PhD defence of Mingqiu Du – Modeling and Detection of False Data Injection Attacks for State Estimation and Automatic Generation Control in Power Systems

Tuesday, January 16, 2024 14:00to16:00
McConnell Engineering Building Room 603, 3480 rue University, Montreal, QC, H3A 0E9, CA


Electricity is crucial for modern societies, necessitating stable and consistent power systems. In power systems, various communication protocols coexist, each designed for specific functions like state estimation (SE) or automatic generation control (AGC). SE can estimate the power states by eliminating inaccuracies and errors from measurement data, while AGC adjusts the power outputs of multiple generators in response to changes in the load. Given their reliance on measurement data, SE and AGC are vulnerable to cyber threats.

Among the array of conventional cyberattacks, such as replay attacks, denial of service attacks, and resonance attacks, the false data injection attacks (FDIAs) stand out. FDIA subtly injects misleading data, making it especially hard to detect compared to other attacks which may show obvious signs or require physical intrusions. This thesis, therefore, explores innovative approaches to both create and identify FDIA within the SE and AGC frameworks.

From the perspective of an intruder, we propose an FDIA model against alternating current SE. This model exploits the intrinsic load dynamics in ambient conditions and the properties of the Ornstein-Uhlenbeck (OU) process. Without the need for line parameters and by leveraging only limited data from phasor measurement units, the proposed method can target specific node voltage and launch large deviation attacks. Various tests on the IEEE 39-bus system validate that the proposed FDIA can effectively bypass bad data detection (BDD), launching targeted attacks with high probabilities.

Assuming the role of intruders, we introduce an innovative FDIA algorithm targeting AGC, which operates without requiring AGC parameters. We first utilize the maximum likelihood estimation (MLE) of the multivariate OU process to extract AGC parameters, topology details, and the conditional variance of states, purely from intercepted sensor data. With this information, FDIA vectors are designed through optimization to bypass conventional AGC BDD. Numerical assessments in 2-area and 3-area systems demonstrate the capability of the developed FDIA algorithm to compromise the system’s frequency within mere minutes, even when considering factors like measurement noise, transmission delay, and computational time.

While attack methods can be executed rapidly, spanning seconds to minutes, defense mechanisms in contrast require continuous 24/7 operation. To counter FDIAs aimed at AGC, we adopt a defender's perspective. We incorporate a more practical loading model characterized by its stochastic short-term behavior and deterministic long-term convergence. This allows us to represent the AGC system as a multivariate OU process enhanced with a drift term. We then derive the MLE for this OU process, eliminating the need for real-time load observability and forecast data, which may not be accurately observed or predicted in actual power systems. In simulations, the proposed detection method proves effective not just against basic FDIA but also against sophisticated coordinated attacks that could bypass traditional detectors.







Back to top