In this article, we address the problem of integrity of the state estimation in presence of a novel bad data injection threat. We consider persistent adversaries who inject attack vectors 'silently,' i.e., they drift the results of the state estimation gradually in multiple steps, with each step bypassing the bad data detection step of state estimation. Prior works on the topic have shown how an adversary can bypass the bad data detection by constructing attack vectors as linear combinations of the column vectors of the measurement Jacobian matrix. We show here that the attack surface is much broader than implied by this assumption. We demonstrate our attack strategy using realistic load patterns from NYISO in the IEEE 14-bus system. We also propose a detection method that uses the expected energy of normalized residues and a paired t-test, and we show its effectiveness. The generality of the proposed attack and detection strategy implies that it can be used in other cyber-physical systems involving state estimation based on linearized state perturbation.
Bibliographical noteVersion archived for private and non-commercial use with the permission of the author/s and according to publisher conditions. For further rights please contact the publisher.
- Cyber-physical systems security
- measurement Jacobian matrix
- persistent adversary
- perturbation bound
- silent perturbation
- smart grid
- state estimation