Learn More
—Covert data attacks on the network topology of a smart grid is considered. In a so-called man-in-the-middle attack, an adversary alters data from certain meters and network switches to mislead the control center with an incorrect network topology while avoiding detections by the control center. A necessary and sufficient condition for the existence of an(More)
Data attacks on state estimation modify part of system measurements such that the tempered measurements cause incorrect system state estimates. Attack techniques proposed in the literature often require detailed knowledge of system parameters. Such information is difficult to acquire in practice. The subspace methods presented in this paper, on the other(More)
—A new mechanism aimed at misleading a power system control center about the source of a data attack is proposed. As a man-in-the-middle state attack, a data framing attack is proposed to exploit the bad data detection and identification mechanisms currently in use at most control centers. In particular, the proposed attack frames meters that are providing(More)
—A data framing attack is presented to exploit the bad data detection and identification mechanisms at a typical ISO/RTO control center. In particular, the proposed attack frames normal meters as sources of bad data and causes the control center to remove useful measurements from the framed meters. The proposed attack uses subspace information of power(More)
—Cyber attacks on a smart grid aiming at misleading the control center with incorrect topology information are considered. In such attacks, an adversary intercepts network and meter data from the remote terminal units, modifies part of them, and forwards the modified data to the control center. A necessary and sufficient condition for an undetectable(More)
—Cyber attacks on the SCADA system can mislead the control center to produce incorrect state and topology estimate. If undetected, state and topology attacks can have detrimental impacts on the real-time operation of a power system. The problem of placing secure phasor measurement units (PMUs) to detect such attacks is considered. It is shown that any state(More)
The problem of localizing in-band wormhole tunnels inMANETs is considered. In an in-band wormhole attack, colluding attackers use a covert tunnel to create the illusion that two remote network regions are directly connected. This apparent shortcut in the topology attracts traffic which the attackers can then control. To identify the nodes participating in(More)
The problem of detecting the presence of possibly bidirectional and time-varying information flows through two nodes in a network is considered. Only the transmission timing measurements are used in the detection. The proposed technique assumes no parametric flow model and requires no training data. The consistency of the detector is established for a class(More)
—The problem of forecasting the real-time locational marginal price (LMP) by a system operator is considered. A new probabilistic forecasting framework is developed based on a time in-homogeneous Markov chain representation of the real-time LMP calculation. By incorporating real-time measurements and forecasts, the proposed forecasting algorithm generates(More)