**Vulnerability Analysis of Power System State Estimation.** / Gul, Ammara.

Research output: Thesis › Doctoral Thesis

Unpublished

**Vulnerability Analysis of Power System State Estimation.** / Gul, Ammara.

Research output: Thesis › Doctoral Thesis

Gul, A 2020, 'Vulnerability Analysis of Power System State Estimation', Ph.D., Royal Holloway, University of London.

Gul A. Vulnerability Analysis of Power System State Estimation. 2020. 109 p.

@phdthesis{1db9c7eb18494a2eb47baab19e48e5fb,

title = "Vulnerability Analysis of Power System State Estimation",

abstract = "State estimation is a significant tool for a system's control and monitoring purposes. It is a process of estimating the actual state of the system. It has been extensively used in electrical power networks. Transformation of power systems to largely distributed smart grids provides the ability to deal with networks that are more complex and to enhance robustness. On the other side, for a smart grid to be robust, its information infrastructure must be reliable in case of failures and attacks. This thesis contributes to the characterisation of information flows and error propagation within state estimators (centralised and hierarchical) in the face of different (yet novel) attacks.For a couple of decades, state estimation has gained much attention and several state estimators have been proposed so far including centralized, hierarchical and distributed. However, as far as resilience and robustness against attacks are concerned, conventional state estimation has remained the centre of interest. While future generation smart grid is mostly distributed, decentralised structures are high in demand to retain system robustness. We particularly propose data and topology related (novel) attacks for centralised state and then extend them to hierarchical case determining the necessary and sufficient conditions for the adversary to attack.We instigate a constrained swapping attack mechanism which will be realistic even with the communication channel (for measurements) being authenticated and integrity-protected such as those recommended by the ISO/IEC 62351 standard. We show that measurement re-ordering is sufficient to provoke errors in state estimation or prevent it to converge. We define security metrics to quantify the importance of sparse and minimum magnitude re-ordering attacks, assuming partial knowledge available. In addition, we translate re-ordering attacks on hierarchical state estimation and study fault propagation in intermediate and top-level state estimate because of attack on bottom level region. Among deliberate attacks on state estimation, data-driven malicious activities e.g., false data attacks are extensively explored than the other main cause i.e., topology related attacks. Hence, we consider types of attacks including single and double topology modifications and study the impacts on state estimators of induced double line faults. Possible effects range from state forcing to divergence while determining optimal conditions for attackers (with partial system knowledge). Moreover, as topology processing is conventionally performed before state estimation, attacker has a good chance to stealthily induce and possibly revert topology changes within a single scan cycle. We exploit the abstraction that all measurements arrive instantly and synchronously to be processed by state estimator. We therefore give an adversary model by formulating an optimisation problem that minimises attack cost and determines the impacts in form of denial of service attacks up to loss of observability and study recoverability.Both the use of renewable energy and demand management require more frequent controlled topology changes compared to arising from faults/maintenance. Topology processing is hence an integral part of state estimation. We expand topology processing algorithm for better understanding of vulnerabilities with respect to an attacker. Therefore, we propose topology modifications that can cause impacts including state forcing and propose an approach to determine optimum cost attacks for adversaries with limited system knowledge.",

author = "Ammara Gul",

year = "2020",

language = "English",

school = "Royal Holloway, University of London",

}

TY - THES

T1 - Vulnerability Analysis of Power System State Estimation

AU - Gul, Ammara

PY - 2020

Y1 - 2020

N2 - State estimation is a significant tool for a system's control and monitoring purposes. It is a process of estimating the actual state of the system. It has been extensively used in electrical power networks. Transformation of power systems to largely distributed smart grids provides the ability to deal with networks that are more complex and to enhance robustness. On the other side, for a smart grid to be robust, its information infrastructure must be reliable in case of failures and attacks. This thesis contributes to the characterisation of information flows and error propagation within state estimators (centralised and hierarchical) in the face of different (yet novel) attacks.For a couple of decades, state estimation has gained much attention and several state estimators have been proposed so far including centralized, hierarchical and distributed. However, as far as resilience and robustness against attacks are concerned, conventional state estimation has remained the centre of interest. While future generation smart grid is mostly distributed, decentralised structures are high in demand to retain system robustness. We particularly propose data and topology related (novel) attacks for centralised state and then extend them to hierarchical case determining the necessary and sufficient conditions for the adversary to attack.We instigate a constrained swapping attack mechanism which will be realistic even with the communication channel (for measurements) being authenticated and integrity-protected such as those recommended by the ISO/IEC 62351 standard. We show that measurement re-ordering is sufficient to provoke errors in state estimation or prevent it to converge. We define security metrics to quantify the importance of sparse and minimum magnitude re-ordering attacks, assuming partial knowledge available. In addition, we translate re-ordering attacks on hierarchical state estimation and study fault propagation in intermediate and top-level state estimate because of attack on bottom level region. Among deliberate attacks on state estimation, data-driven malicious activities e.g., false data attacks are extensively explored than the other main cause i.e., topology related attacks. Hence, we consider types of attacks including single and double topology modifications and study the impacts on state estimators of induced double line faults. Possible effects range from state forcing to divergence while determining optimal conditions for attackers (with partial system knowledge). Moreover, as topology processing is conventionally performed before state estimation, attacker has a good chance to stealthily induce and possibly revert topology changes within a single scan cycle. We exploit the abstraction that all measurements arrive instantly and synchronously to be processed by state estimator. We therefore give an adversary model by formulating an optimisation problem that minimises attack cost and determines the impacts in form of denial of service attacks up to loss of observability and study recoverability.Both the use of renewable energy and demand management require more frequent controlled topology changes compared to arising from faults/maintenance. Topology processing is hence an integral part of state estimation. We expand topology processing algorithm for better understanding of vulnerabilities with respect to an attacker. Therefore, we propose topology modifications that can cause impacts including state forcing and propose an approach to determine optimum cost attacks for adversaries with limited system knowledge.

AB - State estimation is a significant tool for a system's control and monitoring purposes. It is a process of estimating the actual state of the system. It has been extensively used in electrical power networks. Transformation of power systems to largely distributed smart grids provides the ability to deal with networks that are more complex and to enhance robustness. On the other side, for a smart grid to be robust, its information infrastructure must be reliable in case of failures and attacks. This thesis contributes to the characterisation of information flows and error propagation within state estimators (centralised and hierarchical) in the face of different (yet novel) attacks.For a couple of decades, state estimation has gained much attention and several state estimators have been proposed so far including centralized, hierarchical and distributed. However, as far as resilience and robustness against attacks are concerned, conventional state estimation has remained the centre of interest. While future generation smart grid is mostly distributed, decentralised structures are high in demand to retain system robustness. We particularly propose data and topology related (novel) attacks for centralised state and then extend them to hierarchical case determining the necessary and sufficient conditions for the adversary to attack.We instigate a constrained swapping attack mechanism which will be realistic even with the communication channel (for measurements) being authenticated and integrity-protected such as those recommended by the ISO/IEC 62351 standard. We show that measurement re-ordering is sufficient to provoke errors in state estimation or prevent it to converge. We define security metrics to quantify the importance of sparse and minimum magnitude re-ordering attacks, assuming partial knowledge available. In addition, we translate re-ordering attacks on hierarchical state estimation and study fault propagation in intermediate and top-level state estimate because of attack on bottom level region. Among deliberate attacks on state estimation, data-driven malicious activities e.g., false data attacks are extensively explored than the other main cause i.e., topology related attacks. Hence, we consider types of attacks including single and double topology modifications and study the impacts on state estimators of induced double line faults. Possible effects range from state forcing to divergence while determining optimal conditions for attackers (with partial system knowledge). Moreover, as topology processing is conventionally performed before state estimation, attacker has a good chance to stealthily induce and possibly revert topology changes within a single scan cycle. We exploit the abstraction that all measurements arrive instantly and synchronously to be processed by state estimator. We therefore give an adversary model by formulating an optimisation problem that minimises attack cost and determines the impacts in form of denial of service attacks up to loss of observability and study recoverability.Both the use of renewable energy and demand management require more frequent controlled topology changes compared to arising from faults/maintenance. Topology processing is hence an integral part of state estimation. We expand topology processing algorithm for better understanding of vulnerabilities with respect to an attacker. Therefore, we propose topology modifications that can cause impacts including state forcing and propose an approach to determine optimum cost attacks for adversaries with limited system knowledge.

M3 - Doctoral Thesis

ER -