Unified Detection of Attacks Involving Injection of False Control Commands and Measurements in Transmission Systems of Smart Grids

Abstract

Transmission system operation and monitoring, in the context of smart grids, are heavily dependent on the correctness or aptness of supervisory control commands. These command channels are a part of the SCADA system, which is vulnerable to cyber-attacks. Maliciously injected commands can cause a wide range of issues including blackouts. However, the literature addressing this problem is limited. In order to fill this gap, a generalized framework is proposed to achieve simultaneous detection of attacks against various types of control devices/equipments used in transmission systems, even if they are carried out stealthily. First, generalized mathematical models of such stealthy attacks are presented. Then, based on these attack models, changes in the measurement covariance matrix that occur during an attack are exploited to formulate the proposed approach. We first mathematically characterize these changes using the eigenvectors and trace of the covariance matrix and then use them to develop a detection metric. It is observed that when the model of a false data injection (FDI) attack is considered, the developed detection metric is also capable of detecting such attacks. The algorithm that results from the detection metric is a generalized framework for detection of attacks against all types of transmission system controls and measurements. Moreover, the algorithm is non-iterative, computationally inexpensive, and independent of both the type of state estimation and communication technology used. The proposed algorithm is found to be effective, when tested on the IEEE 118-bus system.