Ruilong Deng,Hao Liang

DOI: https://doi.org/10.1109/TII.2018.2863256

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:In this paper, we consider false data injection (FDI) attacks with limited information of transmission-line susceptances and new countermeasures in smart grids. First, we prove that the adversary could launch FDI attacks to modify the state variable on a bus or superbus only if he/she knows the susceptance of every transmission line that is incident to that bus or superbus. Based on this observation, we provide a new countermeasure against FDI attacks, i.e., to make the susceptances of <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n-1$</tex-math></inline-formula> interconnected transmission lines that cover all buses unknown to the adversary (e.g., by proactively perturbing transmission-line susceptances through distributed flexible AC transmission system (D-FACTS) devices), where <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n$</tex-math></inline-formula> is the total number of buses. This new countermeasure can work alone or in conjunction with traditional ones to reduce the number of meter measurements/state variables that are to be secured against FDI attacks. The implementation of FDI attacks with limited susceptance information and the effectiveness of new countermeasures are demonstrated by using an illustrative 4-bus power system and the IEEE 9-bus, 14-bus, 30-bus, 118-bus, and 300-bus test power systems.

Ruilong Deng,Gaoxi Xiao,Rongxing Lu,Hao Liang,Athanasios V. Vasilakos

DOI: https://doi.org/10.1109/tii.2016.2614396

IF: 12.3

2017-01-01

IEEE Transactions on Industrial Informatics

Abstract:The accurately estimated state is of great importance for maintaining a stable running condition of power systems. To maintain the accuracy of the estimated state, bad data detection (BDD) is utilized by power systems to get rid of erroneous measurements due to meter failures or outside attacks. However, false data injection (FDI) attacks, as recently revealed, can circumvent BDD and insert any bias into the value of the estimated state. Continuous works on constructing and/or protecting power systems from such attacks have been done in recent years. This survey comprehensively overviews three major aspects: constructing FDI attacks; impacts of FDI attacks on electricity market; and defending against FDI attacks. Specifically, we first explore the problem of constructing FDI attacks, and further show their associated impacts on electricity market operations, from the adversary's point of view. Then, from the perspective of the system operator, we present countermeasures against FDI attacks. We also outline the future research directions and potential challenges based on the above overview, in the context of FDI attacks, impacts, and defense.

Qiaomu Jiang,Huifang Chen,Lei Xie,Kuang Wang

DOI: https://doi.org/10.1109/smartgridcomm.2017.8340659

2017-01-01

Abstract:State estimation plays a critical role in the smart grid systems. However, according to recent researches, it is evident that a well-designed false data injection attack (FDIA) can bypass the security system and mislead the state estimator. Therefore, detecting such kind of attack efficiently is critical to ensuring the reliability of the smart grid systems. In this paper, we study the real-time FDIA detection mechanism. In the proposed mechanism, we use a residual prewhitening procedure to resolve the problem in the existing real-time FDIA detection mechanism, which is the covariance matrix of the residual is not full rank. Then, we construct a two-sided vector parameter test statistic, and propose a real-time FDIA detection method based on the cumulative sum (CUSUM) of the one-shot statistic. Moreover, the asymptotic closed-form expressions of the detection performance of the proposed method, in terms of the false-alarm period and the average detection delay, are theoretically derived. Numerical results validate that the proposed real-time detection method can detecte the FDIA efficiently.

Ruilong Deng,Peng Zhuang,Hao Liang

DOI: https://doi.org/10.1109/tsg.2018.2813280

IF: 10.275

2019-01-01

IEEE Transactions on Smart Grid

Abstract:The existing research on false data injection (FDI) attacks against state estimation in transmission systems cannot be trivially extended to distribution feeders. The main reason is that a strong condition that requires the attacker to know the estimated state of distribution systems is needed, which makes the traditional FDI attacks difficult to be implemented in practice. In this paper, we propose a practical FDI attack model against state estimation in distribution systems, without paying expensive cost for obtaining the system state. We show that the attacker can approximate the system state based on power flow or injection measurements without too much effort. For local FDI attacks, the strong condition can be further relaxed to the knowledge of local state, which can be approximated based on a small number of power flow or injection measurements. Simulation results based on the IEEE test feeder demonstrate that the proposed practical FDI attack, even with the approximated system state, is more likely to compromise the state estimation without being detected, in comparison with the traditional attacks. This paper provides a basis to study the attack behaviors in distribution systems and a theoretical guide to develop protective countermeasures.

Peng Zhuang,Ruilong Deng,Hao Liang

DOI: https://doi.org/10.1109/tsg.2019.2895306

2020-01-01

Abstract:In power transmission systems, the false data injection (FDI) attacks against state estimation (SE) have been well studied. However, due to the unique features of power distribution systems including: the low x/r ratio, existence of one-and/or two-phase branches, unbalanced load distributions, and unsymmetrical line parameters; the research on FDI attacks against distribution system SE (DSSE) is still open. In this paper, we investigate the vulnerability of DSSE to FDI attacks. In particular, we first propose a local state-based linear DSSE for multiphase and unbalanced smart distribution systems, which can facilitate the construction of FDI attacks numerically with the least information of system states. Then, the construction of three-phase coupled FDI attacks is introduced. The consideration of the coupling among phases by the three-phase coupled FDI attacks may require the modification of a large number of measurements by the attackers. To reduce the number of required measurements, the perfect three-phase decoupled FDI attacks, which consider the weak couplings among phases, is investigated. The probabilities of successful three-phase decoupled FDI attacks in strongly three-phase coupled systems are also derived numerically. The performance of the proposed FDI attacks against DSSE is evaluated based on IEEE test feeders. The case study results indicate the feasibility of the FDI attacks against DSSE in practical multiphase and unbalanced smart distribution systems. Future research directions including potential countermeasures are also highlighted.

Ruilong Deng,Gaoxi Xiao,Rongxing Lu

DOI: https://doi.org/10.1109/tii.2015.2470218

IF: 12.3

2017-01-01

IEEE Transactions on Industrial Informatics

Abstract:This paper investigates the problem of defending against false data injection (FDI) attacks on power system state estimation. Although many research works have been previously reported on addressing the same problem, most of them made a very strong assumption that some meter measurements can be absolutely protected. To address the problem practically, a reasonable approach is to assume whether or not a meter measurement could be compromised by an adversary does depend on the defense budget deployed by the defender on the meter. From this perspective, our contributions focus on designing the least-budget defense strategy to protect power systems against FDI attacks. In addition, we also extend to investigate choosing which meters to be protected and determining how much defense budget to be deployed on each of these meters. We further formulate the meter selection problem as a mixed integer nonlinear programming problem, which can be efficiently tackled by Benders' decomposition. Finally, extensive simulations are conducted on IEEE test power systems to demonstrate the advantages of the proposed approach in terms of computing time and solution quality, especially for large-scale power systems.

Dai Wang,Xiaohong Guan,Ting Liu,Yun Gu,Chao Shen,Zhanbo Xu

DOI: https://doi.org/10.3390/en7031517

IF: 3.2

2014-01-01

Energies

Abstract:False data injection (FDI) is considered to be one of the most dangerous cyber-attacks in smart grids, as it may lead to energy theft from end users, false dispatch in the distribution process, and device breakdown during power generation. In this paper, a novel kind of FDI attack, named tolerable false data injection (TFDI), is constructed. Such attacks exploit the traditional detector's tolerance of observation errors to bypass the traditional bad data detection. Then, a method based on extended distributed state estimation (EDSE) is proposed to detect TFDI in smart grids. The smart grid is decomposed into several subsystems, exploiting graph partition algorithms. Each subsystem is extended outward to include the adjacent buses and tie lines, and generate the extended subsystem. The Chi-squares test is applied to detect the false data in each extended subsystem. Through decomposition, the false data stands out distinctively from normal observation errors and the detection sensitivity is increased. Extensive TFDI attack cases are simulated in the Institute of Electrical and Electronics Engineers (IEEE) 14-, 39-, 118- and 300-bus systems. Simulation results show that the detection precision of the EDSE-based method is much higher than that of the traditional method, while the proposed method significantly reduces the associated computational costs.

Meng Zhang,Chao Shen,Ning He,SiCong Han,Qi Li,Qian Wang,XiaoHong Guan

DOI: https://doi.org/10.1007/s11431-019-9544-7

2019-01-01

Science China Technological Sciences

Abstract:As a typical representative of the so-called cyber-physical system, smart grid reveals its high efficiency, robustness and reliability compared with conventional power grid. However, due to the deep integration of electrical components and computinginformation in cyber space, smart gird is vulnerable to malicious attacks, especially for a type of attacks named false data injection attacks (FDIAs). FDIAs are capable of tampering meter measurements and affecting the results of state estimation stealthily, which severely threat the security of smart gird. Due to the significantinfluence of FDIAs on smart grid, the research related to FDIAs has received considerable attention over the past decade. This paper aims to summarize recent advances in FDIAs against smart grid state estimation, especially from the aspects of background materials, construction methods, detection and defense strategies. Moreover, future research directions are discussed and outlined by analyzing existing results. It is expected that through the review of FDIAs, the vulnerabilities of smart grid to malicious attacks can be further revealed and more attention can be devoted to the detection and defense of cyber-physical attacks against smart grid.

Yang Liu,Mi Wen,Hong Wen,Ruilong Deng,Sha Peng,Naiwang Guo

DOI: https://doi.org/10.1109/tii.2024.3485110

IF: 12.3

2024-01-01

IEEE Transactions on Industrial Informatics

Abstract:With the advancement of carbon-neutral and new power system construction, numerous information devices are continuously connected to power distribution systems, gradually breaking the original unobservable state of power distribution systems and making them more vulnerable to false data injection attacks (FDIAs). Contrary to most existing research focusing on the unbalanced network, less attention has been paid to the influence of randomness and fluctuation of distributed photovoltaic (PV) to perform FDIAs in the power distribution system. In this article, the failure mechanism of FDIAs and the improved FDIAs method are proposed simultaneously for the distribution system with a high penetration of distributed PV scenarios. Specifically, based on the reactive power optimization process, the randomness and fluctuation of distributed PV are applied to decrease significantly the stealthiness of the FDIAs. Subsequently, an improved FDIA method, based on time-dependent loss conditional generative adversarial networks, is proposed to enhance the stealth and effectiveness of the attack. Finally, numerical results based on the modified IEEE 33 bus test systems demonstrate the effectiveness of the failure mechanism and the improved FDIAs. Research results can facilitate the execution of countermeasures for distribution systems with a high penetration of distributed PV, posing serious and pressing security concerns in power distribution systems with a high penetration of distributed PV scenarios.

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tcsii.2022.3181827

2022-01-01

Abstract:In cyber-physical power systems (CPPSs), false data injection attack (FDIA) has drawn much attention due to its stealthiness. It is of great importance to investigate the potential behaviors of attackers to improve the cyber-security of CPPSs. However, most FDIA models are often constructed separately on the effect of attackers or the impact of attacks. Accordingly, this brief proposes a multi-objective stealthy FDIA scheme in AC grid model. The attack model is described as a multi-objective optimization problem, where minimization of contaminated measurements and maximization of the attack impact are considered as two objectives while remaining stealthy. To deal with the established attack model, a non-dominated sorting genetic algorithm II (NSGAII) is introduced as the solver. To improve the efficiency of generating attack vector, a new representation mechanism is proposed to describe locations and values of injected states. Additionally, during the evolutionary process, we propose a mutation operation to balance the sparsity and impact of FDIA. Simulation results on the IEEE 14-bus, 30-bus, and 118-bus systems demonstrate the feasibility of the NSGAII-based FDIA model.

Shiyu Jin

DOI: https://doi.org/10.1016/j.epsr.2024.110294

IF: 3.818

2024-03-04

Electric Power Systems Research

Abstract:In power systems, False Data Injection (FDI) attack can covertly mislead the state estimation of the power system and lead to inestimable damage. Traditional studies on FDI attack usually assume that the attacker has complete network information of the power grid. However, this assumption is often difficult to be achieved due to the good protection of data in the control center. In this paper, an FDI attack approach with incomplete network information is proposed against AC state estimation. In addition to constructing an attack vector to modify the selected state, this approach also gives the attack range of the state. Through the analysis of the residuals we propose a method to extend the range that can evade bad data detector. Simulation in the IEEE14 and IEEE118 bus systems verify the feasibility and stealth of the model.

engineering, electrical & electronic

Aidong Xu,Tengyue Zhang,Liang Chen,Qing Li,Yunan Zhang,Haojie Lin,Peiyao Wang,Sihui Wu,Runhui Zhao,Yixin Jiang

DOI: https://doi.org/10.1088/1755-1315/693/1/012010

2021-01-01

IOP Conference Series Earth and Environmental Science

Abstract:Abstract The concealed false data injection (FDI) attack in the smart grid can successfully pass the power system state estimation commonly used in the residual bad data test without being detected by the existing algorithms, resulting in the state estimation error of the control center and disturbing the normal operation of the power system. In this paper, false data injection attack and attack detection are carried out in the actual power edge security protection system, microgrid control system and intelligent energy security protection system. Among them, the false data attack part simulates the attack of the voltage phase angle, and compares it with the ordinary attack method, and demonstrates the success of these attacks in the actual power grid system.

Kuo Zhang,Zheng-Guang Wu

DOI: https://doi.org/10.1109/iccss53909.2021.9722027

2021-01-01

Abstract:False data injection attack(FDIA) is a traditional attack for the smart grid. There are many methods for the detection of the FDIA, but few of them can send the attack alarm successfully without an attack model. In this paper, we propose a reinforcement learning-based FDIA detection method for the distributed smart grid. The detection problem is formulated as a partially observable Markov decision process(POMDP) problem, and the observation of the POMDP can be obtained from the estimation of state and attack which come from the Kalman filter. By using the Sarsa algorithm, we can get a Q-table through online training. Finally, we use the IEEE-118 bus power system to evaluate the performance of our detector, and numerical results show the accurate response for the FDIA.

Beibei Li,Rongxing Lu,Gaoxi Xiao,Tao Li,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1109/tpwrs.2021.3127353

IF: 7.326

2022-07-01

IEEE Transactions on Power Systems

Abstract:The integration of phasor measurement units (PMUs) and phasor data concentrators (PDCs) in smart grids may be exploited by attackers to initiate new and sophisticated false data injection (FDI) attacks. Existing FDI attack mitigation approaches are generally less effective against sophisticated FDI attacks, such as collusive false data injection (CFDI) attacks launched by compromised PDCs (and PMUs) as we demonstrate in this paper. Thus, we propose a secure and resilience-enhanced scheme (SeCDM) to detect and mitigate such cyber threats in smart grids. Specifically, we design a decentralized homomorphic computation paradigm along with a hierarchical knowledge sharing algorithm to facilitate secure ciphertext calculation of state estimation residuals. Following this, a centralized FDI detector is implemented to detect FDI attacks. Findings from the security analysis demonstrate our approach achieves enhanced conventional FDI and CFDI attack resilience, and findings from our performance evaluations on the standard IEEE 14-, 24-, and 39-bus power systems also show that the communication overheads and computational complexity are reasonably low.

engineering, electrical & electronic

Pengfei Hu,Wengen Gao,Yunfei Li,Feng Hua,Lina Qiao,Guoqing Zhang

DOI: https://doi.org/10.1109/access.2023.3273730

IF: 3.9

2023-05-12

IEEE Access

Abstract:Power system state estimation is an essential component of the modern power system energy management system (EMS), and accurate state estimation is an indispensable basis for subsequent work. However, the attacker can inject biases into measurements to launch false data injection attacks (FDIAs) in smart grids, which ultimately cause state estimates to deviate from security values. This paper proposed the joint use of static state estimation and dynamic state estimation to detect the FDIA, i.e. the joint use of weighted least squares (WLS) and extended Kalman filter (EKF) with exponential weighting function (WEKF), which improves the robustness of state estimation. Since the WLS estimation considers only the measurements at the current moment, the recursive feature of the WEKF enables the estimation process to involve both historical state and current measurements. Therefore, consistency tests and residual tests were performed using the estimations of WLS and WEKF to effectively detect FDIA. In addition, a cluster partitioning approach with approximate equal redundancy of subsystems is proposed to locate the FDIA. The detection of FDIA triggers the partitioning of the network system, and then the chi-square test is used separately in each sub-network to determine the location of FDIA. Finally, the experimental results in the IEEE-14 bus system and the IEEE-30 bus system demonstrate that the approach can effectively detect and locate FDIAs.

computer science, information systems,telecommunications,engineering, electrical & electronic

Beibei Li,Rongxing Lu,Wei Wang,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1016/j.jpdc.2016.12.012

IF: 4.542

2017-05-01

Journal of Parallel and Distributed Computing

Abstract:False data injection (FDI) attacks are crucial security threats to smart grid cyber-physical system (CPS), and could result in cataclysmic consequences to the entire power system. However, due to the high dependence on open information networking, countering FDI attacks is challenging in smart grid CPS. Most existing solutions are based on state estimation (SE) at the highly centralized control center; thus, computationally expensive. In addition, these solutions generally do not provide a high level of security assurance, as evidenced by recent work that smart FDI attackers with knowledge of system configurations can easily circumvent conventional SE-based false data detection mechanisms. In this paper, in order to address these challenges, a novel distributed host-based collaborative detection method is proposed. Specifically, in our approach, we use a conjunctive rule based majority voting algorithm to collaboratively detect false measurement data inserted by compromised phasor measurement units (PMUs). In addition, an innovative reputation system with an adaptive reputation updating algorithm is also designed to evaluate the overall running status of PMUs, by which FDI attacks can be distinctly observed. Extensive simulation experiments are conducted with real-time measurement data obtained from the PowerWorld simulator, and the numerical results fully demonstrate the effectiveness of our proposal.

computer science, theory & methods

Chensheng Liu,Yuanqi Li,Hongcheng Zhu,Yang Tang,Wenli Du

DOI: https://doi.org/10.1109/tcsi.2024.3350242

2024-01-01

Abstract:Enabled by the widely deployed distributed flexible alternating current transmission system (D-FACTS) devices in practical systems, moving target defense (MTD) has been considered as an effective way to detect stealthy false data injection (FDI) attacks by actively changing branch parameters. However, existing MTD methods heavily depend on the assumption that opponents can not timely obtain the newly changed branch parameters. In this paper, a parameter-estimate-first FDI (PEF-FDI) attack is proposed to reveal vulnerabilities of MTD methods in AC state estimation, which can bypass bad data detectors in the existence of MTD. Specifically, a PEF-FDI attack model is proposed to timely construct attack vector and stealthily misguide the results of alternating current (AC) state estimation in the presence of MTD. Requirements of constructing PEF-FDI attacks on eavesdropped measurements are deduced to reveal the limitation on capability of attackers. Simulations in the IEEE 118-bus system verify the performance of the proposed PEF-FDI attacks.

engineering, electrical & electronic

Kecheng Li,Genyuan Yang,Shanling Dong,Meiqin Liu

DOI: https://doi.org/10.23919/ccc63176.2024.10661728

2024-01-01

Abstract:The increasing integration of smart grid technologies in multiregional power systems improves efficiency but also exposes them to cyber security threats, especially false data injection attacks. In this paper, we address this challenge by proposing a distributed detection framework tailored for multi-regional power systems. Traditional centralized approaches are insufficient to cope with the dynamic and decentralized nature of these systems. The framework aims to simultaneously monitor and analyze multiple regions in real-time, enhancing the system’s ability to withstand false data injection attacks. This study outlines the proposed framework and provides simulation results for validation, emphasizing the need for proactive defense mechanisms in safeguarding the data integrity of power systems.

Hanzhang Shi,Linbo Xie,Li Peng

DOI: https://doi.org/10.1016/j.compeleceng.2021.107058

2021-05-01

Abstract:<p>The false data injection attack is emerging as a dangerous cyber-attack for smart grid since it can bypass traditional bad data detection mechanisms and cause erroneous estimation on system states. To accurately detect such a devastating attack, we propose a statistical FDI attacks detection approach based on a new dimensionality-reduction method and a Gaussian mixture model. The proposed method consists of two phases: a dimensionality-reduction process in phase I and a semi-supervised learning process based on the Gaussian mixture model in phase II. To increase the discrimination between the normal data and bad data, a new orthonormal basis with a reduced dimension is constructed by exploiting minimum classification error performance index for the labeled dataset. Based on the reduced basis, the coordinates of the data under the newly obtained basis are checked using a Gaussian mixture model and a semi-supervised learning algorithm. If the outputs of the Gaussian mixture model exceed the pre-determined threshold, then FDI attacks can be distinguished from the normal pattern. The proposed method is tested on the IEEE 14-bus system using real load data from New York independent system operator considering attacks on various state variables, which demonstrates that the proposed method has about 1.5%~5% of accuracy improvement compared to some other detection methods. The generality of the proposed method is also demonstrated on different load patterns and larger systems such as IEEE 30-bus and IEEE 118-bus systems.</p>

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Jiayu Shi,Shichao Liu,Bo Chen,Li Yu

DOI: https://doi.org/10.1109/tcsii.2020.3020139

2021-01-01

Abstract:The stealthy false data injection (FDI) attacks in smart grids can bypass the bad data detection, and thus make an incorrect state estimate in the control center. In this brief, a distributed data-driven intrusion detection approach is proposed to reveal the existence of the sparse stealthy FDI attack in a multi-area interconnected power system. The proposed distributed intrusion detection approach avoids the over-fitting issue that is extensively seen when implementing machine learning algorithms for large-scale systems. Firstly, each area estimates the entire system state based on a distributed state estimation algorithm. Then, the state of each local area is used as trained neural network input to detect the stealthy FDI attacks. Simulation results on the IEEE 118-bus system verify that the proposed method not only reduces the risk of over-fitting, but also can locate the areas which have been attacked.