Consequences of false data injection on power system state estimation
Document
Description
The electric power system is one of the largest, most complicated, and most important cyber-physical systems in the world. The link between the cyber and physical level is the Supervisory Control and Data Acquisition (SCADA) systems and Energy Management Systems (EMS). Their functions include monitoring the real-time system operation through state estimation (SE), controlling the system to operate reliably, and optimizing the system operation efficiency. The SCADA acquires the noisy measurements, such as voltage angle and magnitude, line power flows, and line current magnitude, from the remote terminal units (RTUs). These raw data are firstly sent to the SE, which filters all the noisy data and derives the best estimate of the system state. Then the estimated states are used for other EMS functions, such as contingency analysis, optimal power flow, etc.
In the existing state estimation process, there is no defense mechanism for any malicious attacks. Once the communication channel between the SCADA and RTUs is hijacked by the attacker, the attacker can perform a man-in-middle attack and send data of its choice. The only step that can possibly detect the attack during the state estimation process is the bad data detector. Unfortunately, even the bad data detector is unable to detect a certain type of attack, known as the false data injection (FDI) attacks.
Diagnosing the physical consequences of such attacks, therefore, is very important to understand system stability. In this thesis, theoretical general attack models for AC and DC attacks are given and an optimization problem for the worst-case overload attack is formulated. Furthermore, physical consequences of FDI attacks, based on both DC and AC model, are addressed. Various scenarios with different attack targets and system configurations are simulated. The details of the research, results obtained and conclusions drawn are presented in this document.
In the existing state estimation process, there is no defense mechanism for any malicious attacks. Once the communication channel between the SCADA and RTUs is hijacked by the attacker, the attacker can perform a man-in-middle attack and send data of its choice. The only step that can possibly detect the attack during the state estimation process is the bad data detector. Unfortunately, even the bad data detector is unable to detect a certain type of attack, known as the false data injection (FDI) attacks.
Diagnosing the physical consequences of such attacks, therefore, is very important to understand system stability. In this thesis, theoretical general attack models for AC and DC attacks are given and an optimization problem for the worst-case overload attack is formulated. Furthermore, physical consequences of FDI attacks, based on both DC and AC model, are addressed. Various scenarios with different attack targets and system configurations are simulated. The details of the research, results obtained and conclusions drawn are presented in this document.