Vulnerability Analysis of False Data Injection Attacks on Supervisory Control and Data Acquisition and Phasor Measurement Units

156047-Thumbnail Image.png
Description
The electric power system is monitored via an extensive network of sensors in tandem with data processing algorithms, i.e., an intelligent cyber layer, that enables continual observation and control of the physical system to ensure reliable operations. This data collection

The electric power system is monitored via an extensive network of sensors in tandem with data processing algorithms, i.e., an intelligent cyber layer, that enables continual observation and control of the physical system to ensure reliable operations. This data collection and processing system is vulnerable to cyber-attacks that impact the system operation status and lead to serious physical consequences, including systematic problems and failures.

This dissertation studies the physical consequences of unobservable false data injection (FDI) attacks wherein the attacker maliciously changes supervisory control and data acquisition (SCADA) or phasor measurement unit (PMU) measurements, on the electric power system. In this context, the dissertation is divided into three parts, in which the first two parts focus on FDI attacks on SCADA and the last part focuses on FDI attacks on PMUs.

The first part studies the physical consequences of FDI attacks on SCADA measurements designed with limited system information. The attacker is assumed to have perfect knowledge inside a sub-network of the entire system. Two classes of attacks with different assumptions on the attacker's knowledge outside of the sub-network are introduced. In particular, for the second class of attacks, the attacker is assumed to have no information outside of the attack sub-network, but can perform multiple linear regression to learn the relationship between the external network and the attack sub-network with historical data. To determine the worst possible consequences of both classes of attacks, a bi-level optimization problem wherein the first level models the attacker's goal and the second level models the system response is introduced.

The second part of the dissertation concentrates on analyzing the vulnerability of systems to FDI attacks from the perspective of the system. To this end, an off-line vulnerability analysis framework is proposed to identify the subsets of the test system that are more prone to FDI attacks.

The third part studies the vulnerability of PMUs to FDI attacks. Two classes of more sophisticated FDI attacks that capture the temporal correlation of PMU data are introduced. Such attacks are designed with a convex optimization problem and can always bypass both the bad data detector and the low-rank decomposition (LD) detector.
Date Created
2017
Agent

Topology attacks on power system operation and consequences analysis

153914-Thumbnail Image.png
Description
The large distributed electric power system is a hierarchical network involving the

transportation of power from the sources of power generation via an intermediate

densely connected transmission network to a large distribution network of end-users

at the lowest level of the hierarchy. At

The large distributed electric power system is a hierarchical network involving the

transportation of power from the sources of power generation via an intermediate

densely connected transmission network to a large distribution network of end-users

at the lowest level of the hierarchy. At each level of the hierarchy (generation/ trans-

mission/ distribution), the system is managed and monitored with a combination of

(a) supervisory control and data acquisition (SCADA); and (b) energy management

systems (EMSs) that process the collected data and make control and actuation de-

cisions using the collected data. However, at all levels of the hierarchy, both SCADA

and EMSs are vulnerable to cyber attacks. Furthermore, given the criticality of the

electric power infrastructure, cyber attacks can have severe economic and social con-

sequences.

This thesis focuses on cyber attacks on SCADA and EMS at the transmission

level of the electric power system. The goal is to study the consequences of three

classes of cyber attacks that can change topology data. These classes include: (i)

unobservable state-preserving cyber attacks that only change the topology data; (ii)

unobservable state-and-topology cyber-physical attacks that change both states and

topology data to enable a coordinated physical and cyber attack; and (iii) topology-

targeted man-in-the-middle (MitM) communication attacks that alter topology data

shared during inter-EMS communication. Specically, attack class (i) and (ii) focus on

the unobservable attacks on single regional EMS while class (iii) focuses on the MitM

attacks on communication links between regional EMSs. For each class of attacks,

the theoretical attack model and the implementation of attacks are provided, and the

worst-case attack and its consequences are exhaustively studied. In particularly, for

class (ii), a two-stage optimization problem is introduced to study worst-case attacks

that can cause a physical line over

ow that is unobservable in the cyber layer. The long-term implication and the system anomalies are demonstrated via simulation.

For attack classes (i) and (ii), both mathematical and experimental analyses sug-

gest that these unobservable attacks can be limited or even detected with resiliency

mechanisms including load monitoring, anomalous re-dispatches checking, and his-

torical data comparison. For attack class (iii), countermeasures including anomalous

tie-line interchange verication, anomalous re-dispatch alarms, and external contin-

gency lists sharing are needed to thwart such attacks.
Date Created
2015
Agent