A continuum of undetectable timing-attacks on PMU-based linear state-estimation

Recent innovations in protection and control applications for power systems require the use of Phasor Measurement Unit (PMU) measurements. PMUs rely on precise time synchronization and have been shown to be vulnerable to time synchronization attacks. In this paper, we explore time synchronization attacks against PMU measurements that are undetectable by state-of-the-art Bad-Data Detection (BDD) algorithms, used for Linear State-Estimation (LSE). We show that compromising three or more PMUs enables an attacker to create a continuum of undetectable attacks, and based on geometric arguments we provide a closed form expression for computing the attacks. Furthermore, we provide an algorithm for identifying PMU measurements that are vulnerable to the considered attacks. We use simulations on the IEEE 39-Bus benchmark power system to show that attacks can have a significant impact in terms of power flow mis-estimation that could lead to the violation of ampacity limits in transmission lines.

[1]  Alejandro D. Dominguez-Garcia,et al.  Spoofing GPS Receiver Clock Offset of Phasor Measurement Units , 2013, IEEE Transactions on Power Systems.

[2]  Modern algebraic theories , 1927 .

[3]  Henrik Sandberg,et al.  Stealth Attacks and Protection Schemes for State Estimators in Power Systems , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[4]  K. R. Padiyar,et al.  ENERGY FUNCTION ANALYSIS FOR POWER SYSTEM STABILITY , 1990 .

[5]  A. G. Expósito,et al.  Power system state estimation : theory and implementation , 2004 .

[6]  Mario Paolone,et al.  Undetectable Timing-Attack on Linear State-Estimation by Using Rank-1 Approximation , 2018, IEEE Transactions on Smart Grid.

[7]  Akiko Takeda,et al.  Cyber Security Analysis of Power Networks by Hypergraph Cut Algorithms , 2015, IEEE Transactions on Smart Grid.

[8]  Lang Tong,et al.  Malicious Data Attacks on the Smart Grid , 2011, IEEE Transactions on Smart Grid.

[9]  James S. Thorp,et al.  Methodology for Performing Synchrophasor Data Conditioning and Validation , 2015, IEEE Transactions on Power Systems.

[10]  Jean-Yves Le Boudec,et al.  Cyber-attack on packet-based time synchronization protocols: The undetectable Delay Box , 2016, 2016 IEEE International Instrumentation and Measurement Technology Conference Proceedings.

[11]  Henrik Sandberg,et al.  Network-Aware Mitigation of Data Integrity Attacks on Power System State Estimation , 2012, IEEE Journal on Selected Areas in Communications.

[12]  Vahid Madani,et al.  Wide-Area Monitoring, Protection, and Control of Future Electric Power Networks , 2011, Proceedings of the IEEE.

[13]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2011, TSEC.

[14]  Husheng Li,et al.  Time Synchronization Attack in Smart Grid: Impact and Analysis , 2013, IEEE Transactions on Smart Grid.