Modeling and Mitigating Impact of False Data Injection Attacks on Automatic Generation Control

Rui Tan; Hoang Hai Nguyen; Eddy Y.S. Foo; David K.Y. Yau; Zbigniew Kalbarczyk; Ravishankar K. Iyer; Hoay Beng Gooi

doi:10.1109/TIFS.2017.2676721

Modeling and Mitigating Impact of False Data Injection Attacks on Automatic Generation Control

Rui Tan, Hoang Hai Nguyen, Eddy Y.S. Foo, David K.Y. Yau, Zbigniew Kalbarczyk, Ravishankar K. Iyer, Hoay Beng Gooi

Research output: Contribution to journal › Article › peer-review

Abstract

This paper studies the impact of false data injection (FDI) attacks on automatic generation control (AGC), a fundamental control system used in all power grids to maintain the grid frequency at a nominal value. Attacks on the sensor measurements for AGC can cause frequency excursion that triggers remedial actions, such as disconnecting customer loads or generators, leading to blackouts, and potentially costly equipment damage. We derive an attack impact model and analyze an optimal attack, consisting of a series of FDIs that minimizes the remaining time until the onset of disruptive remedial actions, leaving the shortest time for the grid to counteract. We show that, based on eavesdropped sensor data and a few feasible-to-obtain system constants, the attacker can learn the attack impact model and achieve the optimal attack in practice. This paper provides essential understanding on the limits of physical impact of the FDIs on power grids, and provides an analysis framework to guide the protection of sensor data links. For countermeasures, we develop efficient algorithms to detect the attack, estimate which sensor data links are under attack, and mitigate attack impact. Our analysis and algorithms are validated by experiments on a physical 16-bus power system test bed and extensive simulations based on a 37-bus power system model.

Original language	English (US)
Article number	7867825
Pages (from-to)	1609-1624
Number of pages	16
Journal	IEEE Transactions on Information Forensics and Security
Volume	12
Issue number	7
DOIs	https://doi.org/10.1109/TIFS.2017.2676721
State	Published - Jul 2017

Keywords

Power grid
automatic generation control
cyber security
false data injection

ASJC Scopus subject areas

Safety, Risk, Reliability and Quality
Computer Networks and Communications

Online availability

10.1109/TIFS.2017.2676721

Library availability

Discover UIUC Full Text

Cite this

@article{6a4b7d707ebc4d839dec77855d46e8cc,

title = "Modeling and Mitigating Impact of False Data Injection Attacks on Automatic Generation Control",

abstract = "This paper studies the impact of false data injection (FDI) attacks on automatic generation control (AGC), a fundamental control system used in all power grids to maintain the grid frequency at a nominal value. Attacks on the sensor measurements for AGC can cause frequency excursion that triggers remedial actions, such as disconnecting customer loads or generators, leading to blackouts, and potentially costly equipment damage. We derive an attack impact model and analyze an optimal attack, consisting of a series of FDIs that minimizes the remaining time until the onset of disruptive remedial actions, leaving the shortest time for the grid to counteract. We show that, based on eavesdropped sensor data and a few feasible-to-obtain system constants, the attacker can learn the attack impact model and achieve the optimal attack in practice. This paper provides essential understanding on the limits of physical impact of the FDIs on power grids, and provides an analysis framework to guide the protection of sensor data links. For countermeasures, we develop efficient algorithms to detect the attack, estimate which sensor data links are under attack, and mitigate attack impact. Our analysis and algorithms are validated by experiments on a physical 16-bus power system test bed and extensive simulations based on a 37-bus power system model.",

keywords = "Power grid, automatic generation control, cyber security, false data injection",

author = "Rui Tan and Nguyen, {Hoang Hai} and Foo, {Eddy Y.S.} and Yau, {David K.Y.} and Zbigniew Kalbarczyk and Iyer, {Ravishankar K.} and Gooi, {Hoay Beng}",

note = "Funding Information: This work was supported in part under the Energy Innovation Research Programme (EIRP, Award No. NRF2014EWTEIRP002-026) administrated by the Energy Market Authority (EMA) of Singapore, in part by a Start-up Grant at NTU, in part by the research grant for the Human-Centered Cyber-Physical Systems Programme at the Advanced Digital Sciences Center from Singapore's Agency for Science, Technology and Research, in part by U.S. Department of Energy under grant DOE-DE-OE0000780 (NETL), and in part by U.S. National Science Foundation under grant CNS 13-14891. The EIRP is a competitive grant call initiative driven by the Energy Innovation Programme Office, and funded by the National Research Foundation (NRF) of Singapore. Publisher Copyright: {\textcopyright} 2005-2012 IEEE.",

year = "2017",

month = jul,

doi = "10.1109/TIFS.2017.2676721",

language = "English (US)",

volume = "12",

pages = "1609--1624",

journal = "IEEE Transactions on Information Forensics and Security",

issn = "1556-6013",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

number = "7",

}

TY - JOUR

T1 - Modeling and Mitigating Impact of False Data Injection Attacks on Automatic Generation Control

AU - Tan, Rui

AU - Nguyen, Hoang Hai

AU - Foo, Eddy Y.S.

AU - Yau, David K.Y.

AU - Kalbarczyk, Zbigniew

AU - Iyer, Ravishankar K.

AU - Gooi, Hoay Beng

N1 - Funding Information: This work was supported in part under the Energy Innovation Research Programme (EIRP, Award No. NRF2014EWTEIRP002-026) administrated by the Energy Market Authority (EMA) of Singapore, in part by a Start-up Grant at NTU, in part by the research grant for the Human-Centered Cyber-Physical Systems Programme at the Advanced Digital Sciences Center from Singapore's Agency for Science, Technology and Research, in part by U.S. Department of Energy under grant DOE-DE-OE0000780 (NETL), and in part by U.S. National Science Foundation under grant CNS 13-14891. The EIRP is a competitive grant call initiative driven by the Energy Innovation Programme Office, and funded by the National Research Foundation (NRF) of Singapore. Publisher Copyright: © 2005-2012 IEEE.

PY - 2017/7

Y1 - 2017/7

N2 - This paper studies the impact of false data injection (FDI) attacks on automatic generation control (AGC), a fundamental control system used in all power grids to maintain the grid frequency at a nominal value. Attacks on the sensor measurements for AGC can cause frequency excursion that triggers remedial actions, such as disconnecting customer loads or generators, leading to blackouts, and potentially costly equipment damage. We derive an attack impact model and analyze an optimal attack, consisting of a series of FDIs that minimizes the remaining time until the onset of disruptive remedial actions, leaving the shortest time for the grid to counteract. We show that, based on eavesdropped sensor data and a few feasible-to-obtain system constants, the attacker can learn the attack impact model and achieve the optimal attack in practice. This paper provides essential understanding on the limits of physical impact of the FDIs on power grids, and provides an analysis framework to guide the protection of sensor data links. For countermeasures, we develop efficient algorithms to detect the attack, estimate which sensor data links are under attack, and mitigate attack impact. Our analysis and algorithms are validated by experiments on a physical 16-bus power system test bed and extensive simulations based on a 37-bus power system model.

AB - This paper studies the impact of false data injection (FDI) attacks on automatic generation control (AGC), a fundamental control system used in all power grids to maintain the grid frequency at a nominal value. Attacks on the sensor measurements for AGC can cause frequency excursion that triggers remedial actions, such as disconnecting customer loads or generators, leading to blackouts, and potentially costly equipment damage. We derive an attack impact model and analyze an optimal attack, consisting of a series of FDIs that minimizes the remaining time until the onset of disruptive remedial actions, leaving the shortest time for the grid to counteract. We show that, based on eavesdropped sensor data and a few feasible-to-obtain system constants, the attacker can learn the attack impact model and achieve the optimal attack in practice. This paper provides essential understanding on the limits of physical impact of the FDIs on power grids, and provides an analysis framework to guide the protection of sensor data links. For countermeasures, we develop efficient algorithms to detect the attack, estimate which sensor data links are under attack, and mitigate attack impact. Our analysis and algorithms are validated by experiments on a physical 16-bus power system test bed and extensive simulations based on a 37-bus power system model.

KW - Power grid

KW - automatic generation control

KW - cyber security

KW - false data injection

UR - http://www.scopus.com/inward/record.url?scp=85018790497&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85018790497&partnerID=8YFLogxK

U2 - 10.1109/TIFS.2017.2676721

DO - 10.1109/TIFS.2017.2676721

M3 - Article

AN - SCOPUS:85018790497

SN - 1556-6013

VL - 12

SP - 1609

EP - 1624

JO - IEEE Transactions on Information Forensics and Security

JF - IEEE Transactions on Information Forensics and Security

IS - 7

M1 - 7867825

ER -

Modeling and Mitigating Impact of False Data Injection Attacks on Automatic Generation Control

Abstract

Keywords

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this