| Abstract | State estimation (SE) plays a vital role in the reliable operation of modern power systems, gives situational awareness to the operators, and is employed in different functions of the Energy Management System (EMS), such as Optimal Power Flow (OPF), Contingency Analysis (CA), power market mechanism, etc. To increase SE's accuracy and protect it from compromised measurements, Bad Data Detection (BDD) algorithm is employed. However, the integration of Information and Communication Technologies (ICT) into the modern power system makes it a complicated cyber-physical system (CPS). It gives this opportunity to an adversary to find some loopholes and flaws, penetrate to CPS layer, inject false data, bypass existing BDD schemes, and consequently, result in security and stability issues. This paper employs a semi-supervised learning method to find normal data patterns and address the False Data Injection Attack (FDIA) problem. Based on this idea, the Probability Distribution Functions (PDFs) of measurement variations are derived for training and test data sets. Two distinct indices, i.e., Absolute Distance (AD) and Relative Entropy (RE), a concept in Information Theory, are utilized to find the distance between these two PDFs. In case an intruder compromises data, the related PDF changes. However, we demonstrate that AD fails to detect these changes. On the contrary, the RE index changes significantly and can properly detect FDIA. This proposed method can be used in a real-time attack detection process where the larger RE index indicates the possibility of an attack on the real-time data. To investigate the proposed methodology's effectiveness, we utilize the New York Independent System Operator (NYISO) data (Jan.-Dec. 2019) with a 5-minute resolution and map it to the IEEE 14-bus test system, and prepare an appropriate data set. After that, two different case studies (attacks on voltage magnitude ( Vm), and phase angle (th)) with different attack parameters (i.e., 0.90, 0.95, 0.98, 1.02, 1.05, and 1.10) are defined to assess the impact of an attack on the state variables at different buses. The results show that RE index is a robust and reliable index, appropriate for real-time applications, and can detect FDIA in most of the defined case studies. |
False Data Detection in Power System Under State Variables' Cyber Attacks Using Information Theory