Moving Target Defense Against False Data Injection Attack In Smart Grid

Smart grid is one of the critical infrastructures in the modern society.In order to realize "situ-ational awareness" of the whole system and automatically intelligent operations at different levels,a large number of advanced information and communication technologies have been introduced into smart grid.For example,the power monitoring system composed of sensing equipments and communication networks is able to implement real-time monitoring and control of the system's operating conditions.However,as the communication network is gradually interconnected with the open Internet network(such as the concept of "Ubiquitous Electricity Internet of Things" pro-posed by the State Grid),potential cyber attacks pose a great threat to the safe operation of the smart grid,especially the state estimation process,which is a key function to compute accurate and reliable data of the system's operating status.Since the state estimation relys on the measured data transmitted from the field devices to the control center,the remote communication process makes the measurements vulnerable to tampering attacks,leading to errors in the estimated results,which in turn affects the system operator's determinations of the system's current operating conditions and thus makes the smart grid suffer from economic loss and physical damage.Therefore,the security of smart grid state estimation needs urgent research.This article first analyzes the threats faced by the smart grid state estimation from the perspective of an attacker,and then designs an active defense strategy—Moving Target Defense(MTD)based on the attack model,and analyzes its performance and optimizes the deployment strategy.The main contributions can be summarized as follows:·We find that it is possible for the attacker to execute stealthy false data injection(FDI)at-tacks against the state estimation with zero knowledge of line parameters.We term them as zero-parameter-information FDI attacks.Only the topology information about the cut line is required for designing such attack.·We prove that,an MTD has the capability to thwart all FDI attacks constructed with former branch susceptances only if(?)the number of branches l in the power system is not less than twice that of the system states n(i.e.,l?2n,where n+1 is the number of buses);(ii)the susceptances of more than n branches,which cover all buses,are perturbed.Moreover,we prove that the state variable of a bus that is only connected by a single branch(no matter it is perturbed or not)can always be modified by the attacker.Nevertheless,in order to reduce the attack opportunities of potential attackers,we first exploit the impact of the susceptance perturbation magnitude on the dimension of the stealthy attack space,in which the attack vector is constructed with former branch susceptances.·We comprehensively investigate the changes caused by MTD in the system model and its impact on the detection of FDI attacks.Moreover,with the aim to reduce the number of measurements that can be compromised by the attacker,we develop a heuristic algorithm to compute a near-optimal solution for the deployment of D-FACTS devices to realize MTD.Further,we prove that the coordinated design of consecutive perturbation schemes within an MTD cycle can improve the performance of MTD in terms of detecting FDI attacks.We also present a method to compute the optimal deployment of D-FACTS devices for the consecutive perturbation schemes.·We analyze the essential of MTD and consider the construction of a least-cost MTD.To begin with,we present a sufficient and necessary condition for protecting a bus from being affected by intended FDI attacks using MTD.A protected bus means its state variable is protected from being modified with a targeted value by the attacker.Based on this result,we propose a novel and accurate metric to quantify the protection level(i.e.,effectiveness)of MTD.Further,to reduce the infrastructure cost,we propose an efficient algorithm to compute the minimum number of D-FACTS devices needed for protecting a specific set of buses.To achieve that the increasing generation cost is zero for activating MTD,we develop two strategies when the defender has different requirements.·To uncover the insight of MTD's hiddenness,we study the conditions needed for achieving a hidable MTD.We find that the hiddenness of MTD is closely related to branch perturbations,system topology and the attacker's knowledge.From the attacker's perspective,we prove that,an MTD can be detected by the attacker only if he/she knows the previous parameters of a set of branches which forms a circle and the measurements corresponding to those branches after MTD.But once the attacker has full knowledge of branch parameters before MTD and has obtained all measurements after MTD,it is proved that we can never achieve a hidable and effective MTD.From the defender's perspective,since it is impossible to know the attacker's capability,we cannot determine whether a constructed MTD is hidable or not by purely depending on the MTD design.To address this issue,we propose that,by protecting a basic set of measurements,we always can achieve a hidable and effective MTD regardless of the changes of power flows,the attacker's knowledge and branch perturbations.