Prevention and Detection of Coordinated False Data Injection Attacks on Integrated Power and Gas Systems

Abstract

The growing reliance of integrated power and gas systems (IPGSs) on information and communication technology has left them prone to cyber-attacks. To protect IPGSs against such attacks, having comprehensive knowledge about possible attack strategies and their potential impacts is essential. On this basis, this paper (i) presents a new family of coordinated stealthy false data injection attacks (FDIAs) whose aims are to disconnect gas-fired power plants (GFPPs) by targeting IPGS measurements, (ii) develops a preventive defense strategy against the introduced family of attacks by improving the security of high-risk measurements, and (iii) proposes an online learning-based detection scheme using secured measurements. Initially, from an adversary point of view, a two-stage attack model is developed to construct the FDIA vector. In the first stage, power system measurements are manipulated to maximize the grid reliance on the targeted GFPPs, while bypassing bad data detection schemes. In the second stage, the measurements of gas networks (GNs) are falsified to portray a fake leakage, so forcing the operator to disconnect under-attack pipelines and interrupting the supply of fuel to targeted GFPPs. Each stage is formulated as an attacker-operator bi-level optimization problem, which is solved as mixed-integer linear programming (MILP) by converting the operator level to its corresponding Karush–Kuhn–Tucker (KKT) conditions. Afterwards, based on possible attack scenarios, high-risk measurements are identified to be secured as a preventive defense strategy. Finally, a multilayer perceptron (MLP) model is trained to detect cyber-attacks against IPGS. The performance of the proposed method is corroborated through simulations on IEEE 24-Bus 20-Node IPGS and IEEE 118-bus 135-node IPGS.