False data injection attacks against state estimation in electric power grids

A power grid is a complex system connecting electric power generators to consumers through power transmission and distribution networks across a large geographical area. System monitoring is necessary to ensure the reliable operation of power grids, and state estimation is used in system monitoring to best estimate the power grid state through analysis of meter measurements and power system models. Various techniques have been developed to detect and identify bad measurements, including the interacting bad measurements introduced by arbitrary, non-random causes. At first glance, it seems that these techniques can also defeat malicious measurements injected by attackers. In this paper, we present a new class of attacks, called false data injection attacks, against state estimation in electric power grids. We show that an attacker can exploit the configuration of a power system to launch such attacks to successfully introduce arbitrary errors into certain state variables while bypassing existing techniques for bad measurement detection. Moreover, we look at two realistic attack scenarios, in which the attacker is either constrained to some specific meters (due to the physical protection of the meters), or limited in the resources required to compromise meters. We show that the attacker can systematically and efficiently construct attack vectors in both scenarios, which can not only change the results of state estimation, but also modify the results in arbitrary ways. We demonstrate the success of these attacks through simulation using IEEE test systems. Our results indicate that security protection of the electric power grid must be revisited when there are potentially malicious attacks.

[1]  Philip G. Hill,et al.  Power generation , 1927, Journal of the A.I.E.E..

[2]  E. Handschin,et al.  Bad data analysis for power system state estimation , 1975, IEEE Transactions on Power Apparatus and Systems.

[3]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[4]  M. Garey Johnson: computers and intractability: a guide to the theory of np- completeness (freeman , 1979 .

[5]  A. Monticelli,et al.  Fast Decoupled State Estimation and Bad Data Processing , 1979, IEEE Transactions on Power Apparatus and Systems.

[6]  Yu Er-keng,et al.  A New Approach for Detection and Identification of Multiple Bad Data in Power System State Estimation , 1982, IEEE Transactions on Power Apparatus and Systems.

[7]  A. Simoes-Costa,et al.  Bad Data Detection and Identification Techniques Using Estimation Orthogonal Methods , 1982, IEEE Transactions on Power Apparatus and Systems.

[8]  A. Monticelli,et al.  Reliable Bad Data Processing for Real-Time State Estimation , 1983, IEEE Power Engineering Review.

[9]  Allen J. Wood,et al.  Power Generation, Operation, and Control , 1984 .

[10]  Xiang De,et al.  An Application Of Estimation-Identification Approach Of Multiple Bad Data In Power System State Estimation , 1984, IEEE Transactions on Power Apparatus and Systems.

[11]  M. Ribbens-Pavella,et al.  Hypothesis Testing Identification: A New Method for Bad Data Analysis in Power System State Estimation , 1984, IEEE Power Engineering Review.

[12]  Xiang De,et al.  An Application of Estimation-Identification Approach of Multiple Bad Data in Power System State Estimation , 1984, IEEE Power Engineering Review.

[13]  M. Ribbens-Pavella,et al.  Bad Data Identification Methods In Power System State Estimation-A Comparative Study , 1985, IEEE Transactions on Power Apparatus and Systems.

[14]  Felix F. Wu,et al.  Mutiple Bad Data Identwication for State Estimation by Combinatorial Oftimization , 1986, IEEE Transactions on Power Delivery.

[15]  Felix F. Wu,et al.  Detection of Topology Errors by State Estimation , 1989, IEEE Power Engineering Review.

[16]  Richard A. Davis,et al.  Time Series: Theory and Methods (2nd ed.). , 1992 .

[17]  Y. C. Pati,et al.  Orthogonal matching pursuit: recursive function approximation with applications to wavelet decomposition , 1993, Proceedings of 27th Asilomar Conference on Signals, Systems and Computers.

[18]  D. Donoho,et al.  Basis pursuit , 1994, Proceedings of 1994 28th Asilomar Conference on Signals, Systems and Computers.

[19]  Balas K. Natarajan,et al.  Sparse Approximate Solutions to Linear Systems , 1995, SIAM J. Comput..

[20]  G. Sheblé,et al.  Power generation operation and control — 2nd edition , 1996 .

[21]  Edoardo Amaldi,et al.  On the Approximability of Minimizing Nonzero Variables or Unsatisfied Relations in Linear Systems , 1998, Theor. Comput. Sci..

[22]  A. Monticelli State estimation in electric power systems : a generalized approach , 1999 .

[23]  Carl D. Meyer,et al.  Matrix Analysis and Applied Linear Algebra , 2000 .

[24]  Mario Montagna,et al.  Multiple bad data processing by genetic algorithms , 2003, 2003 IEEE Bologna Power Tech Conference Proceedings,.

[25]  A. G. Expósito,et al.  Power system state estimation : theory and implementation , 2004 .

[26]  Andrzej Cichocki,et al.  Sparse component analysis of overcomplete mixtures by improved basis pursuit method , 2004, 2004 IEEE International Symposium on Circuits and Systems (IEEE Cat. No.04CH37512).

[27]  A. Abur,et al.  Improved bad data processing via strategic placement of PMUs , 2005, IEEE Power Engineering Society General Meeting, 2005.

[28]  A. Abur,et al.  Multi area state estimation using synchronized phasor measurements , 2005, IEEE Transactions on Power Systems.

[29]  P.S.R. Diniz,et al.  Efficient coherent adaptive representations of monitored electric signals in power systems using damped sinusoids , 2005, IEEE Transactions on Signal Processing.

[30]  R. Belmans,et al.  Usefulness of DC power flow for active power flow analysis , 2005, IEEE Power Engineering Society General Meeting, 2005.

[31]  R. Romero,et al.  Identifying multiple interacting bad data in power system state estimation , 2005, IEEE Power Engineering Society General Meeting, 2005.

[32]  Ravi Sandhu,et al.  ACM Transactions on Information and System Security: Editorial , 2005 .

[33]  Vito Latora,et al.  Modeling cascading failures in the North American power grid , 2005 .

[34]  A. Abur,et al.  Placement of PMUs to Enable Bad Data Detection in State Estimation , 2006, IEEE Transactions on Power Systems.

[35]  Steven W. Zucker,et al.  Greedy Basis Pursuit , 2007, IEEE Transactions on Signal Processing.

[36]  A. Abur,et al.  Bad Data Identification When Using Phasor Measurements , 2007, 2007 IEEE Lausanne Power Tech.

[37]  Jeu-Min Lin,et al.  A Static State Estimation Approach Including Bad Data Detection and Identification in Power Systems , 2007, 2007 IEEE Power Engineering Society General Meeting.

[38]  Qianchuan Zhao,et al.  DC power flow in systems with dynamic topology , 2008, 2008 IEEE Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century.

[39]  Mike E. Davies,et al.  Gradient Pursuits , 2008, IEEE Transactions on Signal Processing.

[40]  Lang Tong,et al.  On malicious data attacks on power system state estimation , 2010, 45th International Universities Power Engineering Conference UPEC2010.

[41]  Karl Henrik Johansson,et al.  On Security Indices for State Estimators in Power Networks , 2010 .

[42]  L. Tong,et al.  Malicious Data Attacks on Smart Grid State Estimation: Attack Strategies and Countermeasures , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[43]  Lang Tong,et al.  Limiting false data attacks on power system state estimation , 2010, 2010 44th Annual Conference on Information Sciences and Systems (CISS).

[44]  Henrik Sandberg,et al.  Stealth Attacks and Protection Schemes for State Estimators in Power Systems , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[45]  Klara Nahrstedt,et al.  Detecting False Data Injection Attacks on DC State Estimation , 2010 .

[46]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2011, TSEC.