Investigation of False Data Injection Attacks: A Simulation Implementation and Classical Countermeasure Perspective

Abstract

State Estimation (SE) is used to derive accurate operating states from redundant field measurements, wherein Bad Data Detection (BDD) is used to eliminate measurement outliers. In the past decade, False Data Injection (FDI) attacks have attracted extensive attention, as they provide a strategy to introduce bias to SE results by maliciously modifying measurements in a way that can bypass BDD. Regrettably, although FDI attacks are plausible in math, whether they are feasible in practice has not been paid enough attention. This paper tries to give an answer by formulating three FDI attack vectors, each exploiting the vulnerability of a different communication protocol to achieve background reconnaissance and data tampering. Based on the proposed attack vectors, the path of launching FDI attacks in a concrete cyber environment and the corresponding defense countermeasures are analyzed through cyber-physical co-simulation. Case studies demonstrate that applying classical countermeasures, such as cryptographic techniques and access control policies, can effectively frustrate FDI attacks in the real world. Futhermore, it can be summarized from the experiments that attackers may leverage side-effects of defense countermeasures to mount more subtle attacks. It is essential to consider defending against cyber-physical attacks from an overall perspective in the future.