False Data Injection Attacks on Data-Driven Algorithms in Smart Grids Utilizing Distributed Power Supplies

Zengji Liu; Mengge Liu; Qi Wang; Yi Tang

doi:10.1016/j.eng.2024.11.025

Engineering ›› 2025, Vol. 51 ›› Issue (8) :66 -79. DOI: 10.1016/j.eng.2024.11.025

Research

research-article

False Data Injection Attacks on Data-Driven Algorithms in Smart Grids Utilizing Distributed Power Supplies

Author information +

History +

PDF (6353KB)

Abstract

As the number of distributed power supplies increases on the user side, smart grids are becoming larger and more complex. These changes bring new security challenges, especially with the widespread adoption of data-driven control methods. This paper introduces a novel black-box false data injection attack (FDIA) method that exploits the measurement modules of distributed power supplies within smart grids, highlighting its effectiveness in bypassing conventional security measures. Unlike traditional methods that focus on data manipulation within communication networks, this approach directly injects false data at the point of measurement, using a generative adversarial network (GAN) to generate stealthy attack vectors. This method requires no detailed knowledge of the target system, making it practical for real-world attacks. The attack’s impact on power system stability is demonstrated through experiments, highlighting the significant cybersecurity risks introduced by data-driven algorithms in smart grids.

Graphical abstract

Keywords

Cybersecurity / Data driven / Cyberattack / Generative adversarial networks

Cite this article

Download citation ▾

Zengji Liu, Mengge Liu, Qi Wang, Yi Tang. False Data Injection Attacks on Data-Driven Algorithms in Smart Grids Utilizing Distributed Power Supplies. Engineering, 2025, 51(8): 66-79 DOI:10.1016/j.eng.2024.11.025

登录浏览全文

4963

注册一个新账户忘记密码

1. Introduction

The extensive integration of distributed power sources on the consumer end—including battery energy storage systems (BESSs) and photovoltaic (PV) installations—establishes a solid groundwork for the clean and efficient functioning of smart grids [1], [2]. The rapid increase in controllable devices complicates power system management, challenging traditional model-based analysis and control methodologies and making it increasingly difficult to derive optimal solutions, as the scale of systems and data is continuously expanding [3], [4]. Therefore, the increasingly popular data-driven algorithms have become an inevitable choice for solving the above problems [5], [6], [7], [8], [9].

In recent years, the evolution of smart grids toward digitalization, informatization, and intelligence has highlighted significant security challenges for data-driven algorithms, especially those based on artificial intelligence (AI) [10]. These algorithms require strict adherence to data-quality standards during their offline training and online deployment phases [11], [12]. During training, adversaries can manipulate the training data to embed back doors; during deployment, they can disrupt algorithmic functions with sophisticated attack vectors [13], [14]. It is crucial to acknowledge that these data-driven algorithms introduce new cybersecurity risks to the power grid [15], [16]. Furthermore, distributed power sources on the consumer side often rely on Internet of Things (IoT) devices, which are susceptible to cyberattacks due to weak network defenses [17]. Unlike direct attacks on power plants or infrastructure, cyberattacks through these channels can have subtle yet profound impacts [18], [19]. Thus, this paper focuses on the cybersecurity challenges posed by data-driven approaches within smart grids.

This type of disruption, known as a false data injection attack (FDIA), compromises system operations by hijacking or tampering with data [20], [21], [22]. Recent studies on FDIAs have focused on strategies that use minimal resources to inject attack vectors and deceive state estimation processes [23]. Methods for selecting nodes vulnerable to intrusion are discussed in Refs. [4], [24], [25]. Another study proposes an attack methodology that only requires local information to compromise direct current (DC) state estimation [26], while the technique presented in Ref. [27] effectively targets alternating current (AC) state estimation. The framework described in Ref. [28] utilizes an FDIA to deceive control centers by altering measurement data in what is known as a cyber-topology attack. In Ref. [29], an attack targets a consensus-based energy management algorithm, manipulating the system’s operational point, with the attack’s effects being cumulative.

Ref. [30] explores the deployment of generative adversarial networks (GANs) to execute data-driven FDIAs in smart grids. This approach harnesses the generative capabilities of GANs to replicate the statistical distribution of normal operational data, thereby producing anomalies that are challenging to detect. However, the focus predominantly remains on data manipulations at the network communication layer. Furthering this line of research, Ref. [31] develops a deep temporal convolutional GAN (DTCGAN) approach that emphasizes the importance of temporal relationships in generating time-series data to simulate grid measurements, although it is still largely confined to traditional cyber-attack methodologies. Ref. [32] introduces a GAN framework, testing the efficacy of GANs in simulating and disrupting smart grid stability predictions and thereby showcasing the potential of GANs to mislead stability prediction systems within smart grids.

Power system transient stability prediction (TSP) strategies often become the targets of attacks aimed at disrupting grid operations. The effects of an FDIA on machine learning (ML)-based power system dynamic security assessment models are scrutinized in Ref. [33], which also introduces a robustness verification method to quantify model resilience against FDIAs. The susceptibility of ML-based short-term voltage stability assessment methods to FDIAs is explored in Ref. [34], which proposes a mitigation strategy through adversarial training to bolster the defenses of ML models against such attacks.

The aforementioned research primarily addresses attacks on state estimation and other model-driven algorithms. Moreover, assaults on data-driven algorithms within smart grids are predominantly observed in the electricity market, aimed at securing economic gains or indirectly influencing the operation of the power grid [35], [36].

These studies commonly presuppose that the data conveyed within communication networks are vulnerable to tampering by attackers. However, the process of injecting false data often goes unaddressed. In power systems, data packets are typically transmitted via optical fibers, where critical data are encrypted and control commands require authentication. Consequently, it is challenging for an attacker to execute an FDIA by manipulating data packets within communication networks. Furthermore, in cyberattacks targeting data-driven algorithms in a power system, an attacker’s access to information about potential targets is usually limited—a consideration that has been overlooked in many analyses.

Nevertheless, the measurement data from distributed power supplies are often transmitted as analog signals or in plaintext, rendering them vulnerable to attacks. Consequently, disturbances can be introduced into the transformer or the measurement data packets, thereby impairing the control over distributed power supplies and ultimately facilitating the injection of attack vectors into the power system.

Amid the evolving landscape of smart grids, the security of data-driven algorithms presents a critical challenge. This paper introduces a novel FDIA method that operates under a black box paradigm, in which the attack does not rely on the internal workings of the target algorithms but rather on the manipulation of observable inputs and outputs. While existing FDIA methods primarily focus on exploiting communication network vulnerabilities, this study is the first to propose an attack method that directly targets the measurement modules of distributed power supplies—a less secure and previously overlooked entry point in power systems. This approach aligns with practical cybersecurity scenarios in which attackers often have limited access to proprietary or intricate system details. Compared with the above attack approaches, our approach can also generate attack vectors in real time, although it requires a long off-line training time and can implement the attack only by tampering with the data of a few nodes in the local area. Described as a black-box assault, this approach necessitates no comprehensive understanding of the internal mechanisms of the target or the specifications of the distributed energy resources. To execute the attack, the assailant merely needs to access the inputs and outputs of the target and compromise the measurement module of the distributed power supply. The focus of this study is on offensive strategies against data-driven algorithms in the smart grid, detailing only the attack methodology without delving into potential defensive measures.

This method utilizes real-time adjustments and physical integration to generate attack vectors that closely resemble legitimate operational data, thus challenging the detection capabilities of conventional systems, which often struggle to differentiate these from genuine equipment failures or transient operational variations. The A3D model referenced in Ref. [37] utilizes attention-based autoencoders to identify anomalies by reconstructing normal operational conditions and comparing them with current conditions. Although this model is effective against typical FDIA strategies that modify data in predictable patterns, the integration of this new method with physical parameters can potentially circumvent such reconstruction-based anomaly detection by more accurately mimicking legitimate operational data. Similarly, the approach described in Ref. [38], which employs deep autoencoders for electricity theft detection—a concept akin to detecting FDIAs—may exhibit reduced effectiveness when confronted with data that aligns closely with physical system behaviors. The use of graph neural networks (GNNs) in Ref. [39] exploits the network structure of the grid to detect anomalies, which is effective in identifying unusual patterns based on network topology. However, the introduction of physically plausible data points via distributed power supplies could diminish the efficacy of such network-based detection mechanisms. The extended GNN approach in Ref. [40], which aims not only to detect but also to localize anomalies, may find it challenging to effectively manage both detection and localization when encountering alterations that mirror potential real-world operational changes.

The contributions of this paper are presented below.

(1) To facilitate the execution of the black-box attack, we propose an estimation method for controller and filter parameters, predicated on the conventional modeling of distributed power supplies. The black-box attack strategy proposed in this paper, which requires no detailed knowledge of the target system’s internal mechanisms, merely analyzes input and output data to implement the attack, significantly simplifying the execution complexity.

(2) To introduce the attack vector into the power system, we propose a false data injection technique that utilizes the measurement module of distributed power supplies. This method is designed to mislead state estimation processes and can be readily implemented within a power system.

(3) To minimize errors and enhance computational efficiency during the attack, we describe a piecewise process for generating an attack vector. This method effectively mitigates the impact of parameter estimation errors on the attack’s success rate.

The subsequent sections of this document are organized as follows: Section 2 expounds upon the methodology for crafting the attack vector, employing GANs as the foundational framework. Section 3 delineates the model for an FDIA leveraging distributed energy resources. Section 4 delivers a concise overview of the attack methodology. Section 5 engages in empirical investigations to evaluate the efficacy and performance metrics of the proposed attack technique. Section 6 concludes by summarizing the findings and delineating prospective directions for subsequent inquiry.

2. The GAN-based attack method

The attack methodology elucidated in this manuscript focuses on the data-driven paradigm employed within a power system framework, the methodology possesses the ability to establish demarcations on the hyperplane for the purpose of segregating samples subsequent to a successful training regimen. If a meticulously crafted disturbance is generated and injected into the power system using this attack methodology, it is possible to push certain samples across the boundary, causing the strategy to misjudge.

2.1. Assumptions

This paper concentrates on the utilization of distributed power supplies for the injection of attack vectors into a power system. Consequently, the process of acquiring the control strategy within the targeted system is simplified, leading to the delineation of several assumptions outlined below.

(1) The intricate architecture and control mechanisms of the assault’s target are ambiguous, but the surveillance of its input and output interfaces is achievable, given that—for an adversary—intercepting data presents a considerably less formidable task than manipulating data.

(2) The input to the attack target consists of the power system’s measurement data or is linearly related to this measurement data.

(3) Certain user-side distributed power supplies may be compromised by the attacker, allowing for the exfiltration of the controller’s structure. Consequently, the measurement data produced by potential transformers (PTs) and current transformers (CTs) can be accessed and manipulated by the attacker.

(4) This paper does not account for the impact of environmental variables, such as weather and temperature, on the output of distributed power supplies during the attack.

2.2. Problem description

Formulating the generation of the attack vector can be approached as an optimization problem: identifying the least perturbation

r

that, upon integration with the baseline data, induces a deviation in the attack target’s output from its standard metric. The objective is to find the smallest changes to the operational data that will lead to the most significant disruption, without detection by conventional security mechanisms.

(1)

\min Z = L (X, X + r) - η \log \prod_{j_{a} ∊ S_{i_{a}}} p_{j_{a}}

(2)

s . t . - T_{B} \leq r \leq T_{B}

(3)

|F (X + r) - F (X)| \geq ε

(4)

S_{i_{a}} \subseteq S P

(5)

ν_{j_{a} \in S_{i_{a}}} = 1, ν_{j_{a} \notin S_{i_{a}}} = 0

(6)

\sum_{v_{j_{a} \in S_{i_{a}}}} ν_{j_{a}} < M A X A

where

Z

is the optimization object,

L

denotes the similarity evaluation index, which measures how close the perturbed data

X + r

is to the original system data

X

, ensuring the perturbations are not easily detectable. It is calculated using a norm-based metric that quantifies the Euclidean distance between the original and altered data vectors, adjusted for the system’s tolerance to perturbations. The term

η \log \prod_{j_{a} ∊ S_{i_{a}}} p_{j_{a}}

is used to balance the perturbation’s impact and the likelihood of a successful attack, where

η

is a constant and

p_{j_{a}}

are the probabilities of successfully compromising each node in set of attackable nodes

S_{i_{a}}

(

i_{a}

is the number of the set and

j_{a}

is the number of the node). This component ensures that the attack focuses on the most vulnerable points in the system, thus maximizing efficiency. The variable

T_{B}

delineates the upper boundary of the disturbance amplitude, whereas

F (∙)

characterizes the transformation function that governs the relationship between the input and output of the designated attack target. The symbol

ε

represents the minimal necessary divergence of the attack’s result from the established normative metric.

S P

is the collection of vulnerable distributed power supplies.

ν_{j_{a}}

indicates whether node

j_{a}

is attacked, where 1 signifies control by the attacker, and 0 indicates normal operation. MAXA is the maximum number of distributed power supplies that the attacker can control.

2.3. Attack model

Considering their limited attack resources, attackers typically can only infiltrate and control a subset of nodes, and the protective resources and strategies of these nodes vary, resulting in different probabilities of successful attacks on different nodes. Therefore, to achieve the desired attack objectives, attackers must consider a combination of factors, including attack resources, success probabilities, and the disturbance amplitude of attack vectors, in order to select the optimal attack plan. The process of choosing vulnerabilities within the smart grid to carry out attacks can be described by the following optimization problem: How can the probability

P

of attack interception be minimized while satisfying constraints on attack resources, attack vector generation, and attack effects?

(7)

\min P = 1 - \prod_{k_{a} = 1}^{N_{a}} ν_{k_{a}} p_{k_{a}}

(8)

s . t . i b \subseteq S A

(9)

ν_{k_{a} \in i b} = 1, ν_{k_{a} \notin i b} = 0

(10)

\sum_{k_{a} = 1}^{N_{a}} ν_{k_{a}} < M A X A

(11)

r = z (x, ν)

(12)

|f (y (t), F (x (t) + ν \times r)) - f (y (t), F (x (t)))| \geq γ

where

N_{a}

is the total number of nodes,

k_{a}

is the node number, which is an integer from 1 to

N_{a}

p_{k_{a}}

is the success probability of attacking node

k_{a}

S A

represents the set of nodes vulnerable to attacks,

i b

denotes the subset of vulnerable nodes selected by the attacker from

S A

z (∙)

is the method for generating the attack vector,

ν_{k_{a}}

is attack state of node

k_{a}

x

is the original measurement data.

x (t)

denotes the system’s measured values at time

t

, and

y (t)

represents the state of the system at time

t

f (∙)

describes the state of the system under the influence of the data-driven algorithm.

γ

is the minimum impact on the system’s state that the attacker desires to achieve. By solving this optimization problem, the optimal attack strategy that meets the attack objectives can be obtained.

The intrusion process for each node can be modeled using Petri nets, thereby calculating the probability of attack success for each node. The fundamental approach involves independently modeling the attack and defense processes, decomposing the attack steps, and calculating the probability of occurrence for each step. A comprehensive model of the attack process is constructed based on the system topology and data transmission paths, ultimately leading to the calculation of the attack success probability. The method of calculating attack success probabilities using Petri nets is not the focus of this research or a novel contribution of this paper; therefore, it is not elaborated upon in detail. It is assumed that the attacker has already calculated the attack success probability based on the defensive resources of each node.

In our prior research [41], we employed a GAN to address the aforementioned issue. Within the described schema, the generator

G

is charged with the generation of perturbation data, whereas the discriminator

D

is responsible for assessing its detectability. These components undergo alternate training phases to refine their functionalities.

Taking into account the fact that the attacker can only successfully compromise and control a subset of the distributed power supplies, and that the computation time for the attack must significantly undercut the measurement time window, the architecture of

G

is purposefully designed as illustrated in Fig. 1. This structure comprises four components: the node selector, the encoder, the decoder, and a filter. The node selector is tasked with selecting the most viable attack strategy, the encoder extracts system features and the interrelations among the data from each node, the decoder is responsible for creating the disturbance data source that adheres to the amplitude boundary condition, and the filter produces the final perturbation

r

Following the culmination of the training phase, conventional data from the power grid may be fed into the generator in real time, facilitating the production of the attack vector

\bar{X}

. In conventional FDIAs,

\bar{X}

is typically introduced into the power system via the communication network. However, in the context of this paper,

\bar{X}

is injected through the measurement module of the distributed power supplies, as elaborated in the sections that follow.

3. Construction of the FDIA model

The attack vector generated by the above method can effectively mislead the attack target. Nevertheless, it is extremely difficult to inject the attack vector from communication networks, which have complete protection measures, compared with injecting it from IoT devices on the user side. Therefore, a false data injection method using distributed power supplies is proposed in this paper. To precisely inject the attack vector, the parameters of the distributed power supplies must be estimated, and the tampered measurement sequence must be calculated.

3.1. Converter modeling

Fig. 2 illustrates the conventional configuration of a distributed power supply, comprising four key components: a DC power supply, a DC/DC converter, a DC/AC converter, and an inductor–capacitor–inductor (LCL) filter. The DC power supply may consist of batteries and PV panels, among other components. A droop control algorithm is employed within the DC/DC controller to equalize the output from each power supply. The DC/AC converter, in conjunction with the LCL filter, primarily facilitates the conversion of DC to AC power.

The LCL filter is characterized by the following equations:

(13)

[\begin{matrix} i_{d, q}^{'} \\ u_{d, q}^{'} \\ i_{g d, q}^{'} \end{matrix}] = A_{L C L} \times [\begin{matrix} i_{d, q} \\ u_{d, q} \\ i_{g d, q} \end{matrix}] + B_{L C L} \times [\begin{matrix} u_{d, q}^{*} \\ u_{g d, q} \end{matrix}]

(14)

A_{L C L} = [\begin{matrix} \begin{matrix} - \frac{R_{f}}{L_{f}} & ω & - \frac{1}{L_{f}} \\ - ω & - \frac{R_{f}}{L_{f}} & 0 \\ \frac{1}{C_{f}} & 0 & 0 \end{matrix} & \begin{matrix} 0 & 0 & 0 \\ - \frac{1}{L_{f}} & 0 & 0 \\ ω & - \frac{1}{C_{f}} & 0 \end{matrix} \\ \begin{matrix} 0 & \frac{1}{C_{f}} & - ω \\ 0 & 0 & \frac{1}{L_{g}} \\ 0 & 0 & 0 \end{matrix} & \begin{matrix} 0 & 0 & - \frac{1}{C_{f}} \\ 0 & - \frac{R_{g}}{L_{g}} & ω \\ \frac{1}{L_{g}} & - ω & - \frac{R_{g}}{L_{g}} \end{matrix} \end{matrix}]

(15)

B_{f} = [\begin{matrix} \frac{1}{L_{f}} & 0 \\ 0 & \frac{1}{L_{f}} \end{matrix}]

(16)

B_{g} = [\begin{matrix} - \frac{1}{L_{g}} & 0 \\ 0 & - \frac{1}{L_{g}} \end{matrix}]

(17)

B_{L C L} = [\begin{matrix} B_{f} & 0 \\ 0 & 0 \\ 0 & B_{g} \end{matrix}]

where

u_{d, q}^{*}

represents the output voltage of the DC/AC converter;

i_{d, q}

signify the current on the inverter side;

u_{g d, q}

and

i_{g d, q}

indicate the voltage and current on the grid side, respectively; and

u_{d, q}

represents the voltage across the filter capacitor

C_{f}

R_{f}

and

L_{f}

are the resistor and inductor of the LCL filter on the inverted side, respectively;

R_{g}

and

L_{g}

are the resistor and inductor of the filter on the grid side, respectively.

ω

signifies the frequency of the power system, and

0

refers to a zero matrix of dimensions

2 \times 2

i_{d, q}^{'}

u_{d, q}^{'}

, and

i_{g d, q}^{'}

are the derivatives of

i_{d, q}

u_{d, q}

, and

i_{g d, q}

, respectively,

A_{L C L}

and

B_{L C L}

are the parameter matrices of the filter.

B_{f}

and

B_{g}

represent the parameters on the filter side and the grid side, respectively.

3.2. Controller modeling

Within the sensing apparatus, the voltage and current originating from the primary circuit are respectively conveyed to the secondary circuit through a PT and a CT. The measurement module then gathers data points at a fixed frequency, processing the voltage and current calculations through fast Fourier transform (FFT), as detailed below:

(18)

\{\begin{matrix} \begin{matrix} i_{R} = \frac{2}{N} \sum_{l = 1}^{N} i (l) \cos l \frac{2 π}{N} \\ i_{X} = \frac{2}{N} \sum_{l = 1}^{N} i (l) \sin l \frac{2 π}{N} \end{matrix} \\ \begin{matrix} u_{R} = \frac{2}{N} \sum_{l = 1}^{N} u (l) \cos l \frac{2 π}{N} \\ u_{X} = \frac{2}{N} \sum_{l = 1}^{N} u (l) \sin l \frac{2 π}{N} \end{matrix} \end{matrix}

(19)

\{\begin{matrix} \begin{matrix} I = \sqrt{\frac{{i_{R}}^{2} + {i_{X}}^{2}}{2}} \\ θ_{I} = \tan^{- 1} \frac{i_{X}}{i_{R}} \end{matrix} \\ \begin{matrix} U = \sqrt{\frac{{u_{R}}^{2} + {u_{X}}^{2}}{2}} \\ θ_{U} = \tan^{- 1} \frac{u_{X}}{u_{R}} \end{matrix} \end{matrix}

where

N

represents the total number of samples;

i (l)

and

u (l)

denote the current and voltage at the

l

th sampling point, respectively; and

i_{R}

i_{X}

u_{R}

, and

u_{X}

are the real portion of current, imaginary portion of current, real portion of voltage, and imaginary portion of voltage values as computed by the FFT, respectively. Consequently, the three-phase voltage

u_{a, b, c}

and three-phase current

i_{a, b, c}

can be derived in accordance with Eqs. (18), (19), where

I

is the valid value of the current,

θ_{I}

is the angle of the current,

U

is the valid value of the voltage,

θ_{U}

is the angle of the voltage.

The GAN-based attack strategy discussed in Section 2 requires only the injection of a minimal disturbance into the original data to neutralize the target, typically manifesting as a sequence of voltage pulses over a brief duration. Hence, during the attack, the vector can be introduced into the power system through manipulation of the DC/AC converter. Fig. 3 displays the standard configuration of a DC/AC converter controller, which employs both a voltage control loop and a current control loop to regulate the converter’s output.

The voltage

u_{d}

and

u_{q}

, current

i_{d}

and

i_{q}

along the d–q axis can be derived from

u_{a, b, c}

and

i_{a, b, c}

, respectively, via a Park transformation.

U_{d r}

and

U_{q r}

denote the reference voltages,

K_{ω C}

and

K_{ω L}

are parameters associated with the DC/AC controller. Proportional–integral (PI) controllers are commonly utilized within both voltage and current control loops.

u_{d}^{*}

and

u_{q}^{*}

are the voltage output by the controller along the d–q axis, which can be converted to

u_{a, b, c}^{*}

by inverse Park transformation. These can be discretized as follows: If

t = k τ

, where

τ

represents the fixed step size and

k

denotes the step count,

(20)

O_{P I} (k) = K_{P} [e (k) + \frac{1}{T_{I}} \sum_{j = 0}^{k} T e (j)] = K_{P} e (k) + K_{I} \sum_{j = 0}^{k} e (j)

(21)

Δ O_{P I} (k) = K_{P} [e (k) - e (k - 1)] + K_{I} e (k)

where

e

and

O_{P I}

correspond to the input and output of the PI controller, respectively, and

K_{P}

and

K_{I}

are the parameters for the proportional and integral components in PI controller, respectively.

T_{I}

is the integral time constant, and

T

is the time within each step. Consequently, the functional relationship between the output voltage

u_{d, q}^{*}

of the DC/AC converter and the measurement data

u_{d, q}

and

i_{d, q}

is detailed as follows:

(22)

[\begin{matrix} Δ u_{d}^{*} (k) \\ Δ u_{q}^{*} (k) \end{matrix}] = [\begin{matrix} Δ u_{d}^{*} (k - 1) \\ Δ u_{q}^{*} (k - 1) \end{matrix}] + K_{I i} K_{I u} [\begin{matrix} U_{d r} \\ U_{q r} \end{matrix}] + [\begin{matrix} K_{d} \\ K_{q} \end{matrix}] M (k)

(23)

[\begin{matrix} u_{d}^{*} (k) \\ u_{q}^{*} (k) \end{matrix}] = [\begin{matrix} u_{d}^{*} (k - 1) \\ u_{q}^{*} (k - 1) \end{matrix}] + [\begin{matrix} Δ u_{d}^{*} (k) \\ Δ u_{q}^{*} (k) \end{matrix}]

The initial values are configured to the system’s steady state, with

u_{d s}^{*}

and

u_{q s}^{*}

denoting the steady-state voltages on the inverter side.

(24)

[\begin{matrix} u_{d}^{*} (0) \\ u_{q}^{*} (0) \end{matrix}] = [\begin{matrix} u_{d s}^{*} \\ u_{q s}^{*} \end{matrix}], [\begin{matrix} Δ u_{d}^{*} (0) \\ Δ u_{q}^{*} (0) \end{matrix}] = [\begin{matrix} 0 \\ 0 \end{matrix}]

M (k)

represents the measurement data from steps

k

k - 2

, encompassing both the voltage and current along the d-axis and q-axis, as outlined below:

(25)

M (k) = {[M_{u d} (k), M_{u q} (k), M_{i d} (k), M_{i q} (k)]}^{T}

(26)

M_{u d} (k) = [u_{d} (k), u_{d} (k - 1), u_{d} (k - 2)]

(27)

M_{u q} (k) = [u_{q} (k), u_{q} (k - 1), u_{q} (k - 2)]

(28)

M_{i d} (k) = [i_{d} (k), i_{d} (k - 1), i_{d} (k - 2)]

(29)

M_{i q} (k) = [i_{q} (k), i_{q} (k - 1), i_{q} (k - 2)]

where

M_{u d} (k)

and

M_{u q} (k)

are sequence of measured voltage values in d-axis and q-axis,

M_{i d} (k)

and

M_{i q} (k)

are sequence of measured current values in d-axis and q-axis.

K_{d}

and

K_{q}

are control parameters to adjust d-axis and q-axis, as shown below:

(30)

K_{d} = {[\begin{matrix} \begin{matrix} \begin{matrix} 1 - K_{P i} K_{P u} - K_{P i} K_{I u} - K_{I i} K_{P u} - K_{I i} K_{I u} \\ - 2 + 2 K_{P i} K_{P u} + K_{P i} K_{I u} + K_{I i} K_{P u} \\ 1 - K_{P i} K_{P u} \end{matrix} \\ \begin{matrix} - K_{ω C} K_{P i} - K_{ω C} K_{I i} \\ 2 K_{ω C} K_{P i} + K_{ω C} K_{I i} \\ - K_{ω C} K_{P i} \end{matrix} \end{matrix} \\ \begin{matrix} \begin{matrix} - K_{P i} - K_{I i} \\ 2 K_{P i} + K_{I i} \\ - K_{P i} \end{matrix} \\ \begin{matrix} - K_{ω L} \\ 2 K_{ω L} \\ - K_{ω L} \end{matrix} \end{matrix} \end{matrix}]}^{T}

(31)

K_{q} = {[\begin{matrix} \begin{matrix} \begin{matrix} K_{ω C} K_{P i} + K_{ω C} K_{I i} \\ - 2 K_{ω C} K_{P i} - K_{ω C} K_{I i} \\ K_{ω C} K_{P i} \end{matrix} \\ \begin{matrix} 1 - K_{P i} K_{P u} - K_{P i} K_{I u} - K_{I i} K_{P u} - K_{I i} K_{I u} \\ - 2 + 2 K_{P i} K_{P u} + K_{P i} K_{I u} + K_{I i} K_{P u} \\ 1 - K_{P i} K_{P u} \end{matrix} \end{matrix} \\ \begin{matrix} - \begin{matrix} K_{ω L} \\ 2 K_{ω L} \\ K_{ω L} \end{matrix} \\ \begin{matrix} - K_{P i} - K_{I i} \\ 2 K_{P i} + K_{I i} \\ - K_{P i} \end{matrix} \end{matrix} \end{matrix}]}^{T}

where

K_{P i}

and

K_{I i}

designate the PI controller parameters for the current control loop,

K_{P u}

and

K_{I u}

specify the parameters for the PI controller governing the voltage control loop. The pulse width modulation (PWM) controller directs the insulated gate bipolar transistor (IGBT) based on

u_{d, q}^{*}

to ensure that the DC/AC converter outputs the requisite voltage.

3.3. Parameter estimation

To execute the black-box attack with precision in the injected attack vector, the attacker must estimate the parameters of the filter and controller within a distributed power supply. In a real power system, measurement data typically contain errors ξ, which follows a normal distribution

N (0, σ^{2})

. Hence, the parameter

β

should be estimated using a weighted least squares (WLS) estimation to minimize the residuals of

Y = X β

, as detailed below:

(32)

\arg \min_{β} {‖ W (Y - X β) ‖}_{2}

where

W \in R^{n \times n}

is the weight matrix,

n

is the length of

Y

Y

and

X

are derived from the measurement data,

n_{w}

represents the number of data points collected within the time window. For the LCL filter, the parameters

ω

L_{f}

R_{f}

C_{f}

L_{g}

, and

R_{g}

require estimation. Thus, Eqs. (13), (14), (15), (16), (17) are reformulated in the form of

Y = X β

, as follows:

(33)

(i_{q} - i_{g q}) u_{d}^{'} - (i_{d} - i_{g d}) u_{q}^{'} = [u_{d} (i_{d} - i_{g d}) + u_{q} (i_{q} - i_{g q})] ω

(34)

u_{d} u_{q}^{'} + u_{q} u_{d}^{'} = [u_{d} (i_{d} - i_{g d}) + u_{q} (i_{q} - i_{g q})] \frac{1}{C_{f}}

(35)

i_{q} i_{d}^{'} - i_{d} i_{q}^{'} - ({i_{d}}^{2} + {i_{q}}^{2}) ω = [(u_{d}^{*} - u_{d}) i_{q} - (u_{q}^{*} - u_{q}) i_{d}] \frac{1}{L_{f}}

(36)

(u_{q}^{*} - u_{q}) i_{d}^{'} - (u_{d}^{*} - u_{d}) i_{q}^{'} - [(u_{d}^{*} - u_{d}) i_{d} + (u_{q}^{*} - u_{q}) i_{q}] ω = [(u_{d}^{*} - u_{d}) i_{q} - (u_{q}^{*} - u_{q}) i_{d}] \frac{R_{f}}{L_{f}}

(37)

i_{g q} i_{g d}^{'} - i_{g d} i_{g q}^{'} - ({i_{g d}}^{2} + {i_{g q}}^{2}) ω = [(u_{d} - u_{g d}) i_{g q} - (u_{q} - u_{g q}) i_{g d}] \frac{1}{L_{g}}

(38)

(u_{q} - u_{g q}) i_{g d}^{'} - (u_{d} - u_{g d}) i_{g q}^{'} - [(u_{d} - u_{g d}) i_{g d} + (u_{q} - u_{g q}) i_{g q}] ω = [(u_{d} - u_{g d}) i_{g q} - (u_{q} - u_{g q}) i_{g d}] \frac{R_{g}}{L_{g}}

where

i_{g d}

and

i_{g q}

are the d-axis and q-axis components of the current on the grid side,

u_{d}^{'}

u_{q}^{'}

i_{g d}^{'}

, and

i_{g q}^{'}

are the derivatives of

u_{d}

u_{q}

i_{g d}

, and

i_{g q}

respectively.

u_{d, q}

and

i_{d, q}

can be sourced from the measurement module on the converter side,

u_{d, q}^{*}

is obtainable from the DC/AC controller, and

u_{g d, q}

and

i_{g d, q}

are accessible through the measurement module on the grid side. The discretization and approximation of

i_{d, q}^{'}

u_{d, q}^{'}

, and

i_{g d, q}^{'}

can be represented as follows:

(39)

[\begin{matrix} i_{d, q}^{'} (k) \\ u_{d, q}^{'} (k) \\ i_{g d, q}^{'} (k) \end{matrix}] = \frac{1}{Δ t} [\begin{matrix} i_{d, q} (k) - i_{d, q} (k - 1) \\ u_{d, q} (k) - u_{d, q} (k - 1) \\ i_{g d, q} (k) - i_{g d, q} (k - 1) \end{matrix}]

Within the DC/AC controller, the parameters

K_{d}

K_{q}

, and

C

require estimation, where

C

is the constant of controller,

C = K_{I i} K_{I u} {[\begin{matrix} U_{d r} & U_{q r} \end{matrix}]}^{T}

. Therefore, Eq. (22) is reformulated into the form

Y = X β

, as follows:

(40)

{[\begin{matrix} Δ u_{d}^{*} (k) - Δ u_{d}^{*} (k - 1) \\ Δ u_{q}^{*} (k) - Δ u_{q}^{*} (k - 1) \end{matrix}]}^{T} = [\begin{matrix} {M (k)}^{T} & 1 \end{matrix}] \times [\begin{matrix} {K_{d, q}}^{T} \\ C^{T} \end{matrix}]

where

K_{d, q} = [K_{d}, K_{q}]

M (k)

is sourced from the measurement module on the converter side, and

[\begin{matrix} Δ u_{d}^{*} (k) \\ Δ u_{q}^{*} (k) \end{matrix}]

is computed using Eq. (23). Through prolonged observation, the attacker is capable of precisely estimating the parameters of the LCL filter and DC/AC controller.

3.4. Designing the attack vector

The attack vector produced by the GAN, as detailed in Section 2, can significantly disrupt the normal functioning of the target. Consequently, if the attacker manipulates the distributed power supplies to align their outputs closely with the attack vector, a comparable effect can be attained. The attacker can modify the data sequence of the current and voltage gathered by the measurement module, injecting

a_{i}

and

a_{u}

to negate the computed values of the current and voltage, as demonstrated by Eq. (18):

(41)

\{\begin{matrix} \begin{matrix} i_{R A} = i_{R} + \frac{2}{N} \sum_{l = 1}^{N} a_{i} (l) \cos l \frac{2 π}{N} \\ i_{X A} = i_{X} + \frac{2}{N} \sum_{l = 1}^{N} a_{i} (l) \sin l \frac{2 π}{N} \end{matrix} \\ \begin{matrix} u_{R A} = u_{R} + \frac{2}{N} \sum_{l = 1}^{N} a_{u} (l) \cos l \frac{2 π}{N} \\ u_{X A} = u_{X} + \frac{2}{N} \sum_{l = 1}^{N} a_{u} (l) \sin l \frac{2 π}{N} \end{matrix} \end{matrix}

where

i_{R A}

i_{X A}

u_{R A}

, and

u_{X A}

are the real portion of current, imaginary portion of current, real portion of voltage, and imaginary portion of voltage values injected with the attack vector.

Consequently, the challenge of orchestrating an attack can be redefined as identifying the method to modify the measurement data such that the variance between the designed attack vector and the resultant output from the distributed energy resources is minimized. This optimization challenge can be addressed in two main steps.

**3.4.1. Calculate the optimized reference voltage output for the DC/AC converter $u_{d, q A}^{*}$**

Given that both the measurement data and the target attack vector constitute discrete data, Eq. (13) requires discretization, as detailed below.

(42)

\frac{1}{Δ t} [\begin{matrix} i_{d} (k) - i_{d} (k - 1) \\ i_{q} (k) - i_{q} (k - 1) \end{matrix}] = A_{L C L}^{1 : 2} [\begin{matrix} \begin{matrix} i_{d} (k - 1) \\ i_{q} (k - 1) \end{matrix} \\ \begin{matrix} u_{d} (k - 1) \\ u_{q} (k - 1) \end{matrix} \end{matrix}] + B_{f} [\begin{matrix} u_{d}^{*} (k) \\ u_{q}^{*} (k) \end{matrix}]

(43)

\frac{1}{Δ t} [\begin{matrix} u_{d} (k) - u_{d} (k - 1) \\ u_{q} (k) - u_{q} (k - 1) \end{matrix}] = A_{L C L}^{3 : 4} [\begin{matrix} \begin{matrix} i_{d} (k) \\ i_{q} (k) \end{matrix} \\ \begin{matrix} u_{d} (k - 1) \\ u_{q} (k - 1) \end{matrix} \\ \begin{matrix} i_{g d} (k - 1) \\ i_{g q} (k - 1) \end{matrix} \end{matrix}]

(44)

[\begin{matrix} u_{g d} (k) \\ u_{g q} (k) \end{matrix}] = [\begin{matrix} u_{d} (k - 1) \\ u_{q} (k - 1) \end{matrix}]

(45)

\frac{1}{Δ t} [\begin{matrix} i_{g d} (k) - i_{g d} (k - 1) \\ i_{g q} (k) - i_{g q} (k - 1) \end{matrix}] = A_{L C L}^{5 : 6} [\begin{matrix} \begin{matrix} u_{d} (k) \\ u_{q} (k) \end{matrix} \\ \begin{matrix} i_{g d} (k - 1) \\ i_{g q} (k - 1) \end{matrix} \end{matrix}] + B_{g} [\begin{matrix} u_{g d} (k) \\ u_{g q} (k) \end{matrix}]

where

A_{L C L}^{1 : 2}

represents the matrix consisting of the first and second rows of

A_{L C L}

, with its initial value set to the system’s steady state. Based on the foregoing equations, the variation in the grid-side voltage can be determined by the alteration in the DC/AC converter output. To compute

u_{d, q A}^{*}

, the subsequent optimization problems must be addressed:

(46)

\min F_{L C L} (u_{d, q A}^{*}) = {‖ N C (u_{g d, q A}, u_{g d, q T}) - 1 ‖}_{2}

(47)

s . t . M I N \leq u_{d, q A}^{*} \leq M A X

where

u_{g d, q T}

is generated by the GAN, and

u_{g d, q A}

and

u_{d, q A}^{*}

adhere to Eqs. (42), (43), (44), (45). MIN and MAX define the limits of the DC/AC converter output.

N C (u_{g d, q A}, u_{g d, q T})

denotes the normalized correlation between

u_{g d, q A}

and

u_{g d, q T}

, which is calculated as shown below. By addressing the aforementioned optimization challenges, the targeted output sequence for the DC/AC converter can be derived.

(48)

N C = \frac{\frac{1}{N} \sum_{k = 1}^{N} [u_{g d A} (k) \times u_{g d T} (k) + u_{g q A} (k) \times u_{g q T} (k)]}{\sqrt{\frac{1}{N} \sum_{k = 1}^{N} [{u_{g d A} (k)}^{2} + {u_{g q A} (k)}^{2}]} \times \sqrt{\frac{1}{N} \sum_{k = 1}^{N} [{u_{g d T} (k)}^{2} + {u_{g q T} (k)}^{2}]}}

3.4.2. Calculate $u_{d, q A}$ and $i_{d, q A}$

To determine the manipulated measurement sequence

u_{d, q A}

and

i_{d, q A}

, the problem outlined below must be resolved for each data point, to minimize the distance

F_{c t l}

between manipulated and normal measurement sequence, with

x = {[\begin{matrix} \begin{matrix} u_{d A} (k) & u_{q A} (k) \end{matrix} & \begin{matrix} i_{d A} (k) & i_{q A} (k) \end{matrix} \end{matrix}]}^{T}

(49)

\min F_{c t l} (x) = \sqrt{\frac{\sum {(x_{1, 2} - u_{d, q} (k - 1))}^{2}}{W_{u}} + \frac{\sum {(x_{3, 4} - i_{d, q} (k - 1))}^{2}}{W_{i}}}

(50)

{s . t . K}_{m i n} [\begin{matrix} \begin{matrix} u_{d} (k - 1) \\ u_{q} (k - 1) \end{matrix} \\ \begin{matrix} i_{d} (k - 1) \\ i_{q} (k - 1) \end{matrix} \end{matrix}] \leq x \leq K_{m a x} [\begin{matrix} \begin{matrix} u_{d} (k - 1) \\ u_{q} (k - 1) \end{matrix} \\ \begin{matrix} i_{d} (k - 1) \\ i_{q} (k - 1) \end{matrix} \end{matrix}]

(51)

K_{1} x + K_{2} [\begin{matrix} \begin{matrix} \begin{matrix} u_{d} (k - 1) \\ u_{d} (k - 2) \end{matrix} \\ \begin{matrix} u_{q} (k - 1) \\ u_{q} (k - 2) \end{matrix} \end{matrix} \\ \begin{matrix} \begin{matrix} i_{d} (k - 1) \\ i_{d} (k - 2) \end{matrix} \\ \begin{matrix} i_{q} (k - 1) \\ i_{q} (k - 2) \end{matrix} \end{matrix} \end{matrix}] + C = [\begin{matrix} Δ u_{d}^{*} (k) - Δ u_{d}^{*} (k - 1) \\ Δ u_{q}^{*} (k) - Δ u_{q}^{*} (k - 1) \end{matrix}]

(52)

Δ u_{d, q}^{*} (k - 1) = u_{d, q}^{*} (k - 1) - u_{d, q}^{*} (k - 2)

For

u_{d, q}^{*}

, the initial value is derived from measurements; in each iteration, it corresponds to the value in the optimized result

u_{d, q A}^{*}

of Eq. (46). The initial values for

u_{d, q}

and

i_{d, q}

are also sourced from measurements, with subsequent iterations reflecting the outcomes of the preceding iterations.

W_{u}

and

W_{i}

serve as weights to balance the impact of

u_{d, q A}

and

i_{d, q A}

on the optimization outcome.

K_{m i n}

and

K_{m a x}

constrain the discrepancy between the altered and original data.

K_{1}

and

K_{2}

are constant coefficient matrices, derived from

K_{d}

and

K_{q}

as follows:

(53)

K_{1} = [\begin{matrix} \begin{matrix} K_{d 1} & K_{d 4} \end{matrix} & \begin{matrix} K_{d 7} & K_{d 10} \end{matrix} \\ \begin{matrix} K_{q 1} & K_{q 4} \end{matrix} & \begin{matrix} K_{q 7} & K_{q 10} \end{matrix} \end{matrix}]

(54)

K_{2} = [\begin{matrix} \begin{matrix} K_{d 2} & K_{d 3} & K_{d 5} \end{matrix} & \begin{matrix} K_{d 6} & K_{d 8} & K_{d 9} \end{matrix} & \begin{matrix} K_{d 11} & K_{d 12} \end{matrix} \\ \begin{matrix} K_{q 2} & K_{q 3} & K_{q 5} \end{matrix} & \begin{matrix} K_{q 6} & K_{q 8} & K_{q 9} \end{matrix} & \begin{matrix} K_{q 11} & K_{q 12} \end{matrix} \end{matrix}]

where

K_{d κ}

and

K_{q κ}

are the

κ

th elements of

K_{d}

and

K_{q}

, respectively.

4. Attack process

Considering that the operational state of the power system significantly modulates the efficacy and detectability of FDIAs, our study delves into the impact of the system conditions on these cyber threats. Under normal operational states, the intrinsic redundancy and robust error-detection mechanisms of data-driven control systems effectively identify and mitigate anomalous data deviations, attributing these to equipment malfunctions or sensor anomalies and thereby diminishing the impact of such attacks. In contrast, during system exigencies, whether artificial or spontaneous, the system dynamics undergo substantial modifications. These conditions often lead to the circumvention or overwhelming of established redundancies, with a consequent shift in focus toward fault recovery and stabilization. This environment not only increases the likelihood of the undetected propagation of attack vectors but also significantly amplifies their disruptive potential. The strategically timed deployment of these vectors exploits transient vulnerabilities during periods of system instability, making post-fault contexts highly susceptible to the introduction of malicious data. Furthermore, the deployment of attack vectors under these conditions enhances the stealth of the attacks by leveraging the inherent chaos and subsequent misattribution of anomalies to faults, thereby maximizing the disruption caused. This leads to erroneous decision-making in control strategies, exacerbating the system’s instability and potentially precipitating cascading failures.

The steps of the proposed attack methodology are summarized in Algorithm 1, and can be outlined as follows:

Step 1: identify the attack target. Assign a success rate

p

of 1 to power supplies with inadequate protection and 0 to the rest. Select the target

F

and assess the difficulty of intrusion for each distributed power supply within the grid. Utilize samples from long-term observations to train the GAN.

Step 2: parameter estimation. Estimate the parameters of compromised distributed power supplies. Use Eqs. (32), (33), (34), (35), (36), (37), (38) to estimate

ω

L_{f}

R_{f}

C_{f}

L_{g}

, and

R_{g}

of the LCL filter, and Eq. (40) for

K_{d}

K_{q}

, and C of the DC/AC controller.

Step 3: monitor for system events. Await artificial faults or spontaneous emergencies, such as short circuits or outages. Generate the attack vector

u_{g d, q T}

using the GAN’s generator upon the occurrence of an event.

Step 4: compute optimal DC/AC converter output. Determine the target attack vector

u_{d, q A}^{*}

for the DC/AC converter output using Eqs. (42), (43), (44), (45), (46), (47), (48).

Step 5: generate a tampered measurement sequence. Produce the altered measurement sequence

u_{d, q A}

and

i_{d, q A}

according to Eqs. (49), (50), (51), (52), (53), (54).

Step 6: inject disturbance. Compute the disturbance values

a_{i}

and

a_{u}

using Eq. (41) and introduce them into the measurement module of a distributed power supply.

The attack process timeline is depicted in Fig. 4, highlighting the following key intervals.

The generation and deployment of the attack vector occur within the measurement time window. To minimize errors and enhance computational efficiency, a piecewise process is employed to generate the attack vector. In this approach, the attack sequence is divided into multiple segments, each of which is recalibrated and adjusted based on new measurement data obtained during the attack phase. This segmentation allows for the continuous refinement of the attack parameters, significantly reducing the propagation of initial parameter estimation errors across the attack life cycle. The continuous input of fresh data ensures that the generated attack vector remains optimally aligned with the current state of the system, thus maintaining high efficacy and minimizing the risk of detection due to parameter inaccuracies.

The attack process is segmented into

α

phases. If

t_{w}

is extended, the injection of the attack vector from one phase and the creation of the next phase’s vector can proceed concurrently. During each phase, the attacker utilizes the measurement data points 1 through

h

to craft the attack vector. Given the computation time required by the attack methodology, the initial

h

data points in phase 1 remain unaltered, but all following data points may be manipulated. Should

n u m - 2 h

be excessively large, implying that

α

is too small, the precision of the attack vector injection diminishes, potentially lowering the attack’s success rate. Conversely, if

α

is so large that

(n u m - 2 h) < 0

, although the injection accuracy might increase, the attack’s success rate could still fall if the quantity of data points vulnerable to tampering decreases. Consequently, determining the number of phases demands careful consideration of both the measurement time window

t_{w}

and the requisite accuracy for the attack vector injection.

5. Case study

In order to ascertain the effectiveness of the attack strategy proposed in this research, an incursion was conducted targeting the TSP approach, which is dependent on a deep convolutional neural network, within the context of the New England 39-bus system. Initially, we outline the construction of the attack scenario. Subsequently, we present the estimated outcomes for the parameters of the DC/AC controller and the LCL filter. Lastly, we meticulously detail and discuss the creation of the attack vector and its consequential impact.

5.1. Scenario description

Three distributed power supplies, each with identical parameters, are connected to buses 28, 29, and 36. Phasor measurement units (PMUs) have been deployed at every bus to surveil the voltage

V

, as illustrated in Fig. 5. Variations in the load oscillate between 80% and 120% relative to the foundational value. A tri-phasic short-circuit fault is conceivable along any conduit, manifesting at a juncture between 20% and 80% of its linear extent. The duration of these faults varies between 0.10 and 0.35 s. For the simulation of various operational states and malfunction scenarios, a comprehensive assembly of 2000 sample sets is synthesized employing the Monte Carlo technique. The stability of the system, determined through simulation, serves as the label for each sample.

An AlexNet architecture is formulated and subjected to training for the purpose of predicting the transient stability of the electrical power system in the aftermath of a tri-phasic short-circuit disturbance. The input comprises measurement data from a brief time window of 100 ms post-fault, while the output delivers the prediction result. Upon completion of training, the model achieves a prediction accuracy of 98%, indicating its competency in effectively determining the potential instability of the power system post-fault. The distributed power supplies connected to buses 28, 29, and 36 have been compromised by the attacker, who now possesses the capability to inject an attack vector during the measurement time window upon the occurrence of the fault.

5.2. Estimating the values of parameters

The sampling interval is configured to 1 ms, with the total number of data points being

N = 5000

. The steady-state operation of the distributed power supply is emulated, and the measurement data for

u

i

u_{g}

i_{g}

, and

u^{*}

, along with the Gaussian noise

\forall ξ_{i} \in ξ

ξ_{i} N (0, {0.01}^{2})

, are monitored by the attacker. The estimation of the parameters for the LCL filter and DC/AC controller is conducted in Step 2. As illustrated in Table 1, these parameters can be accurately estimated using the proposed algorithm.

5.3. Generating the attack vector

The sampling interval for the attack target is set at 400 μs, resulting in 250 data points being collected within the time window. Consequently, the number of attack phases (

α

) is determined to be five, with the attacker collecting ten data points per phase. Following the training of the GAN, 50 samples are randomly selected to assess the effectiveness of the attack. When the attack vector produced by the GAN is introduced into the target, the resultant impact is depicted in Fig. 6, where 0 signifies instability, and 1 denotes stability. Post-attack, the prediction accuracy drops from 98.75% to 56.00%, with all successfully manipulated samples misleading the prediction from stable to unstable. This outcome is attributed to the training set containing a significantly larger number of samples labeled as stable compared with those labeled as unstable, leading to a predominant learning of stable features. Hence, it becomes more feasible for the attacker to skew the prediction outcomes from stable to unstable.

Taking an example from the samples that effectively deceived the attack target, Fig. 7 displays the attack vectors

u_{g d, q T}

intended for injection into the measurement data at buses 28, 29, and 36. The total computation time for this attack methodology is around 750 μs, falling short of two sampling intervals. Consequently,

h = 11

, indicating that the initial 11 data points remain unaltered by the attacker. Following the injection of the attack vector, the prediction outcome for the target shifts from stable to unstable, notwithstanding the power system’s stability, as confirmed by the simulation results.

The optimal output sequence

u_{d, q A}^{*}

for the DC/AC converter within each distributed power supply is determined in Step 4, as depicted in Fig. 8. Subsequently, the manipulated measurement sequence

u_{d, q A}

and

i_{d, q A}

is computed in Step 5, illustrated in Fig. 9. By appropriately adjusting the values of

W_{u}

and

W_{i}

in Eq. (43),

i_{d, q A}

can be maintained as virtually constant throughout each phase.

The manipulated sequences

u_{d, q A}

and

i_{d, q A}

are introduced into the DC/AC controller; Fig. 10 provides a comparison between the post-attack output

u_{d, q A}^{*'}

and the optimal sequence

u_{d, q A}^{*}

. Here,

r

denotes the perturbation between

u_{d, q A}^{*}

and

u_{d, q A}^{*'}

, which is calculable as outlined. Due to inaccuracies in the estimated parameters, which cumulate with each iteration of the tampered measurement sequence computation, discrepancies emerge between

u_{d, q A}^{*}

and

u_{d, q A}^{*'}

toward the latter half of each phase. Nonetheless, these variances are minimal in the initial half of each phase. Thus, the accuracy of the assault can be augmented through the amplification of the quantity of attack phases, denoted as

α

(49)

r = \log_{10} \frac{|u_{d A}^{*} - u_{d A}^{*'}| + |u_{q A}^{*} - u_{q A}^{*'}|}{2}

For the purpose of disturbing the data-driven control strategy, the success rate of the attack method using three distributed power supplies in a New England 39-bus system is 43.29%. Compared with injecting attack vectors into communication networks directly, which has a reported success rate of 70.67% in Ref. [41], the difficulty of the invasion for the attacker is greatly reduced, even though the success rate decreases, and the attacker only needs to inject a disturbance into the distributed power supplies rather than into the fully protected communication network of the power system.

5.4. Comparison of attack effects for different attack targets

To assess the efficacy of the proposed attack methodology across the neural networks of varying architectures, the previously generated attack vector was administered to VGG16, SqueezeNet, ResNet18, and InceptionV3. We then compiled the prediction accuracies for transient stability under both normal and compromised conditions, as summarized in Table 2. The findings reveal a significant decline in prediction accuracy across these networks post-attack. Notably, ResNet18 and InceptionV3, with their more precise discriminative boundaries, additional layers, and intricate structures, exhibited a lesser degree of vulnerability compared with the simpler architectures of AlexNet and VGG16. These observations corroborate the transferability of the attack vector produced by our method; that is, the strategy can still deceive the target, irrespective of the attacker’s knowledge of the specific neural network architecture.

To validate the generalization capabilities of the attack methodology presented in this study, we conducted extensive simulations on three distinct Institute of Electrical and Electronics Engineers (IEEE) bus systems: the 57-bus, 118-bus, and 145-bus systems. Each of these systems was chosen to represent varying scales and complexities typical of modern power grids. In these simulations, PMUs were deployed on each bus to monitor voltage fluctuations, providing real-time data crucial for our analysis.

The range of the load change was set from 80% to 120% of the nominal values to simulate real-world variations in grid demand. We introduced three-phase short-circuit faults at random locations on any line within each system, with fault durations varying between 0.1 s and 0.35 s to test the resilience of the systems under different types of common disturbances. To comprehensively simulate various operational modes and failure scenarios, a total of 2000 sets of samples were generated for each system using the Monte Carlo method. This robust simulation approach allowed us to capture a wide array of possible real-world operating conditions and attack scenarios, enhancing the relevance and applicability of the results.

The core of the testing focused on the attack’s impact on the TSP strategies based on the AlexNet architecture. Under normal operating conditions, the TSP of these systems maintained high accuracy, demonstrating the effectiveness of the employed prediction strategies. However, when subjected to the attack method proposed in this paper, there was a notable degradation in prediction accuracy, illustrating the efficacy of our attack methodology. The reduction in accuracy was particularly pronounced in larger systems such as the IEEE 118-bus and 145-bus, underscoring the scalable nature of the attack. The experimental results, summarized in Table 3, highlight the correlation between system size and the need for an increased number of compromised distributed power supplies to maintain a high attack success rate.

This comprehensive evaluation confirms that our attack method not only poses a significant threat across different system scales but can also be generalized effectively to larger grid environments. These results underscore the urgent need to develop more robust defense mechanisms that can scale with the increasing size and complexity of smart grids.

6. Conclusions

Investigating cyberattacks enriches the pool of anomalous samples for the design and training of data-driven control strategies, thereby enhancing resilience against attacks. This paper introduced an attack methodology targeting data-driven algorithms within power systems. We have devised and trained a GAN-based approach for generating attack vectors and proposed a method for injecting false data via distributed power supplies to facilitate real-time assaults. An experimental attack on the TSP strategy validated the efficacy of this approach.

Acknowledgment

This research was supported by the National Natural Science Foundation of China (62302234).

References

Publishing order | Descend order by publishing year | Descend order by cited within

[1]	Xia X, Lin J, Jia Q, Wang X, Ma C, Cui J, et al.ETD-ConvLSTM: a deep learning approach for electricity theft detection in smart grids.IEEE Trans Informn Forensics Secur 2023; 18:2553-2568.

[2]	Ruan J, Fan G, Zhu Y, Liang G, Zhao J, Wen F, et al.Super-resolution perception assisted spatiotemporal graph deep learning against false data injection attacks in smart grid.IEEE Trans Smart Grid 2023; 14(5):4035-4046.

[3]	Cao D, Zhao J, Hu W, Yu N, Hu J, Chen Z.Physics-informed graphical learning and bayesian averaging for robust distribution state estimation.IEEE Trans Power Syst 2023; 39(2):2879-2892.

[4]	An D, Zhang F, Cui F, Yang Q.Toward data integrity attacks against distributed dynamic state estimation in smart grid.IEEE Trans Autom Sci Eng 2023; 21(1):881-894.

[5]	Li B, Xu Q.A machine learning-assisted distributed optimization method for inverter-based Volt-VAR control in active distribution networks.IEEE Trans Power Syst 2023; 39(2):2668-2681.

[6]	Gao Y, Ai Q, He X, Fan S.Coordination for regional integrated energy system through target cascade optimization.Energy 2023; 276:127606.

[7]	Rojek I, Miko Dłajewski, Mrozi Ański, Macko M.Machine learning- and artificial intelligence-derived prediction for home smart energy systems with pv installation and battery energy storage.Energies 2023; 16(18):6613.

[8]	Xiao Z, Tang F, Wang M.Wind power short-term forecasting method based on lstm and multiple error correction.Sustainability 2023; 15(4):3798.

[9]	Liu Z, Li X, Zhao H.Short-term wind power forecasting based on feature analysis and error correction.Energies 2023; 16(10):4249.

[10]	Wang G, Wang C, Shahidehpour M, Lin W.Deep semi-supervised learning method for false data detection against forgery and concealing of faults in cyber–physical power systems.IEEE Trans Smart Grid 2023; 15(1):944-958.

[11]	Mishra DK, Wang J, Li L, Zhang J, Hossain MJ.Resilience-driven scheme in multiple microgrids with secure transactive energy system framework.IEEE Trans Ind Appl 2023; 60(2):2277-2289.

[12]	Yang T, Yan B, Yang Q, Wang W.A packet payload anomaly detection approach for cyber–physical power systems. CSEE J Power Energy Syst. In Press.

[13]	Wang Z, Qi D, Li Z, Zhang J.Valid false data injection attacks under approximated power flow model in power distribution systems.CSEE J Power Energy Syst. In Press.

[14]	Ruan J, Wang Q, Chen S, Lyu H, Liang G, Zhao J, et al.On vulnerability of renewable energy forecasting: adversarial learning attacks.IEEE Trans Ind Inform 2023; 20(3):3650-3663.

[15]	Zhao T, Yue M, Wang J.Robust power system stability assessment against adversarial machine learning-based cyberattacks via online purification.IEEE Trans Power Syst 2023; 38(6):5613-5622.

[16]	Sahu A, Davis K.Inferring adversarial behaviour in cyber–physical power systems using a Bayesian attack graph approach.IET Cyber Phys Syst Theory Appl 2023; 8(2):91-108.

[17]	Sarker IH, Janicke H, Ferrag MA, Abuadbba A.Multi-aspect rule-based AI: methods, taxonomy, challenges and directions toward automation, intelligence and transparent cybersecurity modeling for critical infrastructures.Int Things 2024; 25:101110.

[18]	Sahani N, Zhu R, Cho JH, Liu CC.Machine learning-based intrusion detection for smart grid computing: a survey.ACM Trans Cyber Phys Syst 2023; 7(2):1-31.

[19]	Diaba SY, Elmusrati M.Proposed algorithm for smart grid DDoS detection based on deep learning.Neural Networks 2023; 159:175-184.

[20]	Radhoush S, Vannoy T, Liyanage K, Whitaker BM, Nehrir H.Distribution system state estimation and false data injection attack detection with a multi-output deep neural network.Energies 2023; 16(5):2288.

[21]	Yan B, Jiang Z, Yao P, Yang Q, Li W, Zomaya AY.Game theory based optimal defensive resources allocation with incomplete information in cyber–physical power systems against false data injection attacks.Prot Contr Mod Pow 2024; 9(2):115-127.

[22]	Reda HT, Anwar A, Mahmood AN, Tari Z.A axonomy of cyber defence strategies against false data attacks in smart grids.ACM Comput Surv 2023; 55(14):1-37.

[23]	Liu X, Liu J, Zhao Y, Ding T, Liu X, Liu J.A Bayesian deep learning-based probabilistic risk assessment and early-warning model for power systems considering meteorological conditions.IEEE Trans Ind Inform 2023; 20(2):1516-1527.

[24]	Zhang Z, Hu J, Lu J, Cao J, Yu J.False data injection attacks on LFC systems: an AI-based detection and countermeasure strategy.IEEE Trans Circuits Syst I 2023; 71(5):1969-1977.

[25]	Zhang Q, Li F, Zhao J, She B.False data injection attack and corresponding countermeasure in multienergy systems.IEEE Trans Power Syst 2023; 39(2):3537-3547.

[26]	Ge X, Yue M.A detection strategy based on deep learning against sequential outages induced by false data injection attacks.Electr Eng 2024; 106:5201-5217.

[27]	Wei S, Xu J, Wu Z, Hu Q, Yu X.A false data injection attack detection strategy for unbalanced distribution networks state estimation.IEEE Trans Smart Grid 2023; 14(5):3992-4006.

[28]	Ye X.Sparsity and coordination constraints on stealth data injection attacks [dissertation]. University of Sheffield, Sheffield (2023)

[29]	Kong M, Shen F, Du P, Peng X, Zhong W.Distributed secure consensus for multiagent systems based on removing intra-cluster coupling restrictions and its application to energy systems.Inform Sci 2024; 653:119579.

[30]	Ahmadian S, Malki H, Han Z.Cyber attacks on smart energy grids using generative adverserial networks.In: Proceedings of 2018 IEEE Global Conference on Signal and Information Processing (GlobalSIP); 2018 Nov 26–29; Anaheim, CA, USA. IEEE; 2018.

[31]	Efatinasab E, Brighente A, Rampazzo M, Azadi N, Conti M.GAN-GRID: a novel generative attack on smart grid stability prediction.2024. arXiv: 2405.12076.

[32]	Dash SP, Khandeparkar KV.A false data injection attack on data-driven strategies in smart grid using GAN. Advances and Trends in Artificial Intelligence. Theory and applications. Cham: Springer; 2023.

[33]	Ren C, Xu Y.Robustness verification for machine learning-based power system dynamic security assessment models under adversarial examples.IEEE Trans Control Netw Syst 2022; 9(4):1645-1654.

[34]	Ren C, Du X, Xu Y, Song Q, Liu Y, Tan R.Vulnerability analysis, robustness verification, and mitigation strategy for machine learning-based power system stability assessment model under adversarial examples.IEEE Trans Smart Grid 2021; 13(2):1622-1632.

[35]	Cui L, Guo L, Gao L, Cai B, Qu Y, Zhou Y, et al.A covert electricity-theft cyber-attack against machine learning-based detection models.IEEE Trans Ind Inform 2022; 18(11):7824-7833.

[36]	Khan OGM, El-Saadany EF, Youssef A, Shaaban MF.Cyber security of market-based congestion management methods in power distribution systems.IEEE Trans Ind Inform 2021; 17(12):8142-8153.

[37]	Kundu A, Sahu A, Serpedin E, Davis K.A3D: Attention-based auto-encoder anomaly detector for false data injection attacks.Electr Power Syst Res 2020; 189:106795.

[38]	Takiddin A, Ismail M, Zafar U, Serpedin E.Deep autoencoder-based anomaly detection of electricity theft cyberattacks in smart grids.IEEE Syst J 2022; 16(3):4106-4117.

[39]	Boyaci O, Umunnakwe A, Sahu A, Narimani MR, Ismail M, Davis KR, et al.Graph neural networks based detection of stealth false data injection attacks in smart grids.IEEE Syst J 2021; 16(2):2946-2957.

[40]	Boyaci O, Narimani MR, Davis KR, Ismail M, Overbye TJ, Serpedin E.Joint detection and localization of stealth false data injection attacks in smart grids using graph neural networks.IEEE Trans Smart Grid 2021; 13(1):807-819.

[41]	Liu Z, Wang Q, Ye Y, Tang Y.A GAN based data injection attack method on data-driven strategies in power systems.IEEE Trans Smart Grid 2022; 13(4):3203-3213.

RIGHTS & PERMISSIONS

THE AUTHOR

PDF (6353KB)

13044

Accesses

Citation

Detail

Sections

Recommended

Browse

Authors & reviewers

About the journal

Abstract

Graphical abstract

Keywords

Cite this article

1. Introduction

2. The GAN-based attack method

2.1. Assumptions

2.2. Problem description

2.3. Attack model

3. Construction of the FDIA model

3.1. Converter modeling

3.2. Controller modeling

3.3. Parameter estimation

3.4. Designing the attack vector

3.4.1. Calculate the optimized reference voltage output for the DC/AC converter ud,qA∗

3.4.2. Calculate ud,qA and id,qA

4. Attack process

5. Case study

5.1. Scenario description

5.2. Estimating the values of parameters

5.3. Generating the attack vector

5.4. Comparison of attack effects for different attack targets

6. Conclusions

Acknowledgment

References

RIGHTS & PERMISSIONS

**3.4.1. Calculate the optimized reference voltage output for the DC/AC converter $u_{d, q A}^{*}$**

3.4.2. Calculate $u_{d, q A}$ and $i_{d, q A}$