|Title||Cyber security analysis of state estimators in electric power systems|
|Publication Type||Conference Paper|
|Year of Publication||2010|
|Authors||Teixeira, A.., S.. Amin, H.. Sandberg, K.. H. Johansson, and S.. S. Sastry|
|Conference Name||49th IEEE Conference on Decision and Control (CDC)|
|Keywords||bad data detection, BDD scheme, Boolean functions, Convergence, critical infrastructure system, critical state-estimation component, cyber attack, cyber security analysis, Data structures, deception attack, electric power system, Equations, intelligent attacker, linear state estimator, Mathematical model, measurement redundancy, Measurement uncertainty, nonlinear estimation, nonlinear estimator, power engineering computing, power grid, Power grids, power system control, power system reliability, power system security, random outlier detection, reliable operation, safe operation, SCADA system, SCADA systems, security of data, state estimation, supervisory control and data acquisition system|
In this paper, we analyze the cyber security of state estimators in Supervisory Control and Data Acquisition (SCADA) systems operating in power grids. Safe and reliable operation of these critical infrastructure systems is a major concern in our society. In current state estimation algorithms there are bad data detection (BDD) schemes to detect random outliers in the measurement data. Such schemes are based on high measurement redundancy. Although such methods may detect a set of very basic cyber attacks, they may fail in the presence of a more intelligent attacker. We explore the latter by considering scenarios where deception attacks are performed, sending false information to the control center. Similar attacks have been studied before for linear state estimators, assuming the attacker has perfect model knowledge. Here we instead assume the attacker only possesses a perturbed model. Such a model may correspond to a partial model of the true system, or even an out-dated model. We characterize the attacker by a set of objectives, and propose policies to synthesize stealthy deceptions attacks, both in the case of linear and nonlinear estimators. We show that the more accurate model the attacker has access to, the larger deception attack he can perform undetected. Specifically, we quantify trade-offs between model accuracy and possible attack impact for different BDD schemes. The developed tools can be used to further strengthen and protect the critical state-estimation component in SCADA systems.