Measurement-driven blind topology estimation for sparse data injection attack in energy system

Abstract Smart grid cyber-security has come to the forefront of national security priorities due to the emergence of new cyber threats such as the False Data Injection (FDI) attack. This specific type of attack modifies smart grid measurements to produce wrong system states during the state estimation which is a critical operational functionality. While most of the existing works assume that power grid topology or the Jacobian matrix (that represents measurement and state relationship) is known to the attacker, this work shows that an intelligent attacker can construct a data-driven sparse FDI attack which does not require prior knowledge of system Jacobian or grid topology. In this paper, we show how the power grid topology, which is an important information for sparse attack construction, can be revealed using only measurement signals. The blind topology estimation is formulated as a constrained optimisation problem. The alternating direction method of multipliers (ADMM) is then employed with a novel initialization process for solving this complex problem. The comparative evaluation using graph-theoretic measures indicates that the power grid topology can be revealed with very high accuracy using such an approach. For example, average eigenvalue centrality measures and degree centrality measures show that the estimated topology is around 95.82% and 94.99% accurate compared to the actual topology for the IEEE-14 bus system and 86.47% and 96.34%, respectively for IEEE-30 bus system. Finally, based on the estimated topology we determine the critical set of measurements, which are then utilised for sparse attack construction. We show that only 7.40% and 3.57% sensors are required to construct the sparsest stealthy attacks for the IEEE 14 bus and the 30 bus system, respectively. The findings of this research conclude that an intelligent attacker can construct a very sparse ‘stealthy’ attack, that can degrade the operational performance significantly, by manipulating a few sensor devices only without any prior system knowledge or information.