Efficient Computations of a Security Index for False Data Attacks in Power Networks (original) (raw)

Optimal data attacks on power grids: Leveraging detection & measurement jamming

2015 IEEE International Conference on Smart Grid Communications (SmartGridComm), 2015

Meter measurements in the power grid are susceptible to manipulation by adversaries, that can lead to errors in state estimation. This paper presents a general framework to study attacks on state estimation by adversaries capable of injecting bad-data into measurements and further, of jamming their reception. Through these two techniques, a novel 'detectable jamming' attack is designed that changes the state estimation despite failing bad-data detection checks. Compared to commonly studied 'hidden' data attacks, these attacks have lower costs and a wider feasible operating region. It is shown that the entire domain of jamming costs can be divided into two regions, with distinct graph-cut based formulations for the design of the optimal attack. The most significant insight arising from this result is that the adversarial capability to jam measurements changes the optimal 'detectable jamming' attack design only if the jamming cost is less than half the cost of bad-data injection. A polynomial time approximate algorithm for attack vector construction is developed and its efficacy in attack design is demonstrated through simulations on IEEE test systems.

Measurement re-ordering attacks on power system state estimation

2017

Power system state estimation is a prerequisite for detecting faults, directing power flows, and other tasks of Energy Management Systems. State estimators have conventionally filtered out so-called bad data or outliers, but in recent years a number of attacks and mitigation mechanisms have been proposed involving deliberate injection of bad data. In this paper, we introduce a constrained attack mechanism which will be feasible where the communication channel for measurements is authenticated and integrity-protected. We demonstrate that re-ordering of measurements is sufficient to cause errors in state estimation or preventing convergence and propose an algorithm to introduce such attacks. Based on this, we introduce two security metrics to quantify the effort required for sparse and minimum magnitude re-ordering attacks, respectively, in the form of security indices based on the assumption of the adversary's full or partial knowledge of previous measurement vectors. We demonstr...

Optimization strategies for the vulnerability analysis of the electric power grid

Siam Journal on Optimization, 2009

Identifying small groups of lines, whose removal would cause a severe blackout, is critical for the secure operation of the electric power grid. We show how power grid vulnerability analysis can be studied as a bilevel mixed integer nonlinear programming problem. Our analysis reveals a special structure in the formulation that can be exploited to avoid nonlinearity and approximate the original problem as a pure combinatorial problem. The key new observation behind our analysis is the correspondence between the Jacobian matrix (a representation of the feasibility boundary of the equations that describe the flow of power in the network) and the Laplacian matrix in spectral graph theory (a representation of the graph of the power grid). The reduced combinatorial problem is known as the network inhibition problem, for which we present a mixed integer linear programming formulation. Our experiments on benchmark power grids show that the reduced combinatorial model provides an accurate approximation, to enable vulnerability analyses of real-sized problems with more than 16,520 power lines.

Vulnerability of interconnected power systems to malicious attacks under limited information

European Transactions on Electrical Power, 2008

Malicious attacks against critical infrastructures, and power systems as well, became a key-concern in recent years. The attacks may be both ''physical,'' directed towards system components, and ''cyber,'' against the information/communication system; simultaneous attacks to different components, both physical and cyber, may be possible. In this context, the assessment of the vulnerability of a given interconnected power system, in terms of the possibility to keep it feasible after a defined attack, w.r.t a limited number of information available (both due to attacks or a regulatory rule) is of the utmost importance. In this paper, we propose a game model, based on the socially rational multi-agent system (MAS) and fictitious play, which can be used to assess the sensitivity of the system structure and operational state to various availabilities of network information. From the model both a ranking of the critical information and a strategy of network reinforcement to decrease system vulnerability can be derived. The proposed model and methods are applied to a 34-buses test system for illustrative purposes.

Vulnerability analysis of power systems based on cyber-attack and defense models

2018 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT), 2018

Reliable operation of power systems is a primary challenge for the system operators. With the advancement in technology and grid automation, power systems are becoming more vulnerable to cyber-attacks. The main goal of adversaries is to take advantage of these vulnerabilities and destabilize the system. This paper describes a game-theoretic approach to attacker / defender modeling in power systems. In our models, the attacker can strategically identify the subset of substations that maximize damage when compromised. However, the defender can identify the critical subset of substations to protect in order to minimize the damage when an attacker launches a cyber-attack. The algorithms for these models are applied to the standard IEEE-14, 39, and 57 bus examples to identify the critical set of substations given an attacker and a defender budget.

Smart Grid Data Integrity Attacks

IEEE Transactions on Smart Grid, 2013

Real power injections at loads and generators, and real power flows on selected lines in a transmission network are monitored and transmitted over a SCADA network to the system operator. These are used in state estimation algorithms to make dispatch, re-balance and other energy management system [EMS] decisions. Coordinated cyberattacks of power meter readings can be arranged to be undetectable by any bad data detection algorithm. These unobservable attacks present a serious threat to grid operations. Of particular interest are sparse attacks that involve the compromise of a modest number of meter readings. An efficient algorithm to find all unobservable attacks [under standard DC load flow approximations] involving the compromise of exactly two power injection meters and an arbitrary number of power meters on lines is presented. This requires O(n 2 m) flops for a power system with n buses and m line meters. If all lines are metered, there exist canonical forms that characterize all 3, 4, and 5-sparse unobservable attacks. These can be quickly detected with O(n 2) flops using standard graph algorithms. Known-secure phase measurement units [PMUs] can be used as countermeasures against an arbitrary collection of cyberattacks. Finding the minimum number of necessary PMUs is NP-hard. It is shown that p + 1 PMUs at carefully chosen buses are sufficient to neutralize a collection of p cyberattacks.

Smart grid data integrity attacks: characterizations and countermeasuresπ

2011 IEEE International Conference on Smart Grid Communications (SmartGridComm), 2011

Coordinated cyberattacks of power meter readings can be arranged to be undetectable by any bad data detection algorithm in the power system state estimation process. These unobservable attacks present a potentially serious threat to grid operations. Of particular interest are sparse attacks that involve the compromise of a modest number of meter readings. An efficient algorithm to find all unobservable attacks [under standard DC load flow approximations] involving the compromise of exactly two power injection meters and an arbitrary number of line power meters is presented. This requires O(n 2 m) flops for a power system with n buses and m line meters. If all lines are metered, there exist canonical forms that characterize all 3, 4, and 5-sparse unobservable attacks. These can be quickly detected in power systems using standard graph algorithms. Known-secure phasor measurement units [PMUs] can be used as countermeasures against an arbitrary collection of cyberattacks. Finding the minimum number of necessary PMUs is NP-hard. It is shown that p + 1 PMUs at carefully chosen buses are sufficient to neutralize a collection of p cyberattacks.

Network-layer protection schemes against stealth attacks on state estimators in power systems

2011 IEEE International Conference on Smart Grid Communications (SmartGridComm), 2011

The power system state estimator is an important application used to calculate optimal power flows, to maintain the system in a secure state, and to detect faulty equipment. Its importance in the operation of the smart grid is expected to increase, and therefore its security is an important concern. Based on a realistic model of the communication infrastructure used to deliver measurement data from the substations to the state estimator, in this paper we investigate the vulnerability of the power system state estimator to attacks performed against the communication infrastructure. We define security metrics that quantify the importance of individual substations and the cost of attacking individual measurements. We provide efficient algorithms to calculate these metrics, and use the metrics to show how various network layer and application layer mitigation strategies can be used to decrease the vulnerability of the state estimator. We illustrate the efficiency of the algorithms on the IEEE 118 and 300 bus benchmark power systems.