ABSTRACT
State estimation plays an essential role in the monitoring and control of power transmission systems. In modern, highly inter-connected power systems the state estimation should be performed in a distributed fashion and requires information exchange between the control centers of directly connected systems. Motivated by recent reports on trojans targeting industrial control systems, in this paper we investigate how a single compromised control center can affect the outcome of distributed state estimation. We describe five attack strategies, and evaluate their impact on the IEEE 118 benchmark power system. We show that that even if the state estimation converges despite the attack, the estimate can have up to 30% of error, and bad data detection cannot locate the attack. We also show that if powerful enough, the attack can impede the convergence of the state estimation, and thus it can blind the system operators. Our results show that it is important to provide confidentiality for the measurement data in order to prevent the most powerful attacks. Finally, we discuss a possible way to detect and to mitigate these attacks.
- A. Abur and A. G. Exposito. Power System State Estimation: Theory and Implementation. Marcel Dekker, Inc., 2004.Google Scholar
- S. d. T. Antonio J. Conejo and M. Canas. An optimization approach to multiarea state estimation. IEEE Transactions on Power Systems, 22(1), February 2007.Google ScholarCross Ref
- R. B. Bobba, K. M. Rogers, Q. Wang, H. Khurana, K. Nahrstedt, and T. J. Overbye. Detecting false data injection attacks on dc state estimation. In Preprints of the First Workshop on Secure Control Systems, CPSWEEK, 2010.Google Scholar
- S. Boyd and V. Lieven. Convex Optimization. Cambridge University Press, 2004. Google ScholarDigital Library
- D.-H. Choi and L. Xie. Fully distributed bad data processing for wide area state estimation. In Proc. of IEEE SmartGridComm, October 2011.Google ScholarCross Ref
- G. Dán and H. Sandberg. Stealth attacks and protection schemes for state estimators in power systems. In Proc. of IEEE SmartGridComm, Oct. 2010.Google ScholarCross Ref
- T. Dierks and E. Rescorla. RFC5246: The transport layer security (TLS) protocol version 1.2. http://tools.ietf.org/html/rfc5246, August 2008.Google Scholar
- A. Giani, E. Bitar, M. Garcia, M. McQueen, P. Khargonekar, and K. Poolla. Smart grid data integrity attacks: Characterizations and countermeasures. In Proc. of IEEE SmartGridComm, Oct. 2011.Google Scholar
- R. Horn and C. R. Johnson. Matrix Analysis. Cambridge University Press, 1990. Google ScholarDigital Library
- T. T. Kim and H. V. Poor. Strategic protection against data injection attacks on power grids. IEEE Trans. on Smart Grid, 2:326--333, Jun. 2011.Google ScholarCross Ref
- O. Kosut, L. Jia, R. Thomas, and L. Tong. Malicious data attacks on smart grid state estimation: Attack strategies and countermeasures. In Proc. of IEEE SmartGridComm, Oct. 2010.Google ScholarCross Ref
- S. K. Le Xie, Dae-Hyun Choi and H. V. Poor. Fully distributed state estimation for wide-area monitoring systems. IEEE Transactions on Smart Grid, 3(3), 2012.Google Scholar
- Y. Liu, P. Ning, and M. Reiter. False data injection attacks against state estimation in electric power grids. In Proc. of the 16th ACM conference on Computer and Communications Security (CCS), pages 21--32, 2009. Google ScholarDigital Library
- A. Monticelli. Electric power system state estimation. Proc. of the IEEE, 88(2):262--282, 2000.Google ScholarCross Ref
- L. Sankar, S. Kar, R. Tandon, and H. V. Poor. Competitive privacy in the smart grid: An information-theoretic approach. In Proc. of IEEE SmartGridComm, Oct. 2011.Google ScholarCross Ref
- M. Shahidehpour and Y. Wang. Communication and Control in Electric Power Systems. John Wiley and Sons, 2003.Google ScholarCross Ref
- Symantec Security Response. W32.duq: The precursor to the next stuxnet, November 2011.Google Scholar
- A. Teixeira, G. Dán, H. Sandberg, and K. H. Johansson. A cyber security study of a SCADA energy management system: Stealthy deception attacks on the state estimator. In Proc. IFAC World Congress, 2011.Google ScholarCross Ref
- O. Vuković, K. C. Sou, G. Dán, and H. Sandberg. Network-aware mitigation of data integrity attacks on power system state estimation. IEEE JSAC: Smart Grid Communications Series, 30(6), 2012.Google Scholar
Recommendations
The vulnerability of distributed state estimator under stealthy attacks
AbstractThis paper focuses on a spatially large linear system with a distributed array of sensors, each of which offers partial state measurements. Suppose that each sensor runs a distributed state estimator and they may be suffering either ...
Vulnerability analysis of distributed state estimation under joint deception attacks
AbstractThis paper is concerned with the vulnerability of distributed state estimation under joint deception attacks. We first consider that all the output measurements and state estimations can be corrupted by attackers. The necessary and ...
Surviving Distributed Denial-of-Service Attacks
A series of distributed denial-of-service (DDoS) attacks were launched against computer systems and services in the US and South Korea beginning July 4th. A DDoS attack is an attempt to make a computer service unavailable to its intended users. The ...
Comments