Translate 
Abstract
Phasor Measurement Units (PMUs) are critical devices in modern power grids, providing precise voltage and current phasor measurements (synchrophasors) for real-time monitoring, fault detection, and stability assessment. While previous research suggested that arbitrary time manipulation through GPS spoofing could disrupt grid operations, our study reveals that successful attacks require specific conditions, contrary to earlier assumptions. Through careful analysis of the synchrophasor data specification (IEEE Standard C37.118.x), we demonstrate that arbitrary time manipulation does not directly lead to phase manipulation. Instead, arbitrary manipulations can cause GPS holdover (loss of lock), alert operators with erroneous timing, and ultimately invalidate the received synchrophasors. An experiment with a commercial PMU confirms our specification analysis. We identify the time spoofing conditions to avoid GPS holdover and discover that nanosecond-scale signal alignment (approximately 375 ns error) and gradual time manipulation (around 50 ns/s error) are required. Experiments on a commercial Wide Area Monitoring System (WAMS) testbed demonstrate that GPS spoofing meeting the identified criteria results in a 500-microsecond time error (10.8-degree phase error) after 12 hours without triggering alarms. Given that a 60-degree phase variation is considered a fault, triggering protection mechanisms, this GPS spoofing technique could potentially induce false faults within 70 hours. To counter this threat, we propose a practical method to distinguish GPS spoofing-induced false faults from actual faults caused by events like lightning strikes or ground shorts. Analysis of 10 real-world incidents from the past six months demonstrates that genuine faults consistently exhibit instantaneous phase variations within three electrical cycles, providing a basis for differentiation.
Published Version
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
