Decentralized Moving Target Defense for Microgrid Protection Against False-Data Injection Attacks

Abstract

This paper proposes the Decentralized Moving Target Defense via Data Replication (DMTDR) framework, which increases the security of microgrids by adding two layers of uncertainty that limit the success of false-data injection attacks. The DMTDR framework exploits the scalability and low cost of IoT devices to replicate relevant sensory and control signals, which are randomly transmitted through independent communication channels. Then, one of the transmitted replicas is randomly selected to reach its intended destinations. As opposed to most moving target defense (MTD) approaches found in the literature, the proposed DMTDR does not require central coordination but instead it can be applied to any monitoring or control device that utilizes a communication channel. Furthermore, the proposed approach does not deteriorate the system performance in normal operation. The theoretical foundations for the optimal allocation of replicas per signal are developed, and fundamental limits of uncertainties introduced by the framework are calculated. Moreover, taking advantage of the replicated information, a decentralized attack detection strategy is introduced, which is able to detect the presence of malicious data by only using local information without requiring the computation of any estimation model. The proposed framework is demonstrated on a test microgrid, where the data replication and random transmission are implemented on a WiFi network with IoT devices. The results show that the proposed framework considerably improves: i) security by limiting the impact of false-data injection attacks; ii) detectability by enabling the detection of stealthy attacks.