Passivity-Based Robust Control Against Quantified False Data Injection Attacks in Cyber-Physical Systems

Building an efficient, green, and multifunctional smart grid cyber-physical system (CPS) while maintaining high reliability and security is an extremely challenging task, particularly in the ever-evolving cyber threat landscape. This challenge is also compounded by the increasing pervasiveness of information and communications technologies across the power infrastructure, as well as the growing availability of advanced hacking tools in the hacker community. One of the most critical security threats in smart grid CPSs lies in the high-profile false data injection (FDI) attacks, where attackers attempt to inject either fabricated measurement data to mislead power grid state estimation & bad data detection or tampered command data to misguide power management & control. Accordingly, FDI attacks can be subdivided into false measurement data injection (FmDI) attacks and false command data injection (FcDI) attacks, respectively. Detection techniques for FDI attacks have been a significant research focus for smart grid CPSs to withstand these security threats and further protect the power infrastructure. However, conventional state estimation based bad data detection approaches have been proved vulnerable to the evolving FDI attacks. To meet this gap, this thesis introduces four creative research works to analyze and detect FDI attacks in smart grid CPSs. First, a stochastic Petri net based analytical model is developed to evaluate and analyze the system reliability of smart grid CPSs, specifically against topology attacks with system countermeasures (i.e., intrusion detection systems and malfunction recovery techniques). Topology attacks are evolved from FmDI attacks, where attackers initialize FmDI attacks by tempering with both measurement data and grid topology information. This analytical model is featured by bolstering both transient and steady-state analysis of system reliability. Second, a distributed host-based collaborative detection scheme is proposed to detect FmDI attacks in smart grid CPSs. It is considered in this work that phasor measurement units (PMUs), deployed to measure the operating status of power grids, can be compromised by FmDI attackers. Trusted host monitors (HMs) are assigned to each PMU to monitor and assess PMUs’ behaviors. Neighboring HMs make use of the majority voting algorithm based on a set of predefined normal behavior rules to identify the existence of abnormal measurement data collected by PMUs. In addition, an innovative reputation system with an adaptive reputation updating algorithm is designed to evaluate the overall operating status of PMUs, by which FmDI attacks as well as the attackers can be distinctly observed. Third, a Dirichlet-based detection scheme for FcDI attacks in hierarchical smart grid CPSs are proposed. In the future hierarchical paradigm of a smart grid CPS, it is considered that the decentralized local agents (LAs) responsible for local management and control can be compromised by FcDI attackers. By issuing fake or biased commands, the…

False data injection (FDI) attacks, as a new class of cyberattacks, bring a severe threat to the security and reliable operation of the smart grid by damaging the state estimation of the power system. To address this issue, an extreme learning machine (ELM)-based one-class-one-network (OCON) framework is proposed for detecting the FDI attacks in this paper. Under this framework, to effectively detect bus-based FDI attacks and identify the bus node being attacked, the subnets of state identification layer in OCON adopt the ELM algorithm to accurately divide the false data and the normal data. After that, a global layer is employed to analyze whether the bus node associated with its corresponding subnet is attacked by false data utilizing the results from the state identification layer. Finally, in order to improve the resilience of the power system, a prediction recovery strategy is proposed to remedy the detected false data by exploiting the spatial correlation of power data. The proposed framework is tested on the IEEE 14 bus system using real load data from New York independent system operator. The simulation results demonstrate that the proposed framework not only accurately recognizes the multiple bus nodes under the FDI attacks but also efficiently recovers the data injected by false data.

False data injection (FDI) attacks are malicious insertions of false data as sensor measurements in a cyber-physical system, in order to lead the system to take a wrong action. False data injection attacks do not attack the computational or network components of cyber-physical systems but the interface between the physical and the cyber part. Such attacks are powerful and can have catastrophic results. Defense against them can be achieved by limiting the attack surface through vulnerability analysis of the cyber-physical system design and by monitoring system operation in the field with monitors that observe system parameters and sensor measurements and detect abnormal operation early. In this chapter, we describe promising techniques for vulnerability analysis and dynamic monitoring, based on efficient SMT solvers and Kalman filter techniques, respectively.

False data injection (FDI) attacks are crucial security threats to smart grid cyber-physical system (CPS), and could result in cataclysmic consequences to the entire power system. However, due to the high dependence on open information networking, countering FDI attacks is challenging in smart grid CPS. Most existing solutions are based on state estimation (SE) at the highly centralized control center; thus, computationally expensive. In addition, these solutions generally do not provide a high level of security assurance, as evidenced by recent work that smart FDI attackers with knowledge of system configurations can easily circumvent conventional SE-based false data detection mechanisms. In this paper, in order to address these challenges, a novel distributed host-based collaborative detection method is proposed. Specifically, in our approach, we use a conjunctive rule based majority voting algorithm to collaboratively detect false measurement data inserted by compromised phasor measurement units (PMUs). In addition, an innovative reputation system with an adaptive reputation updating algorithm is also designed to evaluate the overall running status of PMUs, by which FDI attacks can be distinctly observed. Extensive simulation experiments are conducted with real-time measurement data obtained from the PowerWorld simulator, and the numerical results fully demonstrate the effectiveness of our proposal.

Adjustable proportional-integral multivariable observer-based FDI attack dynamic reconstitution and secure control for cyber-physical systems

In this study, a co-design method of dual security control and communication is investigated for a nonlinear cyber–physical system (CPS) with an actuator fault and false data injection (FDI) attacks. First, under the discrete event trigger communication scheme, considering the different effects of actuator fault and FDI attacks on a double-end network, a dual security control strategy with active fault-tolerance and active–passive attack-tolerance is proposed. It can accommodate an actuator fault, actively compensate an actuator FDI attack, and passively resist a sensor FDI attack, respectively, thereby establishing a new dual security control framework with fault-tolerance and attack-tolerance. Moreover, the Takagi–Sugeno (T-S) fuzzy model for the nonlinear CPS is established under this framework. Second, by constructing an appropriate Lyapunov–Krasovskii functional and introducing the time-delay theory and the affine Bessel–Legendre inequality, lesser conservative design methods of a robust augmented observer for the estimation of the state, FDI attacks, and fault as well as a dual security controller are obtained. Finally, a classical quadruple-tank model is used to show the validity and feasibility of the proposed method.

This paper is concered with the nonlinear cyber physical system (CPS) with uncertain parameters under false data injection (FDI) attacks. The interval type-2 (IT2) fuzzy model is utilized to approximate the nonlinear system, then the nonlinear system can be represented as a convex combination of linear systems. To detect the FDI attacks, a novel robust fuzzy extended state observer with H <inf xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">∞</inf> preformance is proposed, where the fuzzy rules are utilized to the observer to estimate the FDI attacks. Utilizing the observation of the FDI attacks, a security control scheme is proposed in this paper, in which a compensator is designed to offset the FDI attacks. Simulation examples are given to illustrate the effecitveness of the proposed security scheme.

The integration of cyber (network) with physical world is a big step in cyber-physical systems. This has revolutionised many industries. But this transformation has made cyber-physical systems vulnerable to attacks. One particular type of attack is the adversarial false data injection which injects false data in either the sensor measurements or the corresponding communication channel. A better understanding of how false data injection (FDI) attacks are constructed is crucial for developing strategies to protect against such attacks. In this paper, we consider two models for networked control systems and present an algorithm for constructing FDI attacks in each case and compare with an existing approach. The conditions for the attack to remain stealthy for systems equipped with a χ 2 failure detector and the design of attack vectors that satisfy these conditions are discussed in detail. The algorithms are demonstrated by developing FDI attacks for two real-world examples.

False data injection attacks with complete stealthiness in cyber–physical systems: A self-generated approach

False data injection attacks are recently introduced as a class of cyber attacks against smart grid's monitoring systems. They aim to compromise the readings of grid sensors and phasor measurement units. Recent studies have shown that if the operator uses the DC, i.e., linear, state estimation to determine the current states of the power system, the attacker can adjust the attack vector such that the attack remains undetected and successfully passes the commonly used residue-based bad data detection tests. However, in this paper, we examine the possibility of implementing a false data injection attack when the operator uses the more practical AC, i.e., nonlinear, state estimation. We characterize such attacks when the attacker has perfect and imperfect knowledge of the current states of the system. To the best of our knowledge, this is the first paper to address false data injection attacks against non-linear state estimation.

The accelerated move toward the adoption of the Industrial Internet-of-Things (IIoT) paradigm has resulted in numerous shortcomings as far as security is concerned. One of the IIoT affecting critical security threats is what is termed as the false data injection (FDI) attack. The FDI attacks aim to mislead the industrial platforms by falsifying their sensor measurements. FDI attacks have successfully overcome the classical threat detection approaches. In this article, we present a novel method of FDI attack detection using autoencoders (AEs). We exploit the sensor data correlation in time and space, which in turn can help identify the falsified data. Moreover, the falsified data are cleaned using the denoising AEs (DAEs). Performance evaluation proves the success of our technique in detecting FDI attacks. It also significantly outperforms a support vector machine (SVM)-based approach used for the same purpose. The DAE data cleaning algorithm is also shown to be very effective in recovering clean data from corrupted (attacked) data.

Cyber-physical systems (CPSs) have been gaining popularity with their high potential in widespread applications, and the security of CPSs becomes a rigorous problem. In this paper, an output track control (OTC) method is designed for discrete-time linear time-invariant Gaussian systems. The output tracking error is regarded as an additional state, Kalman filter-based incremental state observer and LQG-based augmented state feedback control strategy are designed, and Euclidean-based detector is used for detecting the false data injection attacks. Stealthy false data attacks which can completely disrupt the normal operation of the OTC systems without being detected are injected into the sensor measurements and control commands, respectively. Three kinds of numerical examples are employed to illustrate the effectiveness of the designed false data injection attacks.

This paper investigated the co-design problem of less conservative integrated security control and communication for a nonlinear cyber-physical system (CPS) with an actuator fault and false data injection (FDI) attacks. Firstly, considering the efficient utilisation and allocation of computing and communication resources, an integrated framework was proposed from the perspective of active defence against FDI attacks. Secondly, the actuator fault and FDI attacks were augmented as a vector, and a robust observer was proposed to estimate the system state, actuator fault and FDI attacks. Furthermore, based on the obtained estimation results and the location of the FDI attack in the dual-end network, we designed an integrated security control strategy of active attack tolerance and active fault tolerance and, by constructing Lyapunov–Krasovskii functions and using time-delay system theory and the affine Bessel–Legendre inequality, a less conservative co-design method for integrated security control and network communication resource saving was developed. Finally, a simulation experiment of a quadruple tank was carried out to demonstrate the effectiveness of the proposed method.

Security control scheme for cyber-physical system with a complex network in physical layer against false data injection attacks

Design of False Data Injection Attacks in Cyber-Physical Systems