A Taxonomy of Cyber Defence Strategies Against False Data Attacks in Smart Grids (original) (raw)
Related papers
ArXiv, 2021
Smart Grid has rapidly transformed the centrally controlled power system into a massively interconnected cyberphysical system that benefits from the revolutions happening in the communications (e.g. 5G) and the growing proliferation of the Internet of Things devices (such as smart metres and intelligent electronic devices). While the convergence of a significant number of cyber-physical elements has enabled the Smart Grid to be far more efficient and competitive in addressing the growing global energy challenges, it has also introduced a large number of vulnerabilities culminating in violations of data availability, integrity, and confidentiality. Recently, false data injection (FDI) has become one of the most critical cyberattacks, and appears to be a focal point of interest for both research and industry. To this end, this paper presents a comprehensive review in the recent advances of the FDI attacks, with particular emphasis on 1) adversarial models, 2) attack targets, and 3) im...
Enhancing Cybersecurity in Smart Grids: False Data Injection and Its Mitigation
Energies, 2021
Integration of information technologies with power systems has unlocked unprecedented opportunities in optimization and control fields. Increased data collection and monitoring enable control systems to have a better understanding of the pseudo-real-time condition of power systems. In this fashion, more accurate and effective decisions can be made. This is the key towards mitigating negative impacts of novel technologies such as renewables and electric vehicles and increasing their share in the overall generation portfolio. However, such extensive information exchange has created cybersecurity vulnerabilities in power systems that were not encountered before. It is imperative that these vulnerabilities are understood well, and proper mitigation techniques are implemented. This paper presents an extensive study of cybersecurity concerns in Smart grids in line with latest developments. Relevant standardization and mitigation efforts are discussed in detail and then the classification ...
Survey of false data injection in smart power grid: Attacks, countermeasures and challenges
Journal of Information Security and Applications, 2020
False Data Injection Attack (FDIA) is one of the most dangerous cyber attacks against smart power grids, as it could cause severe physical and economic damage. In this paper, we review and compare previous surveys on FDIA, which mostly focus only on the state estimation component. Differently, our survey describes the FDIAs that target the different components of the on-line power system security. It also provides two novel attack classifications. The first classification categorizes the different FDIAs with respect to three levels: targeted systems at the first level, targeted subsystems at the second level, and the attacks targeting the subsystems at the third level. The second classification considers two criteria: targeted sub system and the impact of the attack, which can be physical and/or economic. The countermeasures are classified according to two dimensions: (i) the targeted subsystem and (ii) the class of countermeasure: preventive or detective. Both preventive and detective classes are further categorized according to different approaches. In addition, the countermeasures are presented along with their performance results. Finally, open issues are identified, and future research directions are recommended.
Detection of false data injection attacks in smart-grid systems
IEEE Communications Magazine, 2015
Smart grids are essentially electrical grids that uses information and communication technology (ICT) to provide reliable, efficient electricity transmission and distribution. Security and trust are of paramount importance. Among various emerging security issues, false data injection (FDI) attack is one of the most substantial ones, which can significantly increase the cost of the energy distribution process. However, most current research focuses on countermeasures to FDIs for traditional power grids rather smart grid infrastructures. We develop an efficient and real-time scheme to detect FDI attacks in smart grids, by exploiting spatial-temporal correlations between grid components. Through realistic simulations based on the US smart grid, we demonstrate that the proposed scheme provides an accurate and reliable solution.
An Integrated Defense Architecture Against False Data Injection Attacks in Smart Grid
—Smart Grid is a new type of power grid that will provide reliable, secure, and efficient energy transmission and distribution in real time. While most existing techniques for protecting power grids were designed to ensure system reliability (e.g., against random failures), recently there is growing concern in smart grid initiatives on the protection against malicious cyber attacks. In particular, the adversary can inject false measurement reports to disrupt the smart grid operation through the compromised meters and sensors. Hence, defending against those false data injection attack becomes a critical issue. Nevertheless, there is no existing solution that considers all aspects such as deployment cost, efficiency, and effectiveness. In this paper, we develop a defense system that integrates the anomaly-based intrusion detection and watermarking-based detection. Our anomaly-based detection can detect strong and rapid attacks. To deal with slow and stealth attacks, we adopt the watermarking-based detection. In particular, we add secure watermarks to real-time meter readings and transmit the watermarked data stream to the utility. The utility can then correlate the watermarked data with the original watermarks (transmitted via a secured channel) to detect the presence of false data injected by the adversary during the data transmission path. Our experimental results show that our integrated defense strategy can accurately detect both strong and stealthy attacks.
Sparse Malicious False Data Injection Attacks and Defense Mechanisms in Smart Grids
IEEE Transactions on Industrial Informatics, 2015
This paper discusses malicious false data injection attacks on the wide area measurement and monitoring system in smart grids. First, methods of constructing sparse stealth attacks are developed for two typical scenarios: 1) random attacks in which arbitrary measurements can be compromised; and 2) targeted attacks in which specified state variables are modified. It is already demonstrated that stealth attacks can always exist if the number of compromised measurements exceeds a certain value. In this paper, it is found that random undetectable attacks can be accomplished by modifying only a much smaller number of measurements than this value. It is well known that protecting the system from malicious attacks can be achieved by making a certain subset of measurements immune to attacks. An efficient greedy search algorithm is then proposed to quickly find this subset of measurements to be protected to defend against stealth attacks. It is shown that this greedy algorithm has almost the same performance as the brute-force method, but without the combinatorial complexity. Third, a robust attack detection method is discussed. The detection method is designed based on the robust principal component analysis problem by introducing element-wise constraints. This method is shown to be able to identify the real measurements, as well as attacks even when only partial observations are collected. The simulations are conducted based on IEEE test systems. Index Terms-Bad data detection (BDD), malicious data attack, robust principle component analysis (PCA), smart grid security. I. INTRODUCTION C OMPARED with the traditional power grids, a smart grid tends to be much more reliable, efficient, and intelligent due to the remarkable advancements in sensing, monitoring, control technologies, and also the tight integration with cyber infrastructure and advanced computing and communication technologies [1]. However, this integration can lead to new vulnerabilities to cyber attacks on the power systems. Cyber attacks are reported as one of the main potential threats to the reliable operation of the power system [2], [3]. In this paper, we Manuscript
Cybersecurity Enhancement of Smart Grid: Attacks, Methods, and Prospects
Electronics
Smart grid is an emerging system providing many benefits in digitizing the traditional power distribution systems. However, the added benefits of digitization and the use of the Internet of Things (IoT) technologies in smart grids also poses threats to its reliable continuous operation due to cyberattacks. Cyber–physical smart grid systems must be secured against increasing security threats and attacks. The most widely studied attacks in smart grids are false data injection attacks (FDIA), denial of service, distributed denial of service (DDoS), and spoofing attacks. These cyberattacks can jeopardize the smooth operation of a smart grid and result in considerable economic losses, equipment damages, and malicious control. This paper focuses on providing an extensive survey on defense mechanisms that can be used to detect these types of cyberattacks and mitigate the associated risks. The future research directions are also provided in the paper for efficient detection and prevention o...
False data injection threats in active distribution systems: A comprehensive survey
Future Generation Computer Systems
With the proliferation of smart devices and revolutions in communications, electrical distribution systems are gradually shifting from passive, manually-operated and inflexible ones, to a massively interconnected cyber-physical smart grid to address the energy challenges of the future. However, the integration of several cutting-edge technologies has introduced several security and privacy vulnerabilities due to the large-scale complexity and resource limitations of deployments. Recent research trends have shown that False Data Injection (FDI) attacks are becoming one of the most malicious cyber threats within the entire smart grid paradigm. Therefore, this paper presents a comprehensive survey of the recent advances in FDI attacks within active distribution systems and proposes a taxonomy to classify the FDI threats with respect to smart grid targets. The related studies are contrasted and summarized in terms of the attack methodologies and implications on the electrical power distribution networks. Finally, we identify some research gaps and recommend a number of future research directions to guide and motivate prospective researchers.
Vulnerabilities of Smart Grid State Estimation against False Data Injection Attack
In recent years, Information Security has become a notable issue in the energy sector. After the invention of ‘The Stuxnet worm’ [1] in 2010, data integrity, privacy and confidentiality has received significant importance in the real-time operation of the control centres. New methods and frameworks are being developed to protect the National Critical Infrastructures like- energy sector. In the recent literatures, it has been shown that the key real-time operational tools (e.g., State Estimator) of any Energy Management System (EMS) are vulnerable to Cyber Attacks. In this chapter, one such cyber attack named ‘False Data Injection Attack’ is discussed. A literature review with a case study is considered to explain the characteristics and significance of such data integrity attacks.
A novel hybrid cybersecurity scheme against false data injection attacks in automated power systems
Protection and Control of Modern Power Systems
The conventional power systems are evolving as smart grids. In recent times cyberattacks on smart grids have been increasing. Among different attacks, False Data Injection (FDI) is considered as an emerging threat that has significant impact. By exploiting the vulnerabilities of IEC 61850 Generic Object-Oriented Substation Events (GOOSE) and Sampled Values (SV) attackers can launch different FDI attacks. In this paper, a real-time set up capable of simulating FDI on GOOSE and SV protocols is developed to evaluate the impact of such attacks on power grid. IEC 62351 stipulates cybersecurity guidelines for GOOSE and SV, but only at communication or Information Technology (IT) level. Hence there is a need to develop a holistic security both at IT and Operation Technology (OT) level. In this regard, a novel sequence content resolver-based hybrid security scheme suitable to tackle FDI attacks on GOOSE and SV is proposed. Furthermore, the computational performance of the proposed hybrid se...