Cyberattacks Against Event-Based Analysis in Micro-PMUs: Attack Models and Counter Measures

Abstract

The recent advent of distribution-level phasor measurement units (D-PMUs), a.k.a., micro-PMUs, has introduced a wide range of new applications in power distribution systems. A sub-class of such emerging applications are called event-based methods. These methods focus on the analysis of events in the stream of micro-PMU measurements to achieve situational awareness, enhance load modeling, integrate distributed energy resources, etc. In this article, we explore a scenario, where a cyberattack compromises the micro-PMU measurements during an event. Such a targeted attack could be limited in scope but result in a major impact on the operation of the power grid by highly deviating the outcome of the event-based methods. First, we investigate and model two types of such attacks, event-unsynchronized (basic) attacks and event-synchronized (advanced) attacks. We then conduct a geometric analysis to understand each attack type, in a setting where the events are represented in the phasor domain in a differential mode . Next, we introduce a novel method to detect the presence of the attack and then identify which micro-PMUs are compromised so as to discard the compromised measurements as a defense mechanism. The proposed approach makes critical use of magnitude as well as phase angle measurements from micro-PMUs. The method is tested on the IEEE 33-bus power distribution test system.