| dc.description.abstract | The digitalization of power systems—enabled by technologies such as digital substations
and Wide-Area Monitoring, Protection, and Control (WAMPAC) systems—has improved
automation, visibility, and system control. However, this increased reliance on data and
communication networks has also increased the system’s vulnerability to cyber threats.
Among them, False Data Injection Attacks (FDIAs) are particularly concerning due to their
stealth and potential to disrupt core grid functions. Their far-reaching impact highlights
the urgent need for comprehensive vulnerability assessments and robust defense strategies
to protect digitalized power systems.
In response to these challenges, this thesis investigates two high-impact FDIA scenarios:
(1) coordinated, stealthy attacks targeting Phasor Measurement Unit (PMU)-based state
estimation, and (2) falsification of protection signals targeting distance relays. For each
case, the thesis first conducts a detailed vulnerability analysis to assess attack feasibility
and impact. Building on these insights, it then develops defense strategies to enhance the
cyber-physical resilience of modern power systems.
The first part of this thesis evaluates the vulnerability of PMU-based state estimation
to multi-step, stealthy FDIAs, in which adversaries coordinate sequential manipulations of
PMU measurements not only to evade bad data detection but also to amplify the cumulative
impact on system operation. To model this attack process, a vulnerability assessment
framework is proposed based on a Markov Decision Process (MDP) integrated with bilevel
optimization. The MDP, solved using Q-learning, models the attacker’s sequential
decision-making and yields a vulnerability index that enables operators to assess system
impact and identify critical attack stages for targeted defense.
This analysis highlights a key insight: while stealthy FDIAs on state estimation typically
require coordinated manipulation of multiple correlated PMUs—an operationally
complex task—compromising a single Phasor Data Concentrator (PDC), which aggregates
data from these PMUs, allows an attacker to simultaneously alter all associated measurements.
This significantly increases the feasibility and potential impact of the attack. Yet,
most defense strategies remain focused on individual PMUs, overlooking the critical role
of PDCs as centralized aggregation points and high-value attack targets.
To address this overlooked threat, the second part of this thesis proposes a tri-level
defender–attacker–operator optimization framework for redesigning PMU-to-Super PDC
(SPDC) assignments as a defense mechanism against stealthy FDIAs targeting state estimation.
The objective is to minimize vulnerability to such attacks while accounting for communication constraints such as transmission delays. Leveraging Software-Defined Networking
(SDN), the framework enables dynamic reassignment of PMUs to SPDCs without
additional cost, providing system operators with a practical and scalable defense strategy.
To further strengthen data aggregation–based defense strategies, it is crucial to consider
not only the assignment of PMUs to PDCs but also the cyber-layer structure—including
communication paths—as both a source of system vulnerability and a target for defense
strategies. Building on this, the thesis analyzes the often-overlooked role of the cyber layer
in vulnerability to stealthy FDIAs and introduces a Cyber-Physical Risk Metric (CPRM)
that combines both the likelihood and physical impact of attacks. The CPRM quantifies
risk by combining the physical consequences of losing a transmission line with the probability
that such a loss results from a stealthy FDIA. This probability is estimated by
identifying minimal critical PMU sets whose compromise could stealthily overload transmission
lines, using an algorithm that solves multiple bi-level optimization problems. Next,
Bayesian Attack Graphs (BAGs) are developed for each substation and communication link
to model potential access pathways and calculate the probability of compromising the identified
critical PMU sets. The thesis then proposes an optimization-based data aggregation
reconfiguration scheme that leverages SDN to dynamically reconfigure both PMU-to-PDC
assignments and their communication paths, minimizing the risk quantified by the developed
metric and serving as a defense mechanism against stealthy FDIAs.
Finally, this thesis addresses FDIAs targeting distance protection and demonstrates
that falsified measurements can severely compromise fault detection and isolation, thereby
threatening power system security and stability. To defend against such attacks, a cyberresilient
protection scheme is proposed, which activates during cyber threats and temporarily
backs up distance relays to maintain system integrity. The proposed protection
scheme mimics the zone-based fault detection of distance relays but leverages traveling
waves (TWs)—which are the natural signatures of real faults—along with dedicated hardwired
current measurements and a Random Forest (RF) classifier to identify faults in each
zone. The RF classifier is trained on the attenuation patterns of TW frequency components
as they propagate from fault locations to the line terminal. Since attenuation patterns depend
on both frequency and travel distance, the RF classifier can accurately determine
the fault zone by extracting frequency-related features from the first TW using a wavelet
transform and analyzing its attenuation characteristics. | en_US |
