Coherency-Based Detection Algorithm for Synchrophasor Cyberattacks

The wide area monitoring system (WAMS) is critical for power system situational awareness, but represents a growing cybersecurity vulnerability. Malicious adversaries may seek to compromise one or more PMUs in order to effect control decisions that unnecessarily disrupt typical grid operations. One...

Full description

Saved in:

Bibliographic Details
Published in:	2019 North American Power Symposium (NAPS) pp. 1 - 6
Main Authors:	Hart, Philip, Acharya, Sowmya, Wang, Honggang
Format:	Conference Proceeding
Language:	English
Published:	IEEE 01.10.2019
Subjects:	Circuit faults coherency Computer crime Cyberattack detection algorithm Detection algorithms event classification fault Mathematical model Partitioning algorithms Phasor measurement units Power systems replay attack synchrophasors WAMS
Online Access:	Get full text
Tags:	Add Tag No Tags, Be the first to tag this record!

Abstract	The wide area monitoring system (WAMS) is critical for power system situational awareness, but represents a growing cybersecurity vulnerability. Malicious adversaries may seek to compromise one or more PMUs in order to effect control decisions that unnecessarily disrupt typical grid operations. One example of a particularly pernicious attack vector is the spoofing or replaying of a fault event using one or more compromised PMUs. This work documents the development and validation of a coherency-based cyberattack detection algorithm that integrates a sliding-window singular value decomposition (SVD) with physics-based partitioning analysis to achieve accurate classification of events. Special consideration is given to discerning a sophisticated fault-replay or fault spoofing attack from actual faults. A software-based cybersecurity testbed has been developed for rigorous testing of the algorithm. The algorithm is further validated using simulated synchrophasor datasets obtained from a MinniWECC 63-bus test system. Results show that the algorithm can successfully detect fault-replay attacks even when over half of the PMUs are compromised.
AbstractList	The wide area monitoring system (WAMS) is critical for power system situational awareness, but represents a growing cybersecurity vulnerability. Malicious adversaries may seek to compromise one or more PMUs in order to effect control decisions that unnecessarily disrupt typical grid operations. One example of a particularly pernicious attack vector is the spoofing or replaying of a fault event using one or more compromised PMUs. This work documents the development and validation of a coherency-based cyberattack detection algorithm that integrates a sliding-window singular value decomposition (SVD) with physics-based partitioning analysis to achieve accurate classification of events. Special consideration is given to discerning a sophisticated fault-replay or fault spoofing attack from actual faults. A software-based cybersecurity testbed has been developed for rigorous testing of the algorithm. The algorithm is further validated using simulated synchrophasor datasets obtained from a MinniWECC 63-bus test system. Results show that the algorithm can successfully detect fault-replay attacks even when over half of the PMUs are compromised.
Author	Wang, Honggang Hart, Philip Acharya, Sowmya
Author_xml	– sequence: 1 givenname: Philip surname: Hart fullname: Hart, Philip organization: GE Global Research,Niskayuna,New York,USA – sequence: 2 givenname: Sowmya surname: Acharya fullname: Acharya, Sowmya organization: GE Global Research,Niskayuna,New York,USA – sequence: 3 givenname: Honggang surname: Wang fullname: Wang, Honggang organization: GE Global Research,Niskayuna,New York,USA
BookMark	eNotj8tOwzAURI0EC1r4AiSUH0iwHT_iZRqeUgVIhXV1Y98Qi9auHG_y90SimsXobEZnVuQyxICE3DNaMUbNw3v7uROqlqzilJnKUEq5ZhdkxTRvGBVUq2uy6eKICYOdyw1M6IpHzGizj6FoDz8x-TweiyGmYjcHO6Z4GmFaqJt7TJAz2N_phlwNcJjw9txr8v389NW9ltuPl7eu3Zae6yaXxinjmAQwCqERWhpYvKzmgx24EDj0hveuka62hisJNaIQtBGIul_C6zW5-9_1iLg_JX-ENO_Pt-o_QehIWA
ContentType	Conference Proceeding
DBID	6IE 6IL CBEJK RIE RIL
DOI	10.1109/NAPS46351.2019.9000271
DatabaseName	IEEE Electronic Library (IEL) Conference Proceedings IEEE Xplore POP ALL IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present
DatabaseTitleList
Database_xml	– sequence: 1 dbid: RIE name: IEEE/IET Electronic Library url: https://ieeexplore.ieee.org/ sourceTypes: Publisher
DeliveryMethod	fulltext_linktorsrc
EISBN	1728104076 9781728104072
EndPage	6
ExternalDocumentID	9000271
Genre	orig-research
GroupedDBID	6IE 6IL CBEJK RIE RIL
ID	FETCH-LOGICAL-i278t-9d69d15aa96ea84759a201c72fcf244efb92bd85d3c9265a3ee44084ee7b7b723
IEDL.DBID	RIE
ISICitedReferencesCount	1
ISICitedReferencesURI	http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000553797300107&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
IngestDate	Thu Jun 29 18:38:51 EDT 2023
IsDoiOpenAccess	false
IsOpenAccess	true
IsPeerReviewed	false
IsScholarly	false
Language	English
LinkModel	DirectLink
MergedId	FETCHMERGED-LOGICAL-i278t-9d69d15aa96ea84759a201c72fcf244efb92bd85d3c9265a3ee44084ee7b7b723
OpenAccessLink	https://www.osti.gov/biblio/1985688
PageCount	6
ParticipantIDs	ieee_primary_9000271
PublicationCentury	2000
PublicationDate	2019-Oct.
PublicationDateYYYYMMDD	2019-10-01
PublicationDate_xml	– month: 10 year: 2019 text: 2019-Oct.
PublicationDecade	2010
PublicationTitle	2019 North American Power Symposium (NAPS)
PublicationTitleAbbrev	NAPS
PublicationYear	2019
Publisher	IEEE
Publisher_xml	– name: IEEE
Score	1.714358
Snippet	The wide area monitoring system (WAMS) is critical for power system situational awareness, but represents a growing cybersecurity vulnerability. Malicious...
SourceID	ieee
SourceType	Publisher
StartPage	1
SubjectTerms	Circuit faults coherency Computer crime Cyberattack detection algorithm Detection algorithms event classification fault Mathematical model Partitioning algorithms Phasor measurement units Power systems replay attack synchrophasors WAMS
Title	Coherency-Based Detection Algorithm for Synchrophasor Cyberattacks
URI	https://ieeexplore.ieee.org/document/9000271
WOSCitedRecordID	wos000553797300107&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
link	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV1NT8JAEN0g8eBJDRgVNT14dIFuy34cASWeSBM04Ub2YyokWgwUE_69O9sGY-LF7GW3u0kz3cOb6cybR8h9rnIwynCagAQfoHBDjYKUSu6YSbhFlzqITYjpVM7nKmuQhwMXBgBC8Rl0cRpy-W5td_irrKdCoszHOkdCiIqrVZN-477qTYfZLPX4iVFfrLr14V-qKQE0Jqf_e90Zaf-w76LsgCvnpAFFi4yQR4F7ezrywOOiRyhDFVURDd_f1j7EX35E3gGNZvvCovTBUm_9arw32DW5RCZ9m7xOnl7Gz7TWP6ArJmRJlePKxQOtFQctsTGf9pZZwXKbe1SG3ChmnBy4xCrGBzoBQP3oFEAYP1hyQZrFuoBLEgEXmM8UlvE8ZMpM2k9jbQ1I412C5Iq00P7FZ9XiYlGbfv334w45wU9c1bTdkGa52cEtObZf5Wq7uQv38g3tqZCS
linkProvider	IEEE
linkToHtml	http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV3PT8IwFG4ImuhJDRh_u4NHC6zruvYIKMGICwmYcCP98SYkOgwME_5727JgTLyYXtq1yfLWw_fe3vveh9BdJjJQQjEcAQcboDCFlQCKOTNERUw7l9qLTSRpyicTMayg-x0XBgB88Rk03NTn8s1Cr92vsqbwiTIb6-zFlJJwy9Yqab9hSzTT9nBELYK6uC8UjfL4L90UDxu9o_-98BjVf_h3wXCHLCeoAnkNdRyTwu1tcMdCjwkeoPB1VHnQfn9b2CB_9hFYFzQYbXLtxA9mcmVX3Y1yfZMLx6Wvo9fe47jbx6UCAp6ThBdYGCZMGEspGEjuWvNJa5lOSKYzi8uQKUGU4bGJtCAslhGAU5CmAImyg0SnqJovcjhDAbDEZTQTTVjmc2WKtmgotQKurFMQnaOas3_6uW1yMS1Nv_j78S066I9fBtPBU_p8iQ7d595WuF2harFcwzXa11_FfLW88Xf0DaPPk9k
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2019+North+American+Power+Symposium+%28NAPS%29&rft.atitle=Coherency-Based+Detection+Algorithm+for+Synchrophasor+Cyberattacks&rft.au=Hart%2C+Philip&rft.au=Acharya%2C+Sowmya&rft.au=Wang%2C+Honggang&rft.date=2019-10-01&rft.pub=IEEE&rft.spage=1&rft.epage=6&rft_id=info:doi/10.1109%2FNAPS46351.2019.9000271&rft.externalDocID=9000271