Aidong Xu,Yixin Jiang,Yang Cao,Guoming Zhang,Xiaoyu Ji,Wenyuan Xu

DOI: https://doi.org/10.1109/ei247390.2019.9062014

2019-01-01

Abstract:With the rapid development of information technology and the Internet of Things, the common information technologies are being applied to the power grid. It brings about the tremendous improvement in productivity, yet breaks down the safety barrier, which makes the power grid a popular target for attacks. The Distribution Terminal Unit (DTU) is a critical part of the power grid because of the acts as access points in the substation and controls the grid equipment. However, DTUs are vulnerable to different types of attacks, which can cause significant property loss or even casualties To monitor the operation of DTU, we proposed a real-time monitoring system by analyzing the side-channel information of power consumption. To validate this idea, we design 3 types of attacks and collect the power information separately, then we choose representational power features and machine learning algorithm for detecting those attacks. We validate that it is feasible to detect attacks and achieves a detection accuracy above 99%.

Sheng Xu,Yongxiang Xia,Hui-Liang Shen

DOI: https://doi.org/10.1109/jsyst.2022.3150576

IF: 4.802

2022-01-01

IEEE Systems Journal

Abstract:In this article, we study how to resist malware attacks in cyber-physical power systems (CPPSs) through cyber protection. A model that incorporates the power flow analysis, the cyber monitoring and control, and the factor of cyber protection is proposed to simulate malware attacks in CPPSs. Meanwhile, an evaluation method is also developed to estimate the effectiveness of different cyber protection strategies. Through simulations, we conduct case studies in a test CPPS generated by coupling the IEEE 118 Bus System with a scale-free communication network. The protection effects of three heuristic cyber protection strategies, namely, target protection, random protection, and acquaintance protection are compared and analyzed. Simulation results reveal that compared with the other two strategies, target protection can suppress malware propagation and resist malware attacks more effectively. Moreover, we also investigate the optimal cyber protection problem in CPPSs and formulate it as a zero-one integer programming problem. We solve the problem by genetic algorithm and find that some low-degree cyber nodes also play a significant role in resisting malware attacks in CPPSs, especially when the protection budget is tight.

Huaiyu Liu,Yuze Fu,Kaikai Pan,Wenyuan Xu,Chenggang Li,Chen Liu

DOI: https://doi.org/10.1109/isgtasia54891.2023.10372698

2023-01-01

Abstract:With the growing focus on reducing carbon emissions, there has been a significant increase in the deployment of distributed photovoltaic generation systems. However, their distributed nature makes them vulnerable to adversarial threats. Moreover, these systems can serve as potential entry points or attack surfaces for targeting the power grid. Existing methods are either designed for specific attacks or intrusive to power terminals (e.g., intelligent terminal, communication device). To tackle this issue, this paper introduces a method for detecting and classifying attacks on distributed PV systems leveraging cyber and power side channel data. The proposed method is capable of detecting various attacks rather than specific ones and is non-intrusive for collecting information from power terminals.

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tcsii.2022.3181827

2022-01-01

Abstract:In cyber-physical power systems (CPPSs), false data injection attack (FDIA) has drawn much attention due to its stealthiness. It is of great importance to investigate the potential behaviors of attackers to improve the cyber-security of CPPSs. However, most FDIA models are often constructed separately on the effect of attackers or the impact of attacks. Accordingly, this brief proposes a multi-objective stealthy FDIA scheme in AC grid model. The attack model is described as a multi-objective optimization problem, where minimization of contaminated measurements and maximization of the attack impact are considered as two objectives while remaining stealthy. To deal with the established attack model, a non-dominated sorting genetic algorithm II (NSGAII) is introduced as the solver. To improve the efficiency of generating attack vector, a new representation mechanism is proposed to describe locations and values of injected states. Additionally, during the evolutionary process, we propose a mutation operation to balance the sparsity and impact of FDIA. Simulation results on the IEEE 14-bus, 30-bus, and 118-bus systems demonstrate the feasibility of the NSGAII-based FDIA model.

Yue Zhuo,Zhiqiang Ge

DOI: https://doi.org/10.1109/tii.2021.3103765

IF: 12.3

2021-01-01

IEEE Transactions on Industrial Informatics

Abstract:Recently, data-driven industrial monitoring systems have been rapidly developed and significantly improved the performance on industrial monitoring tasks. However, the widely deployed data-driven models expose industrial data to more unsecured links, which significantly increase the safety risk of safe-critical industrial systems. The research about adversarial attacks has shown that the potential attackers can utilize tiny crafted perturbations on the input data to mislead the machine learning models’ output. In this article, a novel cross-domain data protection scheme named “Data Guardian” is proposed to authenticate and correct industrial data under potential attacks on data-driven monitoring systems. “Data Guardian” embeds designed redundancy information into the data least significant bits, based on $q$ -ary low-density parity-check (LDPC) codes over the Galois field (finite field). The data are encoded at the secured industrial sites and then decoded before being input into the monitoring systems, in which the security risk is usually higher. The decoding capability of $q$ -ary LDPC codes is improved by the data statistical characteristics, with a new proposed prior estimation method. In the experiments, “Data Guardian” is tested under the attacks to the fault diagnosis models on the Tennessee Eastman process and rolling element bearing from Case Western Reserve University. The results show that “Data Guardian” can efficiently reduce the success rate of adversarial attacks, especially when the attack variable ratio is small.

Yuanyi BAO

DOI: https://doi.org/10.1360/ssi-2022-0362

2023-01-01

Scientia Sinica Informationis

Abstract:With the high integration of computing units and physical objects,cyber and physical systems are gradually coupled into cyber-physical systems(CPSs).According to the laws of physical systems and operation flow in CPSs,unknown CPS data can be inferred from other known data.The inferred data leakage threat is triggered when an accurate inference path connects between low-and high-security domain data.In this paper,by analyzing CPS data leakage accidents caused by data inference,paradigms of data leakage threats are proposed from two dimensions:data theft and data inference.Data inference is classified into three problem types:state estimation,parameter identification,and blind source separation.The algorithms for data inference are categorized as model-driven,data-driven,and data-model-driven methods.In the case of an electricity market,the process of inferring key parameters of a power system from public electricity price data is demonstrated,verifying that data inference can cause severe CPS data leakage threats.Meanwhile,the challenges of existing data protection methods are investigated.Additionally,the future research of CPS data inference defense and data security governance is discussed.

Xiaofei He,Xinyu Yang,Jie Lin,Linqiang Ge,Wei Yu,Qingyu Yang

DOI: https://doi.org/10.1109/PCCC.2015.7410291

2015-01-01

Abstract:The smart grid is a new type of energy-based cyber-physical system (CPS), which enables interactions between the utility provider and customers through smart meters and advanced metering infrastructures (AMU. Nonetheless, an adversary can inject misleading energy usage information to the utility provider through compromised smart meters and disrupt the grid and electricity market operations. To address this issue, in this paper, we propose an Energy Dispatching False Data Defense (EDF2D) approach, which can effectively detect the forged interactive information between customers and the utility provider with a great accuracy and mitigate the damage raised by attacks on grid operations. Particularly, EDF2D uses the historical interactive information of normal users to determine the conditional probabilities of data anomalies. Based on these conditional probabilities, a Bayesian network designed for detecting false data can be established by EDF2D, and this network is then used to confirm the authenticity of interactive information received by the utility provider originally transmitted from customers. Through a combination of theoretical analysis and performance evaluation, our experimental data shows that EDF2D can effectively detect harmful false interactive data forged by the adversary and mitigate false data injection attacks on smart grid operations.

Mehdi Jabbari Zideh,Sarika Khushalani Solanki

2023-12-08

Abstract:The growing trend toward the modernization of power distribution systems has facilitated the installation of advanced measurement units and promotion of the cyber communication systems. However, these infrastructures are still prone to stealth cyber attacks. The existing data-driven anomaly detection methods suffer from a lack of knowledge about the system's physics, lack of interpretability, and scalability issues hindering their practical applications in real-world scenarios. To address these concerns, physics-informed neural networks (PINNs) were introduced. This paper proposes a multivariate physics-informed convolutional autoencoder (PIConvAE) to detect stealthy cyber-attacks in power distribution grids. The proposed model integrates the physical principles into the loss function of the neural network by applying Kirchhoff's law. Simulations are performed on the modified IEEE 13-bus and 123-bus systems using OpenDSS software to validate the efficacy of the proposed model for stealth attacks. The numerical results prove the superior performance of the proposed PIConvAE in three aspects: a) it provides more accurate results compared to the data-driven ConvAE model, b) it requires less training time to converge c) the model excels in effectively detecting a wide range of attack magnitudes making it powerful in detecting stealth attacks.

Systems and Control,Cryptography and Security,Machine Learning

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/tii.2021.3129487

IF: 12.3

2022-01-01

IEEE Transactions on Industrial Informatics

Abstract:As the next-generation power grids, smart grids are integrated with advanced information and communication technology (ICT) to make the grid more efficient and stable than conventional power systems. Given the mounting cyber-attack threats, these critical ICT systems create great security issues for smart grids. Additionally, the clever attackers have the ability to not only access and monitor the smart grid, but also hack it by launching well-established cyber-attacks. Thus, this article is devoted to understanding the potential stealthy cyber-attack and its countermeasure. First, this article proposes a stealthy sparse cyber-attack model in an ac smart grid by considering both the residual test-based detector and the interval-state-estimation-based detector, which is not considered in previous studies. The design model is formulated as a constrained optimization problem by minimizing the number of contaminated meters, where the characteristics of two types of detector are considered simultaneously as the constraints for the first time. A constrained differential evolution (CDE) is proposed as the solver because the optimization problem is NP-hard. Then, a generalized-cumulative-sum-based detector is developed to detect the proposed cyber-attacks, where a fractional-order state transition matrix is originally introduced into the estimator to describe the dynamics of the power system. Numerical studies illustrate the feasibility of CDE-based stealthy sparse cyber-attacks and the effectiveness of the proposed countermeasure.

Kecheng Li,Genyuan Yang,Shanling Dong,Meiqin Liu

DOI: https://doi.org/10.23919/ccc63176.2024.10661728

2024-01-01

Abstract:The increasing integration of smart grid technologies in multiregional power systems improves efficiency but also exposes them to cyber security threats, especially false data injection attacks. In this paper, we address this challenge by proposing a distributed detection framework tailored for multi-regional power systems. Traditional centralized approaches are insufficient to cope with the dynamic and decentralized nature of these systems. The framework aims to simultaneously monitor and analyze multiple regions in real-time, enhancing the system’s ability to withstand false data injection attacks. This study outlines the proposed framework and provides simulation results for validation, emphasizing the need for proactive defense mechanisms in safeguarding the data integrity of power systems.

Farhin Farhad Riya,Shahinul Hoque,Jinyuan Stella Sun,Jiangnan Li,Hairong Qi

DOI: https://doi.org/10.48550/arXiv.2301.12487

2023-02-06

Abstract:Deep Neural Networks have proven to be highly accurate at a variety of tasks in recent years. The benefits of Deep Neural Networks have also been embraced in power grids to detect False Data Injection Attacks (FDIA) while conducting critical tasks like state estimation. However, the vulnerabilities of DNNs along with the distinct infrastructure of cyber-physical-system (CPS) can favor the attackers to bypass the detection mechanism. Moreover, the divergent nature of CPS engenders limitations to the conventional defense mechanisms for False Data Injection Attacks. In this paper, we propose a DNN framework with additional layer which utilizes randomization to mitigate the adversarial effect by padding the inputs. The primary advantage of our method is when deployed to a DNN model it has trivial impact on the models performance even with larger padding sizes. We demonstrate the favorable outcome of the framework through simulation using the IEEE 14-bus, 30-bus, 118-bus and 300-bus systems. Furthermore to justify the framework we select attack techniques that generate subtle adversarial examples that can bypass the detection mechanism effortlessly.

Cryptography and Security

Zhenyong Zhang,Ke Zuo,Ruilong Deng,Fei Teng,Mingyang Sun

DOI: https://doi.org/10.1109/jiot.2023.3264492

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Machine learning-based intelligent systems enhanced with Internet of Things (IoT) technologies have been widely developed and exploited to enable the real-time stability assessment of a large-scale electricity grid. However, it has been extensively recognized that the IoT-enabled communication network of power systems is vulnerable to cyberattacks. In particular, system operating states, critical attributes that act as input to the data-driven stability assessment, can be manipulated by malicious actors to mislead the system operator into making disastrous decisions and thus cause major blackouts and cascading events. In this article, we explore the vulnerability of the data-driven power system stability assessment, with a special emphasis on decision tree-based stability assessment (DTSA) approaches, and investigate the feasibility of constructing a physics-constrained adversarial attack (PCAA) to undermine the DTSA. The PCAA is formulated as a nonlinear programming problem considering the misclassification constraint, power limits, and bad data detection, computing potential adversarial perturbations that reverse the “stable/unstable” prediction of the real-time input while remaining invisible/stealthy. Extensive experiments based on the IEEE 68-bus system are conducted to evaluate the impact of PCAAs on predictions of DTSA and their transferability.

Anila Kousar,Saeed Ahmed,Abdullah Altamimi,Su Min Kim,Zafar A Khan

DOI: https://doi.org/10.1016/j.heliyon.2024.e38470

IF: 3.776

2024-09-27

Heliyon

Abstract:Smart grids arose as the largest cyber-physical systems with the integration of sophisticated control, computing, and state-of-the-art communications. Like all cyber-physical systems, the smart grids are vulnerable to malicious cyber assaults due to their enormous dependency on communication networks. Various machine learning-based schemes are being investigated in the industry and academia to develop robust defense mechanisms to counter cyber assaults. However, the curse of high dimensionality, which increases with the escalating evolution of an electric power system, infringes upon the efficiency of machine learning models employed to detect such assaults. To this end, this paper proposes a deep denoising autoencoder (DAE)-based framework for dimensionality reduction that learns salient feature representation for high-dimensional, multi-variant smart grid measurement data collected from the smart grids. The latent space apprehended by DAE is then fed to binary support vector machine (SVM) to determine the assaulted data. Various standard IEEE test cases are employed in simulations. The results show that the proposed scheme learns more robust features that reveal the nonlinear properties exhibited in the smart grid measurements, further leading to improved detection accuracy of the classifier as compared to existing approaches.

Kang-Di Lu,Zheng-Guang Wu

DOI: https://doi.org/10.1109/icarm54641.2022.9959185

2022-01-01

Abstract:The cyber-physical power system (CPPS) is evolved from the traditional power system by the deployment of information networks with control systems, computational units, and communication networks. However, their integration into CPPS introduces new challenges in maintaining security. Various malicious cyber-attacks are drawn much attention recently after the discovery of the impact on CPPS state estimation. Thus, it is of great significance for operators to detect cyber-attacks and identify the types of attacks in CPPS to make decisions appropriately. This problem can be viewed as a multi-class classification problem from the perspective of machine learning. Accordingly, this paper proposes an ensemble learning-based cyber-attacks detection model for CPPS state estimation. In the proposed model, we use the subspace features and then send the data to the classifier for ensemble, where decision trees and random vector functional link networks are introduced as the basic classifier. The proposed model is validated by employing simulated data on IEEE 14-bus and 30-bus systems. Simulation results demonstrate the performance of the proposed cyber-attacks detection model.

Bingjing Yan,Zhenze Jiang,Pengchao Yao,Qiang Yang,Wei Li,Albert Y. Zomaya

DOI: https://doi.org/10.23919/pcmp.2023.000138

IF: 10.5

2024-01-01

Protection and Control of Modern Power Systems

Abstract:Modern power grid is fast emerging as a complex cyber-physical power system (CPPS) integrating physical current-carrying components and processes with cyber-embedded computing, which faces increasing cyberspace security threats and risks. In this paper, the state (i.e., voltage) offsets resulting from false data injection (FDI) attacks and the bus safety characterization are applied to quantify the attack consequences. The state offsets are obtained by the state estimation method, and the bus safety characterization considers the power network topology as well as the vulnerability and connection relationship of buses. Considering the indeterminacy of attacker's resource consumption and reward, a zero-sum game-theoretical model from the defender's perspective with incomplete information is explored for the optimal allocation of limited defensive resources. The attacker aims to falsify measurements without triggering threshold alarms to break through the protection, leading to load shedding, over-voltage or under-voltage. The defender attempts to ensure the estimation results to be as close to the actual states as possible, and guarantee the system's safety and efficient defensive resource utilization. The proposed solution is extensively evaluated through simulations using the IEEE 33-bus test network and real-time digital simulator (RTDS) based testbed experiments of the IEEE 14-bus network. The results demonstrate the effectiveness of the proposed game-theoretical approach for optimal defensive resource allocation in CPPS when limited resources are available when under FDI attacks.

Zhigao Zheng,Tao Wang,Ali Kashif Bashir,Mamoun Alazab,Shahid Mumtaz,Xiaoyan Wang

DOI: https://doi.org/10.1109/tc.2021.3130402

IF: 3.183

2021-01-01

IEEE Transactions on Computers

Abstract:As one of the most successful industrial realizations of Internet of Things, a smart grid is a smart IoT system that deploys widespread smart meters to capture fine-grained data on residential power usage. Unfortunately, it always suffers diverse privacy attacks, which seriously increases the risk of violating the privacy of customers. Although some solutions have been proposed to address this privacy issue, most of them mainly rely on a trusted party and focus on the sanitization of metering masurements. Moreover, these solutions are vulnerable to advanced attacks. In this paper, we propose a decentralized mechanism for privacy-preserving computation in smart grid called DDP, which leaverages the differential privacy and extends the data sanitization from the value domain to the time domain. Specifically, we inject Laplace noise to the measurements at the end of each customer in a distributed manner, and then use a random permutation algorithm to shuffle the power measurement sequence, thereby enforcing differential privacy after aggregation and preventing the sensitive power usage mode informaton of the customers from being inferred by other parties. Extensive experiments demonstrate that DDP shows an outstanding performance in terms of privacy from the non-intrusive load monitoring (NILM) attacks and utility by using two different error analysis.

engineering, electrical & electronic,computer science, hardware & architecture

J. Lavaei,Ming Jin,K. Johansson

DOI: https://doi.org/10.1109/TAC.2018.2852774

IF: 6.549

2019-05-01

IEEE Transactions on Automatic Control

Abstract:To ensure grid efficiency and reliability, power system operators continuously monitor the operational characteristics of the grid through a critical process called state estimation (SE), which performs the task by filtering and fusing various measurements collected from grid sensors. This study analyzes the vulnerability of the key operation module, namely ac-based SE, against potential cyber attacks on data integrity, also known as false data injection attack (FDIA). A general form of FDIA can be formulated as an optimization problem, whose objective is to find a stealthy and sparse data injection vector on the sensor measurements with the aim of making the state estimate spurious and misleading. Due to the nonlinear ac measurement model and the cardinality constraint, the problem includes both continuous and discrete nonlinearities. To solve the FDIA problem efficiently, we propose a novel convexification framework based on semidefinite programming (SDP). By analyzing a globally optimal SDP solution, we delineate the “attackable region” for any given set of measurement types and grid topology, where the spurious state can be falsified by FDIA. Furthermore, we prove that the attack is stealthy and sparse, and derive performance bounds. Simulation results on various IEEE test cases indicate the efficacy of the proposed convexification approach. From the grid protection point of view, the results of this study can be used to design a security metric for the current practice against cyber attacks, redesign the bad data detection scheme, and inform proposals of grid hardening. From a theoretical point of view, the proposed framework can be used for other nonconvex problems in power systems and beyond.

Environmental Science,Engineering,Computer Science

Ruxia Yang,Hongchao Gao,Fangyuan Si,Jun Wang

DOI: https://doi.org/10.3390/electronics13061051

IF: 2.9

2024-03-13

Electronics

Abstract:In the context of virtual power plants (VPPs), the one-size-fits-all approach of traditional static desensitization methods proves inadequate due to the diverse and dynamic operational scenarios encountered. These methods fail to provide the necessary flexibility for varying data privacy requirements across different scenarios. To address this shortcoming, our research introduces a dynamic desensitization method specifically designed for VPPs. Leveraging machine learning for adaptive scene recognition, the method adjusts data privacy levels intelligently according to each unique scenario. A novel similarity utility function and a Gaussian processes-based differential privacy algorithm ensure tailored and efficient privacy protection. Experimental results highlight an 87.5% accuracy in scene recognition, validating our method's capability to adapt to diverse scenarios effectively. This study contributes to the field by providing a nuanced approach to data protection, effectively addressing the specific needs of complex VPP environments.

engineering, electrical & electronic,computer science, information systems,physics, applied

Ming Jin,Javad Lavaei,Somayeh Sojoudi,Ross Baldick

DOI: https://doi.org/10.48550/arXiv.1908.10315

2019-08-05

Abstract:The operation of power grids is becoming increasingly data-centric. While the abundance of data could improve the efficiency of the system, it poses major reliability challenges. In particular, state estimation aims to learn the behavior of the network from data but an undetected attack on this problem could lead to a large-scale blackout. Nevertheless, understanding vulnerability of state estimation against cyber attacks has been hindered by the lack of tools studying the topological and data-analytic aspects of the network. Algorithmic robustness is of critical need to extract reliable information from abundant but untrusted grid data. We propose a robust state estimation framework that leverages network sparsity and data abundance. For a large-scale power grid, we quantify, analyze, and visualize the regions of the network prone to cyber attacks. We also propose an optimization-based graphical boundary defense mechanism to identify the border of the geographical area whose data has been manipulated. The proposed method does not allow a local attack to have a global effect on the data analysis of the entire network, which enhances the situational awareness of the grid especially in the face of adversity. The developed mathematical framework reveals key geometric and algebraic factors that can affect algorithmic robustness and is used to study the vulnerability of the U.S. power grid in this paper.

Signal Processing,Applications

Mehdi Jabbari Zideh,Sarika Khushalani Solanki

2024-06-05

Abstract:Despite the relentless progress of deep learning models in analyzing the system conditions under cyber-physical events, their abilities are limited in the power system domain due to data availability issues, cost of data acquisition, and lack of interpretation and extrapolation for the data beyond the training windows. In addition, the integration of distributed energy resources (DERs) such as wind and solar generations increases the complexities and nonlinear nature of power systems. Therefore, an interpretable and reliable methodology is of utmost need to increase the confidence of power system operators and their situational awareness for making reliable decisions. This has led to the development of physics-informed neural network (PINN) models as more interpretable, trustworthy, and robust models where the underlying principled laws are integrated into the training process of neural network models to achieve improved performance. This paper proposes a multivariate physics-informed convolutional autoencoder (PIConvAE) model to detect cyber anomalies in power distribution systems with unbalanced configurations and high penetration of DERs. The physical laws are integrated through a customized loss function that embeds the underlying Kirchhoff's circuit laws into the training process of the autoencoder. The performance of the multivariate PIConvAE model is evaluated on two unbalanced power distribution grids, IEEE 123-bus system and a real-world feeder in Riverside, CA. The results show the exceptional performance of the proposed method in detecting various cyber anomalies in both systems. In addition, the model's effectiveness is evaluated in data scarcity scenarios with different training data ratios. Finally, the model's performance is compared with existing machine learning models where the PIConvAE model surpasses other models with considerably higher detection metrics.

Systems and Control,Artificial Intelligence,Machine Learning