6 research outputs found
The Impact of Stealthy Attacks on Smart Grid Performance: Tradeoffs and Implications
The smart grid is envisioned to significantly enhance the efficiency of
energy consumption, by utilizing two-way communication channels between
consumers and operators. For example, operators can opportunistically leverage
the delay tolerance of energy demands in order to balance the energy load over
time, and hence, reduce the total operational cost. This opportunity, however,
comes with security threats, as the grid becomes more vulnerable to
cyber-attacks. In this paper, we study the impact of such malicious
cyber-attacks on the energy efficiency of the grid in a simplified setup. More
precisely, we consider a simple model where the energy demands of the smart
grid consumers are intercepted and altered by an active attacker before they
arrive at the operator, who is equipped with limited intrusion detection
capabilities. We formulate the resulting optimization problems faced by the
operator and the attacker and propose several scheduling and attack strategies
for both parties. Interestingly, our results show that, as opposed to
facilitating cost reduction in the smart grid, increasing the delay tolerance
of the energy demands potentially allows the attacker to force increased costs
on the system. This highlights the need for carefully constructed and robust
intrusion detection mechanisms at the operator.Comment: Technical report - this work was accepted to IEEE Transactions on
Control of Network Systems, 2016. arXiv admin note: substantial text overlap
with arXiv:1209.176
Protection Against Graph-Based False Data Injection Attacks on Power Systems
Graph signal processing (GSP) has emerged as a powerful tool for practical
network applications, including power system monitoring. By representing power
system voltages as smooth graph signals, recent research has focused on
developing GSP-based methods for state estimation, attack detection, and
topology identification. Included, efficient methods have been developed for
detecting false data injection (FDI) attacks, which until now were perceived as
non-smooth with respect to the graph Laplacian matrix. Consequently, these
methods may not be effective against smooth FDI attacks. In this paper, we
propose a graph FDI (GFDI) attack that minimizes the Laplacian-based graph
total variation (TV) under practical constraints. In addition, we develop a
low-complexity algorithm that solves the non-convex GDFI attack optimization
problem using ell_1-norm relaxation, the projected gradient descent (PGD)
algorithm, and the alternating direction method of multipliers (ADMM). We then
propose a protection scheme that identifies the minimal set of measurements
necessary to constrain the GFDI output to high graph TV, thereby enabling its
detection by existing GSP-based detectors. Our numerical simulations on the
IEEE-57 bus test case reveal the potential threat posed by well-designed
GSP-based FDI attacks. Moreover, we demonstrate that integrating the proposed
protection design with GSP-based detection can lead to significant hardware
cost savings compared to previous designs of protection methods against FDI
attacks.Comment: This work has been submitted to the IEEE for possible publication.
Copyright may be transferred without notice, after which this version may no
longer be accessibl
Malicious data detection and localization in state estimation leveraging system losses
In power systems, economic dispatch, contingency analysis, and the detection of faulty equipment rely on the output of the state estimator. Typically, state estimations are made based on the network topology information and the measurements from a set of sensors within the network. The state estimates must be accurate even with the presence of corrupted measurements. Traditional techniques used to detect and identify bad sensor measurements in state estimation cannot thwart malicious sensor measurement modifications, such as malicious data injection attacks. Recent work by Niemira (2013) has compared real and reactive injection and flow measurements as indicators of attacks. In this work, we improve upon the method used in that work to further enhance the detectability of malicious data injection attacks, and to incorporate PMU measurements to detect and locate previously undetectable attacks