Coherency-Based Detection Algorithm for Synchrophasor Cyberattacks

The wide area monitoring system (WAMS) is critical for power system situational awareness, but represents a growing cybersecurity vulnerability. Malicious adversaries may seek to compromise one or more PMUs in order to effect control decisions that unnecessarily disrupt typical grid operations. One...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:2019 North American Power Symposium (NAPS) s. 1 - 6
Hlavní autori: Hart, Philip, Acharya, Sowmya, Wang, Honggang
Médium: Konferenčný príspevok..
Jazyk:English
Vydavateľské údaje: IEEE 01.10.2019
Predmet:
Circuit faults
coherency
Computer crime
Cyberattack
detection algorithm
Detection algorithms
event classification
fault
Mathematical model
Partitioning algorithms
Phasor measurement units
Power systems
replay attack
synchrophasors
WAMS
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:The wide area monitoring system (WAMS) is critical for power system situational awareness, but represents a growing cybersecurity vulnerability. Malicious adversaries may seek to compromise one or more PMUs in order to effect control decisions that unnecessarily disrupt typical grid operations. One example of a particularly pernicious attack vector is the spoofing or replaying of a fault event using one or more compromised PMUs. This work documents the development and validation of a coherency-based cyberattack detection algorithm that integrates a sliding-window singular value decomposition (SVD) with physics-based partitioning analysis to achieve accurate classification of events. Special consideration is given to discerning a sophisticated fault-replay or fault spoofing attack from actual faults. A software-based cybersecurity testbed has been developed for rigorous testing of the algorithm. The algorithm is further validated using simulated synchrophasor datasets obtained from a MinniWECC 63-bus test system. Results show that the algorithm can successfully detect fault-replay attacks even when over half of the PMUs are compromised.
DOI:10.1109/NAPS46351.2019.9000271