Qiaomu Jiang,Huifang Chen,Lei Xie,Kuang Wang

DOI: https://doi.org/10.1109/smartgridcomm.2017.8340659

2017-01-01

Abstract:State estimation plays a critical role in the smart grid systems. However, according to recent researches, it is evident that a well-designed false data injection attack (FDIA) can bypass the security system and mislead the state estimator. Therefore, detecting such kind of attack efficiently is critical to ensuring the reliability of the smart grid systems. In this paper, we study the real-time FDIA detection mechanism. In the proposed mechanism, we use a residual prewhitening procedure to resolve the problem in the existing real-time FDIA detection mechanism, which is the covariance matrix of the residual is not full rank. Then, we construct a two-sided vector parameter test statistic, and propose a real-time FDIA detection method based on the cumulative sum (CUSUM) of the one-shot statistic. Moreover, the asymptotic closed-form expressions of the detection performance of the proposed method, in terms of the false-alarm period and the average detection delay, are theoretically derived. Numerical results validate that the proposed real-time detection method can detecte the FDIA efficiently.

Ruilong Deng,Gaoxi Xiao,Rongxing Lu,Hao Liang,Athanasios V. Vasilakos

DOI: https://doi.org/10.1109/tii.2016.2614396

IF: 12.3

2017-01-01

IEEE Transactions on Industrial Informatics

Abstract:The accurately estimated state is of great importance for maintaining a stable running condition of power systems. To maintain the accuracy of the estimated state, bad data detection (BDD) is utilized by power systems to get rid of erroneous measurements due to meter failures or outside attacks. However, false data injection (FDI) attacks, as recently revealed, can circumvent BDD and insert any bias into the value of the estimated state. Continuous works on constructing and/or protecting power systems from such attacks have been done in recent years. This survey comprehensively overviews three major aspects: constructing FDI attacks; impacts of FDI attacks on electricity market; and defending against FDI attacks. Specifically, we first explore the problem of constructing FDI attacks, and further show their associated impacts on electricity market operations, from the adversary's point of view. Then, from the perspective of the system operator, we present countermeasures against FDI attacks. We also outline the future research directions and potential challenges based on the above overview, in the context of FDI attacks, impacts, and defense.

Beibei Li,Gaoxi Xiao,Rongxing Lu,Ruilong Deng,Haiyong Bao

DOI: https://doi.org/10.1109/tii.2019.2922215

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:Recent studies have investigated the possibilities of proactively detecting the high-profile false data injection (FDI) attacks on power grid state estimation by using the distributed flexible ac transmission system (D-FACTS) devices, termed as proactive false data detection (PFDD) approach. However, the feasibility and limitations of such an approach have not been systematically studied in the existing literature. In this paper, we explore the feasibility and limitations of adopting the PFDD approach to thwart FDI attacks on power grid state estimation. Specifically, we thoroughly study the feasibility of using PFDD to detect FDI attacks by considering single-bus, uncoordinated multiple-bus, and coordinated multiple-bus FDI attacks, respectively. We prove that PFDD can detect all these three types of FDI attacks targeted on buses or super-buses with degrees larger than 1, if and only if the deployment of D-FACTS devices covers branches at least containing a spanning tree of the grid graph. The minimum efforts required for activating D-FACTS devices to detect each type of FDI attacks are, respectively, evaluated. In addition, we also discuss the limitations of this approach; it is strictly proved that PFDD is not able to detect FDI attacks targeted on buses or super-buses with degrees equalling 1.

Ruilong Deng,Hao Liang

DOI: https://doi.org/10.1109/TII.2018.2863256

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:In this paper, we consider false data injection (FDI) attacks with limited information of transmission-line susceptances and new countermeasures in smart grids. First, we prove that the adversary could launch FDI attacks to modify the state variable on a bus or superbus only if he/she knows the susceptance of every transmission line that is incident to that bus or superbus. Based on this observation, we provide a new countermeasure against FDI attacks, i.e., to make the susceptances of <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n-1$</tex-math></inline-formula> interconnected transmission lines that cover all buses unknown to the adversary (e.g., by proactively perturbing transmission-line susceptances through distributed flexible AC transmission system (D-FACTS) devices), where <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n$</tex-math></inline-formula> is the total number of buses. This new countermeasure can work alone or in conjunction with traditional ones to reduce the number of meter measurements/state variables that are to be secured against FDI attacks. The implementation of FDI attacks with limited susceptance information and the effectiveness of new countermeasures are demonstrated by using an illustrative 4-bus power system and the IEEE 9-bus, 14-bus, 30-bus, 118-bus, and 300-bus test power systems.

Ruilong Deng,Peng Zhuang,Hao Liang

DOI: https://doi.org/10.1109/tsg.2018.2813280

IF: 10.275

2019-01-01

IEEE Transactions on Smart Grid

Abstract:The existing research on false data injection (FDI) attacks against state estimation in transmission systems cannot be trivially extended to distribution feeders. The main reason is that a strong condition that requires the attacker to know the estimated state of distribution systems is needed, which makes the traditional FDI attacks difficult to be implemented in practice. In this paper, we propose a practical FDI attack model against state estimation in distribution systems, without paying expensive cost for obtaining the system state. We show that the attacker can approximate the system state based on power flow or injection measurements without too much effort. For local FDI attacks, the strong condition can be further relaxed to the knowledge of local state, which can be approximated based on a small number of power flow or injection measurements. Simulation results based on the IEEE test feeder demonstrate that the proposed practical FDI attack, even with the approximated system state, is more likely to compromise the state estimation without being detected, in comparison with the traditional attacks. This paper provides a basis to study the attack behaviors in distribution systems and a theoretical guide to develop protective countermeasures.

Shiyu Jin

DOI: https://doi.org/10.1016/j.epsr.2024.110294

IF: 3.818

2024-03-04

Electric Power Systems Research

Abstract:In power systems, False Data Injection (FDI) attack can covertly mislead the state estimation of the power system and lead to inestimable damage. Traditional studies on FDI attack usually assume that the attacker has complete network information of the power grid. However, this assumption is often difficult to be achieved due to the good protection of data in the control center. In this paper, an FDI attack approach with incomplete network information is proposed against AC state estimation. In addition to constructing an attack vector to modify the selected state, this approach also gives the attack range of the state. Through the analysis of the residuals we propose a method to extend the range that can evade bad data detector. Simulation in the IEEE14 and IEEE118 bus systems verify the feasibility and stealth of the model.

engineering, electrical & electronic

Aidong Xu,Tengyue Zhang,Liang Chen,Qing Li,Yunan Zhang,Haojie Lin,Peiyao Wang,Sihui Wu,Runhui Zhao,Yixin Jiang

DOI: https://doi.org/10.1088/1755-1315/693/1/012010

2021-01-01

IOP Conference Series Earth and Environmental Science

Abstract:Abstract The concealed false data injection (FDI) attack in the smart grid can successfully pass the power system state estimation commonly used in the residual bad data test without being detected by the existing algorithms, resulting in the state estimation error of the control center and disturbing the normal operation of the power system. In this paper, false data injection attack and attack detection are carried out in the actual power edge security protection system, microgrid control system and intelligent energy security protection system. Among them, the false data attack part simulates the attack of the voltage phase angle, and compares it with the ordinary attack method, and demonstrates the success of these attacks in the actual power grid system.

Baoyi Wang,Yadong Zhao,Shaomin Zhang,Bihe Li

DOI: https://doi.org/10.23977/jeis.2017.22013

2017-01-01

Journal of Electronics and Information Science

Abstract:False data injected by hackers can interfere with power system state estimation and pose a great threat to the safe and reliable operation of modern power systems (FDIA). The traditional bad data detection method can not effectively detect such attacks. In this paper, by extracting relevant power system measurement characteristic value and use the historical data as the sample, using three classical machine learning algorithms (Perceptron, KNN, SVM) of false data injection attack detection, and respectively in IEEE-9, IEEE-57, IEEE-118 simulation platform for test, verify the supervised machine learning algorithm is applied to the validity of false data injection attack detection.

Peng Zhuang,Ruilong Deng,Hao Liang

DOI: https://doi.org/10.1109/tsg.2019.2895306

2020-01-01

Abstract:In power transmission systems, the false data injection (FDI) attacks against state estimation (SE) have been well studied. However, due to the unique features of power distribution systems including: the low x/r ratio, existence of one-and/or two-phase branches, unbalanced load distributions, and unsymmetrical line parameters; the research on FDI attacks against distribution system SE (DSSE) is still open. In this paper, we investigate the vulnerability of DSSE to FDI attacks. In particular, we first propose a local state-based linear DSSE for multiphase and unbalanced smart distribution systems, which can facilitate the construction of FDI attacks numerically with the least information of system states. Then, the construction of three-phase coupled FDI attacks is introduced. The consideration of the coupling among phases by the three-phase coupled FDI attacks may require the modification of a large number of measurements by the attackers. To reduce the number of required measurements, the perfect three-phase decoupled FDI attacks, which consider the weak couplings among phases, is investigated. The probabilities of successful three-phase decoupled FDI attacks in strongly three-phase coupled systems are also derived numerically. The performance of the proposed FDI attacks against DSSE is evaluated based on IEEE test feeders. The case study results indicate the feasibility of the FDI attacks against DSSE in practical multiphase and unbalanced smart distribution systems. Future research directions including potential countermeasures are also highlighted.

Yang Liu,Mi Wen,Hong Wen,Ruilong Deng,Sha Peng,Naiwang Guo

DOI: https://doi.org/10.1109/tii.2024.3485110

IF: 12.3

2024-01-01

IEEE Transactions on Industrial Informatics

Abstract:With the advancement of carbon-neutral and new power system construction, numerous information devices are continuously connected to power distribution systems, gradually breaking the original unobservable state of power distribution systems and making them more vulnerable to false data injection attacks (FDIAs). Contrary to most existing research focusing on the unbalanced network, less attention has been paid to the influence of randomness and fluctuation of distributed photovoltaic (PV) to perform FDIAs in the power distribution system. In this article, the failure mechanism of FDIAs and the improved FDIAs method are proposed simultaneously for the distribution system with a high penetration of distributed PV scenarios. Specifically, based on the reactive power optimization process, the randomness and fluctuation of distributed PV are applied to decrease significantly the stealthiness of the FDIAs. Subsequently, an improved FDIA method, based on time-dependent loss conditional generative adversarial networks, is proposed to enhance the stealth and effectiveness of the attack. Finally, numerical results based on the modified IEEE 33 bus test systems demonstrate the effectiveness of the failure mechanism and the improved FDIAs. Research results can facilitate the execution of countermeasures for distribution systems with a high penetration of distributed PV, posing serious and pressing security concerns in power distribution systems with a high penetration of distributed PV scenarios.

Kuo Zhang,Zheng-Guang Wu

DOI: https://doi.org/10.1109/iccss53909.2021.9722027

2021-01-01

Abstract:False data injection attack(FDIA) is a traditional attack for the smart grid. There are many methods for the detection of the FDIA, but few of them can send the attack alarm successfully without an attack model. In this paper, we propose a reinforcement learning-based FDIA detection method for the distributed smart grid. The detection problem is formulated as a partially observable Markov decision process(POMDP) problem, and the observation of the POMDP can be obtained from the estimation of state and attack which come from the Kalman filter. By using the Sarsa algorithm, we can get a Q-table through online training. Finally, we use the IEEE-118 bus power system to evaluate the performance of our detector, and numerical results show the accurate response for the FDIA.

Kecheng Li,Genyuan Yang,Shanling Dong,Meiqin Liu

DOI: https://doi.org/10.23919/ccc63176.2024.10661728

2024-01-01

Abstract:The increasing integration of smart grid technologies in multiregional power systems improves efficiency but also exposes them to cyber security threats, especially false data injection attacks. In this paper, we address this challenge by proposing a distributed detection framework tailored for multi-regional power systems. Traditional centralized approaches are insufficient to cope with the dynamic and decentralized nature of these systems. The framework aims to simultaneously monitor and analyze multiple regions in real-time, enhancing the system’s ability to withstand false data injection attacks. This study outlines the proposed framework and provides simulation results for validation, emphasizing the need for proactive defense mechanisms in safeguarding the data integrity of power systems.

Ying Zhang,Jianhui Wang,Bo Chen

DOI: https://doi.org/10.1109/tsg.2020.3010510

IF: 10.275

2021-01-01

IEEE Transactions on Smart Grid

Abstract:The dependence on advanced information and communication technology increases the vulnerability in smart grids under cyber-attacks. Recent research on unobservable false data injection attacks (FDIAs) reveals the high risk of secure system operation, since these attacks can bypass current bad data detection mechanisms. To mitigate this risk, this paper proposes a data-driven learning-based algorithm for detecting unobservable FDIAs in distribution systems. We use autoencoders for efficient dimension reduction and feature extraction of measurement datasets. Further, we integrate the autoencoders into an advanced generative adversarial network (GAN) framework, which successfully detects anomalies under FDIAs by capturing the unconformity between abnormal and secure measurements. Also, considering that the datasets collected from practical power systems are partially labeled due to expensive labeling costs and missing labels, the proposed method only requires a few labeled measurement data in addition to unlabeled data for training. Numerical simulations in three-phase unbalanced IEEE 13-bus and 123-bus distribution systems validate the detection accuracy and efficiency of this method.

engineering, electrical & electronic

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tcsii.2022.3181827

2022-01-01

Abstract:In cyber-physical power systems (CPPSs), false data injection attack (FDIA) has drawn much attention due to its stealthiness. It is of great importance to investigate the potential behaviors of attackers to improve the cyber-security of CPPSs. However, most FDIA models are often constructed separately on the effect of attackers or the impact of attacks. Accordingly, this brief proposes a multi-objective stealthy FDIA scheme in AC grid model. The attack model is described as a multi-objective optimization problem, where minimization of contaminated measurements and maximization of the attack impact are considered as two objectives while remaining stealthy. To deal with the established attack model, a non-dominated sorting genetic algorithm II (NSGAII) is introduced as the solver. To improve the efficiency of generating attack vector, a new representation mechanism is proposed to describe locations and values of injected states. Additionally, during the evolutionary process, we propose a mutation operation to balance the sparsity and impact of FDIA. Simulation results on the IEEE 14-bus, 30-bus, and 118-bus systems demonstrate the feasibility of the NSGAII-based FDIA model.

Dai Wang,Xiaohong Guan,Ting Liu,Yun Gu,Chao Shen,Zhanbo Xu

DOI: https://doi.org/10.3390/en7031517

IF: 3.2

2014-01-01

Energies

Abstract:False data injection (FDI) is considered to be one of the most dangerous cyber-attacks in smart grids, as it may lead to energy theft from end users, false dispatch in the distribution process, and device breakdown during power generation. In this paper, a novel kind of FDI attack, named tolerable false data injection (TFDI), is constructed. Such attacks exploit the traditional detector's tolerance of observation errors to bypass the traditional bad data detection. Then, a method based on extended distributed state estimation (EDSE) is proposed to detect TFDI in smart grids. The smart grid is decomposed into several subsystems, exploiting graph partition algorithms. Each subsystem is extended outward to include the adjacent buses and tie lines, and generate the extended subsystem. The Chi-squares test is applied to detect the false data in each extended subsystem. Through decomposition, the false data stands out distinctively from normal observation errors and the detection sensitivity is increased. Extensive TFDI attack cases are simulated in the Institute of Electrical and Electronics Engineers (IEEE) 14-, 39-, 118- and 300-bus systems. Simulation results show that the detection precision of the EDSE-based method is much higher than that of the traditional method, while the proposed method significantly reduces the associated computational costs.

Guoqing Zhang,Wengen Gao,Yunfei Li,Yixuan Liu,Xinxin Guo,Wenlong Jiang

DOI: https://doi.org/10.1016/j.compeleceng.2024.109834

IF: 4.152

2024-11-11

Computers & Electrical Engineering

Abstract:The transition to smart grids introduces significant cybersecurity vulnerabilities, particularly with the rise of False Data Injection Attacks (FDIAs). These attacks allow malicious actors to manipulate sensor data, alter the internal state of the grid, and bypass traditional Bad Data Detection (BDD) systems. FDIAs pose a serious threat to grid security, potentially leading to incorrect state estimation and destabilization of the power system, which could result in system outages and economic losses. To address this challenge, this paper proposes a novel detection and localization method. First, false data and measurement errors are modeled as non-Gaussian noise. Recognizing the limitations of the traditional Extended Kalman Filter (EKF) under non-Gaussian conditions, the Maximum Correntropy Criterion (MCC) is integrated into the EKF to improve the robustness of state estimation. Additionally, the Maximum Correntropy Criterion Extended Kalman Filter (MCCEKF) is combined with Weighted Least Squares (WLS), and cosine similarity is introduced to quantify the differences between these two estimators for FDIA detection. A partition approach is then used to construct a logical localization matrix, with cosine similarity detection applied in each section to generate a detection matrix. By performing a logical AND operation on these matrices, the attacked bus is identified. Simulations on IEEE-14-bus and IEEE-30-bus systems validate the proposed approach, demonstrating its effectiveness in reliably detecting and localizing FDIAs in smart grids.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Jiayu Shi,Shichao Liu,Bo Chen,Li Yu

DOI: https://doi.org/10.1109/tcsii.2020.3020139

2021-01-01

Abstract:The stealthy false data injection (FDI) attacks in smart grids can bypass the bad data detection, and thus make an incorrect state estimate in the control center. In this brief, a distributed data-driven intrusion detection approach is proposed to reveal the existence of the sparse stealthy FDI attack in a multi-area interconnected power system. The proposed distributed intrusion detection approach avoids the over-fitting issue that is extensively seen when implementing machine learning algorithms for large-scale systems. Firstly, each area estimates the entire system state based on a distributed state estimation algorithm. Then, the state of each local area is used as trained neural network input to detect the stealthy FDI attacks. Simulation results on the IEEE 118-bus system verify that the proposed method not only reduces the risk of over-fitting, but also can locate the areas which have been attacked.

Pengfei Hu,Wengen Gao,Yunfei Li,Feng Hua,Lina Qiao,Guoqing Zhang

DOI: https://doi.org/10.1109/access.2023.3273730

IF: 3.9

2023-05-12

IEEE Access

Abstract:Power system state estimation is an essential component of the modern power system energy management system (EMS), and accurate state estimation is an indispensable basis for subsequent work. However, the attacker can inject biases into measurements to launch false data injection attacks (FDIAs) in smart grids, which ultimately cause state estimates to deviate from security values. This paper proposed the joint use of static state estimation and dynamic state estimation to detect the FDIA, i.e. the joint use of weighted least squares (WLS) and extended Kalman filter (EKF) with exponential weighting function (WEKF), which improves the robustness of state estimation. Since the WLS estimation considers only the measurements at the current moment, the recursive feature of the WEKF enables the estimation process to involve both historical state and current measurements. Therefore, consistency tests and residual tests were performed using the estimations of WLS and WEKF to effectively detect FDIA. In addition, a cluster partitioning approach with approximate equal redundancy of subsystems is proposed to locate the FDIA. The detection of FDIA triggers the partitioning of the network system, and then the chi-square test is used separately in each sub-network to determine the location of FDIA. Finally, the experimental results in the IEEE-14 bus system and the IEEE-30 bus system demonstrate that the approach can effectively detect and locate FDIAs.

computer science, information systems,telecommunications,engineering, electrical & electronic

Hanzhang Shi,Linbo Xie,Li Peng

DOI: https://doi.org/10.1016/j.compeleceng.2021.107058

2021-05-01

Abstract:<p>The false data injection attack is emerging as a dangerous cyber-attack for smart grid since it can bypass traditional bad data detection mechanisms and cause erroneous estimation on system states. To accurately detect such a devastating attack, we propose a statistical FDI attacks detection approach based on a new dimensionality-reduction method and a Gaussian mixture model. The proposed method consists of two phases: a dimensionality-reduction process in phase I and a semi-supervised learning process based on the Gaussian mixture model in phase II. To increase the discrimination between the normal data and bad data, a new orthonormal basis with a reduced dimension is constructed by exploiting minimum classification error performance index for the labeled dataset. Based on the reduced basis, the coordinates of the data under the newly obtained basis are checked using a Gaussian mixture model and a semi-supervised learning algorithm. If the outputs of the Gaussian mixture model exceed the pre-determined threshold, then FDI attacks can be distinguished from the normal pattern. The proposed method is tested on the IEEE 14-bus system using real load data from New York independent system operator considering attacks on various state variables, which demonstrates that the proposed method has about 1.5%~5% of accuracy improvement compared to some other detection methods. The generality of the proposed method is also demonstrated on different load patterns and larger systems such as IEEE 30-bus and IEEE 118-bus systems.</p>

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Meng Zhang,Chao Shen,Ning He,SiCong Han,Qi Li,Qian Wang,XiaoHong Guan

DOI: https://doi.org/10.1007/s11431-019-9544-7

2019-01-01

Science China Technological Sciences

Abstract:As a typical representative of the so-called cyber-physical system, smart grid reveals its high efficiency, robustness and reliability compared with conventional power grid. However, due to the deep integration of electrical components and computinginformation in cyber space, smart gird is vulnerable to malicious attacks, especially for a type of attacks named false data injection attacks (FDIAs). FDIAs are capable of tampering meter measurements and affecting the results of state estimation stealthily, which severely threat the security of smart gird. Due to the significantinfluence of FDIAs on smart grid, the research related to FDIAs has received considerable attention over the past decade. This paper aims to summarize recent advances in FDIAs against smart grid state estimation, especially from the aspects of background materials, construction methods, detection and defense strategies. Moreover, future research directions are discussed and outlined by analyzing existing results. It is expected that through the review of FDIAs, the vulnerabilities of smart grid to malicious attacks can be further revealed and more attention can be devoted to the detection and defense of cyber-physical attacks against smart grid.