Yao Liu
Peng Ning
Michael K. Reiter
ABSTRACT
A power grid is a complex system connecting electric power generators to consumers through power transmission and distribution networks across a large geographical area. System monitoring is necessary to ensure the reliable operation of power grids, and state estimation is used in system monitoring to best estimate the power grid state through analysis of meter measurements and power system models. Various techniques have been developed to detect and identify bad measurements, including the interacting bad measurements introduced by arbitrary, non-random causes. At first glance, it seems that these techniques can also defeat malicious measurements injected by attackers.
In this paper, we present a new class of attacks, called false data injection attacks, against state estimation in electric power grids. We show that an attacker can exploit the configuration of a power system to launch such attacks to successfully introduce arbitrary errors into certain state variables while bypassing existing techniques for bad measurement detection. Moreover, we look at two realistic attack scenarios, in which the attacker is either constrained to some specific meters (due to the physical protection of the meters), or limited in the resources required to compromise meters. We show that the attacker can systematically and efficiently construct attack vectors in both scenarios, which can not only change the results of state estimation, but also modify the results in arbitrary ways. We demonstrate the success of these attacks through simulation using IEEE test systems. Our results indicate that security protection of the electric power grid must be revisited when there are potentially malicious attacks.
- Box Plot: Display of Distribution. http://www.physics.csbsju.edu/stats/box2.html.Google Scholar
- Electric Power Risk Assessment. http://www.solarstorms.org/ElectricAssessment.html.Google Scholar
- E. Amaldi and V. Kann. On the approximability of minimizing nonzero variables or unsatisfied relations in linear systems. Theoretical Computer Science, 209(1-2):237--260, December 1998. Google ScholarDigital Library
- E. N. Asada, A. V. Garcia, and R. Romero. Identifying multiple interacting bad data in power system state estimation. In IEEE Power Engineering Society General Meeting, pages 571--577, June 2005.Google ScholarCross Ref
- T. Blumensath and M. Davies. Gradient pursuits. IEEE Transactions on Signal Processing, 56(6):2370--2382, June 2008. Google ScholarDigital Library
- J. Chen and A. Abur. Improved bad data processing via strategic placement of PMUs. In IEEE Power Engineering Society General Meeting, pages 509--513, June 2005.Google Scholar
- J. Chen and A. Abur. Placement of PMUs to enable bad data detection in state estimation. IEEE Transactions on Power Systems, 21(4):1608--1615, November 2006.Google ScholarCross Ref
- S. S. Chen. PhD thesis: Basis Pursuit. Department of Statistics, Stanford University, 1995.Google Scholar
- E.Handschin, F. C. Schweppe, J. Kohlas, and A. Fiechter. Bad data analysis for power system state estimation. IEEE Transactions on Power Apparatus and Systems, 94(2):329--337, April 1975.Google ScholarCross Ref
- A. Garcia, A. Monticelli, and P. Abreu. Fast decoupled state estimation and bad data processing. IEEE Transactions on Power Apparatus and Systems, 98(5):1645--1652, September 1979.Google ScholarCross Ref
- M. R. Garey and D. S. Johnson. Computer and Intractability: a guide to the theory of NP-Completeness. W.H.Freeman and Company, 1979. Google ScholarDigital Library
- S. Gastoni, G. P. Granelli, and M. Montagna. Multiple bad data processing by genetic algorithms. In IEEE Power Tech Conference, pages 1--6, June 2003.Google ScholarCross Ref
- P. Georgiev and A. Cichoki. Sparse component analysis of overcomplete mixtures by improved basis pursuit method. In the 2004 IEEE International Symposium on Circuits and Systems (ISCAS 2004), pages 5:37--40, May 2004.Google ScholarCross Ref
- D. V. Hertem, J. Verboomen, K. Purchala, R. Belmans, and W. L. Kling. Usefulness of DC power flow for active power flow analysis with flow controlling devices. In The 8th IEE International Conference on AC and DC Power Transmission, pages 58--62, March 2006.Google ScholarCross Ref
- P. S. Huggins and S. W. Zucker. Greedy basis pursuit. IEEE Transactions on Signal Processing, 55(7):3760--3772, July 2007. Google ScholarCross Ref
- J. Lin and H. Pan. A static state estimation approach including bad data detection and identification in power systems. In IEEE Power Engineering Society General Meeting, pages 1--7, June 2007.Google ScholarCross Ref
- R. Kinney, P. Crucitti, R. Albert, and V. Latora. Modeling cascading failures in the north American power grid. European Physical Journal B - Condensed Matter and Complex Systems, 46:101--107, 2005.Google Scholar
- M. Li, Q. Zhao, and P. B. Luh. DC power flow in systems with dynamic topology. In Power and Energy Society General Meeting-Conversion and Delivery of Electrical Energy in the 21st Century, pages 1--8, 2008.Google Scholar
- L. Lovisolo, E. A. B. da Silva, M. A. M. Rodrigues, and P. S. R. Diniz. Efficient coherent adaptive representations of monitored electric signals in power systems using damped sinusoids. IEEE Transactions on Signal Processing, 53(10):3831--3846, October 2005. Google ScholarDigital Library
- C. Meyer. Matrix Analysis and Applied Linear Algebra. SIAM, 2001. Google ScholarDigital Library
- L. Mili, T. V. Cutsem, and M. Ribbens-Pavella. Hypothesis testing identification: A new method for bad data analysis in power system state estimation. 103(11):3239--3252, November 1984.Google Scholar
- L. Milli, T. V. Cutsem, and M. R. Pavella. Bad data identification methods in power system state estimation, a comparative study. IEEE Transactions on Power Apparatus and Systems, 103(11):3037--3049, November 1985.Google Scholar
- A. Monticelli. State Estimation in Electric Power Systems, A Generalized Approach. Kluwer Academic Publishers, 1999.Google Scholar
- A. Monticelli and A. Garcia. Reliable bad data processing for real-time state estimation. IEEE Transactions on Power Apparatus and Systems, 102(5):1126--1139, May 1983.Google ScholarCross Ref
- A. Monticelli, F. F. Wu, and M. Y. Multiple. Bad data identification for state estimation by combinatorial optimization. IEEE Transactions on Power Delivery, 1(3):361--369, July 1986.Google ScholarCross Ref
- B. K. Natarajan. Sparse approximate solutions to linear system. SIAM Journal on Computing, 24(2):227--234, April 1995. Google ScholarDigital Library
- Y. C. Pati, R. Rezaiifar, and P. S. Krishnaprasad. Orthogonal matching pursuit: Recursive function approximation with applications to wavelet decomposition. In the 27th Asilomar Conference on Signals, Systems and Computers, 1993.Google ScholarCross Ref
- V. H. Quintana, A. Simoes-Costa, and M. Mier. Bad data detection and identification techniques using estimation orthogonal methods. IEEE Transactions on Power Apparatus and Systems, 101(9):3356--3364, September 1982.Google ScholarCross Ref
- F. C. Schweppe, J. Wildes, and D. B. Rom. Power system static state estimation. parts 1, 2, 3. IEEE Transactions on Power Apparatus and Systems, 89(1):120--135, January 1970.Google ScholarCross Ref
- U.S.-Canada Power System Outage Task Force. Final report on the August 14, 2003 blackout in the United States and Canada. https://reports.energy.gov/B-F-Web-Part1.pdf, April 2004.Google Scholar
- A. Wood and B. Wollenberg. Power generation, operation, and control. John Wiley and Sons, 2nd edition, 1996.Google Scholar
- N. Xiang and S. Wang. Estimation and identification of multiple bad data in power system state estimation. In the 7th Power Systems Computation Conference, PSCC, pages 1061--1065, July 1981.Google Scholar
- N. Xiang, S. Wang, and E. Yu. A new approach for detection and identification of multiple bad data in power system state estimation. IEEE Transactions on Power Apparatus and Systems, 101(2):454--462, Febuary 1982.Google Scholar
- N. Xiang, S. Wang, and E. Yu. An application of estimation-identification approach of multiple bad data in power system state estimation. In IEEE Power Engineering Society Summber Meeting, July 1983.Google Scholar
- L. Zhao and A. Abur. Multi area state estimation using synchronized phasor measurements. IEEE Transactions on Power Systems, 20(2):611--617, May 2005.Google ScholarCross Ref
- J. Zhu and A. Abur. Bad data identification when using phasor measurements. In IEEE Power Tech Conference, pages 1676--1681, July 2007.Google ScholarCross Ref
- R. D. Zimmerman and C. E. Murillo-Sánchez. MATPOWER, A MATLAB Power System Simulation Package. http://www.pserc.cornell.edu/matpower/manual.pdf, September 2007.Google Scholar
Index Terms
- False data injection attacks against state estimation in electric power grids
Recommendations
A Case Study on Implementing False Data Injection Attacks Against Nonlinear State Estimation
CPS-SPC '16: Proceedings of the 2nd ACM Workshop on Cyber-Physical Systems Security and PrivacySmart grid aims to improve control and monitoring routines to ensure reliable and efficient supply of electricity. The rapid advancements in information and communication technologies of Supervisory Control And Data Acquisition (SCADA) networks, however,...
False data injection attacks against state estimation in electric power grids
A power grid is a complex system connecting electric power generators to consumers through power transmission and distribution networks across a large geographical area. System monitoring is necessary to ensure the reliable operation of power grids, and ...
On False Data-Injection Attacks against Power System State Estimation: Modeling and Countermeasures
It is critical for a power system to estimate its operation state based on meter measurements in the field and the configuration of power grid networks. Recent studies show that the adversary can bypass the existing bad data detection schemes, posing ...
Comments