Matching Items (3)
Filtering by
- All Subjects: False Data Injection
- Creators: Hedman, Kory
Description
The electric power system is one of the largest, most complicated, and most important cyber-physical systems in the world. The link between the cyber and physical level is the Supervisory Control and Data Acquisition (SCADA) systems and Energy Management Systems (EMS). Their functions include monitoring the real-time system operation through state estimation (SE), controlling the system to operate reliably, and optimizing the system operation efficiency. The SCADA acquires the noisy measurements, such as voltage angle and magnitude, line power flows, and line current magnitude, from the remote terminal units (RTUs). These raw data are firstly sent to the SE, which filters all the noisy data and derives the best estimate of the system state. Then the estimated states are used for other EMS functions, such as contingency analysis, optimal power flow, etc.
In the existing state estimation process, there is no defense mechanism for any malicious attacks. Once the communication channel between the SCADA and RTUs is hijacked by the attacker, the attacker can perform a man-in-middle attack and send data of its choice. The only step that can possibly detect the attack during the state estimation process is the bad data detector. Unfortunately, even the bad data detector is unable to detect a certain type of attack, known as the false data injection (FDI) attacks.
Diagnosing the physical consequences of such attacks, therefore, is very important to understand system stability. In this thesis, theoretical general attack models for AC and DC attacks are given and an optimization problem for the worst-case overload attack is formulated. Furthermore, physical consequences of FDI attacks, based on both DC and AC model, are addressed. Various scenarios with different attack targets and system configurations are simulated. The details of the research, results obtained and conclusions drawn are presented in this document.
In the existing state estimation process, there is no defense mechanism for any malicious attacks. Once the communication channel between the SCADA and RTUs is hijacked by the attacker, the attacker can perform a man-in-middle attack and send data of its choice. The only step that can possibly detect the attack during the state estimation process is the bad data detector. Unfortunately, even the bad data detector is unable to detect a certain type of attack, known as the false data injection (FDI) attacks.
Diagnosing the physical consequences of such attacks, therefore, is very important to understand system stability. In this thesis, theoretical general attack models for AC and DC attacks are given and an optimization problem for the worst-case overload attack is formulated. Furthermore, physical consequences of FDI attacks, based on both DC and AC model, are addressed. Various scenarios with different attack targets and system configurations are simulated. The details of the research, results obtained and conclusions drawn are presented in this document.
ContributorsLiang, Jingwen (Author) / Sankar, Lalitha (Thesis advisor) / Kosut, Oliver (Thesis advisor) / Hedman, Kory (Committee member) / Arizona State University (Publisher)
Created2015
Description
Electric power systems are facing great challenges from environmental regulations, changes in demand due to new technologies like electric vehicle, as well as the integration of various renewable energy sources. These factors taken together require the development of new tools to help make policy and investment decisions for the future power grid. The requirements of a network equivalent to be used in such planning tools are very different from those assumed in the development of traditional equivalencing procedures. This dissertation is focused on the development, implementation and verification of two network equivalencing approaches on large power systems, such as the Eastern Interconnection. Traditional Ward-type equivalences are a class of equivalencing approaches but this class has some significant drawbacks. It is well known that Ward-type equivalents "smear" the injections of external generators over a large number of boundary buses. For newer long-term investment applications that take into account such things as greenhouse gas (GHG) regulations and generator availability, it is computationally impractical to model fractions of generators located at many buses. A modified-Ward equivalent is proposed to address this limitation such that the external generators are moved wholesale to some internal buses based on electrical distance. This proposed equivalencing procedure is designed so that the retained-line power flows in the equivalent match those in the unreduced (full) model exactly. During the reduction process, accommodations for special system elements are addressed, including static VAr compensators (SVCs), high voltage dc (HVDC) transmission lines, and phase angle regulators. Another network equivalencing approach based on the dc power flow assumptions and the power transfer distribution factors (PTDFs) is proposed. This method, rather than eliminate buses via Gauss-reduction, aggregates buses on a zonal basis. The bus aggregation approach proposed here is superior to the existing bus aggregation methods in that a) under the base case, the equivalent-system inter-zonal power flows exactly match those calculated using the full-network-model b) as the operating conditions change, errors in line flows are reduced using the proposed bus clustering algorithm c) this method is computationally more efficient than other bus aggregation methods proposed heretofore. A critical step in achieving accuracy with a bus aggregation approach is selecting which buses to cluster together and how many clusters are needed. Clustering in this context refers to the process of partitioning a network into subsets of buses. An efficient network clustering method is proposed based on the PTDFs and the data mining techniques. This method is applied to the EI topology using the "Saguaro" supercomputer at ASU, a resource with sufficient memory and computational capability for handling this 60,000-bus and 80,000-branch system. The network equivalents generated by the proposed approaches are verified and tested for different operating conditions and promising results have been observed.
ContributorsShi, Di (Author) / Tylavsky, Daniel J (Thesis advisor) / Vittal, Vijay (Committee member) / Hedman, Kory (Committee member) / Ayyanar, Raja (Committee member) / Arizona State University (Publisher)
Created2012
Description
The large distributed electric power system is a hierarchical network involving the
transportation of power from the sources of power generation via an intermediate
densely connected transmission network to a large distribution network of end-users
at the lowest level of the hierarchy. At each level of the hierarchy (generation/ trans-
mission/ distribution), the system is managed and monitored with a combination of
(a) supervisory control and data acquisition (SCADA); and (b) energy management
systems (EMSs) that process the collected data and make control and actuation de-
cisions using the collected data. However, at all levels of the hierarchy, both SCADA
and EMSs are vulnerable to cyber attacks. Furthermore, given the criticality of the
electric power infrastructure, cyber attacks can have severe economic and social con-
sequences.
This thesis focuses on cyber attacks on SCADA and EMS at the transmission
level of the electric power system. The goal is to study the consequences of three
classes of cyber attacks that can change topology data. These classes include: (i)
unobservable state-preserving cyber attacks that only change the topology data; (ii)
unobservable state-and-topology cyber-physical attacks that change both states and
topology data to enable a coordinated physical and cyber attack; and (iii) topology-
targeted man-in-the-middle (MitM) communication attacks that alter topology data
shared during inter-EMS communication. Specically, attack class (i) and (ii) focus on
the unobservable attacks on single regional EMS while class (iii) focuses on the MitM
attacks on communication links between regional EMSs. For each class of attacks,
the theoretical attack model and the implementation of attacks are provided, and the
worst-case attack and its consequences are exhaustively studied. In particularly, for
class (ii), a two-stage optimization problem is introduced to study worst-case attacks
that can cause a physical line over
ow that is unobservable in the cyber layer. The long-term implication and the system anomalies are demonstrated via simulation.
For attack classes (i) and (ii), both mathematical and experimental analyses sug-
gest that these unobservable attacks can be limited or even detected with resiliency
mechanisms including load monitoring, anomalous re-dispatches checking, and his-
torical data comparison. For attack class (iii), countermeasures including anomalous
tie-line interchange verication, anomalous re-dispatch alarms, and external contin-
gency lists sharing are needed to thwart such attacks.
transportation of power from the sources of power generation via an intermediate
densely connected transmission network to a large distribution network of end-users
at the lowest level of the hierarchy. At each level of the hierarchy (generation/ trans-
mission/ distribution), the system is managed and monitored with a combination of
(a) supervisory control and data acquisition (SCADA); and (b) energy management
systems (EMSs) that process the collected data and make control and actuation de-
cisions using the collected data. However, at all levels of the hierarchy, both SCADA
and EMSs are vulnerable to cyber attacks. Furthermore, given the criticality of the
electric power infrastructure, cyber attacks can have severe economic and social con-
sequences.
This thesis focuses on cyber attacks on SCADA and EMS at the transmission
level of the electric power system. The goal is to study the consequences of three
classes of cyber attacks that can change topology data. These classes include: (i)
unobservable state-preserving cyber attacks that only change the topology data; (ii)
unobservable state-and-topology cyber-physical attacks that change both states and
topology data to enable a coordinated physical and cyber attack; and (iii) topology-
targeted man-in-the-middle (MitM) communication attacks that alter topology data
shared during inter-EMS communication. Specically, attack class (i) and (ii) focus on
the unobservable attacks on single regional EMS while class (iii) focuses on the MitM
attacks on communication links between regional EMSs. For each class of attacks,
the theoretical attack model and the implementation of attacks are provided, and the
worst-case attack and its consequences are exhaustively studied. In particularly, for
class (ii), a two-stage optimization problem is introduced to study worst-case attacks
that can cause a physical line over
ow that is unobservable in the cyber layer. The long-term implication and the system anomalies are demonstrated via simulation.
For attack classes (i) and (ii), both mathematical and experimental analyses sug-
gest that these unobservable attacks can be limited or even detected with resiliency
mechanisms including load monitoring, anomalous re-dispatches checking, and his-
torical data comparison. For attack class (iii), countermeasures including anomalous
tie-line interchange verication, anomalous re-dispatch alarms, and external contin-
gency lists sharing are needed to thwart such attacks.
ContributorsZhang, Jiazi (Author) / Sankar, Lalitha (Thesis advisor) / Hedman, Kory (Committee member) / Kosut, Oliver (Committee member) / Arizona State University (Publisher)
Created2015