Qiaomu Jiang,Huifang Chen,Lei Xie,Kuang Wang

DOI: https://doi.org/10.1109/smartgridcomm.2017.8340659

2017-01-01

Abstract:State estimation plays a critical role in the smart grid systems. However, according to recent researches, it is evident that a well-designed false data injection attack (FDIA) can bypass the security system and mislead the state estimator. Therefore, detecting such kind of attack efficiently is critical to ensuring the reliability of the smart grid systems. In this paper, we study the real-time FDIA detection mechanism. In the proposed mechanism, we use a residual prewhitening procedure to resolve the problem in the existing real-time FDIA detection mechanism, which is the covariance matrix of the residual is not full rank. Then, we construct a two-sided vector parameter test statistic, and propose a real-time FDIA detection method based on the cumulative sum (CUSUM) of the one-shot statistic. Moreover, the asymptotic closed-form expressions of the detection performance of the proposed method, in terms of the false-alarm period and the average detection delay, are theoretically derived. Numerical results validate that the proposed real-time detection method can detecte the FDIA efficiently.

Kuo Zhang,Zheng-Guang Wu

DOI: https://doi.org/10.1109/iccss53909.2021.9722027

2021-01-01

Abstract:False data injection attack(FDIA) is a traditional attack for the smart grid. There are many methods for the detection of the FDIA, but few of them can send the attack alarm successfully without an attack model. In this paper, we propose a reinforcement learning-based FDIA detection method for the distributed smart grid. The detection problem is formulated as a partially observable Markov decision process(POMDP) problem, and the observation of the POMDP can be obtained from the estimation of state and attack which come from the Kalman filter. By using the Sarsa algorithm, we can get a Q-table through online training. Finally, we use the IEEE-118 bus power system to evaluate the performance of our detector, and numerical results show the accurate response for the FDIA.

Guoqing Zhang,Wengen Gao,Jiaming Zhu,Yaru Li

DOI: https://doi.org/10.1088/1742-6596/2788/1/012029

2024-06-01

Journal of Physics: Conference Series

Abstract:Abstract False data injection attacks (FDIAs) cause incorrect system states by tampering with measurements, seriously affecting the EMS’s control process. However, the well-designed FDIAs can bypass traditional bad data detection (BDD) mechanisms. Aiming at the challenge, we improve the unscented Kalman filter and combine AIUKF with weighted least squares (WLS) to detect FDIAs. Utilizing the different convergence rates of the two estimators, the cosine similarity is introduced for FDIA detection. Various test conditions in IEEE-14-bus are simulated to underline the capability of AIUKF in state estimation. The results indicate that the proposed detection approach is superior for detecting FDIAs.

Guoqing Zhang,Wengen Gao,Yunfei Li,Xinxin Guo,Pengfei Hu,Jiaming Zhu

DOI: https://doi.org/10.3390/en16207203

IF: 3.2

2023-10-23

Energies

Abstract:An accurate power state is the basis of the normal functioning of the smart grid. However, false data injection attacks (FDIAs) take advantage of the vulnerability in the bad data detection mechanism of the power system to manipulate the process of state estimation. By attacking the measurements, then affecting the estimated state, FDIAs have become a serious hidden danger that affects the security and stable operation of the power system. To address the bad data detection vulnerability, in this paper, a false data attack detection method based on weighted least squares (WLS) and an adaptive interpolation extended Kalman filter (AIEKF) is proposed. On the basis of applying WLS and AIEKF, the Euclidean distance is used to calculate the deviation values of the two-state estimations to determine whether the current moment is subjected to a false data injection attack in the power system. Extensive experiments were conducted to simulate an IEEE-14-bus power system, showing that the adaptive interpolation extended Kalman filter can compensate for the deficiency in the bad data detection mechanism and successfully detect FDIAs.

energy & fuels

Pengfei Hu,Wengen Gao,Yunfei Li,Feng Hua,Lina Qiao,Guoqing Zhang

DOI: https://doi.org/10.1109/access.2023.3273730

IF: 3.9

2023-05-12

IEEE Access

Abstract:Power system state estimation is an essential component of the modern power system energy management system (EMS), and accurate state estimation is an indispensable basis for subsequent work. However, the attacker can inject biases into measurements to launch false data injection attacks (FDIAs) in smart grids, which ultimately cause state estimates to deviate from security values. This paper proposed the joint use of static state estimation and dynamic state estimation to detect the FDIA, i.e. the joint use of weighted least squares (WLS) and extended Kalman filter (EKF) with exponential weighting function (WEKF), which improves the robustness of state estimation. Since the WLS estimation considers only the measurements at the current moment, the recursive feature of the WEKF enables the estimation process to involve both historical state and current measurements. Therefore, consistency tests and residual tests were performed using the estimations of WLS and WEKF to effectively detect FDIA. In addition, a cluster partitioning approach with approximate equal redundancy of subsystems is proposed to locate the FDIA. The detection of FDIA triggers the partitioning of the network system, and then the chi-square test is used separately in each sub-network to determine the location of FDIA. Finally, the experimental results in the IEEE-14 bus system and the IEEE-30 bus system demonstrate that the approach can effectively detect and locate FDIAs.

computer science, information systems,telecommunications,engineering, electrical & electronic

Muhammad Rashed,Joarder Kamruzzaman,Iqbal Gondal,Syed Islam

DOI: https://doi.org/10.1109/access.2022.3193781

IF: 3.9

2022-08-03

IEEE Access

Abstract:The smart grid accessibility over the Internet of Things (IoT) is becoming attractive to electrical grid operators as it brings considerable operational and cost efficiencies. However, this in return creates significant cyber security challenges, such as fortification of state estimation data such as state variables against false data injection attacks (FDIAs). In this paper, a clustered partitioning state estimation (CPSE) technique is proposed to detect FDIA by using static state estimation, namely, weighted least square (WLS) method in conjunction with dynamic state estimation using minimum variance unscented Kalman filter (MV-UKF) which improves the accuracy of state estimation. The estimates acquired from the MV-UKF do not deviate like WLS as these are purely based on the previous iteration saved in the transition matrix. The deviation between the corresponding estimations of WLS and MV-UKF are utilised to partition the smart grid into smaller sub-systems to detect FDIA and then identify its location. To validate the proposed detection technique, FIDAs are injected into IEEE 14-bus, IEEE 30-bus, IEEE 118-bus, and IEEE 300-bus distribution feeder using MATPOWER simulation platform. Our results clearly demonstrate that the proposed technique can locate the attack area efficiently compared to other techniques such as chi square.

computer science, information systems,telecommunications,engineering, electrical & electronic

Baoyi Wang,Yadong Zhao,Shaomin Zhang,Bihe Li

DOI: https://doi.org/10.23977/jeis.2017.22013

2017-01-01

Journal of Electronics and Information Science

Abstract:False data injected by hackers can interfere with power system state estimation and pose a great threat to the safe and reliable operation of modern power systems (FDIA). The traditional bad data detection method can not effectively detect such attacks. In this paper, by extracting relevant power system measurement characteristic value and use the historical data as the sample, using three classical machine learning algorithms (Perceptron, KNN, SVM) of false data injection attack detection, and respectively in IEEE-9, IEEE-57, IEEE-118 simulation platform for test, verify the supervised machine learning algorithm is applied to the validity of false data injection attack detection.

Guoqing Zhang,Wengen Gao,Yunfei Li,Yixuan Liu,Xinxin Guo,Wenlong Jiang

DOI: https://doi.org/10.1016/j.compeleceng.2024.109834

IF: 4.152

2024-11-11

Computers & Electrical Engineering

Abstract:The transition to smart grids introduces significant cybersecurity vulnerabilities, particularly with the rise of False Data Injection Attacks (FDIAs). These attacks allow malicious actors to manipulate sensor data, alter the internal state of the grid, and bypass traditional Bad Data Detection (BDD) systems. FDIAs pose a serious threat to grid security, potentially leading to incorrect state estimation and destabilization of the power system, which could result in system outages and economic losses. To address this challenge, this paper proposes a novel detection and localization method. First, false data and measurement errors are modeled as non-Gaussian noise. Recognizing the limitations of the traditional Extended Kalman Filter (EKF) under non-Gaussian conditions, the Maximum Correntropy Criterion (MCC) is integrated into the EKF to improve the robustness of state estimation. Additionally, the Maximum Correntropy Criterion Extended Kalman Filter (MCCEKF) is combined with Weighted Least Squares (WLS), and cosine similarity is introduced to quantify the differences between these two estimators for FDIA detection. A partition approach is then used to construct a logical localization matrix, with cosine similarity detection applied in each section to generate a detection matrix. By performing a logical AND operation on these matrices, the attacked bus is identified. Simulations on IEEE-14-bus and IEEE-30-bus systems validate the proposed approach, demonstrating its effectiveness in reliably detecting and localizing FDIAs in smart grids.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Ruilong Deng,Peng Zhuang,Hao Liang

DOI: https://doi.org/10.1109/tsg.2018.2813280

IF: 10.275

2019-01-01

IEEE Transactions on Smart Grid

Abstract:The existing research on false data injection (FDI) attacks against state estimation in transmission systems cannot be trivially extended to distribution feeders. The main reason is that a strong condition that requires the attacker to know the estimated state of distribution systems is needed, which makes the traditional FDI attacks difficult to be implemented in practice. In this paper, we propose a practical FDI attack model against state estimation in distribution systems, without paying expensive cost for obtaining the system state. We show that the attacker can approximate the system state based on power flow or injection measurements without too much effort. For local FDI attacks, the strong condition can be further relaxed to the knowledge of local state, which can be approximated based on a small number of power flow or injection measurements. Simulation results based on the IEEE test feeder demonstrate that the proposed practical FDI attack, even with the approximated system state, is more likely to compromise the state estimation without being detected, in comparison with the traditional attacks. This paper provides a basis to study the attack behaviors in distribution systems and a theoretical guide to develop protective countermeasures.

Xiaoyuan Luo,Minggao Zhu,Xinyu Wang,Xinping Guan

DOI: https://doi.org/10.1080/23307706.2022.2139299

2024-01-01

Journal of Control and Decision

Abstract:Due to the integration of cyber-physical systems, smart grids have faced the new security risks caused by false data injection attacks (FDIAs). FDIAs can bypass the traditional bad data detection techniques by falsifying the process of state estimation. For this reason, this paper studies the detection and isolation problem of FDIAs based on the adaptive Kalman filter bank (AKFB) in smart grids. Taking the covert characteristics of FDIAs into account, a novel detection method is proposed based on the designed AKF. Moreover, the adaptive threshold is proposed to solve the detection delay caused by a priori threshold in the current detection methods. Considering the case of multiple attacked sensor nodes, the AKFB-based isolation method is developed. To reduce the number of isolation iterations, a logical decision matrix scheme is designed. Finally, the effectiveness of the proposed detection and isolation method is demonstrated on an IEEE 22-bus smart grids.

Ruilong Deng,Gaoxi Xiao,Rongxing Lu,Hao Liang,Athanasios V. Vasilakos

DOI: https://doi.org/10.1109/tii.2016.2614396

IF: 12.3

2017-01-01

IEEE Transactions on Industrial Informatics

Abstract:The accurately estimated state is of great importance for maintaining a stable running condition of power systems. To maintain the accuracy of the estimated state, bad data detection (BDD) is utilized by power systems to get rid of erroneous measurements due to meter failures or outside attacks. However, false data injection (FDI) attacks, as recently revealed, can circumvent BDD and insert any bias into the value of the estimated state. Continuous works on constructing and/or protecting power systems from such attacks have been done in recent years. This survey comprehensively overviews three major aspects: constructing FDI attacks; impacts of FDI attacks on electricity market; and defending against FDI attacks. Specifically, we first explore the problem of constructing FDI attacks, and further show their associated impacts on electricity market operations, from the adversary's point of view. Then, from the perspective of the system operator, we present countermeasures against FDI attacks. We also outline the future research directions and potential challenges based on the above overview, in the context of FDI attacks, impacts, and defense.

Feiye Zhang,Qingyu Yang

DOI: https://doi.org/10.3389/fenrg.2022.1005660

IF: 3.4

2022-09-16

Frontiers in Energy Research

Abstract:The smart grid greatly facilitates the transmission of power and information by integrating precise measurement technology and efficient decision support systems. However, deep integration of cyber and physical information entails multiple challenges to grid operation. False data injection attacks can directly interfere with the results of state estimation, which can cause the grid regulator to make wrong decisions and thus poses a huge threat to the stability and security of grid operation. To address this issue, we propose a detection approach against false data injection attacks for dynamic state estimation. The Kalman filter is used to dynamically estimate the state values from IEEE standard bus systems. A long short-term memory (LSTM) network is utilized to extract the sequential observations from states at multiple time steps. In addition, we transform the attack detection problem into supervised learning problem and propose a deep neural network-based detection approach to identify attacks. We evaluate the effectiveness of the proposed detection approach in multiple IEEE standard bus systems. The simulation results demonstrate that the proposed detection approach outperforms benchmarks in improving the detection accuracy of malicious attacks.

energy & fuels

Xiaoyuan LUO,Minggao ZHU,Xinyu WANG,Xinping GUAN

DOI: https://doi.org/10.13976/j.cnki.xk.2018.0016

2018-01-01

Information and Control

Abstract:The detection problem of covert false data injection attack ( FDIA ) for smart grids by using adaptive Kalman filter ( AKF) is herein presented. The state-space model of the smart grid is employed to study the characteristics of the random attack and the FDIA. However, an accurate analysis revealed that the commonly used χ2-detector could only detect random attack efficiently, but not the FDIA. To overcome this drawback, the AKF is applied to assess FDIA by analyzing the covert characteristics of the FDIA and the change of actual noise. Finally, the simulation experiments verify the effectiveness of the proposed FDIA de-tection method.

Yufeng Wang,Zhihao Zhang,Jianhua Ma,Qun Jin

DOI: https://doi.org/10.1109/jiot.2021.3113900

IF: 10.6

2022-05-01

IEEE Internet of Things Journal

Abstract:The smart grid is now increasingly dependent on smart devices to operate, which leaves space for cyber attacks. Especially, the intentionally designed false data injection attack (FDIA) can successfully bypass the traditional measurement residual-based bad data detection scheme. Considering that the smart grid data naturally contain linear and nonlinear components, inspired by parallel ensemble learning, especially by the stacking method, this article presents an effective two-level learner-based FDIA detection scheme using the Kalman filter and recurrent neural network (KFRNN). The first level includes two base learners, in which the Kalman filter is used for state prediction to fit linear data, and the recurrent neural network is used to fit the nonlinear data feature. The second-level learner uses the fully connected layer and backpropagation (BP) module to adaptively combine the results of two base learners. Then, through fitting Weibull distribution of the sum of square errors (SSEs) between the observed measurements and the predicted measurements, the dynamic threshold is obtained to judge whether FDIA occurs or not. Comprehensive simulation results show that our scheme has better performance than other neural network-based and ensemble learning-based FDIA detection schemes.

Aidong Xu,Tengyue Zhang,Liang Chen,Qing Li,Yunan Zhang,Haojie Lin,Peiyao Wang,Sihui Wu,Runhui Zhao,Yixin Jiang

DOI: https://doi.org/10.1088/1755-1315/693/1/012010

2021-01-01

IOP Conference Series Earth and Environmental Science

Abstract:Abstract The concealed false data injection (FDI) attack in the smart grid can successfully pass the power system state estimation commonly used in the residual bad data test without being detected by the existing algorithms, resulting in the state estimation error of the control center and disturbing the normal operation of the power system. In this paper, false data injection attack and attack detection are carried out in the actual power edge security protection system, microgrid control system and intelligent energy security protection system. Among them, the false data attack part simulates the attack of the voltage phase angle, and compares it with the ordinary attack method, and demonstrates the success of these attacks in the actual power grid system.

Ruilong Deng,Gaoxi Xiao,Rongxing Lu

DOI: https://doi.org/10.1109/tii.2015.2470218

IF: 12.3

2017-01-01

IEEE Transactions on Industrial Informatics

Abstract:This paper investigates the problem of defending against false data injection (FDI) attacks on power system state estimation. Although many research works have been previously reported on addressing the same problem, most of them made a very strong assumption that some meter measurements can be absolutely protected. To address the problem practically, a reasonable approach is to assume whether or not a meter measurement could be compromised by an adversary does depend on the defense budget deployed by the defender on the meter. From this perspective, our contributions focus on designing the least-budget defense strategy to protect power systems against FDI attacks. In addition, we also extend to investigate choosing which meters to be protected and determining how much defense budget to be deployed on each of these meters. We further formulate the meter selection problem as a mixed integer nonlinear programming problem, which can be efficiently tackled by Benders' decomposition. Finally, extensive simulations are conducted on IEEE test power systems to demonstrate the advantages of the proposed approach in terms of computing time and solution quality, especially for large-scale power systems.

Ruilong Deng,Hao Liang

DOI: https://doi.org/10.1109/TII.2018.2863256

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:In this paper, we consider false data injection (FDI) attacks with limited information of transmission-line susceptances and new countermeasures in smart grids. First, we prove that the adversary could launch FDI attacks to modify the state variable on a bus or superbus only if he/she knows the susceptance of every transmission line that is incident to that bus or superbus. Based on this observation, we provide a new countermeasure against FDI attacks, i.e., to make the susceptances of <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n-1$</tex-math></inline-formula> interconnected transmission lines that cover all buses unknown to the adversary (e.g., by proactively perturbing transmission-line susceptances through distributed flexible AC transmission system (D-FACTS) devices), where <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n$</tex-math></inline-formula> is the total number of buses. This new countermeasure can work alone or in conjunction with traditional ones to reduce the number of meter measurements/state variables that are to be secured against FDI attacks. The implementation of FDI attacks with limited susceptance information and the effectiveness of new countermeasures are demonstrated by using an illustrative 4-bus power system and the IEEE 9-bus, 14-bus, 30-bus, 118-bus, and 300-bus test power systems.

Junjun Jiang,Jing Wu,Chengnian Long,Shaoyuan Li

DOI: https://doi.org/10.23919/chicc.2019.8866478

2019-01-01

Abstract:Recent research indicates that a new type of network attack called false data injection (FDI) attack can bypass the bad data detection mechanism in power system state estimation, which is posing a serious threat to the security and reliable operation of the smart grid. To better protecting the smart grid system, a supervised FDI attacks location method is proposed based on statistical features and tree boosting (XGBoost) technique. Threshold-based algorithm and SHapley Additive exPlanations (SHAP) value based algorithm are presented for single and multiple bus node attacks respectively. The proposed method is tested on the IEEE 14-bus system using the real-time load data from Open Energy Information (OpenEI). Simulation results demonstrate that our proposed method can recognize the manipulated bus node at a high detection and location rate.

Shiyu Jin

DOI: https://doi.org/10.1016/j.epsr.2024.110294

IF: 3.818

2024-03-04

Electric Power Systems Research

Abstract:In power systems, False Data Injection (FDI) attack can covertly mislead the state estimation of the power system and lead to inestimable damage. Traditional studies on FDI attack usually assume that the attacker has complete network information of the power grid. However, this assumption is often difficult to be achieved due to the good protection of data in the control center. In this paper, an FDI attack approach with incomplete network information is proposed against AC state estimation. In addition to constructing an attack vector to modify the selected state, this approach also gives the attack range of the state. Through the analysis of the residuals we propose a method to extend the range that can evade bad data detector. Simulation in the IEEE14 and IEEE118 bus systems verify the feasibility and stealth of the model.

engineering, electrical & electronic

Beibei Li,Gaoxi Xiao,Rongxing Lu,Ruilong Deng,Haiyong Bao

DOI: https://doi.org/10.1109/tii.2019.2922215

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:Recent studies have investigated the possibilities of proactively detecting the high-profile false data injection (FDI) attacks on power grid state estimation by using the distributed flexible ac transmission system (D-FACTS) devices, termed as proactive false data detection (PFDD) approach. However, the feasibility and limitations of such an approach have not been systematically studied in the existing literature. In this paper, we explore the feasibility and limitations of adopting the PFDD approach to thwart FDI attacks on power grid state estimation. Specifically, we thoroughly study the feasibility of using PFDD to detect FDI attacks by considering single-bus, uncoordinated multiple-bus, and coordinated multiple-bus FDI attacks, respectively. We prove that PFDD can detect all these three types of FDI attacks targeted on buses or super-buses with degrees larger than 1, if and only if the deployment of D-FACTS devices covers branches at least containing a spanning tree of the grid graph. The minimum efforts required for activating D-FACTS devices to detect each type of FDI attacks are, respectively, evaluated. In addition, we also discuss the limitations of this approach; it is strictly proved that PFDD is not able to detect FDI attacks targeted on buses or super-buses with degrees equalling 1.