Proactive Detection And Localization Against Stealthy Attacks In Power Distribution Grid

With the popularization of distributed energy resources(DERs)in the power distribution grid(PDG),the unidirectional power transmission mode of the traditional PDG is transitioning to the bidirectional power transmission mode of the active PDG.This transition requires the PDG to have stronger sense,control,and coordination capabilities.The microgrid has been widely recognized as one of the most promising solutions to accommodate for the high-penetrated DERs.Hence,the thesis takes the microgrid as the starting point to investigate the security issues of PDG from both micro and macro perspectives.From a micro point of view,the microgrid is a combination of DERs and loads at one voltage level of PDG,and performs unified control and management of these DERs to meet the goals of different time scales.From a macro point of view,the microgrid is just a electrical point in the PDG,and transmits the statuses of DERs to the distribution management system(DMS)through remote terminal units(RTUs)to complete the distribution system state estimation(DSSE).Both the control inside microgrids(micro perspective)and the DSSE function(macro perspective)rely heavily on the advanced information communication technologies(ICTs)such as the IEC 61850,VPN,Wi Fi,Zig Bee,etc.The advanced ICT can largely improve the efficiency of the operation,supervisory,and maintenance in PDG,but it has also exposed numerous attack surfaces like the remote access points,corporation network,and physical access to RTUs.Once the attacker intrudes into the communication network or hijacks the telecontrol devices,she/he can inject a well-designed stealth attack vector to affect the control objectives of microgrids and manipulate the output of DSSE,causing immeasurable economic losses and casualties to the PDG.In particular,as the number of DC DERs(e.g.,Photovoltaics)and DC loads(e.g.,laptops,LEDs,and data centers)in PDG increases,the DC microgrid(DCmG)is becoming an increasingly important branch of the microgrid.Therefore,the thesis studies the stealthy attack related security issues in islanded DCmG and DSSE from the micro and macro perspectives,respectively.The contributions are as follows:1.For the modeling problem of stealthy attacks in PDG,the thesis thoroughly analyzes the design of the zero trace stealthy attacks(ZTSAs)in islanded DCmGs and their impact,and briefly introduces the design of stealthy false data injection attacks(FDIAs)against DSSE and their impact.When the attacker obtain the electrical parameters of DERs and primary control gains(PCGs),then she/he can construct the ZTSAs totally bypassing the unknown input observer(UIO)based detectors.Any single ZTSA can diverge the system states of DCmG,while coordinated ZTSAs can cause accurate deviations on the system states.When the attacker obtains the network topology and line parameters of PDG,then she/he can construct the FDIAs totally bypass the bad data detector(BDD).The stealthy FDIA could arbitrarily alter the output of DSSE.The correctness of the theoretical results in DCmGs is validated in simulation,hardware-in-the-loop,and full-hardware PDG cybersecurity validation testbeds.2.Considering that the primary control laws of the converter devices in DCmGs are usually programmable,the thesis proposes a novel proactive attack detection and localization method,which is named as the converter-based moving target defense(CMTD)strategy.By periodically perturbing the primary control gains(PCGs),the ZTSA and replay attack constructed with historical PCG may be exposed to the UIO-based detector.First,the constraints on the perturbation magnitude and period are provided to guarantee the stability under perturbation,and the enhanced attack detection and localization capabilities caused by PCG perturbation are theoretically analyzed.The results indicate that the PCG perturbation can increase the steady-state measurement residual.Finally,it is noted that the proposed perturbation-based method requires no extra hardware installation and can be directly integrated into the existing control framework.The effectiveness of CMTD is validated in simulation and hardware-inthe-loop PDG cybersecurity validation testbeds.3.To limit the impact of PCG perturbation on the transient performance of DCmG,the thesis proposes a transient performance guaranteed proactive attack detection and localization method,against the ZTSA and Stuxnet-like attack.The PCG perturbation is only enabled when any anomaly is detected.The attack detection is accomplished by observing the attack impact that is quantified as the voltage balancing deviation(VBD)and current sharing deviation(CSD).When the observed VBD or CSD exceeds predetermined thresholds,the PCG perturbation will be triggered(enabled)to expose the ZTSA and Stuxnet-like attacks constructed with historical PCGs to UIO-based locators.To maximize the enhanced locatability by PCG perturbation and limit its impact on transient performance,the optimal perturbation magnitude is determined based on the variations of primary control input(PCI)and measurement residual before and after perturbation.The detection and localization methods are integrated in the proactive distributed detection and localization(PDDL)framework.Once the compromised DER is located,it will be isolated from the DCmG to mitigate the attack impact.The effectiveness of PDDL is validated in hardware-in-the-loop and full-hardware PDG cybersecurity validation testbeds.4.By applying sensitivity analysis to the nonlinear AC DSSE problem,the thesis quantified the effectiveness and hiddenness of MTD as explicit approximations of measurement residuals,and proposes an explicit residual-based MTD(EXR-MTD).By proactively perturbing the reactance of power lines,the stealthy FDIA constructed with historical power line parameters may be exposed to the BDD.Based on the projection matrix,maximizing the effectiveness is transformed to maximizing the lower bound of the approximated residual,under which the matrix inverse issue is addressed.Moreover,the maximization of hiddenness is achieved by the minimization of the approximated power flow difference caused by reactance perturbation.To balance the trade-off between effectiveness and hiddenness,the design of EXRMTD is accomplished by aggregating the two sub-problems with an appropriate weight.The performance of EXR-MTD is validated in the test cases from MATPOWER.5.To validate the correctness of the theoretical results and the effectiveness of the designed methods,the thesis builds simulation,hardware-in-the-loop,and full-hardware PDG cybersecurity validation testbeds.Specifically,the simulation cybersecurity testbed is built using Matlab Simulink and PLECS Blockset toolkit.The electrical part is completed in the PLECS Blockset toolkit,and the feedback control loop is built in the Matlab Simulink.The hardwarein-the-loop cybersecurity testbed is built using the Typhoon HIL 602+ emulator.The fullhardware cybersecurity testbed is a 4-DER DCmG consisting of real-time controllers,buck converters,DC power supplys,loads,and measurement devices.Each real-time controller can output two independent PWM signals to two buck converters,and the communication between controllers is based on CAN protocol.Finally,the thesis summarizes the above works and provides the future directions.