Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tcsii.2022.3181827

2022-01-01

Abstract:In cyber-physical power systems (CPPSs), false data injection attack (FDIA) has drawn much attention due to its stealthiness. It is of great importance to investigate the potential behaviors of attackers to improve the cyber-security of CPPSs. However, most FDIA models are often constructed separately on the effect of attackers or the impact of attacks. Accordingly, this brief proposes a multi-objective stealthy FDIA scheme in AC grid model. The attack model is described as a multi-objective optimization problem, where minimization of contaminated measurements and maximization of the attack impact are considered as two objectives while remaining stealthy. To deal with the established attack model, a non-dominated sorting genetic algorithm II (NSGAII) is introduced as the solver. To improve the efficiency of generating attack vector, a new representation mechanism is proposed to describe locations and values of injected states. Additionally, during the evolutionary process, we propose a mutation operation to balance the sparsity and impact of FDIA. Simulation results on the IEEE 14-bus, 30-bus, and 118-bus systems demonstrate the feasibility of the NSGAII-based FDIA model.

Kecheng Li,Genyuan Yang,Shanling Dong,Meiqin Liu

DOI: https://doi.org/10.23919/ccc63176.2024.10661728

2024-01-01

Abstract:The increasing integration of smart grid technologies in multiregional power systems improves efficiency but also exposes them to cyber security threats, especially false data injection attacks. In this paper, we address this challenge by proposing a distributed detection framework tailored for multi-regional power systems. Traditional centralized approaches are insufficient to cope with the dynamic and decentralized nature of these systems. The framework aims to simultaneously monitor and analyze multiple regions in real-time, enhancing the system’s ability to withstand false data injection attacks. This study outlines the proposed framework and provides simulation results for validation, emphasizing the need for proactive defense mechanisms in safeguarding the data integrity of power systems.

Qingyu Yang,Jie Yang,Wei Yu,Dou An,Nan Zhang,Wei Zhao

DOI: https://doi.org/10.1109/tpds.2013.92

IF: 1.968

2013-01-01

Security and Communication Networks

Abstract:It is critical for a power system to estimate its operation state based on meter measurements in the field and the configuration of power grid networks. Recent studies show that the adversary can bypass the existing bad data detection schemes, posing dangerous threats to the operation of power grid systems. Nevertheless, two critical issues remain open: 1) how can an adversary choose the meters to compromise to cause the most significant deviation of the system state estimation, and 2) how can a system operator defend against such attacks? To address these issues, we first study the problem of finding the optimal attack strategy-i.e., a data-injection attacking strategy that selects a set of meters to manipulate so as to cause the maximum damage. We formalize the problem and develop efficient algorithms to identify the optimal meter set. We implement and test our attack strategy on various IEEE standard bus systems, and demonstrate its superiority over a baseline strategy of random selections. To defend against false data-injection attacks, we propose a protection-based defense and a detection-based defense, respectively. For the protection-based defense, we identify and protect critical sensors and make the system more resilient to attacks. For the detection-based defense, we develop the spatial-based and temporal-based detection schemes to accurately identify data-injection attacks.

Feiyang Hong,Zhejing Bao,Miao You

DOI: https://doi.org/10.1109/CCDC52312.2021.9601681

2021-01-01

Abstract:Recent studies show that the cyber-attacks such as false data injection attack (FDIA) are capable of severely threatening power system security, in such a way that the undetected errors are introduced into the states estimations by evading the conventional bad data detection (BDD) methods. This paper proposes a tri-level optimization model against the FDIA by formulating the attack actions and identifying the optimal defense strategies constrained by the limited resources. In the lower level, an economic dispatching is implemented to seek the operational strategy aiming at minimizing the operating costs under the given attack. The middle level formulates the behaviors of the attacker to discover the most destructive attack strategy intended by the attacker based on the defense strategy determined by the upper level. The upper level represents the actions of the planner and determines the optimal defense allocation on the measuring meters. The min-max-min tri-level model can be solved by the column-and-constraint generation (C&CG) algorithm. Simulations are implemented to identify the components which should be protected under the limited defense resources and severe attacks.

Ruilong Deng,Hao Liang

DOI: https://doi.org/10.1109/TII.2018.2863256

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:In this paper, we consider false data injection (FDI) attacks with limited information of transmission-line susceptances and new countermeasures in smart grids. First, we prove that the adversary could launch FDI attacks to modify the state variable on a bus or superbus only if he/she knows the susceptance of every transmission line that is incident to that bus or superbus. Based on this observation, we provide a new countermeasure against FDI attacks, i.e., to make the susceptances of <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n-1$</tex-math></inline-formula> interconnected transmission lines that cover all buses unknown to the adversary (e.g., by proactively perturbing transmission-line susceptances through distributed flexible AC transmission system (D-FACTS) devices), where <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n$</tex-math></inline-formula> is the total number of buses. This new countermeasure can work alone or in conjunction with traditional ones to reduce the number of meter measurements/state variables that are to be secured against FDI attacks. The implementation of FDI attacks with limited susceptance information and the effectiveness of new countermeasures are demonstrated by using an illustrative 4-bus power system and the IEEE 9-bus, 14-bus, 30-bus, 118-bus, and 300-bus test power systems.

Rong Fu,Yue Xu,Yi Tang,Qi Wang

DOI: https://doi.org/10.1177/0142331220923152

IF: 2.146

2020-01-01

Transactions of the Institute of Measurement and Control

Abstract:With the increase in connectivity and automation of smart grids, the scale and complexity of them has multiplied, which increases the opportunities for cyber-attacks in smart grids. For the problems where the power system cannot be detected in time and the corresponding measures cannot be taken in time, this paper proposes a voltage control strategy based on Petri nets and event triggering mechanism. The time and probability of success of an attack can affect the assessment of its consequences. In order to understand the influence of attack on power system, the corresponding modeling method based on Petri nets is given. Adding event trigger mechanism to the voltage control strategy using on-load tap-changer can effectively control the voltage fluctuation of power system in time.

Qi Wang,Wei Tai,Yi Tang,Ming Ni

DOI: https://doi.org/10.1049/iet-cps.2018.5022

2018-01-01

IET Cyber-Physical Systems Theory & Applications

Abstract:With the development of synchronous measuring technology and communication technology, the units of measurement, calculation, execution and communication are deeply integrated into energy manage system, which can achieve panoramic state awareness through the fast and accurate state estimation algorithm. Meanwhile, the cyber-attack has become an important issue posing severe threats to the secure operation of power systems. A well-designed false data injection attack (FDIA) against state estimation can effectively bypass the traditional bad data detection methods and interfere with the decision of the control centre, thus causing the power system incidents. This study comprehensively discusses the characteristics of FDIA including not only the goals, construction methods and consequences of FDIA from the perspective of attackers but also the protection and detection countermeasures from the perspective of defenders. Moreover, a game-theory-based FDIA against the substation information network is simulated to reveal the interactions between attackers and defenders.

Xuan Liu,Zhiyi Li,Zuyi Li

DOI: https://doi.org/10.1109/tsg.2015.2508449

IF: 10.275

2016-01-01

IEEE Transactions on Smart Grid

Abstract:It was revealed that modern power systems are at high risk of cyber-attacks, as an attacker can stealthily execute false data injection attacks against the state estimation without knowing the full topology and parameter information of the entire power network. To mitigate the risk, in this paper, we propose a bilevel mixed integer linear programming (MILP) model to determine the least number of measurements to be protected. A decomposition approach is adopted to obtain the suboptimal solution. To further reduce the computation complexity, we also propose to separate the power grid into several subnetworks using a MILP approach and apply distributed protection strategy to each subnetwork. The simulations on the IEEE 14-bus, IEEE 24-bus, IEEE 30-bus, and IEEE 118-bus systems verify the correctness and effectiveness of the proposed protection strategy.

Jichao Bi,Shibo He,Fengji Luo,Jiming Chen,Da -Wen Huang,Mingyang Sun

DOI: https://doi.org/10.1109/trustcom56396.2022.00024

2022-01-01

Abstract:Backboned by smart meter networks, Advanced Metering Infrastructures (AMIs) play a critical role in smart grids. This paper studies a new False Data Injection Attack (FDIA) scenario targeting AMIs, in which the attacker injects and propagates computer worms (i.e., false data codes) to maliciously increase the readings of networked smart meters and create economic loss to the end customers. This paper establishes the false data code propagation and attack models in such a scenario; based on this, this paper proposes a differential game model for describing the attack and defense process for FDIA against AMIs. A computationally efficient algorithm is developed to solve the proposed differential model and obtain the potential Nash equilibrium (NE) strategy pair. Extensive numerical simulations are conducted to validate the effectiveness of the proposed method under different energy tariff structures.

Ruilong Deng,Gaoxi Xiao,Rongxing Lu

DOI: https://doi.org/10.1109/tii.2015.2470218

IF: 12.3

2017-01-01

IEEE Transactions on Industrial Informatics

Abstract:This paper investigates the problem of defending against false data injection (FDI) attacks on power system state estimation. Although many research works have been previously reported on addressing the same problem, most of them made a very strong assumption that some meter measurements can be absolutely protected. To address the problem practically, a reasonable approach is to assume whether or not a meter measurement could be compromised by an adversary does depend on the defense budget deployed by the defender on the meter. From this perspective, our contributions focus on designing the least-budget defense strategy to protect power systems against FDI attacks. In addition, we also extend to investigate choosing which meters to be protected and determining how much defense budget to be deployed on each of these meters. We further formulate the meter selection problem as a mixed integer nonlinear programming problem, which can be efficiently tackled by Benders' decomposition. Finally, extensive simulations are conducted on IEEE test power systems to demonstrate the advantages of the proposed approach in terms of computing time and solution quality, especially for large-scale power systems.

Huaizhi Wang,Jiaqi Ruan,Bin Zhou,Canbing Li,Qiuwei Wu,Muhammad Qamar Raza,Guang-Zhong Cao

DOI: https://doi.org/10.1109/tii.2019.2902163

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:Understanding potential behaviors of attackers is of paramount importance for improving the cybersecurity of power systems. However, the attack behaviors in existing studies are often modeled statically on a single snapshot, which neglects the reality of a dynamically time-evolving power system. Accordingly, a dynamic cyber-attack model with local network information is proposed to characterize the typical data injection attack with the integration of potential dynamic behaviors of an attacker. The proposed model collaboratively alters the meter measurement in a stealthy way to illegally contaminate the system state, thus posing severe threats to cyber physical power systems. We then develop a novel anomaly detection countermeasure from the perspective of state estimation to effectively recognize the dynamic injection attack. In this countermeasure, an interval state forecasting method is proposed to approximate the possible largest variation bounds of each state variable based on a worst-case analysis considering the forecasting uncertainties of renewable energy sources, electric loads, and network parameter perturbations. In addition, the kernel quantile regression is introduced and implemented to formulate the uncertainties in renewable energy and electric load forecast as a series of confidence intervals. When any state variable falls outside its preforecasted intervals, the proposed countermeasure detects the anomaly and sets an alarm condition indicating the possibility of data contamination. Finally, the results from our extensive studies on several IEEE standard test systems have been presented to demonstrate the feasibility of the dynamic attack and the effectiveness of the detection countermeasure.

Yufei SONG,Xuan LIU,Zhiyi LI,Mohammad SHAHIDEHPOUR,Zuyi LI

DOI: https://doi.org/10.1007/s40565-018-0427-z

2018-01-01

Abstract:With the integration of information technologies, power system operations are increasingly threatened by cyber-attacks. It has even been revealed that an attacker can inject false data into real-time measurements stealthily without knowing the full configuration (e.g., network topology) of a power system. In this paper, we present a comprehensive review on false data injection attacks which utilize barrier conditions, blind identification techniques and data driven approaches to overcome limitations of incomplete network information. We also point out future research topics for facilitating the detection and prevention of such false data attacks.

Mingqiu Du,Georgia Pierrou,Xiaozhe Wang,Marthe Kassouf

DOI: https://doi.org/10.48550/arXiv.2108.11558

2021-08-26

Abstract:State estimation is a data processing algorithm for converting redundant meter measurements and other information into an estimate of the state of a power system. Relying heavily on meter measurements, state estimation has proven to be vulnerable to cyber attacks. In this paper, a novel targeted false data injection attack (FDIA) model against AC state estimation is proposed. Leveraging on the intrinsic load dynamics in ambient conditions and important properties of the Ornstein-Uhlenbeck process, we, from the viewpoint of intruders, design an algorithm to extract power network parameters purely from PMU data, which are further used to construct the FDIA vector. Requiring no network parameters and relying only on limited phasor measurement unit (PMU) data, the proposed FDIA model can target specific states and launch large deviation attacks. Sufficient conditions for the proposed FDIA model are also developed. Various attack vectors and attacking regions are studied in the IEEE 39-bus system, showing that the proposed FDIA method can successfully bypass the bad data detection and launch targeted large deviation attacks with very high probabilities.

Systems and Control

Jiazi Zhang,Zhigang Chu,Lalitha Sankar,Oliver Kosut

DOI: https://doi.org/10.48550/arXiv.1703.07500

2018-05-02

Abstract:This paper studies physical consequences of unobservable false data injection (FDI) attacks designed only with information inside a sub-network of the power system. The goal of this attack is to overload a chosen target line without being detected via measurements. To overcome the limited information, a multiple linear regression model is developed to learn the relationship between the external network and the attack sub-network from historical data. The worst possible consequences of such FDI attacks are evaluated by solving a bi-level optimization problem wherein the first level models the limited attack resources, while the second level formulates the system response to such attacks via DC optimal power flow (OPF). The attack model with limited information is reflected in the DC OPF formulation that only takes into account the system information for the attack sub-network. The vulnerability of this attack model is illustrated on the IEEE 24-bus RTS and IEEE 118-bus systems.

Systems and Control

Shiyu Jin

DOI: https://doi.org/10.1016/j.epsr.2024.110294

IF: 3.818

2024-03-04

Electric Power Systems Research

Abstract:In power systems, False Data Injection (FDI) attack can covertly mislead the state estimation of the power system and lead to inestimable damage. Traditional studies on FDI attack usually assume that the attacker has complete network information of the power grid. However, this assumption is often difficult to be achieved due to the good protection of data in the control center. In this paper, an FDI attack approach with incomplete network information is proposed against AC state estimation. In addition to constructing an attack vector to modify the selected state, this approach also gives the attack range of the state. Through the analysis of the residuals we propose a method to extend the range that can evade bad data detector. Simulation in the IEEE14 and IEEE118 bus systems verify the feasibility and stealth of the model.

engineering, electrical & electronic

Huixin Zhong,Dajun Du,Chuanjiang Li,Xue Li

DOI: https://doi.org/10.1155/2018/8503825

IF: 2.3

2018-11-01

Complexity

Abstract:The paper investigates a novel sparse false data injection attack method in a smart grid (SG) with incomplete power network information. Most existing methods usually require the known complete power network information of SG. The main objective of this paper is to propose an effective sparse false data injection attack strategy under a more practical situation where attackers can only have incomplete power network information and limited attack resources to access the measurements. Firstly, according to the obtained measurements and power network information, some incomplete power network information is compensated by using the power flow equation approach. Then, the fault tolerance range of bad data detection (BDD) for the attack residual increment is estimated by calculating the detection threshold of the residual L2-norm test. Finally, an effective sparse imperfect strategy is proposed by converting the choice of measurements into a subset selection problem, which is solved by the locally regularized fast recursive (LRFR) algorithm to effectively improve the sparsity of attack vectors. Simulation results on an IEEE 30-bus system and a real distribution network system confirm the feasibility and effectiveness of the proposed new attack construction method.

mathematics, interdisciplinary applications,multidisciplinary sciences

Qi Wang,Wei Tai,Yi Tang,Ming Ni,Shi You

DOI: https://doi.org/10.1016/j.ijepes.2018.07.007

2019-01-01

Abstract:With the widespread application of information and communication technology in power systems, cyber security has become critical for ensuring effective measurement, communication, calculation and execution. A successful false data injection attack (FDIA) can bypass traditional systems for identifying bad data and interfere with decision making in control centers, thus causing power system failures. In this paper, the measurements within the phasor measurement units (PMUs) are used as attack and defense objects, and load shedding resulting from line failure is utilized to quantify the attack consequences. To construct the optimal defense against an FDIA, this paper examines the characteristics and construction of FDIAs from the perspective of attackers, aiming to reveal the shortcomings of traditional bad data identification. From the perspective of those defending against an FDIA, a two-layer defense model is proposed that includes detection and protection. First, information from multiple sources is utilized to improve the detection of false data. Second, extra PMUs are added as a protection method to strengthen the measurement redundancy. A zero-sum static game algorithm is applied to optimize the deployment of defense resources. The effectiveness of the proposed strategy is tested using IEEE 14-bus, 57-bus and 118-bus systems, and the impact of information asymmetry is also discussed.

Xue Tong,Wang Qi

DOI: https://doi.org/10.1109/ispec53008.2021.9735442

2021-01-01

Abstract:With the rapid development of power systems, power system models have become more and more complex, which limits the application of traditional analysis methods. Thus, data-driven methods play an increasingly important role in the power system. However, due to the shortcomings of data-driven methods such as poor interpretability and strong dependence on input data, the power system data-driven methods are vulnerable to malicious attacks. This paper proposes a false data injection attack strategy for power system data-driven methods based on generative adversarial networks. In this strategy, the generator is used to generate a disturbance vector, which is superimposed on the original measurement input to construct an attack vector, which has a significant impact on the prediction results of the data-driven model. The method described in this article is implemented and verified in new England IEEE 39-bus system, and the experimental results prove the effectiveness of the method.

Sagnik Basumallik,Sara Eftekharnejad,Brian K. Johnson

DOI: https://doi.org/10.1016/j.ijepes.2020.106225

2020-12-01

Abstract:Deployment of energy management systems in electric utilities has resulted in improvement of situational awareness in power systems. However, additional cyber security issues are introduced in real-time operations. Substantial research has since been dedicated towards the feasibility and formulation of coordinated cyber-physical attacks against power systems. However, the full extent of their impacts contributing to cascading failures is not widely explored. This paper investigates to what extent such coordinated attacks against power system state estimation lead to large scale blackouts. To consider the worst case scenarios, false data injection attacks against parameter-based remedial action schemes are investigated on realistic power networks under large inter-area power transfers. Additionally, three indices are proposed to quantify the severity of the post-attack impacts: Loss of Observability after Cascading Failures, Loss of Observability after Controlled Islanding and Lines Recoverable after Controlled Islanding. The three indices will enable system operators to estimate the extent of recoverability of the grid after attacks have adversely impacted the power grid. All simulations are carried on synthetic Illinois 200-bus and South Carolina 500-bus systems.

engineering, electrical & electronic

Jiazuo Hou,Jun Wang,Yue Song,Wei Sun,Yunhe Hou

DOI: https://doi.org/10.1109/tsg.2022.3199366

IF: 10.275

2023-01-01

IEEE Transactions on Smart Grid

Abstract:The small-signal angle stability (SSAS) of a power system is determined by the property of operation points. The widely applied false data injection (FDI) cyber-attack, however, is able to stealthily mislead the optimal power flow (OPF) and thus compromise operation points, leading to damages to the SSAS margin. To provide insights for cyber defenders, this paper proposes and investigates a stealthy SSAS-oriented FDI cyber-attack focusing on two attacking purposes, i.e., the SSAS margin and operation cost, with higher priority on the former one. First, this paper establishes a novel bi-level model with an implicit SSAS constraint based on a structure preserving model to compromise operation points. Then, for the SSAS interarea mode in a typical two-area system, this paper formulates closed-form expressions of how the SSAS margin and operation cost behave with respect to stealthy injections. By comparison, for the SSAS local mode in general power systems, this paper proposes a moving target cyber-attack-based hierarchical solution algorithm. Simulation results on a two-area system, a Kundur 11 bus system, and a modified IEEE 14 bus system demonstrate the significant damaging effects of the proposed SSAS-oriented FDI cyber-attack and the conflict between the two attacking purposes.

engineering, electrical & electronic