Coherency-Based Detection Algorithm for Synchrophasor Cyberattacks

The wide area monitoring system (WAMS) is critical for power system situational awareness, but represents a growing cybersecurity vulnerability. Malicious adversaries may seek to compromise one or more PMUs in order to effect control decisions that unnecessarily disrupt typical grid operations. One...

Full description

Saved in:

Bibliographic Details
Published in:	2019 North American Power Symposium (NAPS) pp. 1 - 6
Main Authors:	Hart, Philip, Acharya, Sowmya, Wang, Honggang
Format:	Conference Proceeding
Language:	English
Published:	IEEE 01.10.2019
Subjects:	Circuit faults coherency Computer crime Cyberattack detection algorithm Detection algorithms event classification fault Mathematical model Partitioning algorithms Phasor measurement units Power systems replay attack synchrophasors WAMS
Online Access:	Get full text
Tags:	Add Tag No Tags, Be the first to tag this record!

Abstract	The wide area monitoring system (WAMS) is critical for power system situational awareness, but represents a growing cybersecurity vulnerability. Malicious adversaries may seek to compromise one or more PMUs in order to effect control decisions that unnecessarily disrupt typical grid operations. One example of a particularly pernicious attack vector is the spoofing or replaying of a fault event using one or more compromised PMUs. This work documents the development and validation of a coherency-based cyberattack detection algorithm that integrates a sliding-window singular value decomposition (SVD) with physics-based partitioning analysis to achieve accurate classification of events. Special consideration is given to discerning a sophisticated fault-replay or fault spoofing attack from actual faults. A software-based cybersecurity testbed has been developed for rigorous testing of the algorithm. The algorithm is further validated using simulated synchrophasor datasets obtained from a MinniWECC 63-bus test system. Results show that the algorithm can successfully detect fault-replay attacks even when over half of the PMUs are compromised.
AbstractList	The wide area monitoring system (WAMS) is critical for power system situational awareness, but represents a growing cybersecurity vulnerability. Malicious adversaries may seek to compromise one or more PMUs in order to effect control decisions that unnecessarily disrupt typical grid operations. One example of a particularly pernicious attack vector is the spoofing or replaying of a fault event using one or more compromised PMUs. This work documents the development and validation of a coherency-based cyberattack detection algorithm that integrates a sliding-window singular value decomposition (SVD) with physics-based partitioning analysis to achieve accurate classification of events. Special consideration is given to discerning a sophisticated fault-replay or fault spoofing attack from actual faults. A software-based cybersecurity testbed has been developed for rigorous testing of the algorithm. The algorithm is further validated using simulated synchrophasor datasets obtained from a MinniWECC 63-bus test system. Results show that the algorithm can successfully detect fault-replay attacks even when over half of the PMUs are compromised.
Author	Wang, Honggang Hart, Philip Acharya, Sowmya
Author_xml	– sequence: 1 givenname: Philip surname: Hart fullname: Hart, Philip organization: GE Global Research,Niskayuna,New York,USA – sequence: 2 givenname: Sowmya surname: Acharya fullname: Acharya, Sowmya organization: GE Global Research,Niskayuna,New York,USA – sequence: 3 givenname: Honggang surname: Wang fullname: Wang, Honggang organization: GE Global Research,Niskayuna,New York,USA
BookMark	eNotj8tOwzAURI0EC1r4AiSUH0iwHT_iZRqeUgVIhXV1Y98Qi9auHG_y90SimsXobEZnVuQyxICE3DNaMUbNw3v7uROqlqzilJnKUEq5ZhdkxTRvGBVUq2uy6eKICYOdyw1M6IpHzGizj6FoDz8x-TweiyGmYjcHO6Z4GmFaqJt7TJAz2N_phlwNcJjw9txr8v389NW9ltuPl7eu3Zae6yaXxinjmAQwCqERWhpYvKzmgx24EDj0hveuka62hisJNaIQtBGIul_C6zW5-9_1iLg_JX-ENO_Pt-o_QehIWA
ContentType	Conference Proceeding
DBID	6IE 6IL CBEJK RIE RIL
DOI	10.1109/NAPS46351.2019.9000271
DatabaseName	IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Xplore IEEE Proceedings Order Plans (POP All) 1998-Present
DatabaseTitleList
Database_xml	– sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher
DeliveryMethod	fulltext_linktorsrc
EISBN	1728104076 9781728104072
EndPage	6
ExternalDocumentID	9000271
Genre	orig-research
GroupedDBID	6IE 6IL CBEJK RIE RIL
ID	FETCH-LOGICAL-i278t-9d69d15aa96ea84759a201c72fcf244efb92bd85d3c9265a3ee44084ee7b7b723
IEDL.DBID	RIE
ISICitedReferencesCount	1
ISICitedReferencesURI	http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000553797300107&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
IngestDate	Thu Jun 29 18:38:51 EDT 2023
IsDoiOpenAccess	false
IsOpenAccess	true
IsPeerReviewed	false
IsScholarly	false
Language	English
LinkModel	DirectLink
MergedId	FETCHMERGED-LOGICAL-i278t-9d69d15aa96ea84759a201c72fcf244efb92bd85d3c9265a3ee44084ee7b7b723
OpenAccessLink	https://www.osti.gov/biblio/1985688
PageCount	6
ParticipantIDs	ieee_primary_9000271
PublicationCentury	2000
PublicationDate	2019-Oct.
PublicationDateYYYYMMDD	2019-10-01
PublicationDate_xml	– month: 10 year: 2019 text: 2019-Oct.
PublicationDecade	2010
PublicationTitle	2019 North American Power Symposium (NAPS)
PublicationTitleAbbrev	NAPS
PublicationYear	2019
Publisher	IEEE
Publisher_xml	– name: IEEE
Score	1.714358
Snippet	The wide area monitoring system (WAMS) is critical for power system situational awareness, but represents a growing cybersecurity vulnerability. Malicious...
SourceID	ieee
SourceType	Publisher
StartPage	1
SubjectTerms	Circuit faults coherency Computer crime Cyberattack detection algorithm Detection algorithms event classification fault Mathematical model Partitioning algorithms Phasor measurement units Power systems replay attack synchrophasors WAMS
Title	Coherency-Based Detection Algorithm for Synchrophasor Cyberattacks
URI	https://ieeexplore.ieee.org/document/9000271
WOSCitedRecordID	wos000553797300107&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
link	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3PS8MwFA5zePCksom_6cGj2dasbZLjNh0epBSmsNvIjxc30E62Tth_70tWJoIXySVpC-UlDd97zfveR8gdbgL8NJyhqg89mqiYUelYRuPEam1Ugj5zqDP7zPNcTKeyaJD7PRcGAELyGXR8N5zl26XZ-F9lXRkOyjDWOeCc77haNek37sluPigmCeKnj_pi2akf_qWaEkBjfPy_152Q9g_7Lir2uHJKGlC2yNDzKPy9LR0i8NjoAaqQRVVGg_e3JYb4848IHdBosi2Nlz6YqzWORlvtqyZXnknfJq_jx5fRE631D-iCcVFRaTNp41QpmYESvjCfQssMZ844RGVwWjJtRWr7RrIsxdkGrx-dAHCNjfXPSLNclnBOIqu4QFcOl0GIRCmnwaY9xY3XKXIYpFyQlrd_9rkrcTGrTb_8-_IVOfJTvMtpuybNarWBG3JovqrFenUb1uUbEW2QnA
linkProvider	IEEE
linkToHtml	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1bS8MwFA5jCvqksol3--Cj2dYsveRxm46Jsww2YW8jlxM30E62Tui_96QrE8EXyUvSFspJGr5zmvOdj5A73AT4aVhNZRtalEufUWFZSH1ulNKSo89c1JkdRkkST6diVCH3Oy4MABTJZ9Bw3eIs3yz1xv0qa4rioAxjnb2Ac-Zv2Vol7ddviWbSGY05IqiL-3zRKB__pZtSwEb_6H8vPCb1H_6dN9ohywmpQFojXcekcPdy2kXoMd4DZEUeVep13t-WGOTPPzx0Qb1xnmonfjCXaxz1cuXqJmeOS18nr_3HSW9ASwUEumBRnFFhQmH8QEoRgoxdaT6JlumIWW0Rl8EqwZSJA9PWgoUBzjc4BWkOEClsrH1KqukyhTPiGRnF6MzhQsQxl9IqMEFLRtopFVkMU85Jzdk_-9wWuZiVpl_8ffmWHAwmL8PZ8Cl5viSHbrq3GW5XpJqtNnBN9vVXtlivboo1-gbG6JPj
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2019+North+American+Power+Symposium+%28NAPS%29&rft.atitle=Coherency-Based+Detection+Algorithm+for+Synchrophasor+Cyberattacks&rft.au=Hart%2C+Philip&rft.au=Acharya%2C+Sowmya&rft.au=Wang%2C+Honggang&rft.date=2019-10-01&rft.pub=IEEE&rft.spage=1&rft.epage=6&rft_id=info:doi/10.1109%2FNAPS46351.2019.9000271&rft.externalDocID=9000271