Detection and Characterization of Intrusions to Network Parameter Data in Electric Power Systems

Abstract

Combating cyberattacks is an emerging challenge in maintaining the reliable and economic operation of electric power systems. Possible cyberattacks include intrusions to the parameter data at a control center. In this class of attacks, algorithms at the control center are correctly executed, but the attacker’s modification of the associated parameter data yields improper results. This paper proposes an algorithm for detecting and characterizing cyberattacks to network parameter data, with specific application to optimal power flow problems. The proposed algorithm evaluates whether historical operating point data are consistent with the network parameters. Inconsistencies indicating potential cyberattacks are characterized using historical operational data (power injections and voltage phasors) along with network parameter data. Simulated test cases illustrate the proposed algorithm’s detection and characterization capabilities.