Phasor Estimation for Grid Power Monitoring: Least Square vs. Linear Kalman Filter

International audienc

Real-Time Machine Learning Models To Detect Cyber And Physical Anomalies In Power Systems

A Smart Grid is a cyber-physical system (CPS) that tightly integrates computation and networking with physical processes to provide reliable two-way communication between electricity companies and customers. However, the grid availability and integrity are constantly threatened by both physical faults and cyber-attacks which may have a detrimental socio-economic impact. The frequency of the faults and attacks is increasing every year due to the extreme weather events and strong reliance on the open internet architecture that is vulnerable to cyber-attacks. In May 2021, for instance, Colonial Pipeline, one of the largest pipeline operators in the U.S., transports refined gasoline and jet fuel from Texas up the East Coast to New York was forced to shut down after being attacked by ransomware, causing prices to rise at gasoline pumps across the country. Enhancing situational awareness within the grid can alleviate these risks and avoid their adverse consequences. As part of this process, the phasor measurement units (PMU) are among the suitable assets since they collect time-synchronized measurements of grid status (30-120 samples/s), enabling the operators to react rapidly to potential anomalies. However, it is still challenging to process and analyze the open-ended source of PMU data as there are more than 2500 PMU distributed across the U.S. and Canada, where each of which generates more than 1.5 TB/month of streamed data. Further, the offline machine learning algorithms cannot be used in this scenario, as they require loading and scanning the entire dataset before processing. The ultimate objective of this dissertation is to develop early detection of cyber and physical anomalies in a real-time streaming environment setting by mining multi-variate large-scale synchrophasor data. To accomplish this objective, we start by investigating the cyber and physical anomalies, analyzing their impact, and critically reviewing the current detection approaches. Then, multiple machine learning models were designed to identify physical and cyber anomalies; the first one is an artificial neural network-based approach for detecting the False Data Injection (FDI) attack. This attack was specifically selected as it poses a serious risk to the integrity and availability of the grid; Secondly, we extend this approach by developing a Random Forest Regressor-based model which not only detects anomalies, but also identifies their location and duration; Lastly, we develop a real-time hoeffding tree-based model for detecting anomalies in steaming networks, and explicitly handling concept drifts. These models have been tested and the experimental results confirmed their superiority over the state-of-the-art models in terms of detection accuracy, false-positive rate, and processing time, making them potential candidates for strengthening the grid\u27s security

Adversarial Attacks on Machine Learning Cybersecurity Defences in Industrial Control Systems

The proliferation and application of machine learning based Intrusion Detection Systems (IDS) have allowed for more flexibility and efficiency in the automated detection of cyber attacks in Industrial Control Systems (ICS). However, the introduction of such IDSs has also created an additional attack vector; the learning models may also be subject to cyber attacks, otherwise referred to as Adversarial Machine Learning (AML). Such attacks may have severe consequences in ICS systems, as adversaries could potentially bypass the IDS. This could lead to delayed attack detection which may result in infrastructure damages, financial loss, and even loss of life. This paper explores how adversarial learning can be used to target supervised models by generating adversarial samples using the Jacobian-based Saliency Map attack and exploring classification behaviours. The analysis also includes the exploration of how such samples can support the robustness of supervised models using adversarial training. An authentic power system dataset was used to support the experiments presented herein. Overall, the classification performance of two widely used classifiers, Random Forest and J48, decreased by 16 and 20 percentage points when adversarial samples were present. Their performances improved following adversarial training, demonstrating their robustness towards such attacks.Comment: 9 pages. 7 figures. 7 tables. 46 references. Submitted to a special issue Journal of Information Security and Applications, Machine Learning Techniques for Cyber Security: Challenges and Future Trends, Elsevie

Synchronized measurement data conditioning and real-time applications

Phasor measurement units (PMU), measuring voltage and current phasor with synchronized timestamps, is the fundamental component in wide-area monitoring systems (WAMS) and reveals complex dynamic behaviors of large power systems. The synchronized measurements collected from power grid may degrade due to many factors and impacts of the distorted synchronized measurement data are significant to WAMS. This dissertation focus on developing and improving applications with distorted synchronized measurements from power grid. The contributions of this dissertation are summarized below. In Chapter 2, synchronized frequency measurements of 13 power grids over the world, including both mainland and island systems, are retrieved from Frequency Monitoring Network (FNET/GridEye) and the statistical analysis of the typical power grids are presented. The probability functions of the power grid frequency based on the measurements are calculated and categorized. Developments of generation trip/load shedding and line outage events detection and localization based on high-density PMU measurements are investigated in Chapters 3 and 4 respectively. Four different types of abnormal synchronized measurements are identified from the PMU measurements of a power grid. The impacts of the abnormal synchronized measurements on generation trip/load shedding events detection and localization are evaluated. A line outage localization method based on power flow measurements is proposed to improve the accuracy of line outage events location estimation. A deep learning model is developed to detect abnormal synchronized measurements in Chapter 5. The performance of the model is evaluated with abnormal synchronized measurements from a power grid under normal operation status. Some types of abnormal synchronized measurements in the testing cases are recently observed and reported. An extensive study of hyper-parameters in the model is conducted and evaluation metrics of the model performance are presented. A non-contact synchronized measurements study using electric field strength is investigated in Chapter 6. The theoretical foundation and equation derivations are presented. The calculation process for a single circuit AC transmission line and a double circuit AC transmission line are derived. The derived method is implemented with Matlab and tested in simulation cases