Cyber Attack Detection For Cyber Physical Power Systems

In the field of power systems,the increasing number of sensors,communication networks,and decision-making units is driving a deep connection between electric power systems and network systems,providing a foundation for more efficient and safer operation of the system.With the concept of Cyber Physical Systems(CPS),CPS subsystems have been developed in various industrial fields,including the Cyber Physical Power System(CPPS),which is a typical CPS subsystem.CPPS has great potential for optimizing system operation,monitoring system status in real-time,and quickly responding to issues related to power grid security.The coupling of physical and network systems cannot be achieved without the support of communication networks,and power grid data requires low latency and stable transmission performance.Generally,encryption methods cannot be applied to power grid data transmission,making the power grid vulnerable to network attacks.Network attacks are low-cost,diverse,and have serious consequences.Therefore,security protection for CPPS is of great importance in CPPS research.The main focus of this article is on cyber attack detection in CPPS.The research includes the following three parts:Firstly,a study on the actuator attack detection method based on the arctangent sliding mode observer.The mathematical model of the power system is established based on the swing equation of the generator and the power flow equation of the system.Then,the arctangent sliding mode observer is used to estimate the system’s states,reconstruct the attacks,and combine attack detection logic to detect cyber attacks in the system.The effectiveness of the above detection method is verified through simulation using the IEEE 9-buses power system as an example.Secondly,a study on the dynamic load altering attack detection method based on sliding mode observer.The system is modeled by combining dynamic load altering attacks.H_∞performance index is applied to the sliding mode observer design to constrain the impact of the attack on estimation error.The system state is estimated using the sliding mode observer and a deviation signal is generated.The attack detection logic is introduced to detect attacks in the system through the deviation signal.The effectiveness of the above detection method is verified through software simulation and hardware-in-the-loop simulation to test the feasibility of the detection method in real scenarios.Finally,a general cyber attack detection method based on adaptive dual control law sliding mode observer is studied.The observer is designed using adaptive coefficients and dual control law to achieve low steady-state error,smooth tracking curve,and strong robustness with fast tracking when the tracking target changes.H_∞performance index is used to design the observer gain to constrain the energy of the attack in the error.Design an interval detector to enhance the detection of stealthy cyber attacks by dividing the intervals and designing different detection schemes.Finally,the validity,time reality,and feasibility of the detection method are verified through software simulation and hardware-in-the-loop simulation.