Abstract
State estimation is a key problem wherever systems can only be observed
partially, and is typically a prerequisite for effective control. The
most widespread current use of state estimation is in electrical power
networks, which combine distribution over wide areas with realtime
requirements.
A number of state estimators have been proposed, but studies of
robustness against attacks has concentrated solely on the centralised
case; here we discuss the hierarchical case particularly relevant for
smart and microgrid environments. Existing models are too coarse to
provide the necessary insight to understand the robustness to different,
also novel, types of attacks. These have so far been studied only for
centralised approaches, and are also relatively coarse in the forced
states investigated.
The problem of malicious false data injection in power grid state
estimators has recently gained considerable attention. Most of this
attention, however, has been focused on the assumption of a centralized
state estimator. In a nextgeneration smart grid environment
incorporating distributed generation and highly variable demand induced
by electric mobility, distributed state estimation is highly desirable to
enhance overall grid robustness.
Using a formal observability model, we consider the case of an active
adversary able to modify a set of measurements and derive bounds on the
maximum number of manipulated measurements that can be tolerated,
the composition of attack vectors, and give
a formulation for identifying minimal sets of additional measurements to
tolerate $k$measurement attacks in this hierarchical state estimator.
State estimation is critical to ensure the stability of many nontrivial
control systems where full observability cannot be maintained.
In recent years, the problem of malicious bad
data injection has been studied extensively, with a number of
innovative mitigation and protection measures being proposed.
Hierarchical and distributed state estimation systems require not only
correct measurements and means for detecting and mitigating any faults or
attacks, but also timely transmission of measurements and
intermediate results. We argue that the latter has thus far not been
considered adequately, and that communication channels cannot be
considered to be instantaneous and reliable, nor solely be captured by
stochastic models.
Hence, we introduce a communication channel model for hierarchical
state estimators relying on the common WLS formulation and analyse the
propagation of faults leading up to convergence failures in both
intermediate and toplevel state estimates as a consequence of
interference with the communication channel. To this end we concentrate
on denial of servicetype attacks, limited to suppression of
communication or channel manipulation resulting in delays or jitter as
such attacks are feasible even where channel integrity and
confidentiality are protected adequately.
The stability of a power network is strongly influenced by the ability of
network operators to determine the current state despite not having a
full set of simultaneous measurements available as this determines the
ability to dispatch generator capacity and to take corrective measures.
State estimation for power networks has long been the subject of
intensive scrutiny as it must satisfy requirements for computational
efficiency, tolerance to bad data, and errors in the underlying
topology. In addition, however, the canonical weighted least squares
(WLS) solution is prone to illconditioning problems particularly when
using GaussNewton normal equations (NE).
Whilst these problems of stability and sensitivity have been studied
intensely with methods from real analysis and optimization theory giving
enhanced error bounds, this has not been considered as a source of
attacks resulting in failure to achieve a satisfactory state
estimate. Moreover, we show that these problems are further
exacerbated in case of iterative state estimation stability found in
hierarchical state estimators have received insufficient attention,
particularly as smart (micro) grids cannot rely on carefully designed
measurement systems and topology.
Both for centralized and hierarchical state estimators, however, we
describe a novel class of attacks on state estimators which can both
force error parameters to become unacceptable and result in outright
state estimator divergence, noting that this is not limited to WLS
approaches.
Continuous and accurate state estimation is a key prerequisite for
ensuring reliable and efficient operation of power networks. Conventional
state estimation relies on a single centralized estimator, which is
problematic in a smart grid environment where partitioning and
distributed operation is far more likely, and represents a single
point of failure. This has recently led to an interest in hierarchical
and distributed state estimation, which has, however, been restricted to
offline configurations. Moreover, similar to the centralized approach,
these estimators do not consider the source of measurements.
We argue that robust and resilient state estimation requires the ability
to tolerate partitioning of both the electric power and implicitly of the
communication network. This paper therefore describes a randomized,
constraintbased optimization algorithm for (re)partitioning a
power network based on externally imposed constraints as may
particularly arise in case of attacks on both communication networks and
the power network itself including maximization of overlapping areas
and hence measurements. The latter constraint distinguishes the approach
from wellstudied graph partitioning problems normally seeking to
minimize edges between partition elements. We also describe the
establishment of a hierarchical state estimator with independent local
state over the partitioning satisfying robustness and stability
constraints.
partially, and is typically a prerequisite for effective control. The
most widespread current use of state estimation is in electrical power
networks, which combine distribution over wide areas with realtime
requirements.
A number of state estimators have been proposed, but studies of
robustness against attacks has concentrated solely on the centralised
case; here we discuss the hierarchical case particularly relevant for
smart and microgrid environments. Existing models are too coarse to
provide the necessary insight to understand the robustness to different,
also novel, types of attacks. These have so far been studied only for
centralised approaches, and are also relatively coarse in the forced
states investigated.
The problem of malicious false data injection in power grid state
estimators has recently gained considerable attention. Most of this
attention, however, has been focused on the assumption of a centralized
state estimator. In a nextgeneration smart grid environment
incorporating distributed generation and highly variable demand induced
by electric mobility, distributed state estimation is highly desirable to
enhance overall grid robustness.
Using a formal observability model, we consider the case of an active
adversary able to modify a set of measurements and derive bounds on the
maximum number of manipulated measurements that can be tolerated,
the composition of attack vectors, and give
a formulation for identifying minimal sets of additional measurements to
tolerate $k$measurement attacks in this hierarchical state estimator.
State estimation is critical to ensure the stability of many nontrivial
control systems where full observability cannot be maintained.
In recent years, the problem of malicious bad
data injection has been studied extensively, with a number of
innovative mitigation and protection measures being proposed.
Hierarchical and distributed state estimation systems require not only
correct measurements and means for detecting and mitigating any faults or
attacks, but also timely transmission of measurements and
intermediate results. We argue that the latter has thus far not been
considered adequately, and that communication channels cannot be
considered to be instantaneous and reliable, nor solely be captured by
stochastic models.
Hence, we introduce a communication channel model for hierarchical
state estimators relying on the common WLS formulation and analyse the
propagation of faults leading up to convergence failures in both
intermediate and toplevel state estimates as a consequence of
interference with the communication channel. To this end we concentrate
on denial of servicetype attacks, limited to suppression of
communication or channel manipulation resulting in delays or jitter as
such attacks are feasible even where channel integrity and
confidentiality are protected adequately.
The stability of a power network is strongly influenced by the ability of
network operators to determine the current state despite not having a
full set of simultaneous measurements available as this determines the
ability to dispatch generator capacity and to take corrective measures.
State estimation for power networks has long been the subject of
intensive scrutiny as it must satisfy requirements for computational
efficiency, tolerance to bad data, and errors in the underlying
topology. In addition, however, the canonical weighted least squares
(WLS) solution is prone to illconditioning problems particularly when
using GaussNewton normal equations (NE).
Whilst these problems of stability and sensitivity have been studied
intensely with methods from real analysis and optimization theory giving
enhanced error bounds, this has not been considered as a source of
attacks resulting in failure to achieve a satisfactory state
estimate. Moreover, we show that these problems are further
exacerbated in case of iterative state estimation stability found in
hierarchical state estimators have received insufficient attention,
particularly as smart (micro) grids cannot rely on carefully designed
measurement systems and topology.
Both for centralized and hierarchical state estimators, however, we
describe a novel class of attacks on state estimators which can both
force error parameters to become unacceptable and result in outright
state estimator divergence, noting that this is not limited to WLS
approaches.
Continuous and accurate state estimation is a key prerequisite for
ensuring reliable and efficient operation of power networks. Conventional
state estimation relies on a single centralized estimator, which is
problematic in a smart grid environment where partitioning and
distributed operation is far more likely, and represents a single
point of failure. This has recently led to an interest in hierarchical
and distributed state estimation, which has, however, been restricted to
offline configurations. Moreover, similar to the centralized approach,
these estimators do not consider the source of measurements.
We argue that robust and resilient state estimation requires the ability
to tolerate partitioning of both the electric power and implicitly of the
communication network. This paper therefore describes a randomized,
constraintbased optimization algorithm for (re)partitioning a
power network based on externally imposed constraints as may
particularly arise in case of attacks on both communication networks and
the power network itself including maximization of overlapping areas
and hence measurements. The latter constraint distinguishes the approach
from wellstudied graph partitioning problems normally seeking to
minimize edges between partition elements. We also describe the
establishment of a hierarchical state estimator with independent local
state over the partitioning satisfying robustness and stability
constraints.
Original language  English 

Qualification  Ph.D. 
Supervisors/Advisors 

Award date  15 Sep 2016 
Publication status  Unpublished  14 Feb 2017 
Keywords
 Smart Grids
 State Estimation
 WLS
 Hierarchical State Estimation
 Numerical Stability
 DoS Attacks to State Etimators
 Jitter Attack
 Covariance Matrix Manipulation