xuwkk/AAA_Load_Forecast.

Moein Sabounchi,Jin Wei-Kocsis

DOI: https://doi.org/10.48550/arXiv.2109.06358

2021-09-14

Abstract:Due to the advances in computing and sensing, deep learning (DL) has widely been applied in smart energy systems (SESs). These DL-based solutions have proved their potentials in improving the effectiveness and adaptiveness of the control systems. However, in recent years, increasing evidence shows that DL techniques can be manipulated by adversarial attacks with carefully-crafted perturbations. Adversarial attacks have been studied in computer vision and natural language processing. However, there is very limited work focusing on the adversarial attack deployment and mitigation in energy systems. In this regard, to better prepare the SESs against potential adversarial attacks, we propose an innovative adversarial attack model that can practically compromise dynamical controls of energy system. We also optimize the deployment of the proposed adversarial attack model by employing deep reinforcement learning (RL) techniques. In this paper, we present our first-stage work in this direction. In simulation section, we evaluate the performance of our proposed adversarial attack model using standard IEEE 9-bus system.

Machine Learning,Systems and Control

Chensheng Liu,Hongcheng Zhu,Min Zhou,Ruilong Deng,Yang Tang,Wenli Du

DOI: https://doi.org/10.1109/icps58381.2023.10127987

IF: 10.275

2024-01-01

IEEE Transactions on Smart Grid

Abstract:With the increasing integration of distributed energy resources (DER) and corresponding fluctuations, phase shifting transformers (PSTs) have been considered as important electrical components to increase transmission capacity by integrating PST with optimal power flow (OPF). However, due to vulnerabilities of supervisory control and data acquisition (SCADA) systems, applications in power systems may be subject to various cyber-attacks. In this paper, we discuss the feasibility of load redistri-bution (LR) attacks against OPF with PST, and quantitatively evaluate the effect of LR attacks on power systems. Specifically, the interaction between LR attacker and OPF with PST is formulated as a Stackelberg game, where the attacker and power system, acting as the leader and follower, attempt to maximize and minimize the operation cost of power system, respectively. By replacing the lower OPF optimization with its Karush-Kuhn-Tucker (KKT) condition, the Stackelberg game is simplified into a single-level mixed integer programming, which can be easily solved. Simulations in the PJM 5-bus, IEEE 14-bus and IEEE 30-bus test systems verify the feasibility of LR attacks and quantitatively evaluate the effect of LR attacks on the operation cost of power systems.

Samrat Acharya,Yury Dvorkin,Ramesh Karri

DOI: https://doi.org/10.1109/TSG.2021.3067896

2023-07-28

Abstract:Power utilities are adopting Automated Demand Response (ADR) to replace the costly fuel-fired generators and to preempt congestion during peak electricity demand. Similarly, third-party Demand Response (DR) aggregators are leveraging controllable small-scale electrical loads to provide on-demand grid support services to the utilities. Some aggregators and utilities have started employing Artificial Intelligence (AI) to learn the energy usage patterns of electricity consumers and use this knowledge to design optimal DR incentives. Such AI frameworks use open communication channels between the utility/aggregator and the DR customers, which are vulnerable to \textit{causative} data integrity cyberattacks. This paper explores vulnerabilities of AI-based DR learning and designs a data-driven attack strategy informed by DR data collected from the New York University (NYU) campus buildings. The case study demonstrates the feasibility and effects of maliciously tampering with (i) real-time DR incentives, (ii) DR event data sent to DR customers, and (iii) responses of DR customers to the DR incentives.

Systems and Control,Cryptography and Security,Machine Learning

Jiaqi Ruan,Qihan Wang,Sicheng Chen,Hanrui Lyu,Gaoqi Liang,Junhua Zhao,Zhao Yang Dong

DOI: https://doi.org/10.1109/tii.2023.3313526

IF: 12.3

2023-01-01

IEEE Transactions on Industrial Informatics

Abstract:Developing the deep learning (DL) technique is a promising way to improve renewable energy forecasting accuracy and offset the negative impacts of renewable energy on the power system. However, the application of the DL technique brings novel cyberthreats to the renewable energy forecast, and its cybersecurity has not received enough attention in previous literatures. To fill the gap, the vulnerability of renewable energy forecasting is, among the first, studied in-depth in this article. First, a novel cyberattack named adversarial learning attack (ALA) is proposed. The ALA is achieved by tampering with the meteorological data obtained by online weather forecasts from external application programming interfaces to undermine the renewable energy forecasting performance, which jeopardizes the power system operation. Then, an iterative algorithm is proposed to solve the ALA-based optimization problem. As the DL model is involved as optimization constraints, the optimization problem is nonconvex and NP-hard, which is unable to be solved by traditional approaches. The proposed algorithm utilizes the proximal gradient descent principle and is effective in iteratively exploring the near-optimal solution. At last, the impact of the ALA strategy on the power system operation is assessed, which considers the economic loss incurred and the potential hazards. The feasibility and efficacy of the ALA strategy are validated by conducting comprehensive and extensive experiments on the IEEE 30-bus benchmarks. The simulation results reveal that the ALA is able to impose severe economic losses on the operation and even induces disastrous hazards, such as power system collapse.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Eirini Anthi,Lowri Williams,Matilda Rhode,Pete Burnap,Adam Wedgbury

DOI: https://doi.org/10.48550/arXiv.2004.05005

2020-04-10

Abstract:The proliferation and application of machine learning based Intrusion Detection Systems (IDS) have allowed for more flexibility and efficiency in the automated detection of cyber attacks in Industrial Control Systems (ICS). However, the introduction of such IDSs has also created an additional attack vector; the learning models may also be subject to cyber attacks, otherwise referred to as Adversarial Machine Learning (AML). Such attacks may have severe consequences in ICS systems, as adversaries could potentially bypass the IDS. This could lead to delayed attack detection which may result in infrastructure damages, financial loss, and even loss of life. This paper explores how adversarial learning can be used to target supervised models by generating adversarial samples using the Jacobian-based Saliency Map attack and exploring classification behaviours. The analysis also includes the exploration of how such samples can support the robustness of supervised models using adversarial training. An authentic power system dataset was used to support the experiments presented herein. Overall, the classification performance of two widely used classifiers, Random Forest and J48, decreased by 16 and 20 percentage points when adversarial samples were present. Their performances improved following adversarial training, demonstrating their robustness towards such attacks.

Machine Learning,Cryptography and Security,Signal Processing

Matthias Pilz,Luluwah Al-Fagih

DOI: https://doi.org/10.48550/arXiv.1802.00355

2018-07-23

Abstract:Smart metering infrastructure allows for two-way communication and power transfer. Based on this promising technology, we propose a demand-side management (DSM) scheme for a residential neighbourhood of prosumers. Its core is a discrete time dynamic game to schedule individually owned home energy storage. The system model includes an advanced battery model, local generation of renewable energy, and forecasting errors for demand and generation. We derive a closed-form solution for the best-response problem of a player and construct an iterative algorithm to solve the game. Empirical analysis shows exponential convergence towards the Nash equilibrium. A comparison to a DSM scheme with a static game, reveals the advantages of the dynamic game approach. We provide an extensive analysis on the influence of the forecasting error on the outcome of the game. A key result demonstrates that our approach is robust even in the worst-case scenario. This grants considerable gains for the utility company organising the DSM scheme and its participants.

Computer Science and Game Theory

Anjana B.,Suman Maiti,Sunandan Adhikary,Soumyajit Dey,Ashish R. Hota

2024-11-21

Abstract:Smart grids are designed to efficiently handle variable power demands, especially for large loads, by real-time monitoring, distributed generation and distribution of electricity. However, the grid's distributed nature and the internet connectivity of large loads like Heating Ventilation, and Air Conditioning (HVAC) systems introduce vulnerabilities in the system that cyber-attackers can exploit, potentially leading to grid instability and blackouts. Traditional protection strategies, primarily designed to handle transmission line faults are often inadequate against such threats, emphasising the need for enhanced grid security. In this work, we propose a Deep Reinforcement Learning (DRL)-based protection system that learns to differentiate any stealthy load alterations from normal grid operations and adaptively adjusts activation thresholds of the protection schemes. We train this adaptive protection scheme against an optimal and stealthy load alteration attack model that manipulates the power demands of HVACs at the most unstable grid buses to induce blackouts. We theoretically prove that the adaptive protection system trained in this competitive game setting can effectively mitigate any stealthy load alteration-based attack. To corroborate this, we also demonstrate the method's success in several real-world grid scenarios by implementing it in a hardware-in-loop setup.

Systems and Control,Cryptography and Security,Computer Science and Game Theory

Jingshi Cui,Haoxiang Wang,Chenye Wu,Yang Yu

DOI: https://doi.org/10.48550/arXiv.1911.07453

2019-11-18

Abstract:Data analytics and machine learning techniques are being rapidly adopted into the power system, including power system control as well as electricity market design. In this paper, from an adversarial machine learning point of view, we examine the vulnerability of data-driven electricity market design. More precisely, we follow the idea that consumer's load profile should uniquely determine its electricity rate, which yields a clustering oriented pricing scheme. We first identify the strategic behaviors of malicious users by defining a notion of disguising. Based on this notion, we characterize the sensitivity zones to evaluate the percentage of malicious users in each cluster. Based on a thorough cost benefit analysis, we conclude with the vulnerability analysis.

Machine Learning,Signal Processing,Systems and Control

Kang Yan,Xuan Liu,Yidan Lu,Zongchao Yu

DOI: https://doi.org/10.1109/jiot.2022.3222304

IF: 10.6

2023-03-11

IEEE Internet of Things Journal

Abstract:More and more thermostatic loads in power systems are transformed into thermostatically controlled loads (TCLs) through the heterogeneous Internet of Things (IoT) devices. The proportion of TCLs exposed to the Internet has also further increased. Considering TCLs' response characteristics and the network security vulnerability of their associated IoT devices, it is possible to form a new threat to power systems, manipulation of demand (MAD) attacks. In this article, we reveal a potential attack scenario of this threat in the electricity market and propose a highly concealable and destructive cross-domain MAD attack strategy based on compromised TCLs, causing a tremendous economic loss for the power retailer (PR) and end-use consumers (EUCs). Finally, the effectiveness of the proposed MAD attack strategy is verified by simulation cases, highlighting the endanger of large-scale compromised TCLs in power systems and the importance of their associated IoT devices' network security.

computer science, information systems,telecommunications,engineering, electrical & electronic

Pooja Krishan,Rohan Mohapatra,Saptarshi Sengupta

2024-08-27

Abstract:The emergence of deep learning models has revolutionized various industries over the last decade, leading to a surge in connected devices and infrastructures. However, these models can be tricked into making incorrect predictions with high confidence, leading to disastrous failures and security concerns. To this end, we explore the impact of adversarial attacks on multivariate time-series forecasting and investigate methods to counter them. Specifically, we employ untargeted white-box attacks, namely the Fast Gradient Sign Method (FGSM) and the Basic Iterative Method (BIM), to poison the inputs to the training process, effectively misleading the model. We also illustrate the subtle modifications to the inputs after the attack, which makes detecting the attack using the naked eye quite difficult. Having demonstrated the feasibility of these attacks, we develop robust models through adversarial training and model hardening. We are among the first to showcase the transferability of these attacks and defenses by extrapolating our work from the benchmark electricity data to a larger, 10-year real-world data used for predicting the time-to-failure of hard disks. Our experimental results confirm that the attacks and defenses achieve the desired security thresholds, leading to a 72.41% and 94.81% decrease in RMSE for the electricity and hard disk datasets respectively after implementing the adversarial defenses.

Machine Learning,Artificial Intelligence,Cryptography and Security,Performance

Yize Chen,Yushi Tan,Deepjyoti Deka

DOI: https://doi.org/10.48550/arXiv.1808.08197

2018-08-27

Abstract:Recent advances in Machine Learning(ML) have led to its broad adoption in a series of power system applications, ranging from meter data analytics, renewable/load/price forecasting to grid security assessment. Although these data-driven methods yield state-of-the-art performances in many tasks, the robustness and security of applying such algorithms in modern power grids have not been discussed. In this paper, we attempt to address the issues regarding the security of ML applications in power systems. We first show that most of the current ML algorithms proposed in power systems are vulnerable to adversarial examples, which are maliciously crafted input data. We then adopt and extend a simple yet efficient algorithm for finding subtle perturbations, which could be used for generating adversaries for both categorical(e.g., user load profile classification) and sequential applications(e.g., renewables generation forecasting). Case studies on classification of power quality disturbances and forecast of building loads demonstrate the vulnerabilities of current ML algorithms in power networks under our adversarial designs. These vulnerabilities call for design of robust and secure ML algorithms for real world applications.

Systems and Control