Abstract
It has recently been shown that state estimation (SE), which is the most important real-time function in modern energy management systems (EMSs), is vulnerable to false data injection attacks, due to the undetectability of those attacks using standard bad data detection techniques, which are typically based on normalized measurement residuals. Therefore, it is of the utmost importance to develop novel and efficient methods that are capable of detecting such malicious attacks. In this paper, we propose using the unscented Kalman filter (UKF) in conjunction with a weighted least square (WLS) based SE algorithm in real-time, to detect discrepancies between SV estimates and, as a consequence, to identify false data attacks. After an attack is detected and an appropriate alarm is raised, an operator can take actions to prevent or minimize the potential consequences. The proposed algorithm was successfully tested on benchmark IEEE 14-bus and 300-bus test systems, making it suitable for implementation in commercial EMS software.
Highlights
Due to the ever-increasing reliance on modern cyber infrastructures in power systems, cyber security has recently been considered to be among the most important issues in modern power systems
Supervisory control and data acquisition (SCADA) systems are vulnerable to attacks that are directed at data communication infrastructures and to those directed at control centers and even remote terminal units (RTUs)
We investigated the detection of false data injection (FDI) attacks by using a unscented Kalman filter (UKF) to predict and update SVs starting from the previously known state and compared them with the results acquired from a typically used weighted least square (WLS)-based State estimation (SE) algorithm
Summary
Due to the ever-increasing reliance on modern cyber infrastructures in power systems, cyber security has recently been considered to be among the most important issues in modern power systems. We investigated the detection of FDI attacks by using a UKF to predict and update SVs starting from the previously known state and compared them with the results acquired from a typically used WLS-based SE algorithm. The main contributions of the proposed method are as follows: À a derivation of the time-variant transition function (necessary for the UKF prediction step) by a combination of power flow equations with load/generation very short-term forecasts and generator schedules; ` false data detection using the normalized SV residuals obtained from WLS-based SE and UKF estimates, as well as the UKF state covariance matrix; ́ an analysis of the most critical scenario, where the attacker may gain access to the complete network model and set of measurements; ˆ the efficient synergy of WLS-based SE and UKF algorithms for the real-time (online) detection of FDI attacks. The algorithmic details of the UKF are provided in Appendix A
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
