Cyber attack detection and mitigation in smart power systems

The cyber security issue in modern power systems is critical because of its real-time requirements, the mix of advanced and legacy technologies, and the cascading effect of disruptions. Recent cyber incidents have shown that only ICT-based security measures are inadequate to defend against cyber attacks in power systems. The development of more general and realistic methodologies, especially based on the static and dynamic behaviours of power systems can be an effective solution for cyber-attack detection, protection, and mitigation of future smart grids. The first contribution of this thesis presents a machine learning algorithm (MLA)-based approach to detect false data injection attacks (FDIAs) in the power system state estimation process. In addition, stealthy FDIAs construction and their impacts on the detection rate of different state-of-the-art MLAs are analysed. The research work is extended further to distinguish between natural disturbances such as faults and cyber attacks. Since the historical cyber attack data are limited due to security reasons and a small number of occurrences, a novel belief propagation (BP)-based algorithm is developed as a second contribution in this thesis to detect both random and stealthy-types of FDIAs in a smart grid without any historical cyber-attack data. The presented algorithm collects local sensor measurements from different nodes and buses and calculates the overall system belief based on load ow variations over time. The BP-based detection algorithm achieved a higher detection rate than state-of-the-art machine learning classifiers. The third contribution of this thesis presents a novel approach based on dynamic analysis that excludes the limitations of the steady-state analysis such as nonlinear behaviours, cascading blackouts, determining the post-disturbance operating point, and so on. The proposed dynamic analysis-based approach is applicable in the events of various cyber attacks that target different power system protective devices such as relays and CBs. Four types of common cyber attacks: random switching attacks, data integrity attacks, replay attacks, and DoS attacks are reviewed, and their dynamic impacts on a multimachine system are shown. Then, necessary recommendations are provided to enhance the security of future smart power grids from possible cyber attacks. The final contribution of this thesis presents a combination of a physical property-based decentralised device-level cyber intrusion detection mechanism and a nonlinear optimised control technique that successfully detects and mitigates cyber threats posed to generation control measurements. The cyber intrusion detection mechanism utilises the discrepancies in the measurement residual between the estimated signals from an abnormal angle-state observer and the received measurement signals from PMUs to identify the presence of noise and cyber attacks. In addition, the proposed controller utilises this information to trigger control signals for mitigating the impact of cyber-attacks on the system performance and eventually terminates the generation unit from the system in the worst case, retaining the system stability. Extensive case studies considering different cyber attack and fault scenarios on IEEE benchmark power systems are simulated, and the results demonstrate that proposed detection and mitigation techniques can defend against cyber attacks while enhancing the cybersecurity, reliability and stability of power systems.