skip to main content


Title: A Bi-Level Model for Detecting and Correcting Parameter Cyber-Attacks in Power System State Estimation
Power system state estimation is an important component of the status and healthiness of the underlying electric power grid real-time monitoring. However, such a component is prone to cyber-physical attacks. The majority of research in cyber-physical power systems security focuses on detecting measurements False-Data Injection attacks. While this is important, measurement model parameters are also a most important part of the state estimation process. Measurement model parameters though, also known as static-data, are not monitored in real-life applications. Measurement model solutions ultimately provide estimated states. A state-of-the-art model presents a two-step process towards simultaneous false-data injection security: detection and correction. Detection steps are χ2 statistical hypothesis test based, while correction steps consider the augmented state vector approach. In addition, the correction step uses an iterative solution of a relaxed non-linear model with no guarantee of optimal solution. This paper presents a linear programming method to detect and correct cyber-attacks in the measurement model parameters. The presented bi-level model integrates the detection and correction steps. Temporal and spatio characteristics of the power grid are used to provide an online detection and correction tool for attacks pertaining the parameters of the measurement model. The presented model is implemented on the IEEE 118 bus system. Comparative test results with the state-of-the-art model highlight improved accuracy. An easy-to-implement model, built on the classical weighted least squares solution, without hard-to-derive parameters, highlights potential aspects towards real-life applications.  more » « less
Award ID(s):
1809739
NSF-PAR ID:
10294514
Author(s) / Creator(s):
;
Date Published:
Journal Name:
Applied Sciences
Volume:
11
Issue:
14
ISSN:
2076-3417
Page Range / eLocation ID:
6540
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. null (Ed.)
    Concerning power systems, real-time monitoring of cyber–physical security, false data injection attacks on wide-area measurements are of major concern. However, the database of the network parameters is just as crucial to the state estimation process. Maintaining the accuracy of the system model is the other part of the equation, since almost all applications in power systems heavily depend on the state estimator outputs. While much effort has been given to measurements of false data injection attacks, seldom reported work is found on the broad theme of false data injection on the database of network parameters. State-of-the-art physics-based model solutions correct false data injection on network parameter database considering only available wide-area measurements. In addition, deterministic models are used for correction. In this paper, an overdetermined physics-based parameter false data injection correction model is presented. The overdetermined model uses a parameter database correction Jacobian matrix and a Taylor series expansion approximation. The method further applies the concept of synthetic measurements, which refers to measurements that do not exist in the real-life system. A machine learning linear regression-based model for measurement prediction is integrated in the framework through deriving weights for synthetic measurements creation. Validation of the presented model is performed on the IEEE 118-bus system. Numerical results show that the approximation error is lower than the state-of-the-art, while providing robustness to the correction process. Easy-to-implement model on the classical weighted-least-squares solution, highlights real-life implementation potential aspects. 
    more » « less
  2. null (Ed.)
    In the modern power system networks, grid observability has greatly increased due to the deployment of various metering technologies. Such technologies enhanced the real-time monitoring of the grid. The collection of observations are processed by the state estimator in which many applications have relied on. Traditionally, state estimation on power grids has been done considering a centralized architecture. With grid deregulation, and awareness of information privacy and security, much attention has been given to multi-area state estimation. Considering such, state-of-the-art solutions consider a weighted norm of residual measurement model, which might hinder masked gross errors contained in the null-space of the Jacobian matrix. Towards the solution of this, a distributed innovation-based model is presented. Measurement innovation is used towards error composition. The measurement error is an independent random variable, where the residual is not. Thus, the masked component is recovered through measurement innovation. Model solution is obtained through an Alternating Direction Method of Multipliers (ADMM), which requires minimal information communication. The presented framework is validated using the IEEE 14 and IEEE 118 bus systems. Easy-to-implement model, build-on the classical weighted norm of the residual solution, and without hard-to-design parameters highlight potential aspects towards real-life implementation. 
    more » « less
  3. Communication networks in power systems are a major part of the smart grid paradigm. It enables and facilitates the automation of power grid operation as well as self-healing in contingencies. Such dependencies on communication networks, though, create a roam for cyber-threats. An adversary can launch an attack on the communication network, which in turn reflects on power grid operation. Attacks could be in the form of false data injection into system measurements, flooding the communication channels with unnecessary data, or intercepting messages. Using machine learning-based processing on data gathered from communication networks and the power grid is a promising solution for detecting cyber threats. In this paper, a co-simulation of cyber-security for cross-layer strategy is presented. The advantage of such a framework is the augmentation of valuable data that enhances the detection as well as identification of anomalies in the operation of the power grid. The framework is implemented on the IEEE 118-bus system. The system is constructed in Mininet to simulate a communication network and obtain data for analysis. A distributed three controller software-defined networking (SDN) framework is proposed that utilizes the Open Network Operating System (ONOS) cluster. According to the findings of our suggested architecture, it outperforms a single SDN controller framework by a factor of more than ten times the throughput. This provides for a higher flow of data throughout the network while decreasing congestion caused by a single controller’s processing restrictions. Furthermore, our CECD-AS approach outperforms state-of-the-art physics and machine learning-based techniques in terms of attack classification. The performance of the framework is investigated under various types of communication attacks. 
    more » « less
  4. The bi-directional communication capabilities that emerged into the smart power grid play a critical role in the grid's secure, reliable and efficient operation. Nevertheless, the data communication functionalities introduced to Advanced Metering Infrastructure (AMI) nodes end the grid's isolation, and expose the network into an array of cyber-security threats that jeopardize the grid's stability and availability. For instance, malware amenable to inject false data into the AMI can compromise the grid's state estimation process and lead to catastrophic power outages. In this paper, we explore several statistical spatio-temporal models for efficient diagnosis of false data injection attacks in smart grids. The proposed methods leverage the data co-linearities that naturally arise in the AMI measurements of the electric network to provide forecasts for the network's AMI observations, aiming to quickly detect the presence of “bad data”. We evaluate the proposed approaches with data tampered with stealth attacks compiled via three different attack strategies. Further, we juxtapose them against two other forecasting-aided detection methods appearing in the literature, and discuss the trade-offs of all techniques when employed on real-world power grid data, obtained from a large university campus. 
    more » « less
  5. State-of-the art physics-model based dynamic state estimation generally relies on the assumption that the system’s transition matrix is always correct, the one that relates the states in two different time instants, which might not hold always on real-life applications. Further, while making such assumptions, state-of-the-art dynamic state estimation models become unable to discriminate among different types of anomalies, as measurement gross errors and sudden load changes, and thus automatically leads the state estimator framework to inaccuracy. Towards the solution of this important challenge, in this work, a hybrid adaptive dynamic state estimator framework is presented. Based on the Kalman Filter formulation, measurement innovation analytical-based tests are presented and integrated into the state estimator framework. Gross measurement errors and sudden load changes are automatically detected, identified, and corrected, providing continuous updating of the state estimator. Towards such, the asymmetry index applied to the measurement innovation is introduced, as an anomaly discrimination method, which assesses the physics-model-based dynamic state estimation process in different piece-wise stationary levels. Comparative tests with the state-of-the-art are presented, considering the IEEE 14, IEEE 30, and IEEE 118 test systems. Easy-to-implement-model, without hard-to-design parameters, build-on the classical Kalman Filter solution, highlights potential aspects towards real-life applications. 
    more » « less