Undetectable Timing-Attack on Linear State-Estimation by Using Rank-1 Approximation

Barreto, Sergio; Pignati, Marco; Dán, György; Boudec, Jean-Yves Le; Paolone, Mario

doi:10.1109/tsg.2016.2634124

Cited by 26 publications

(21 citation statements)

References 32 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is shown that a time-variable FDI is able to evade detection via existing detection methods [21]- [22]. Reference [23] considered the cyber-attacks on GPSsynchronized measurements, which gives the attackers the ability of creating time-variable FDIs simply by shifting the measurements in time. Time-varying FDI parameters were also considered in [13]- [14], where it is argued that once the attackers have accessed the system to impose constant FDIs, they can also impose time-variable FDIs with the same efforts and equipment.…”

Section: A Literature Reviewmentioning

confidence: 99%

Integration of Failure Detector in Bias Filter for Estimation of False Data Injection Cyberattacks

Langeroudi

Abdelaziz

2021

IEEE Access

View full text Add to dashboard Cite

In order to enable many of the required smart grid functionalities, distribution systems are becoming increasingly dependent on state estimators. Many cyber-attacks attempt false data injection (FDI) attacks on such state estimators. The majority of the existing literature deal with FDIs in distribution systems state estimation either by the analysis of the residual vector elements, or by the analysis of historical data. In this work, we adopt an alternative approach for the detection of FDIs in distribution system state estimation, wherein FDIs are modelled as measurement biases and a bias filter is employed for FDI detection. Additionally, in order to enable the detection of time-variable FDIs, a failure detector is integrated in the recursive formulation of the bias filter, which is based on the Kalman filter. The developed approach is accordingly capable of identifying time-varying FDIs, which can evade many of the existing FDI detection methods. Simulation case studies are performed on the IEEE 13-node and 123-node feeders with different FDIs and the performance of the proposed approach is analyzed. INDEX TERMS Distribution system online monitoring, false data injection, Kalman filter, state estimation NOMENCLATURE Acronyms CBF Constant bias filter DS Distribution system FDI False data injection KF Kalman filter mFDBF Modified failure-detector in bias filter PDF Probability distribution function rBDD Residual-based bad data detector SCADA Supervisory control and data acquisition SE State estimation WLS Weighted least squares Indices a, b, c Three phases (superscript) i, j, s DS node index (subscript) k Discrete time index (subscript) T Matrix transpose (superscript) Sets φ Set of nodes with power measurement ψ Set of nodes with voltage measurement Variables , Voltage magnitude and angle at node i phase p , Active and reactive power at node i phase p b Bias vector z Measurement vector x State vector ̂ State estimates at time k r Residual vector ω Measurement noise Functions and matrices h(x) Measurement function Hk Measurement function Jacobian G Estimation gain matrix R, Q Measurements and states covariance matrix

show abstract

Section: A Literature Reviewmentioning

confidence: 99%

Integration of Failure Detector in Bias Filter for Estimation of False Data Injection Cyberattacks

Langeroudi

Abdelaziz

2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…We now introduce the system model that is the same as in [8], [9], we present the attack model and we define rank-1 UTSAs.…”

Section: System and Attack Modelsmentioning

confidence: 99%

“…These are physical attacks that are neither prevented nor detected by the cryptographic tools used by the synchronization protocol. As a result, the phase of phasor measurements is shifted, which can non-negligibly impact the state estimation of the system, as it was shown in [8], [9].…”

Section: Introductionmentioning

confidence: 98%

“…In contrast, it is possible to remotely alter the time reference of PMUs via GPS spoofing [16] or with delay boxes [7], thus impacting several smart-grid applications, including the state estimation. The authors of [8] propose a strategy to compute undetectable timesynchronization attacks (UTSAs) against vulnerable pairs of PMUs, each measuring a single phasor. They also discuss how vulnerable pairs of PMUs can be targeted simultaneously in order to maximize an attack.…”

Section: Introductionmentioning

confidence: 99%

“…The attack strategies and vulnerability conditions proposed in [8] and [9] require that each offset alters a single PMU that measures a single phasor. Yet, PMUs are capable of measuring several phasors, and several PMUs can share the same time-reference.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Security Measures for Grids against Rank-1 Undetectable Time-Synchronization Attacks

Delcourt¹,

Boudec²

2020

Preprint

View full text Add to dashboard Cite

Time-synchronization attacks on phasor measurement units (PMU) pose a real threat to smart grids; it was shown that they are feasible in practice and that they can have a non-negligible negative impact on the state estimation, without triggering the baddata detection mechanisms. Previous works identified vulnerability conditions when targeted PMUs measure a single phasor. Yet, PMUs are capable of measuring several quantities. We present novel vulnerability conditions in the general case where PMUs measure any number of phasors and can share the same time reference. One is a sufficient condition that does not depend on the measurement values. We propose a security requirement that prevents it and provide an algorithm that enforces it. If this security requirement is satisfied, there is still a possibility that the grid can be attacked, although we conjecture that it is very unlikely. We identify two sufficient and necessary vulnerability conditions which depend on the measurement values. For each, we provide a metric that shows the distance between the observed and vulnerability conditions. We recommend their monitoring for security. Numerical results, on the IEEE-39 bus benchmark with real load profiles, show that the measurements of a grid satisfying our security requirement are far from vulnerable.

show abstract

Bi-level Adversary-Operator Cyberattack Framework and Algorithms for Transmission Networks in Smart Grids

Amini

Khazaei

Khezrimotlagh

et al. 2020

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

Undetectable Timing-Attack on Linear State-Estimation by Using Rank-1 Approximation

Cited by 26 publications

References 32 publications

Integration of Failure Detector in Bias Filter for Estimation of False Data Injection Cyberattacks

Integration of Failure Detector in Bias Filter for Estimation of False Data Injection Cyberattacks

Security Measures for Grids against Rank-1 Undetectable Time-Synchronization Attacks

Bi-level Adversary-Operator Cyberattack Framework and Algorithms for Transmission Networks in Smart Grids

Contact Info

Product

Resources

About