Search for: All records

This paper studies the vulnerability of large-scale power systems to false data injection (FDI) attacks through their physical consequences. An attacker-defender bi-level linear program (ADBLP) can be used to determine the worst-case consequences of FDI attacks aiming to maximize the physical power flow on a target line. This ADBLP can be transformed into a single-level mixed-integer linear program (MILP), but it is numerically intractable for power systems with a large number of buses and branches. In this paper, a modified Benders' decomposition algorithm is proposed to solve the ADBLP on large power systems without converting it to the MILP. Of more general interest, the proposed algorithm can be used to solve any ADBLP. Vulnerability of the IEEE 118-bus system and the Polish system with 2383 buses to FDI attacks is assessed using the proposed algorithm. 

A machine learning-based detection framework is proposed to detect a class of cyber-attacks that redistribute loads by modifying measurements. The detection framework consists of a multi-output support vector regression (SVR) load predictor and a subsequent support vector machine (SVM) attack detector to determine the existence of load redistribution (LR) attacks utilizing loads predicted by the SVR predictor. Historical load data for training the SVR are obtained from the publicly available PJM zonal loads and are mapped to the IEEE 30-bus system. The features to predict loads are carefully extracted from the historical load data capturing both temporal and spatial correlations. The SVM attack detector is trained using normal data and randomly created LR attacks, so that it can maximally explore the attack space. An algorithm to create random LR attacks is introduced. The results show that the SVM detector trained merely using random attacks can effectively detect not only random attacks, but also intelligently designed attacks. Moreover, using the SVR predicted loads to re-dispatch generation when attacks are detected can significantly mitigate the attack consequences. 

Intelligently designed false data injection (FDI) attacks have been shown to be able to bypass the chi-squared-test based bad data detector (BDD), resulting in physical consequences (such as line overloads) in the power system. In this paper, using synthetic PMU measurements and intelligently designed FDI attacks, it is shown that if an attack is suddenly injected into the system, a predictive filter with sufficient accuracy is able to detect it. However, an attacker can gradually increase the magnitude of the attack to avoid detection, and still cause damage to the system.