Towards Attack Resilient Data Analytics for Power Grid Operations

s
Activity Leads: 
Industry Collaborators: 
  • Pacific Power
  • Schweitzer Engineering Laboratories
  • We are currently seeking additional collaborators from industry, power utilities, or national labs. Through collaboration, we hope to extend our robust learning framework to other interesting applications beyond microgrid control. Further, we would like an opportunity to test our idea with a testbed or real-life system. Contact Eduardo Cotilla-Sanchez to discuss how you can engage or collaborate with our research team.
Summary Statement: 

In order to make a power grid resilient to cyber attacks, it is necessary to assure that power system control and protection schemes can function properly to isolate faults, mitigate damage, and recover lost components, in the presence of an on-going attack.  However, critical power system control and protection decisions such as microgrid islanding, relay tripping, and load shedding are inherently data-dependent, and they can be exploited by an adversary through data integrity attacks to produce malicious control decisions.  The aforementioned applications are representative examples where compromised data may directly lead to malicious control actions, but countermeasures have not yet been developed.  In this activity, we will fill this gap by developing novel data analytics for microgrid islanding, relay operation, and load shedding that are resilient to data integrity attacks.  First, we will consider the problem of identifying stable islanding/reconnection timings for microgrids.  Islanding or reconnection of a microgrid, if not done properly and under right conditions, can harm the stability of the grid.  Existing techniques for determining stable islanding/reconnection timings rely on local measurements of the status of the points of common connections, but such techniques are prone to producing wrong results if the integrity of status measurements is compromised.  An adversary might be able to exploit this vulnerability in his or her attempt to destabilize the grid by leveraging data integrity attacks.  In this activity, we will develop a technique resilient to data integrity attack so as to predict stable islanding/ reconnection timings based on real-time PMU data.  Second, we will develop resilient analytics that can advise reliable load shedding and relay operating schemes based on real-time PMU data, in the presence of a data integrity attack.  Such a technique is essential for mitigating damages from contingencies induced by a cyber attack that may involve a data integrity attack.  We envision that the developed techniques can be integrated into existing microgrid management and power system protection toolsets to enhance resiliency of grid operation to data integrity attacks.  The outcome of the activity will help to achieve the 2011 DOE roadmap vision of resilient energy delivery systems that are designed, installed, operated, and maintained to survive a cyber incident while sustaining critical functions.

Energy Delivery System (EDS) Gap Analysis: 

In the era of smart grid, the adoption of advanced data analytics is expected to aid decision making at a variety of operations in the power grid such as power system protection. Nevertheless, the potential impact of compromised data on grid operations has not yet been studied. In this activity, we aim to fill this gap by investigating vulnerability of existing data analytics for power system protection and control and developing a resilient analytics that can advise operators with reliable decisions even in the presence of data integrity attack.

Reference the research activity fact sheet (PDF) for an extended gap analysis and bibliography.

How does this research activity address the Roadmap to Achieve Energy Delivery Systems Cybersecurity?
The activity is mainly concerned with developing data analytics for power system protection (e.g., load shedding, relay tripping, microgrid islanding) that are resilient to data integrity attacks. Data integrity attacks can be carried out as part of a larger adversarial effort, and attack-resilient analytics for power system protection are needed to mitigate damage to the power grid in the event of cyber attacks, thereby reducing the associated risk. The outcome of the activity will help to achieve the 2011 DOE roadmap vision of resilient energy delivery systems that are designed, installed, operated, and maintained to survive a cyber incident while sustaining critical functions.

Status of Activity: 
Active