skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Identification of Intraday False Data Injection Attack on DER Dispatch Signals
The urgent need for the decarbonization of power girds has accelerated the integration of renewable energy. Con-currently the increasing distributed energy resources (DER) and advanced metering infrastructures (AMI) have transformed the power grids into a more sophisticated cyber-physical system with numerous communication devices. While these transitions provide economic and environmental value, they also impose increased risk of cyber attacks and operational challenges. This paper investigates the vulnerability of the power grids with high renewable penetration against an intraday false data injection (FDI) attack on DER dispatch signals and proposes a kernel support vector regression (SVR) based detection model as a countermeasure. The intraday FDI attack scenario and the detection model are demonstrated in a numerical experiment using the HCE 187-bus test system.  more » « less
Award ID(s):
2148128
PAR ID:
10430364
Author(s) / Creator(s):
; ; ;
Date Published:
Journal Name:
in Proc. IEEE SmartGridCom’22, Oct. 2022.
Page Range / eLocation ID:
40 to 46
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; (, Information)
    null (Ed.)
    Smart grids integrate advanced information and communication technologies (ICTs) into traditional power grids for more efficient and resilient power delivery and management, but also introduce new security vulnerabilities that can be exploited by adversaries to launch cyber attacks, causing severe consequences such as massive blackout and infrastructure damages. Existing machine learning-based methods for detecting cyber attacks in smart grids are mostly based on supervised learning, which need the instances of both normal and attack events for training. In addition, supervised learning requires that the training dataset includes representative instances of various types of attack events to train a good model, which is sometimes hard if not impossible. This paper presents a new method for detecting cyber attacks in smart grids using PMU data, which is based on semi-supervised anomaly detection and deep representation learning. Semi-supervised anomaly detection only employs the instances of normal events to train detection models, making it suitable for finding unknown attack events. A number of popular semi-supervised anomaly detection algorithms were investigated in our study using publicly available power system cyber attack datasets to identify the best-performing ones. The performance comparison with popular supervised algorithms demonstrates that semi-supervised algorithms are more capable of finding attack events than supervised algorithms. Our results also show that the performance of semi-supervised anomaly detection algorithms can be further improved by augmenting with deep representation learning. 
    more » « less
  2. ; (, IEEE Transactions on Industry Applications)
    False data injection (FDI) attacks targeting under-load tap changing (ULTC) transformers pose a significant threat to smart distribution networks by exploiting vulnerabilities in the volt-var optimization (VVO) process, leading to potential undervoltage and voltage collapse. The increased integration of renewable energy and cyber-physical systems has expanded the attack surface, making traditional detection methods inadequate. For example, in 2023, attacks on utilities and decentralized components in the United States rose by 200%, with overall cyber threats increasing by 104%, highlighting growing vulnerabilities in distribution systems. To this end, this article proposes a two-stage remediation framework for decentralized FDI (DFDI) attacks targeting ULTC transformers. In the attack stage, vulnerabilities in ULTCs and voltage regulators are scrutinized, risking voltage collapse or blackouts in the distribution system. In the remediation stage, the distribution system operator focuses on non-attacked ULTCs, voltage regulators, distributed generation (DG) units, and smart homes to minimize reliance on compromised components. In this regard, a distinctive formulation of distribution network resilience and load management (DNRLM) problem is introduced to identify a resilient network topology and determine a situational power balance strategy. The proposed framework focuses on minimizing the system's reliance on the attacked ULTCs and voltage regulator components, thereby avoiding the intended voltage collapse caused by such DFDIs. The simulation results verify that the proposed method reduces the voltage collapse proximity index by over 60%, enhancing system resilience under DFDI attacks. 
    more » « less
  3. ; ; ; (, IEEE)
    This paper introduces a novel approach to detecting cyber attacks for power electronics-interfaced renewable resources, e.g., solar panels. The approach leverages the inherent variability of renewable energy generation to watermark the measurements of renewable resources that are vulnerable to false data injection (FDI) attacks. By checking the existence of the watermarks imprinted by the natural fluctuations of renewables, false data injection attacks can be detected. Compared with the conventional watermarking methods, the proposed approach does not require additional noise injection which compromises control performance. The effectiveness of the proposed approach is validated by simulating a solar photovoltaic system. 
    more » « less
  4. ; ; ; ; (, IEEE Transactions on Control of Network Systems)
    Graph signal processing (GSP) has emerged as a powerful tool for practical network applications, including power system monitoring. Recent research has focused on developing GSP-based methods for state estimation, attack detection, and topology identification using the representation of the power system voltages as smooth graph signals. Within this framework, efficient methods have been developed for detecting false data injection (FDI) attacks, which until now were perceived as nonsmooth with respect to the graph Laplacian matrix. Consequently, these methods may not be effective against smooth FDI attacks. In this paper, we propose a graph FDI (GFDI) attack that minimizes the Laplacian-based graph total variation (TV) under practical constraints. We present the GFDI attack as the solution for a non-convex constrained optimization problem. The solution to the GFDI attack problem is obtained through approximating it using ℓ1 relaxation. A series of quadratic programming problems that are classified as convex optimization problems are solved to obtain the final solution. We then propose a protection scheme that identifies the minimal set of measurements necessary to constrain the GFDI output to a high graph TV, thereby enabling its detection by existing GSP-based detectors. Our numerical simulations on the IEEE-57 and IEEE-118 bus test cases reveal the potential threat posed by well-designed GSP-based FDI attacks. Moreover, we demonstrate that integrating the proposed protection design with GSP-based detection can lead to significant hardware cost savings compared to previous designs of protection methods against FDI attacks. 
    more » « less
  5. ; ; ; (, New generation)
    Smart grids are facing many challenges including cyber-attacks which can cause devastating damages to the grids. Existing machine learning based approaches for detecting cyber-attacks in smart grids are mainly based on supervised learning, which needs representative instances from various attack types to obtain good detection models. In this paper, we investigated semi-supervised outlier detection algorithms for this problem which only use instances of normal events for model training. Data collected by phasor measurement units (PMUs) was used for training the detection model. The semi-supervised outlier detection algorithms were augmented with deep feature extraction for enhanced detection performance. Our results show that semi-supervised outlier detection algorithms can perform better than popular supervised algorithms. Deep feature extraction can significantly improve the performance of semi-supervised algorithms for detecting cyber-attacks in smart grids 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email