Usame Sakkar Abdullah Alseraji

Department of Electrical Engineering Department of Electrical Engineering

Yildiz Technical University Yildiz Technical University
Istanbul/TURKEY Istanbul/TURKEY
[email protected] [email protected]

Abstract The recent integration of cyber and Discharging/charging rate of EV e of bus i.

communication systems into smart grids, among all its
advantages, has transformed the power grid into a cyber- The number of time intervals within one hour.
physical power system (CPPS) and introduced new cyber
vulnerabilities. Although challenges like voltage fluctuations and Power demand of load l of buses i in period t
topology architecture have a significant role on the resiliency of [kW].
conventional power grids, the resiliency of smart grids is mainly
dependent on withstanding high-impact low probability (HILP) Critical load, normal load coefficient for
events such as human-driven cyber-attacks; since cyber-attacks significance.
can mislead the conventional state estimators (SE) and due to
their widespread extreme harmful results Fals Data Injection Efficiency of EVS of bus i.
Attacks (FIDIAs) have gained an essential interest in literature
recently. Detection techniques, recovery schemes and restoration
approaches are trend research topics for the current literature
and need to be well-investigated. This paper explores an Variables
optimization-based restoration strategy following FDIA, Energy state of EV e in EVS at period t [kWh].
utilizing electric vehicles (EVs) and PV panels to facilitate the
restoration process. Charging power of EV e of at time t [kW].

Discharging power of EV g of at time t [kW].

Keywords smart grid, restoration, FDIA,
Total active power flow to substations from
NOMENCLATURE node i during period t [kW].
Active power supplied by generator at bus i
Sets and indices during period t [kW].

Index(set) of buses. Total power supplied by sources for bus i

during the outage period t.
Index(set) of time periods.
The power supplied by mobile generators for
Index(set) of electric vehicles. bus i during the outage period t.
Index(set) of loads. Power demand of critical load l of buses i
during period t[kW].
Index(set) of substation buses.
Power demand of load l of buses i during
period t [kW].
Parameters Arrival time of EV e.
Initial state-of-energy of the EVs e Outage event time.
participating in Vehicle-to-Grid at bus i[kWh].
Binary variable: 1 if EVS is discharging during
Total maximum state-of-energy capacity of the period t, 0 else by bus i,
EVs e at bus i[kWh].
else 0.
Total minimum state-of-energy of the EVs e
based on their battery storage systems at bus
i[kWh].
Maximum capacity limit at bus i connected to
mobile generators.

XXX-X-XXXX-XXXX-X/XX/$XX.00 ©20XX IEEE

 I. INTRODUCTION methods-based approaches are used to detect the presence of
FDIA. Reference [8] provides an unsupervised machine-
A. Motivation and Background
learning detection strategy for large scale smart grids. The
Modern power grids face complex power and cyber model is trained to differentiate actual faults from cyber-
challenges. False Data Injection Attacks are one of those attacks. The most popular choice in sequence modeling,
Recurrent Neural Network (RNN), has been used in [9] as a
can be overcome either by equipping the grid with the detection strategy, proposed with no labeled data
appropriate cyber protection or by detecting the attacks with requirements and demonstrated effective performance in
state estimators (SE). While Regular data follows established time-series forecasting. Upon detecting the location of the
physical laws, like Kirchhoff's law, compromised data does attack, a CNN-based multilabel classification model is
not adhere to these principles. To overcome these challenges, proposed in []. Recovery schemes provide an important
a need to modernize the Supervisory Control and Data mechanism for post-event actions. They are essential since
Acquisition (SCADA) systems deployed in the power grid they retrieve the pre-attacked measurements or their
has arisen. With the new, well-equipped, and high-tech respective predicted measurements after the attack. A
SCADA, Wide-area monitoring, effective control, and resilience-based recovery model based on a novel metric that
smooth information flow among control utilities are captures the resiliency against FDIA was demonstrated in [5].
achieved. The control center helps in determining the In [15] a novel iterative optimization-based method was
condition of the power network system using readings from introduced for restoring detected attacked grid variable
distributed meters and sensors across the network and values while minimizing changes to non-attacked ones.
collected by the (SCADA) system through communication Reference [2] provides a resilience-oriented optimization-
links [1], readings are used to estimate the system's states. based load restoration strategy is developed using Mixed
Since their vital role in actions made by the control center, it's Integer Linear Programming (MILP) while the rapid
of significance to keep the data unchanged for the safe restoration of critical loads is ensured.
operation of the power grid [2]. However, the recent rise of
cyber-attacks poses a significant threat to state estimation, C. Contributions and Organization of the Paper
primarily focusing on confidentiality, integrity, and This paper aims to give insights of cyber-attacks with a basic
availability. Attacks on availability aim to disrupt optimization-based restoration strategy to demonstrate
communication in the smart grid (also called denial-of- attacks effect on the grid operation. This study formulates a
service attacks). Attacks targeting integrity seek to illegally small-scale restoration strategy while also aims to shape a
disrupt data exchange, while attacks on confidentiality aim to cognitive background on the topic. The mathematical model
obtain unauthorized information from network resources [3]. proposed in this paper is formulated depending on a previous
In the literature, FDIAs are regarded as data integrity attacks literature work provided in
and are investigated from both the perspectives of an intruder
and a system operator. Although the disruptive severity of The study aims to prove the effectiveness of the proposed
these attacks depends mainly on the attacker's knowledge of load restoration strategy for the suggested model in
the power grid topology, the real-world examples of these particular, and for the power grid in general. The main
attacks have consistently demonstrated their harmful impact contribution of the study is to ensure the priority of critical
[2]. loads during the restoration process.
An example from which we can observe the effects of such
attacks is the cyber-attack done on the Ukrainian power grid The rest of this paper is organized as follows: Section II
in 2015 [4]. The attack affected about 200,000 customers of demonstrates methodology used for load restoration
the grid leaving them without electricity for up to 6 hours. In optimization with the mathematical models' equations
2019, a similar incident has also occurred in Venezuela provided. Section III provides the numerical results of the
affecting the control centers of their hydropower stations system. Section IV concludes the paper.
resulting in power outages in 18 states [5]. In 2010, an attack
targeting Iran's nuclear facilities resulted in blackouts for
hours [7]. And as early as 2003, an attack affected the
network of the Davis-Besse nuclear power plant located in
the United States [6] .
B. Related work
Cyber gaps in the smart grid need to be debugged as much as
possible so the best possible resilient smart grid model is
achieved. According to the National Infrastructure Advisory
Council (NIAC) infrastructure resilience is `the ability to
reduce the magnitude and/or duration of disruptive events.
The effectiveness of a resilient infrastructure depends on its
ability to anticipate, absorb, adapt to and/or rapidly recover
from a potentially disruptive event. For this definition,
research efforts on detection, recovery and restoration
strategies have been conducted. Supervised machine
learning, unsupervised machine learning and statistical
 II. METHODOLOGY loads power ( , ) can't exceed the total load
demand power ( , ).

(3)

3) Power Flow and Line Capacity Constraints

Two equations in this section are added to the system in this
section. Since power losses are neglected throughout the
model, power flowing into buses ( ) is equal to the total
active power supplied ( ), which has demonstrated in
equation (4).

(4)

Figure 1. System topology (5)

The study provides a Post FDIA restoration strategy taking

advantages of the available EVs and PVs. The mathematical 4) Grid Support Systems Constraints
formulation of the proposed optimization model is illustrated
in this section. The sample topology that was developed to All equations provided in this section are EV related
test the model's effectiveness is depicted in figure 1 grid, blue, equations.
orange and green circles, refer to the interconnected grid
network (Upstream grid), restoration-required loads, (6)
supporting EVs, PV panels and compromised bus
respectively.

A. Suggested Optimization model Equation (6) ensures power balance for the support systems.
1) Objective Function It states that the total power supplied equals the sum of all
To enhance the importance of considering critical loads while supplied power subtracted from the total charging power. The
restoration strategies, two main functions are defined. power supplied by mobile generators ( ), discharging
Regarding the first objective function, the objective is to power of EVs ( ) are subtracted from the total charging
maximize load restoration while considering two types:
power ( ) to calculate the total power supplied by
critical and normal loads. The second objective function's
objective is to maximize load restoration while neglecting sources ( ).
any priority among load types.
(7)
(1)
The above given equation (7) demonstrated that the
maximum power of mobile generators ( ) is limited
by their maximum capacity ( ) equation.

2) Power Balance Equations

As reactive power flow is neglected the active power flow (8)
balance is investigated in this section. Equation 2
demonstrates that the power supplied by PVs ( ) and the
total power supplied by sources ( ) equal the sum of the
(9)
total restoration-required loads ( ).

(2)

(10)
The Demand balance of the system is demonstrated in
equation (3). Sum of the Total restored loads in the system
can't exceed the load demand of the bus. Thus, total restored
Equalities (8-10) are regarding the energy state of the model's
EVs, equation (8) sets that the energy state of any EV,
connected to any bus is accepted to be initial ( ) when
outage time ( ) and vehicle arriving time ( ). Equation
(9) Demonstrates the energy state of any EV, connected to
any bus, at any time period ( ).
The 10th equation sets that the upper and the lower limits of
the energy state of the EVs ( ) are ( ), and
( ) respectively. The energy state level should adhere
to these limitations.

(21)

(32)

Equalities (10) and (11) are the final equations for the model Figure 2 Hourly solar production for all buses
and they define the required EVs logical constraints to
prevent a synchronous bi-directional transaction with the grid
during the attack. Due to the necessity of satisfying the
mathematical equation, the logical variable ( ) must be
one when the EV is discharging and zero otherwise, while
also upper bounding charging and discharging powers to the
rated maximum power of the EV .

(43)

III. TESTS AND ANTICIPATED RESULTS

1) Input data
To test the feasibility of equations introduced, the data set in Figure 3 Total hourly load consumption for all buses
Table 1 and Figures 2-4 were used. The equitions are tested
using GAMS.

Table 1 Used EV data

Figure 4 A breakdown of loads involved in each buse

2) Anticipated results

As there are two different objective functions, two different

anticipated results are expected, one for each. For the first
function the critical data has priority in the restoration process
resulting in a clear deviated load restoration balance among
normal and critical loads. For the second scenario, all loads
have the same priority thus, the restoration process will
continue with a full dependence on the feeding source's Large-Scale Smart Grids," in IEEE Access, vol. 7, pp.
energy state. 80778-80788, 2019.

[9] Q. Deng and J. Sun, "False Data Injection Attack

Detection in a Power Grid Using RNN," IECON 2018 - 44th
IV. CONCLUSION Annual Conference of the IEEE Industrial Electronics
This paper proposes a MILP model for an optimization-based Society, Washington, DC, USA, 2018.
restoration strategy after a false data intrusion attack. PV
mobile, generators and support systems are taken into [10] S. Wang, S. Bi and Y. -J. A. Zhang, "Locational
account in the model. The provided model has been tested Detection of the False Data Injection Attack in a Smart
with a scenario of 3 compromised buses connected to an Grid: A Multilabel Classification Approach," in IEEE
interconnected grid. The test results show the feasibility of a Internet of Things Journal, vol. 7, no. 9, pp. 8218-8227,
restoration model only utilizing EVs and PV panels Sept. 2020.
connected to the grid. Further research can be derived from
this paper to test the feasibility of this application monetarily. [11] Abolfazl Rahiminejad, Jordan Plotnek, Ribal Atallah,
Additionally, to apply such restoration method in the field, Marc-André Dubois, Dorian Malatrait, Mohsen Ghafouri,
regulation can be introduced to force EV manufacturers to Arash Mohammadi, Mourad Debbabi, A resilience-based
support V2G topologies. recovery scheme for smart grid restoration following
cyberattacks to substations, International Journal of
Electrical Power & Energy Systems, Volume 145, 2023.

[12] M. Asadi, J. Abouei, Z. HajiAkhondi-Meybodi, M.

REFERENCES
Mazidi and A. Mohammadi, "FDIA Detection through an
[1] T. Nguyen, S. Wang, M. Alhazmi, M. Nazemi, A. Adaptive Multi-Level Features Classification in Smart
Estebsari and P. Dehghanian, "Electric Power Grid Grids," 2020 IEEE International Conference on Systems,
Resilience to Cyber Adversaries: State of the Art," in IEEE Man, and Cybernetics (SMC), Toronto, ON, Canada, 2020.
Access, vol. 8, pp. 87592-87608, 2020,

[2] G. Wu, M. Li and Z. S. Li, "Resilience-Based Optimal "Resilience-Oriented Restoration Strategy of Networked
Recovery Strategy for Cyber Physical Power Systems Microgrids Considering Grid Topology Against Data
Considering Component Multistate Failures," in IEEE Intrusion Attacks," 2023 International Conference on Smart
Transactions on Reliability, vol. 70, no. 4, pp. 1510-1524, Energy Systems and Technologies (SEST), Mugla, Turkiye,
Dec. 2021. 2023.

[3] M. Esmalifalak, L. Liu, N. Nguyen, R. Zheng and Z.

Han, "Detecting Stealthy False Data Injection Using
Machine Learning in Smart Grid," in IEEE Systems Journal,
vol. 11, no. 3, pp. 1644-1652, Sept. 2017.

[4] X. Li and K. W. Hedman, "Enhancing Power System

Cyber-Security With Systematic Two-Stage Detection
Strategy," in IEEE Transactions on Power Systems, vol. 35,
no. 2, pp. 1549-1561, March 2020.

[5] X. Kong, Z. Lu, X. Guo, J. Zhang and H. Li, "Resilience

Evaluation of Cyber-Physical Power System Considering
Cyber Attacks," in IEEE Transactions on Reliability, vol.
73, no. 1, pp. 245-256, March 2024,

[6] G. Liang, J. Zhao, F. Luo, S. R. Weller, and Z. Yang

Dong, ``A review of false data injection attacks against
modern power systems,'' IEEE Trans. Smart Grid, vol. 8, no.
4, pp. 16301638, Jul. 2017.

[7] F. Wei, Z. Wan and H. He, "Cyber-Attack Recovery

Strategy for Smart Grid Based on Deep Reinforcement
Learning," in IEEE Transactions on Smart Grid, vol. 11, no.
3, pp. 2476-2486, May 2020.

[8] H. Karimipour, A. Dehghantanha, R. M. Parizi, K. -K.

R. Choo and H. Leung, "A Deep and Scalable Unsupervised
Machine Learning System for Cyber-Attack Detection in