Bad Data Injection Attack and Defense in Electricity Market using Game Theory Study

Applications of cyber technologies improve the quality of monitoring and decision making in smart grid. These cyber technologies are vulnerable to malicious attacks, and compromising them can have serious technical and economical problems. This paper specifies the effect of compromising each measurement on the price of electricity, so that the attacker is able to change the prices in the desired direction (increasing or decreasing). Attacking and defending all measurements are impossible for the attacker and defender, respectively. This situation is modeled as a zero sum game between the attacker and defender. The game defines the proportion of times that the attacker and defender like to attack and defend different measurements, respectively. From the simulation results based on the PJM 5 Bus test system, we can show the effectiveness and properties of the studied game.Comment: To appear in IEEE Transactions on Smart Grid, Special Issue on Cyber, Physical, and System Security for Smart Gri

Opportunities for Price Manipulation by Aggregators in Electricity Markets

Aggregators are playing an increasingly crucial role in the integration of renewable generation in power systems. However, the intermittent nature of renewable generation makes market interactions of aggregators difficult to monitor and regulate, raising concerns about potential market manipulation by aggregators. In this paper, we study this issue by quantifying the profit an aggregator can obtain through strategic curtailment of generation in an electricity market. We show that, while the problem of maximizing the benefit from curtailment is hard in general, efficient algorithms exist when the topology of the network is radial (acyclic). Further, we highlight that significant increases in profit are possible via strategic curtailment in practical settings

Catching Cheats: Detecting Strategic Manipulation in Distributed Optimisation of Electric Vehicle Aggregators

Given the rapid rise of electric vehicles (EVs) worldwide, and the ambitious targets set for the near future, the management of large EV fleets must be seen as a priority. Specifically, we study a scenario where EV charging is managed through self-interested EV aggregators who compete in the day-ahead market in order to purchase the electricity needed to meet their clients' requirements. With the aim of reducing electricity costs and lowering the impact on electricity markets, a centralised bidding coordination framework has been proposed in the literature employing a coordinator. In order to improve privacy and limit the need for the coordinator, we propose a reformulation of the coordination framework as a decentralised algorithm, employing the Alternating Direction Method of Multipliers (ADMM). However, given the self-interested nature of the aggregators, they can deviate from the algorithm in order to reduce their energy costs. Hence, we study the strategic manipulation of the ADMM algorithm and, in doing so, describe and analyse different possible attack vectors and propose a mathematical framework to quantify and detect manipulation. Importantly, this detection framework is not limited the considered EV scenario and can be applied to general ADMM algorithms. Finally, we test the proposed decentralised coordination and manipulation detection algorithms in realistic scenarios using real market and driver data from Spain. Our empirical results show that the decentralised algorithm's convergence to the optimal solution can be effectively disrupted by manipulative attacks achieving convergence to a different non-optimal solution which benefits the attacker. With respect to the detection algorithm, results indicate that it achieves very high accuracies and significantly outperforms a naive benchmark

Smart Grid Security: Threats, Challenges, and Solutions

The cyber-physical nature of the smart grid has rendered it vulnerable to a multitude of attacks that can occur at its communication, networking, and physical entry points. Such cyber-physical attacks can have detrimental effects on the operation of the grid as exemplified by the recent attack which caused a blackout of the Ukranian power grid. Thus, to properly secure the smart grid, it is of utmost importance to: a) understand its underlying vulnerabilities and associated threats, b) quantify their effects, and c) devise appropriate security solutions. In this paper, the key threats targeting the smart grid are first exposed while assessing their effects on the operation and stability of the grid. Then, the challenges involved in understanding these attacks and devising defense strategies against them are identified. Potential solution approaches that can help mitigate these threats are then discussed. Last, a number of mathematical tools that can help in analyzing and implementing security solutions are introduced. As such, this paper will provide the first comprehensive overview on smart grid security

False Analog Data Injection Attack Towards Topology Errors: Formulation and Feasibility Analysis

In this paper, we propose a class of false analog data injection attack that can misguide the system as if topology errors had occurred. By utilizing the measurement redundancy with respect to the state variables, the adversary who knows the system configuration is shown to be capable of computing the corresponding measurement value with the intentionally misguided topology. The attack is designed such that the state as well as residue distribution after state estimation will converge to those in the system with a topology error. It is shown that the attack can be launched even if the attacker is constrained to some specific meters. The attack is detrimental to the system since manipulation of analog data will lead to a forged digital topology status, and the state after the error is identified and modified will be significantly biased with the intended wrong topology. The feasibility of the proposed attack is demonstrated with an IEEE 14-bus system.Comment: 5 pages, 7 figures, Proc. of 2018 IEEE Power and Energy Society General Meetin

Comprehensive Survey and Taxonomies of False Injection Attacks in Smart Grid: Attack Models, Targets, and Impacts

Smart Grid has rapidly transformed the centrally controlled power system into a massively interconnected cyber-physical system that benefits from the revolutions happening in the communications (e.g. 5G) and the growing proliferation of the Internet of Things devices (such as smart metres and intelligent electronic devices). While the convergence of a significant number of cyber-physical elements has enabled the Smart Grid to be far more efficient and competitive in addressing the growing global energy challenges, it has also introduced a large number of vulnerabilities culminating in violations of data availability, integrity, and confidentiality. Recently, false data injection (FDI) has become one of the most critical cyberattacks, and appears to be a focal point of interest for both research and industry. To this end, this paper presents a comprehensive review in the recent advances of the FDI attacks, with particular emphasis on 1) adversarial models, 2) attack targets, and 3) impacts in the Smart Grid infrastructure. This review paper aims to provide a thorough understanding of the incumbent threats affecting the entire spectrum of the Smart Grid. Related literature are analysed and compared in terms of their theoretical and practical implications to the Smart Grid cybersecurity. In conclusion, a range of technical limitations of existing false data attack research is identified, and a number of future research directions is recommended.Comment: Double-column of 24 pages, prepared based on IEEE Transaction articl

Power Market Cybersecurity and Profit-targeting Cyberattacks

The COVID-19 pandemic has forced many companies and business to operate through remote platforms, which has made everyday life and everyone more digitally connected than ever before. The cybersecurity has become a bigger priority in all aspects of life. A few real-world cases have demonstrated the current capability of cyberattacks as in [1], [2], and [3]. These cases invalidate the traditional belief that cyberattacks are unable to penetrate real-world industrial systems. Beyond the physical damage, some attackers target financial arbitrage advantages brought by false data injection attacks (FDIAs) [4]. Malicious breaches into power market operations could induce catastrophic consequences on fair financial settlements and reliable transmission services. In this dissertation, an in-depth study is conducted to investigate power market cybersecurity and profit-targeting cyberattacks. In the first work, we demonstrate the importance of market-level behavior in defending cyberattacks and designing cyberattacks. A market-level defense analysis is developed to help operators identify cyberattacks, and an LMP-disguising attack strategy is developed to disguise the abnormal LMPs, which can bypass both the bad data detection and market-level detection. In the second work, we propose a comprehensive CVA model for delivering a detailed analysis of four aspects of vulnerability: highly probable cyberattack targets, devastating attack targets, risky load levels, and mitigation ability under different degrees of defense. In the third work, we identify that revenue adequacy, a fundamental power market operation criterion, has not been analyzed under the context of cybersecurity, and we explore the impact of FDIAs targeting real-time (RT) market operations on ISO revenue adequacy analytically and numerically. In the last work, we extend the power system cybersecurity analysis to multi-energy system (MES) framework. An optimally coordinated (OC-FDIA) targeting MES is proposed. Then, we show that the OC-FDIA cause much more severe damages than single-system FDIA and uncoordinated FDIAs. Further, an effective countermeasure is developed against the proposed OCFDIA based on deep learning technique (DL)