Sparse Malicious False Data Injection Attacks and Defense Mechanisms in Smart Grids
Sparse Malicious False Data Injection Attacks and Defense Mechanisms in Smart Grids
I. I NTRODUCTION
consider false data injection attacks (FDIAs) against the supervisory control and data acquisition (SCADA) system in smart
grids.
A power grid transmission system is a sophisticated network
which connects a number of electric power generators to various consumers through extensive power lines. It is extremely
important to monitor the state of this complex system such that
various control and planning tasks can be performed and the
reliable operation of the power system is guaranteed. In power
systems, state estimation [4], [5] is used to estimate system state
variables through a number of power measurements and is a
useful and necessary function in energy management systems
(EMS).
The SCADA system obtains power status information such
as transmission line power flows, bus voltages, and also circuitbraker signals through remote terminal units (RTUs). These
measurements are then used for the state estimation process
in EMS, which builds real-time electricity network models. In
smart grids, the complex network connections as well as the
Internet make SCADA systems susceptible to potential FDIAs,
in which adversaries aim to contaminate the measurements
collected from RTUs and bias the state estimation at the transmission level to mislead the operation of the power system.
Fig. 1 presents a block diagram of the power grid, communication network, SCADA, and control center. It is critically
important to understand the behavior of adversaries so that
appropriate countermeasures can be designed to either protect
the system from attacks beforehand or identify the malicious
false data injections in the measurements.
Recently, the problem of FDIAs as well as countermeasures
has attracted a lot of attention among researchers. False data
in state estimation were first discussed by Schweppe et al. in
their pioneering work about state estimation [6]. It was not well
researched until Liu et al. [7] proposed that if adversaries possess the knowledge of power grid topology, they may inject
coordinated data attacks, which could evade detection by the
bad data detection (BDD) system in state estimator. Based on
this strategy, plenty of efforts have been made to design effective attack algorithms and the corresponding countermeasures,
such as [8][11].
Adversaries may launch attacks through hacking RTUs such
as sensors in substations. In consideration of the accessibility
of RTUs and also hacking cost, attackers always tend to control only a few RTUs to implement a successful attack [7].
Kim and Poor [8] developed a general optimization frameworkbased formulation for constructing sparse attack vectors when
a subset of measurements is protected, while Ozay et al. [12]
1551-3203 2015 IEEE. Translations and content mining are permitted for academic research only. Personal use is also permitted, but republication/redistribution
requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
HAO et al.: SPARSE MALICIOUS FDIAS AND DEFENSE MECHANISMS IN SMART GRIDS
1199
1200
A. State Estimation
The state estimation problem is to use power measurements
to timely estimate the state of the power system. Specifically,
power system state refers to bus voltage angles and bus voltage magnitudes V . In the linearized dc power flow model [4
Ch. 2], bus magnitudes are assumed already known and are
all close to unity. Additionally, phase angle at reference bus
is set to zero radians; thus, estimation of only n bus voltage
T
angles [1 , 2 , . . . , n ] is required. The measurements have the
following relationship with the state variables:
z = H + e
(1)
(2)
(3)
(4)
Bad data in measurements can lead to incorrect state estimation and cause severe outcomes. Traditional methods to detect
bad data are mostly based on the residue test. The residue vector
r refers to the difference between the obtained measurements
and the computed value from the estimated state
r = z H.
(5)
For example, the largest normalized residue (LNR) test identifies bad data if the absolute value of the largest element in r is
larger than a certain threshold , i.e., maxi |ri | > .
However, carefully designed malicious data attacks can
bypass residue-based BDD. If attackers have knowledge about
the power grid topology information, or H, they can inject
stealth attacks by constructing the attack vector such that [7]
a = Hc.
(6)
(7)
HAO et al.: SPARSE MALICIOUS FDIAS AND DEFENSE MECHANISMS IN SMART GRIDS
(8)
(9)
(10)
(12)
1201
(13)
C
where = max(u)
.
Algorithm 1 concludes the whole process of attack vector
construction. It is notable that threshold t should be carefully
chosen in the consideration of both sparsity and evading BDD.
A higher t can generate a sparser attack vector but also increase
the possibility of being detected. It is also notable that if the
noise is not zero-mean, the threshold t is chosen according
to the tolerable noise range. Since the measurement noise follows N (0, 2 ), it is assumed that all noise variables are within
the range of [3, 3] (otherwise it will be identified as bad
data). Thus, threshold t should not exceed 3. The following
proposition can assist in choosing threshold t.
3 t
1
Pl (t) =
1 + erf
(14)
2
2
where erf() refers to the Gauss error function and is the
standard deviation of the Gaussian measurement noise.
Proof: Since the vector u is selected form Null(B), it
satisfies u = Hc, where c Rn . Let a = St (u) = u ut .
The residual vector r when attack a is injected into system is
calculated as
r = za Ha = z + a + eHK(z + a + e)
= Hx + Hc ut + e H(KHx + KHc Kut + Ke)
= Hx + Hc ut + e Hx Hc + HKut HKe
= (I HK)(e ut ).
(15)
1202
s.t. BI Hc = y
Hp c = 0
(20)
B. Targeted Attacks
In practice, adversaries may intend to modify specific state
variables. In this case, the amounts in the targeted subset in the
vector c are fixed. Sparse attack vector construction methods
for targeted attacks have been extensively explored in the literature, e.g., [7], [8], and [12]. Additionally, certain measurements
may be protected, and adversaries would not be able to compromise these secured measurements. It is notable that protecting
all measurements may not be feasible due to the high cost.
Therefore, sparse attack vectors need to be carefully designed
to contaminate specific state variables without compromising
those protected measurements.
Let I denote the indices of state variables that are specifically attacked. I is the complementary set of I and denotes the
indices of state variables that can be arbitrarily chosen to launch
targeted attacks. Measurements Jacobian H is [h1 , h2 , . . . , hn ]
where hi denotes the ith column vector of H. A stealth attack
vector a can then be written as
hi ci +
hj cj .
(17)
a = Hc =
iI
jI
(19)
s.t.BI Hc = y
(21)
HP c = 0.
If the protection set P is properly chosen, specific targeted
attack vectors would not exist. Namely, (21) would have no
solutions. Giving specified vector cI , which is the targeted
subset vector of c, the straightforward method is to protect
all measurements in the set corresponding to all nonzero elements in a that a = HI cI . In this way, it probably requires
a large number of measurements to be protected since a may
not be desirably sparse. Finding or computing the smallest protection set that can prevent targeted attacks is difficult. The
brute-force search method, which is discussed in [18], can guarantee finding the smallest possible sets. However, this method
is extremely complex and not feasible in practice.
When a certain measurement is secured, attackers need to
compromise more measurements or inject extra errors into the
rest of the measurements to launch targeted attacks. From (17),
we have
a = Hc = b + HI cI
(22)
where b represents predesired injections. It is obvious that protecting certain measurements can always be more effective than
HAO et al.: SPARSE MALICIOUS FDIAS AND DEFENSE MECHANISMS IN SMART GRIDS
others. For example, it is more important to secure the measurements corresponding to the nonzero elements in b than others.
If a subset P of the total measurements is protected, we have
aP = bP + HP
=0
cI
I
bP =
HP
.
cI
I
(23)
(24)
If the rank of HP
is smaller than protection size |P|, and the
I
augmented
matrix
with vector
PbP can increase the rank, namely
=
rank
HI + 1, then cI satisfying (24)
|b
rank HP
P
I
does not exist, indicating that the system is successfully protected from targeted attacks with b. Otherwise, when
PvectorbP
cannot increase the rank of matrix HP
,
i.e.,
rank
HI |bP =
I
,
there
exist
solutions
of
c
,
which
means that
rank HP
I
I
adversaries can still find attack vectors to launch targeted
attacks. The problem is then to find the best solution to obtain
highly sparse a. It is known from (22) that making a certain subset P of the measurements immune to attacks can result in an
attack vector a which contaminates more state variables. This
makes the attacks more difficult to be accomplished. Therefore,
it can be deduced that protecting certain measurement would
result in a larger a1 value than that of protecting another
measurement. Protecting these measurements would be more
effective than others and these measurements can be regarded
as critical measurements to targeted attacks. Based on this idea,
giving specified targeted state bias vector cI , we can design a
greedy method to search a small subset of these measurements
to be protected to defend from targeted attacks.
Algorithm 2 presents the greedy search method to find a
small protection subset of measurements with the knowledge of
existing protection set and targeted vector cI . At each iteration,
the algorithm assume that one more measurement is protected
and check the feasibility of constructing attack vector a. If the
stealth attack vector exists when every measurement is protected one by one, the algorithm increases the protection set by
selecting the most important measurement, which leads to the
largest value of a1 when it is protected. The selection process
continues until stealth targeted attack vector does not exist.
Algorithm 2. Greedy subset searching Algorithm
Input: H, I, cI , P.
1 T
Initialize: BI = HI HTI HI
HI I, y = BI HI cI ,
P = P, k = 1, Pk = P .
Iteration: At the k-th iteration:
Compute the complementary
set P of P .
For i = 1 : P
Put the i-th entry in P into Pk : Pk = P Pi .
Checking the feasibility of finding c from equation (21).
If feasible
Compute i = Hc1 .
else
P = Pk ; Quit the iteration.
end
end
Find index i such that i has the largest value.
Update set P = P Pi .
Output: P .
1203
k (k 1)
.
2
(25)
(26)
1204
(27)
where has the same value as in the projection set and infinite outside set , and the soft thresholding operation T (aij )
is defined as
T (aij , ) = sign (aij ) max {|aij | , 0} .
)1 +
Y, H +
L (Z, A, Y,) = Z + T (A,
2
H2
2
(31)
where
denotes the Frobenius
product, H = Za Z A
and > 0. can be set to m/ ||. We further define the
singular-value thresholding operation as
D (X, ) = UT (, ) VT
where is the threshold and X = UVT . It is notable that
ADMM updates Z, A, Y separately only once in each iteration,
so it is efficient. The convergence of the whole algorithm is analyzed in
[32], which states that the condition for convergence
requires 1 1
k = + where k denotes the value of in
the kth iteration. The whole process of solving (29) is shown in
Algorithm 4.
Algorithm 4. RPCA with entry wise constraints
Input: Zpa =P (Za ) RmT , RmT , .
Initialize Z = 0, A = 0, Y = 0, > 0, > 1, k = 0.
while not converged
1) Update the value of low rank matrix
Zk+1 :
1
Yk
p
Zk+1 = D Za Ak + k , k .
2) Compute the value of sparse matrix
Ak+1 by minimizing:
Yk
A (Zpa Zk )F .
3) Update the Lagrange
multiplier Y:
Yk+1 = Yk + k Zpa Zk+1 Ak+1 .
4) Update k+1 = k .
5) Update k = k + 1.
end while
Return Z, A =T (A, ).
Output Z, A.
(28)
s.t. Za = Z + A
multipliers (ADMM) algorithm [32], is used to solve the problem defined by (29). The Lagrangian corresponding to this
problem is
(30)
It is notable that when incomplete measurements are collected, Algorithm 4 will take the missing data to be sparse
anomalies and it can also recover the low-rank true measurement matrix and sparse anomaly matrix. However, the recovery
accuracy would be impacted as the sparsity is changed. The
recovered sparse attack matrix can ignore those injected data
outside the observation set. Thus, it is more difficult to identify
all malicious attacks with partial observations.
HAO et al.: SPARSE MALICIOUS FDIAS AND DEFENSE MECHANISMS IN SMART GRIDS
1205
Fig. 2. Probabilities of successful attack injections (a) under different SNRs for IEEE-57 bus system, SR is 0.4; (b) for different bus systems, SR is 0.4 and
SNR = 10 dB; (c) for different SRs in IEEE-57 bus system, SNR = 10 dB. (c) This figure utilizes random columns in Null(B) rather than that with largest
variance.
a basis matrix of Null(B) rather than that with the largest variance. The results imply that using randomly chosen columns
can also successfully inject undetectable attacks with high
probabilities.
It is known that stealth attacks having m n nonzero entries
can always be found. In IEEE 57-bus system, this figure is 80,
for which the SR is about 59%. However, by using Algorithm
1, there is still a high probability that attackers can inject undetectable attacks with SRs lower than 59%. Even for an attack
with SR lower than 0.05, the success rate is still around 80%
when the SNR is 10 dB and ALR is 0.5.
Targeted attack construction method in (20) is assessed under
different attack conditions in which different percentage of
total state variables are assumed to be modified. The targeted
set is randomly selected and the protected measurement is
1206
Fig. 4. Number of protected measurements to protect every single state variable from being targeted. (a) IEEE-9 bus system. (b) IEEE-14 bus system.
TABLE II
N UMBER OF T ESTING T IMES FOR T WO A LGORITHMS TO F IND P ROTECTION S UBSETS
39-bus system when a small number of state variables are targeted. The figure also shows that in some cases, SR of attacks
are 0. They correspond to the cases that: for certain targeted
set of state variables, no feasible attack vectors exist when the
pth measurement is protected. Therefore, it implies that when
certain carefully selected measurements are protected, attackers
may not be able to inject targeted attacks.
B. Performance of Strategic Protection
HAO et al.: SPARSE MALICIOUS FDIAS AND DEFENSE MECHANISMS IN SMART GRIDS
1207
Fig. 6. Probabilities of successful attack injections (a) under different SNRs for IEEE-57 bus system, ALR is 0.5; (b) for different bus systems, ALR is 0.5 and
SNR = 10 dB; and (c) for different ALRs for IEEE-57 bus system, SNR = 10 dB.
C. Performance of Detection
The performance of the detection algorithm is tested on IEEE
14-bus system and IEEE 57-bus system. The malicious attack
vectors are constructed using our proposed Algorithm 1. In
order to obtain sparsity in the rows of the attack block matrix,
different column vectors in the null space in Algorithm 1 are
utilized. The SR of the attacks is chosen as 15%. In Fig. 6(c),
it is shown that when SR = 0.15, traditional residual testingbased algorithms will not be able to detect those attacks. Thus,
in the simulation, the algorithm is not compared with traditional
methods. Additionally, recently proposed algorithms such as
[23] do not deal with partial observations. These algorithms
do not address the problem of error contaminated measurements as well. The detection method discussed in this paper
addresses both problems. Most importantly, it can not only
detect anomalies but also recover the true measurements from
partial-contaminated observations.
We use the false alarm rate (FAR) which is the probability
of positive alarm when there are no attacks. The noise performance of the algorithm compared to RPCA with Frobenius
constraints in (27) has been extensively studied in [31]. In this
VII. C ONCLUSION
In this paper, we looked into the problem of malicious
FDIAs in power grid state estimation. We proposed stealth
attack construction strategies for different scenarios and also
introduced the countermeasures. It is shown that our proposed
random attack construction algorithm can generate extremely
sparse attack vectors. These optimal or quasi-optimal attacks
can be achieved with high probability of success. The targeted undetectable attacks are obtained based on a optimization
framework. The results show that attack vectors in this scenario
cannot be extremely sparse, which is also discussed in literature. An efficient protection scheme is proposed in this paper
to find an effective measurement protection subset to defend
1208
from the stealth attacks. The simulation results reveal that this
subset searching algorithm can find a subset with almost the
same size as that from the brute-force method. Additionally, a
detection algorithm is introduced to detect the stealth attacks as
well as other false data. This algorithm considers the case in
which only partial measurements are collected in the presence
of noise. The performance is demonstrated via the simulation
results based on IEEE test power systems.
ACKNOWLEDGMENT
The authors would like to thank their colleagues at Toshiba
Research Europe Ltd., for the fruitful discussions and the
support of its directors.
R EFERENCES
[1] X. Fang, S. Misra, G. Xue, and D. Yang, Smart gridThe new and
improved power grid: A survey, IEEE Commun. Surv. Tuts., vol. 14,
no. 4, pp. 944980, Oct. 2012.
[2] W. Wang and Z. Lu, Cyber security in the smart grid: Survey and
challenges, Comput. Netw., vol. 57, nos. 5 and 7, pp. 13441371, Apr.
2013.
[3] D. B. Rawat and C. Bajracharya, Cyber security for smart grid systems:
Status, challenges and perspectives, in Proc. SoutheastCon, Apr. 2015,
pp. 16.
[4] A. Abur and A. G. Expsito, Power System State Estimation Theory and
Implementation. Boca Raton, FL, USA: CRC Press, Mar. 24, 2004.
[5] A. Monticelli, Electric power system state estimation, Proc. IEEE,
vol. 88, no. 2, pp. 262282, Feb. 2000.
[6] F. C. Schweppe, J. Wildes, and D. P. Rom, Power system static state
estimation, parts I, II, III, IEEE Trans. Power App. Syst., vol. PAS-89,
pp. 120135, Jan. 1970.
[7] Y. Liu, P. Ning, and M. K. Reiter, False data injection attacks against
state estimation in electric power grids, in Proc. ACM Conf. Comput.
Commun. Sec., 2009, pp. 2132.
[8] T. T. Kim and H. V. Poor, Strategic protection against data injection
attacks on power grids, IEEE Trans. Smart Grid, vol. 2, no. 2, pp. 326
333, Jun. 2011.
[9] Z. Yu and W. Chin, Blind false data injection attack using PCA approximation method in smart grid, IEEE Trans. Smart Grid, vol. 6, no. 3,
pp. 12191226, May 2015.
[10] Y. Li and Y. Wang, State summation for detecting false data attack on
smart grid, Int. J. Elect. Power Energy Syst., vol. 57, pp. 156163, May
2014.
[11] L. Liu, M. Esmalifalak, and Z. Han, Detection of false data injection in
power grid exploiting low rank and sparsity, in Proc. IEEE Int. Conf.
Commun. (ICC), Jun. 913, 2013, pp. 44614465.
[12] M. Ozay, I. Esnaola, F. T. Y. Vural, S. R. Kulkarni, and H. V. Poor,
Sparse attack construction and state estimation in the smart grid:
Centralized and distributed models, IEEE J. Sel. Areas Commun.,
vol. 31, no. 7, pp. 13061318, Jul. 2013.
[13] H. Sandberg, A. Teixeira, and K. H. Johansson, On security indices
for state estimators in power networks, in Proc. 1st Workshop Secure
Control Syst. (CPSWEEK10), 2010.
[14] O. Kosut, L. Jia, R. J. Thomas, and L. Tong, Malicious data attacks on
the smart grid, IEEE Trans. Smart Grid, vol. 2, no. 4, pp. 645658, Dec.
2011.
[15] M. A. Rahman and H. Mohsenian-Rad, False data injection attacks with
incomplete information against smart power grids, in Proc. IEEE Global
Commun. Conf. (GLOBECOM), Dec. 37, 2012, pp. 31533158.
[16] Y. Huang et al., Bad data injection in smart grid: attack and defense
mechanisms, IEEE Commun. Mag., vol. 51, no. 1, pp. 2733, Jan. 2013.
[17] H. Zhang, P. Cheng, J. Wu, L. Shi, and J. Chen, Online deception attack
against remote state estimation, in Proc. World Congr. Int. Fed. Autom.
Control (IFAC), 2014, pp. 128133.
[18] R. B. Bobba, K. M. Rogers, Q. Wang, H. Khurana, K. Nahrstedt, and
T. J. Overbye, Detecting false data injection attacks on dc state estimation, in Preprints 1st Workshop Secure Control Syst. (CPSWEEK10),
2010, pp. 19.
[19] G. Dn and H. Sandberg, Stealth attacks and protection schemes for
state estimators in power systems, Proc. 1st IEEE Int. Conf. Smart Grid
Commun. (SmartGridComm), pp. 214219, 46 Oct. 2010.
[20] M. Gol and A. Abur, PMU placement for robust state estimation, in
Proc. North Amer. Power Symp. (NAPS), Sep. 2224, 2013, pp. 15.
[21] E. Handschin, F. C. Schweppe, J. Kohlas, and A. Fiechter, Bad data analysis for power system state estimation, IEEE Trans. Power App. Syst.,
vol. 94, no. 2, pp. 329337, Mar. 1975.
[22] S. Cui, Z. Han, S. Kar, T. T. Kim, H. V. Poor, and A. Tajer, Coordinated
data-injection attack and detection in the smart grid: A detailed look at
enriching detection solutions, IEEE Signal Process. Mag., vol. 29, no. 5,
pp. 106115, Sep. 2012.
[23] M. Esmalifalak, N. T. Nguyen, R. Zheng, and Z. Han, Detecting stealthy
false data injection using machine learning in smart grid, in Proc. IEEE
Global Commun. Conf. (GLOBECOM), Dec. 913, 2013, pp. 808813.
[24] S. Bi and Y. J. Zhang, Graphical methods for defense against false-data
injection attacks on power system state estimation, IEEE Trans. Smart
Grid, vol. 5, no. 3, pp. 12161227, May 2014.
[25] J. Hao, R. J. Piechocki, D. Kalesh, W. H. Chin, and Z. Fan, Optimal
malicious attack construction and robust detection in smart grid cyber
security analysis, in Proc. IEEE Int. Conf. Smart Grid Commun.
SmartGridComm), Nov. 36, 2014, pp. 836841.
[26] R. D. Zimmerman, C. E. Murillo-Sanchez, and R. J. Thomas, Matpower:
Steady-state operations, planning and analysis tools for power systems
research and education, IEEE Trans. Power Syst., vol. 26, no. 1, pp. 12
19, Feb. 2011.
[27] Z. Wang, A. Scaglione, and R. J. Thomas, Generating statistically correct random topologies for testing smart grid communication and control
networks, IEEE Trans. Smart Grid, vol. 1, no. 1, pp. 2839, Jun. 2010.
[28] E. J. Candes and M. B. Wakin, An introduction to compressive sampling, IEEE Signal Process. Mag., vol. 25, no. 2, pp. 2130, Mar.
2008.
[29] E. J. Cands, X. Li, Y. Ma, and J. Wright, Robust principal component
analysis? J. ACM, vol. 58, no. 3, pp. 11:111:37, Jun. 2011.
[30] E. Cands and B. Recht, Exact matrix completion via convex optimization, Commun. ACM, vol. 55, no. 6, pp. 111119, Jun. 2012.
[31] R. Paffenroth, P. du Toit, R. Nong, L. Scharf, A. P. Jayasumana, and
V. Bandara, Space-time signal processing for distributed pattern detection in sensor networks, IEEE J. Sel. Topics Signal Process., vol. 7, no. 1,
pp. 3849, Feb. 2013.
[32] S. Boyd, N. Parikh, E. Chu, B. Peleato, and J. Eckstein, Distributed optimization and statistical learning via the alternating direction method of
multipliers, Found. Trends Mach. Learn., vol. 3, no. 1, pp. 1122, Jan.
2011.
[33] R. Christie, Power Systems test case archive, dept. Elect. Eng.,
Univ. Washington, Seattle, WA, USA, Apr. 2000 [Online]. Available:
http://www.ee.washington.edu/research/pstca/
[34] M. Grant and S. Boyd. (2013, Sep.). CVX: Matlab Software for
Disciplined Convex Programming [Online]. Available: http://cvxr.
com/cvx
Jinping Hao (S13) received the B.Eng. degree
in electronic and information engineering from the
Huazhong University of Science and Technology,
Wuhan, China, in 2010; the B.Eng. degree (first
class Hons.) in electronic and communication
engineering from the University of Birmingham,
Birmingham, U.K., in 2010; and the M.Sc. degree
(with Distinction) in wireless communication and signal processing from the University of Bristol, Bristol,
U.K., in 2011. He is currently pursuing the Ph.D.
degree in electrical and electronic engineering at the
University of Bristol.
His research interests include sparse signal processing, optimization
techiniques for wireless communications, and smart grids.
Robert J. Piechocki (M06) received the M.Sc.
degree (with Distinction) in wireless communications systems from the Technical University of
Wroclaw, Wroclaw, Poland, in 1997, and the Ph.D.
degree in wireless communications systems from the
University of Bristol, Bristol, U.K., in 2002.
He is currently a Senior Lecturer with
Advanced Wireless Access, and a Member of
the Communications Systems and Networks Group,
University of Bristol. He has authored over 100
papers in international journals and conferences, and
holds 13 patents in these areas. His research interests include statistical signal
processing, information and communication theory, wireless networking,
body and ad hoc networks, ultra low power communications, and vehicular
communications.
HAO et al.: SPARSE MALICIOUS FDIAS AND DEFENSE MECHANISMS IN SMART GRIDS
1209