Enhancing Power System Cyber-Security with Systematic Two-Stage Detection Strategy

Xingpeng Li, Kory W. Hedman. IEEE Transactions on Power Systems, 2020.
PDF
20200301-XLI-CyberSecurity.pdf
DOI
10.1109/TPWRS.2019.2942333
Codes
GRTOS-Java
Authors in the RPG Lab
(might be unordered here; check the citation below)
Xingpeng Li

Abstract

State estimation estimates the system condition in real-time and provides a base case for other energy management system (EMS) applications including real-time contingency analysis and security-constrained economic dispatch. Recent work in the literature shows malicious cyber-attack can inject false measurements that bypass traditional bad data detection in state estimation and cause actual overloads. Thus, it is very important to detect such cyber-attack. In this paper, multiple metrics are proposed to monitor abnormal load deviations and suspicious branch flow changes. A systematic two-stage approach is proposed to detect false data injection (FDI) cyber-attack. The first stage determines whether the system is under attack while the second stage identifies the target branch. Numerical simulations verify that FDI can cause severe system violations and demonstrate the effectiveness of the proposed two-stage FDI detection (FDID) method. It is concluded that the proposed FDID approach can efficiently detect FDI cyber-attack and identify the target branch, which will substantially improve operators’ situation awareness in real-time.

Index Terms

Cyber-attack, false data injection, false data injection detection, power system cyber-security, security-constrained economic dispatch, state estimation.

Cite this paper:

Xingpeng Li and Kory W. Hedman, “Enhancing Power System Cyber-Security with Systematic Two-Stage Detection Strategy,” IEEE Transactions on Power Systems, vol. 35, no. 2, pp. 1549-1561, Mar. 2020.