Visible to the public A Methodology for Detecting Stealthy Transformer Tap Command Injection Attacks in Smart Grids

TitleA Methodology for Detecting Stealthy Transformer Tap Command Injection Attacks in Smart Grids
Publication TypeConference Paper
Year of Publication2019
AuthorsChakrabarty, Shantanu, Sikdar, Biplab
Conference Name2019 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids (SmartGridComm)
Keywordsbranch currents, command injection attacks, composability, computer network security, control signals-commands, Energy management, False Data Injection, false tap command injection, IEEE 118-bus system, Indexes, malicious tap change command, Metrics, on load tap changers, on-load tap changing transformers, power generation control, Power measurement, power system SCADA networks, power system security, pubcrawl, Reactive power, resilience, Resiliency, SCADA channels, SCADA systems, Smart grids, smart power grids, state estimation, state variables, stealthy transformer tap command injection attacks detection, telecommunication channels, Voltage control, Voltage measurement, voltage regulation device
AbstractOn-Load Tap Changing transformers are a widely used voltage regulation device. In the context of modern or smart grids, the control signals, i.e., the tap change commands are sent through SCADA channels. It is well known that the power system SCADA networks are prone to attacks involving injection of false data or commands. While false data injection is well explored in existing literature, attacks involving malicious control signals/commands are relatively unexplored. In this paper, an algorithm is developed to detect a stealthily introduced malicious tap change command through a compromised SCADA channel. This algorithm is based on the observation that a stealthily introduced false data or command masks the true estimation of only a few state variables. This leaves the rest of the state variables to show signs of a change in system state brought about by the attack. Using this observation, an index is formulated based on the ratios of injection or branch currents to voltages of the terminal nodes of the tap changers. This index shows a significant increase when there is a false tap command injection, resulting in easy classification from normal scenarios where there is no attack. The algorithm is computationally light, easy to implement and reliable when tested extensively on several tap changers placed in an IEEE 118-bus system.
DOI10.1109/SmartGridComm.2019.8909786
Citation Keychakrabarty_methodology_2019