Formulating false data injection cyberattacks on pumps’ flow rate resulting in cascading failures in smart water systems

Abstract

As digital interconnections of smart cities greatly enhance the quality of life for residents, they also introduce challenges related to cybersecurity that may adversely impact critical infrastructure. Smart cities must secure their critical infrastructures against cyberattacks. Water distribution is one of these infrastructures. In this paper, a bi-level optimization model is developed for cyberattacks that can result in physical consequence of multiple node failures in water networks. Unlike the existing research that considered random cyberattacks, the proposed cyber–physical attack model injects targeted false data into pumps’ measurements causing pressure head buildup in targeted nodes. In addition, the injected false data will ensure bypassing the existing water system’s state-estimation and bad data detection methods, a condition that was not considered in previously developed attacks. The findings indicate the minimum number of targeted pumps required to create the most severe cascading failures across the water network. The model will identify strategic pumps that are likely to be targeted by cyberattacks, and therefore should be given extra layers of protection by water authorities. • A cybersecurity attack model in water distribution systems is proposed. • Minimum false data is injected on pump’s measurements to increase nodal heads. • Attack model bypasses state estimation causing cascading failures in water systems. • A nonlinear bi-level optimization problem is developed as the cyberattack model.