An Enhanced Energy Management System Including a Real-Time Load-Redistribution Threat Analysis Tool and Cyber-Physical SCED

  title={An Enhanced Energy Management System Including a Real-Time Load-Redistribution Threat Analysis Tool and Cyber-Physical SCED},
  author={Ramin Kaviani and Kory W. Hedman},
It is possible to launch undetectable load-redistribution (LR) attacks against power systems, even in systems with protection schemes. Therefore, detecting LR attacks in power systems and establishing a corrective action to provide secured operating points are imperative. In this paper, we develop a systematic real-time LR threat analysis (RTLRTA) tool, which can flag LR attacks and identify all affected transmission assets. Since attackers might use random deviations to create LR attacks, we… 
1 Citations

Figures and Tables from this paper


Modeling Load Redistribution Attacks in Power Systems
This is the first work of its kind, which quantitatively analyzes the damage of the false data injection attacks to power system operation and security, and provides an in-depth insight on effective attack prevention with limited protection resource budget.
A Detection Mechanism Against Load-Redistribution Attacks in Smart Grids
A real-time non-probabilistic approach to detect load-redistribution attacks, which attempt to cause an overflow, in smart grids by leveraging power systems domain insight to identify an underlying exploitable structure for the core problem of LR attacks.
Dynamic Load Altering Attacks Against Power System Stability: Attack Models and Protection Schemes
Dynamic load altering attacks (D-LAAs) are introduced as a new class of cyber-physical attacks against smart grid demand response programs and case studies are presented to assess system vulnerabilities, impacts of single-point and multi-point attacks, and optimal load protection in an IEEE 39 bus test system.
Attack Detection and Identification for Automatic Generation Control Systems
An anomaly based attack detection and identification method for protecting the AGC system against cyber vulnerabilities and the effectiveness of the proposed method is corroborated using simulation results for a three-area power system and the IEEE 39-bus network.
Pre-Overload-Graph-Based Vulnerable Correlation Identification Under Load Redistribution Attacks
Simulation results have shown, for the first time, that, by revealing the vulnerability correlations among branches, the proposed approach allows the system operator to better utilize the defense resources and focus on strengthening a limited number of vulnerable branches to enhance the system’s overall security against LR attacks.
Integrity Data Attacks in Power Market Operations
This paper shows how an attack could systematically construct a profitable attacking strategy, in the meantime being undetected by the system operator, and formalizes the economic impact of malicious data attacks on real-time market operations.
Cyber Attacks Against the Economic Operation of Power Systems: A Fast Solution
A simple approach is presented to determine an effective attack vector that can cause a significant increase in the operation cost of large-scale power systems, which is achieved by solving one bi-level linear programing problem.
False Data Injection Attacks Induced Sequential Outages in Power Systems
A potential link between data attack and physical consequences is revealed and how the attacker can launch a malicious data attack to trigger sequential outages and thus impose large damages to the grid is analyzed.
Vulnerability Analysis and Consequences of False Data Injection Attack on Power System State Estimation
A bi-level optimization problem is introduced whose objective is to maximize the physical line flows subsequent to an FDI attack on DC SE, subject to constraints on both attacker resources and attack detection.
Local Load Redistribution Attacks in Power Systems With Incomplete Network Information
  • Xuan Liu, Zuyi Li
  • Computer Science, Engineering
    IEEE Transactions on Smart Grid
  • 2014
A local load redistribution attacking model based on incomplete network information is proposed and it is shown that an attacker only needs to obtain the network information of the local attacking region to inject false data into smart meters in the local region without being detected by the state estimator.