Ruilong Deng,Hao Liang

DOI: https://doi.org/10.1109/TII.2018.2863256

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:In this paper, we consider false data injection (FDI) attacks with limited information of transmission-line susceptances and new countermeasures in smart grids. First, we prove that the adversary could launch FDI attacks to modify the state variable on a bus or superbus only if he/she knows the susceptance of every transmission line that is incident to that bus or superbus. Based on this observation, we provide a new countermeasure against FDI attacks, i.e., to make the susceptances of <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n-1$</tex-math></inline-formula> interconnected transmission lines that cover all buses unknown to the adversary (e.g., by proactively perturbing transmission-line susceptances through distributed flexible AC transmission system (D-FACTS) devices), where <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n$</tex-math></inline-formula> is the total number of buses. This new countermeasure can work alone or in conjunction with traditional ones to reduce the number of meter measurements/state variables that are to be secured against FDI attacks. The implementation of FDI attacks with limited susceptance information and the effectiveness of new countermeasures are demonstrated by using an illustrative 4-bus power system and the IEEE 9-bus, 14-bus, 30-bus, 118-bus, and 300-bus test power systems.

Peng Zhuang,Ruilong Deng,Hao Liang

DOI: https://doi.org/10.1109/tsg.2019.2895306

2020-01-01

Abstract:In power transmission systems, the false data injection (FDI) attacks against state estimation (SE) have been well studied. However, due to the unique features of power distribution systems including: the low x/r ratio, existence of one-and/or two-phase branches, unbalanced load distributions, and unsymmetrical line parameters; the research on FDI attacks against distribution system SE (DSSE) is still open. In this paper, we investigate the vulnerability of DSSE to FDI attacks. In particular, we first propose a local state-based linear DSSE for multiphase and unbalanced smart distribution systems, which can facilitate the construction of FDI attacks numerically with the least information of system states. Then, the construction of three-phase coupled FDI attacks is introduced. The consideration of the coupling among phases by the three-phase coupled FDI attacks may require the modification of a large number of measurements by the attackers. To reduce the number of required measurements, the perfect three-phase decoupled FDI attacks, which consider the weak couplings among phases, is investigated. The probabilities of successful three-phase decoupled FDI attacks in strongly three-phase coupled systems are also derived numerically. The performance of the proposed FDI attacks against DSSE is evaluated based on IEEE test feeders. The case study results indicate the feasibility of the FDI attacks against DSSE in practical multiphase and unbalanced smart distribution systems. Future research directions including potential countermeasures are also highlighted.

Ruilong Deng,Gaoxi Xiao,Rongxing Lu

DOI: https://doi.org/10.1109/tii.2015.2470218

IF: 12.3

2017-01-01

IEEE Transactions on Industrial Informatics

Abstract:This paper investigates the problem of defending against false data injection (FDI) attacks on power system state estimation. Although many research works have been previously reported on addressing the same problem, most of them made a very strong assumption that some meter measurements can be absolutely protected. To address the problem practically, a reasonable approach is to assume whether or not a meter measurement could be compromised by an adversary does depend on the defense budget deployed by the defender on the meter. From this perspective, our contributions focus on designing the least-budget defense strategy to protect power systems against FDI attacks. In addition, we also extend to investigate choosing which meters to be protected and determining how much defense budget to be deployed on each of these meters. We further formulate the meter selection problem as a mixed integer nonlinear programming problem, which can be efficiently tackled by Benders' decomposition. Finally, extensive simulations are conducted on IEEE test power systems to demonstrate the advantages of the proposed approach in terms of computing time and solution quality, especially for large-scale power systems.

Jichao Bi,Fengji Luo,Gaoqi Liang,Xiaofan Yang,Shibo He,Zhao Yang Dong

DOI: https://doi.org/10.1109/TNSE.2022.3197682

IF: 6.6

2023-01-01

IEEE Transactions on Network Science and Engineering

Abstract:Cyber-physical security has been becoming an important issue for many critical infrastructures in human society, including electrical power grids. This paper proposes an impact assessment framework for smart grids suffering false data injection attack against smart meters. Firstly, the propagation model of malicious false data codes in smart meter communication networks is established. Based on this, a security-constrained economic dispatch model is formulated to assess how false data codes would mislead the grid operator's actions. A defense strategy is proposed, which enhances the grid's vulnerability through effectively deploying defense resources in smart meter networks. Extensive numerical simulations are conducted to evaluate the impact of different attack scenarios as well as the effectiveness of the defense strategy.

Ruilong Deng,Gaoxi Xiao,Rongxing Lu,Hao Liang,Athanasios V. Vasilakos

DOI: https://doi.org/10.1109/tii.2016.2614396

IF: 12.3

2017-01-01

IEEE Transactions on Industrial Informatics

Abstract:The accurately estimated state is of great importance for maintaining a stable running condition of power systems. To maintain the accuracy of the estimated state, bad data detection (BDD) is utilized by power systems to get rid of erroneous measurements due to meter failures or outside attacks. However, false data injection (FDI) attacks, as recently revealed, can circumvent BDD and insert any bias into the value of the estimated state. Continuous works on constructing and/or protecting power systems from such attacks have been done in recent years. This survey comprehensively overviews three major aspects: constructing FDI attacks; impacts of FDI attacks on electricity market; and defending against FDI attacks. Specifically, we first explore the problem of constructing FDI attacks, and further show their associated impacts on electricity market operations, from the adversary's point of view. Then, from the perspective of the system operator, we present countermeasures against FDI attacks. We also outline the future research directions and potential challenges based on the above overview, in the context of FDI attacks, impacts, and defense.

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tcsii.2022.3181827

2022-01-01

Abstract:In cyber-physical power systems (CPPSs), false data injection attack (FDIA) has drawn much attention due to its stealthiness. It is of great importance to investigate the potential behaviors of attackers to improve the cyber-security of CPPSs. However, most FDIA models are often constructed separately on the effect of attackers or the impact of attacks. Accordingly, this brief proposes a multi-objective stealthy FDIA scheme in AC grid model. The attack model is described as a multi-objective optimization problem, where minimization of contaminated measurements and maximization of the attack impact are considered as two objectives while remaining stealthy. To deal with the established attack model, a non-dominated sorting genetic algorithm II (NSGAII) is introduced as the solver. To improve the efficiency of generating attack vector, a new representation mechanism is proposed to describe locations and values of injected states. Additionally, during the evolutionary process, we propose a mutation operation to balance the sparsity and impact of FDIA. Simulation results on the IEEE 14-bus, 30-bus, and 118-bus systems demonstrate the feasibility of the NSGAII-based FDIA model.

Jichao Bi,Shibo He,Fengji Luo,Jiming Chen,Da -Wen Huang,Mingyang Sun

DOI: https://doi.org/10.1109/trustcom56396.2022.00024

2022-01-01

Abstract:Backboned by smart meter networks, Advanced Metering Infrastructures (AMIs) play a critical role in smart grids. This paper studies a new False Data Injection Attack (FDIA) scenario targeting AMIs, in which the attacker injects and propagates computer worms (i.e., false data codes) to maliciously increase the readings of networked smart meters and create economic loss to the end customers. This paper establishes the false data code propagation and attack models in such a scenario; based on this, this paper proposes a differential game model for describing the attack and defense process for FDIA against AMIs. A computationally efficient algorithm is developed to solve the proposed differential model and obtain the potential Nash equilibrium (NE) strategy pair. Extensive numerical simulations are conducted to validate the effectiveness of the proposed method under different energy tariff structures.

Kang-Di Lu,Zheng-Guang Wu,Tingwen Huang

DOI: https://doi.org/10.1109/tmech.2022.3214314

2023-01-01

Abstract:With the rapid development of communication, control, and computer technology, traditional power systems have evolved into cyber-physical power system (CPPS). However, CPPS not only affords convenience but also introduces more cyber-attacks. Among many types of cyber-attacks, false data injection attacks (FDIAs) have drawn much attention in the CPPS security domain due to their stealthiness. Most FDIAs are based on the static model on a single snapshot and often ignore the reality of dynamically time-evolving CPPS. Accordingly, this article proposes a novel three-stage dynamic false data injection attack (DFDIA) model in CPPS by considering potential dynamic behaviors. To consider both attack location and attack amplitude, the designing DFDIA is formulated as two constrained single-objective optimization problems. Two versions of constrained differential evolution are presented as the solver to determine the attack location and optimize the attack vector for collaboratively altering the meter measurements. Then, an interval state forecasting-based countermeasure is proposed to detect the established DFDIA. In this detector, the variation bounds of state values are determined via ensemble deep learning-based state forecasting method. Finally, extensive simulation results on several IEEE bus systems demonstrate the feasibility of DFDIA and the effectiveness of the defense mechanism.

Chao Jin,Zhejing Bao,Miao Yu,Jifeng Zheng,ChuanSha

DOI: https://doi.org/10.1109/pesgm46819.2021.9638198

2021-01-01

Abstract:The influence of joint attack, combing cyber topology attack with false data injection attack (FDIA), on electricity market is studied. A tri-level model is developed to ensure a successful attack with the maximal economic impact even in the worst scenario of load and wind power. The lower-level simulates the security constrained economic dispatch (SCED). The middle-level considers the worst-case load and wind power fluctuation. The upper-level mimics the attacking behavior optimization constrained by attack feasibility. The lower-level model is added into the mid-level as KKT optimality conditions using Lagrange multipliers, then the lower- and mid-levels are transformed into a single-level optimization. An improved natural aggregation algorithm is applied in the upper-level. Simulations can verify the proposed joint attack strategy and show the robustness improvement over the model without considering uncertainties.

Feiyang Hong,Zhejing Bao,Miao You

DOI: https://doi.org/10.1109/CCDC52312.2021.9601681

2021-01-01

Abstract:Recent studies show that the cyber-attacks such as false data injection attack (FDIA) are capable of severely threatening power system security, in such a way that the undetected errors are introduced into the states estimations by evading the conventional bad data detection (BDD) methods. This paper proposes a tri-level optimization model against the FDIA by formulating the attack actions and identifying the optimal defense strategies constrained by the limited resources. In the lower level, an economic dispatching is implemented to seek the operational strategy aiming at minimizing the operating costs under the given attack. The middle level formulates the behaviors of the attacker to discover the most destructive attack strategy intended by the attacker based on the defense strategy determined by the upper level. The upper level represents the actions of the planner and determines the optimal defense allocation on the measuring meters. The min-max-min tri-level model can be solved by the column-and-constraint generation (C&CG) algorithm. Simulations are implemented to identify the components which should be protected under the limited defense resources and severe attacks.

Beibei Li,Gaoxi Xiao,Rongxing Lu,Ruilong Deng,Haiyong Bao

DOI: https://doi.org/10.1109/tii.2019.2922215

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:Recent studies have investigated the possibilities of proactively detecting the high-profile false data injection (FDI) attacks on power grid state estimation by using the distributed flexible ac transmission system (D-FACTS) devices, termed as proactive false data detection (PFDD) approach. However, the feasibility and limitations of such an approach have not been systematically studied in the existing literature. In this paper, we explore the feasibility and limitations of adopting the PFDD approach to thwart FDI attacks on power grid state estimation. Specifically, we thoroughly study the feasibility of using PFDD to detect FDI attacks by considering single-bus, uncoordinated multiple-bus, and coordinated multiple-bus FDI attacks, respectively. We prove that PFDD can detect all these three types of FDI attacks targeted on buses or super-buses with degrees larger than 1, if and only if the deployment of D-FACTS devices covers branches at least containing a spanning tree of the grid graph. The minimum efforts required for activating D-FACTS devices to detect each type of FDI attacks are, respectively, evaluated. In addition, we also discuss the limitations of this approach; it is strictly proved that PFDD is not able to detect FDI attacks targeted on buses or super-buses with degrees equalling 1.

Ruilong Deng,Peng Zhuang,Hao Liang

DOI: https://doi.org/10.1109/tsg.2018.2813280

IF: 10.275

2019-01-01

IEEE Transactions on Smart Grid

Abstract:The existing research on false data injection (FDI) attacks against state estimation in transmission systems cannot be trivially extended to distribution feeders. The main reason is that a strong condition that requires the attacker to know the estimated state of distribution systems is needed, which makes the traditional FDI attacks difficult to be implemented in practice. In this paper, we propose a practical FDI attack model against state estimation in distribution systems, without paying expensive cost for obtaining the system state. We show that the attacker can approximate the system state based on power flow or injection measurements without too much effort. For local FDI attacks, the strong condition can be further relaxed to the knowledge of local state, which can be approximated based on a small number of power flow or injection measurements. Simulation results based on the IEEE test feeder demonstrate that the proposed practical FDI attack, even with the approximated system state, is more likely to compromise the state estimation without being detected, in comparison with the traditional attacks. This paper provides a basis to study the attack behaviors in distribution systems and a theoretical guide to develop protective countermeasures.

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tii.2021.3129487

IF: 12.3

2022-01-01

IEEE Transactions on Industrial Informatics

Abstract:As the next-generation power grids, smart grids are integrated with advanced information and communication technology (ICT) to make the grid more efficient and stable than conventional power systems. Given the mounting cyber-attack threats, these critical ICT systems create great security issues for smart grids. Additionally, the clever attackers have the ability to not only access and monitor the smart grid, but also hack it by launching well-established cyber-attacks. Thus, this article is devoted to understanding the potential stealthy cyber-attack and its countermeasure. First, this article proposes a stealthy sparse cyber-attack model in an ac smart grid by considering both the residual test-based detector and the interval-state-estimation-based detector, which is not considered in previous studies. The design model is formulated as a constrained optimization problem by minimizing the number of contaminated meters, where the characteristics of two types of detector are considered simultaneously as the constraints for the first time. A constrained differential evolution (CDE) is proposed as the solver because the optimization problem is NP-hard. Then, a generalized-cumulative-sum-based detector is developed to detect the proposed cyber-attacks, where a fractional-order state transition matrix is originally introduced into the estimator to describe the dynamics of the power system. Numerical studies illustrate the feasibility of CDE-based stealthy sparse cyber-attacks and the effectiveness of the proposed countermeasure.

Poornachandratejasvi Laxman Bhattar,Naran M Pindoriya

DOI: https://doi.org/10.1016/j.cose.2024.103761

IF: 5.105

2024-02-15

Computers & Security

Abstract:With the proliferation of information and communication technology (ICT), the smart grid is critically vulnerable to cyber-attacks such as false data injection (FDI), denial-of-service, and data spoofing. The cyber-attackers defunctionalize critical operations of the smart grid by compromising the ICT. The decisions for the critical operation of the smart grid are processed with a state estimator, and ICT makes the state estimator vulnerable to FDI attacks. Hence, vulnerability analysis of the state estimator needs to be investigated for potential FDI attacks to protect it from future cyber-attacks. This work proposes the FDI attack vector construction without the knowledge of bad data detection (BDD) threshold on linear and non-linear state estimators using max-min optimization considering the partial network information. The optimization problem is formulated from the attacker's perspective to target the manipulation of measurements in the attack zone so as to increase the generation cost. The equivalent power injection model is developed for the attack zone to construct the deceptive attacks using DC and AC power flow models. The effectiveness of the proposed framework has been tested on 5 bus PJM network, modified IEEE 30 bus, IEEE 57 bus, and IEEE 118 bus system. The proposed framework is compared with existing state-of-art methods (viz., linear attack policy, non-linear attack policy, load redistribution attack, and line flow attack) to assess its efficacy. It is observed that the developed FDI attack vector successfully bypasses the bad data detectors such as the chi-square test, largest normalized residue, and l2 detector that is normally used by the system operator. Moreover, the study compares and discusses the impact of FDI attacks on the estimated state variables obtained with state estimators and, thereby, the generation cost calculated with the DC & AC optimal power flow tool

computer science, information systems

Le Xie,Yilin Mo,Bruno Sinopoli

DOI: https://doi.org/10.1109/smartgrid.2010.5622048

2010-01-01

Abstract:We present a potential class of cyber attack, named false data injection attack, against the state estimation in deregulated electricity markets. With the knowledge of the system configuration, we show that such attacks will circumvent the bad data measurement detection equipped in present SCADA systems, and lead to profitable financial misconduct such as virtual bidding the ex-post locational marginal price (LMP). We demonstrate the potential attacks on an IEEE 14-bus system.

Beibei Li,Rongxing Lu,Gaoxi Xiao,Tao Li,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1109/tpwrs.2021.3127353

IF: 7.326

2022-07-01

IEEE Transactions on Power Systems

Abstract:The integration of phasor measurement units (PMUs) and phasor data concentrators (PDCs) in smart grids may be exploited by attackers to initiate new and sophisticated false data injection (FDI) attacks. Existing FDI attack mitigation approaches are generally less effective against sophisticated FDI attacks, such as collusive false data injection (CFDI) attacks launched by compromised PDCs (and PMUs) as we demonstrate in this paper. Thus, we propose a secure and resilience-enhanced scheme (SeCDM) to detect and mitigate such cyber threats in smart grids. Specifically, we design a decentralized homomorphic computation paradigm along with a hierarchical knowledge sharing algorithm to facilitate secure ciphertext calculation of state estimation residuals. Following this, a centralized FDI detector is implemented to detect FDI attacks. Findings from the security analysis demonstrate our approach achieves enhanced conventional FDI and CFDI attack resilience, and findings from our performance evaluations on the standard IEEE 14-, 24-, and 39-bus power systems also show that the communication overheads and computational complexity are reasonably low.

engineering, electrical & electronic

z zhang,y tian,r deng,j ma

DOI: https://doi.org/10.1109/JIOT.2022.3161790

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:The smart grid (SG), as one of the largest evolutionary critical infrastructures, witnesses the deep integration of electricity facilities and Internet of Things (IoT). But recent events show that the vulnerabilities exposed in IoT devices can be exploited by adversaries to construct the cyberattacks on SG. To address this threat, plenty of countermeasures have been proposed to enhance the SG’s security. However, the additional costs introduced by some countermeasures make the utilities hesitate to implement them practically. To alleviate this concern, in this article, we propose a double-benefit moving target defense (dB-MTD) to protect the SG from cyber–physical attacks (CPAs) and also gain generation-cost benefits. The dB-MTD enables the prevention of stealthy CPAs on the transmission lines by perturbing the reactances with the distributed flexible AC transmission system (D-FACTS). To reduce the infrastructure cost, we minimize the number of required D-FACTS devices for a specific protection goal. Although it needs investment on D-FACTS, we find that the utility can make profits from the generation costs by appropriately setting the reactance perturbations. Therefore, we formulate an optimization problem to compute the optimal reactance perturbations to maximize the generation-cost benefits, without sacrificing the protection performance of dB-MTD. Finally, using the real-world load profiles, we conduct extensive simulations to evaluate the impact of CPA on the system operation and the benefits obtained by the dB-MTD from the aspects of the D-FACTS deployment and the generation-cost profits.

J. Lavaei,Ming Jin,K. Johansson

DOI: https://doi.org/10.1109/TAC.2018.2852774

IF: 6.549

2019-05-01

IEEE Transactions on Automatic Control

Abstract:To ensure grid efficiency and reliability, power system operators continuously monitor the operational characteristics of the grid through a critical process called state estimation (SE), which performs the task by filtering and fusing various measurements collected from grid sensors. This study analyzes the vulnerability of the key operation module, namely ac-based SE, against potential cyber attacks on data integrity, also known as false data injection attack (FDIA). A general form of FDIA can be formulated as an optimization problem, whose objective is to find a stealthy and sparse data injection vector on the sensor measurements with the aim of making the state estimate spurious and misleading. Due to the nonlinear ac measurement model and the cardinality constraint, the problem includes both continuous and discrete nonlinearities. To solve the FDIA problem efficiently, we propose a novel convexification framework based on semidefinite programming (SDP). By analyzing a globally optimal SDP solution, we delineate the “attackable region” for any given set of measurement types and grid topology, where the spurious state can be falsified by FDIA. Furthermore, we prove that the attack is stealthy and sparse, and derive performance bounds. Simulation results on various IEEE test cases indicate the efficacy of the proposed convexification approach. From the grid protection point of view, the results of this study can be used to design a security metric for the current practice against cyber attacks, redesign the bad data detection scheme, and inform proposals of grid hardening. From a theoretical point of view, the proposed framework can be used for other nonconvex problems in power systems and beyond.

Environmental Science,Engineering,Computer Science

Dai Wang,Xiaohong Guan,Ting Liu,Yun Gu,Chao Shen,Zhanbo Xu

DOI: https://doi.org/10.3390/en7031517

IF: 3.2

2014-01-01

Energies

Abstract:False data injection (FDI) is considered to be one of the most dangerous cyber-attacks in smart grids, as it may lead to energy theft from end users, false dispatch in the distribution process, and device breakdown during power generation. In this paper, a novel kind of FDI attack, named tolerable false data injection (TFDI), is constructed. Such attacks exploit the traditional detector's tolerance of observation errors to bypass the traditional bad data detection. Then, a method based on extended distributed state estimation (EDSE) is proposed to detect TFDI in smart grids. The smart grid is decomposed into several subsystems, exploiting graph partition algorithms. Each subsystem is extended outward to include the adjacent buses and tie lines, and generate the extended subsystem. The Chi-squares test is applied to detect the false data in each extended subsystem. Through decomposition, the false data stands out distinctively from normal observation errors and the detection sensitivity is increased. Extensive TFDI attack cases are simulated in the Institute of Electrical and Electronics Engineers (IEEE) 14-, 39-, 118- and 300-bus systems. Simulation results show that the detection precision of the EDSE-based method is much higher than that of the traditional method, while the proposed method significantly reduces the associated computational costs.

Jingwen Liang,Lalitha Sankar,Oliver Kosut

DOI: https://doi.org/10.1109/TPWRS.2015.2504950

2015-06-12

Abstract:An unobservable false data injection (FDI) attack on AC state estimation (SE) is introduced and its consequences on the physical system are studied. With a focus on understanding the physical consequences of FDI attacks, a bi-level optimization problem is introduced whose objective is to maximize the physical line flows subsequent to an FDI attack on DC SE. The maximization is subject to constraints on both attacker resources (size of attack) and attack detection (limiting load shifts) as well as those required by DC optimal power flow (OPF) following SE. The resulting attacks are tested on a more realistic non-linear system model using AC state estimation and ACOPF, and it is shown that, with an appropriately chosen sub-network, the attacker can overload transmission lines with moderate shifts of load.

Systems and Control,Cryptography and Security