Optimal False Data Injection Attack against Automatic Generation Control in Power Grids

This paper studies false data injection attacks against automatic generation control (AGC), a fundamental control system used in all power grids to maintain the grid frequency at a nominal value. Attacks on the sensor measurements for AGC can cause frequency excursion that triggers remedial actions such as disconnecting customer loads or generators, leading to blackouts and potentially costly equipment damage. We derive an attack impact model and analyze an optimal attack, consisting of a series of false data injections, that minimizes the remaining time until the onset of remedial actions, leaving the shortest time for the grid to counteract. We show that, based on eavesdropped sensor data and a few feasible-to-obtain system constants, the attacker can learn the attack impact model and achieve the optimal attack in practice. This paper provides essential understanding on the limits of physical impact of false data injections on power grids, and provides an analysis framework to guide the protection of sensor data links. Our analysis and algorithms are validated by experiments on a physical 16-bus power system testbed and extensive simulations based on a 37-bus power system model.

[1]  P. Kundur,et al.  Power system stability and control , 1994 .

[2]  A. Bose,et al.  Communication models for third party load frequency control , 2004, IEEE Transactions on Power Systems.

[3]  Kevin Tomsovic,et al.  Designing the Next Generation of Real-Time Control, Communication, and Computations for Large Power Systems , 2005, Proceedings of the IEEE.

[4]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2009, CCS.

[5]  John Lygeros,et al.  Cyber attack in a two-area power system: Impact identification using reachability , 2010, Proceedings of the 2010 American Control Conference.

[6]  G. Manimaran,et al.  Data integrity attacks and their impacts on SCADA control system , 2010, IEEE PES General Meeting.

[7]  John Lygeros,et al.  A robust policy for Automatic Generation Control cyber attack in two area power network , 2010, 49th IEEE Conference on Decision and Control (CDC).

[8]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[9]  Stamatis Karnouskos,et al.  Stuxnet worm impact on industrial cyber-physical system security , 2011, IECON 2011 - 37th Annual Conference of the IEEE Industrial Electronics Society.

[10]  Yan Liu,et al.  Computational Challenges for Power System Operation , 2012, 2012 45th Hawaii International Conference on System Sciences.

[11]  Xavier Litrico,et al.  Cyber Security of Water SCADA Systems—Part I: Analysis and Experimentation of Stealthy Deception Attacks , 2013, IEEE Transactions on Control Systems Technology.

[12]  Aditya Ashok,et al.  Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid , 2013, IEEE Transactions on Smart Grid.

[13]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.

[14]  Siddharth Sridhar,et al.  Model-Based Attack Detection and Mitigation for Automatic Generation Control , 2014, IEEE Transactions on Smart Grid.

[15]  Paulo Tabuada,et al.  Secure Estimation and Control for Cyber-Physical Systems Under Adversarial Attacks , 2012, IEEE Transactions on Automatic Control.

[16]  Karl Henrik Johansson,et al.  Efficient Computations of a Security Index for False Data Attacks in Power Networks , 2012, IEEE Transactions on Automatic Control.

[17]  Ehab Al-Shaer,et al.  A formal model for verifying the impact of stealthy attacks on optimal power flow in power grids , 2014, 2014 ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS).