Slides
Video
Abstract
With the increasing reliance of power system monitoring and control over communication protocols, the possibility that entities with malicious intent can gain access to and are able to alter operational commands has become more likely. While it is possible and advisable to include intrusion detection/prevention techniques to examine and verify the syntax of protocol messages, we propose and investigate an alternative approach to threat detection via the use of a rapid, approximate state estimation scheme. The scheme requires the determination of the system state estimate at frequent time intervals and the performance of consistency checks between the observed system state and that expected from the original order implementation. We obtain the gains in computational speed in the proposed approximate state-estimation-based approach via the use of a reduced set of prioritized measurement sets and a judiciously-determined limit on the number of iterations in the state estimation process to meet the limited time response constraints. We demonstrate the effective deployment use this estimation-based approach in a case study with data integrity attacks on power commands on the high-voltage direct current (HVDC) lines integrated within an AC grid. We discuss the computational and accuracy aspects and provide bounds on the extent to which an attacker can corrupt power orders that the scheme successfully detects.
