Securing the green grid: A data anomaly detection method for mitigating cyberattacks on smart meter measurements

IF 4.1 3区工程技术 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Critical Infrastructure Protection Pub Date : 2024-06-14 DOI:10.1016/j.ijcip.2024.100694

Asma Farooq , Kamal Shahid , Rasmus Løvenstein Olsen

{"title":"Securing the green grid: A data anomaly detection method for mitigating cyberattacks on smart meter measurements","authors":"Asma Farooq , Kamal Shahid , Rasmus Løvenstein Olsen","doi":"10.1016/j.ijcip.2024.100694","DOIUrl":null,"url":null,"abstract":"<div><p>Smart meters, being a vital component in the advanced metering infrastructure (AMI), provide an opportunity to remotely monitor and control power usage and act like a bridge between customers and utilities. The installation of millions of smart meters in the power grid is a step forward towards a green transition. However, it also constitutes a massive cybersecurity vulnerability. Cyberattacks on AMI can result in inaccurate billing, energy theft, service disruptions, privacy breaches, network vulnerabilities, and malware distribution. Thus, utility companies should implement robust cyber-security measures to mitigate such risks. In order to assess the impact of cybersecurity breaches on AMI, this paper presents a cyber-attack scenario on grid measurements obtained via smart meters and assesses the stochastic grid estimations under attack. This paper also presents an efficient method for the detection and identification of anomalous data within the power grid by leveraging the distance between measurements and the confidence ellipse centered around the estimated value. To assess the proposed method, a comparative analysis is done against the chi-square test for detection and the largest normalized distribution test for the identification of bad data. Furthermore, by using a Danish low-voltage grid as a base case, this paper introduces two test cases to evaluate the performance of the proposed method under single and multiple-node cyber-attacks on the grid state estimation. Results show a notable improvement in accuracy when using the proposed method. Additionally, based on these numerical results, protective countermeasures are presented for the grid.</p></div>","PeriodicalId":49057,"journal":{"name":"International Journal of Critical Infrastructure Protection","volume":"46 ","pages":"Article 100694"},"PeriodicalIF":4.1000,"publicationDate":"2024-06-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S1874548224000350/pdfft?md5=01d3394f250cb1b8e954cf085c10ccec&pid=1-s2.0-S1874548224000350-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Critical Infrastructure Protection","FirstCategoryId":"5","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1874548224000350","RegionNum":3,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Smart meters, being a vital component in the advanced metering infrastructure (AMI), provide an opportunity to remotely monitor and control power usage and act like a bridge between customers and utilities. The installation of millions of smart meters in the power grid is a step forward towards a green transition. However, it also constitutes a massive cybersecurity vulnerability. Cyberattacks on AMI can result in inaccurate billing, energy theft, service disruptions, privacy breaches, network vulnerabilities, and malware distribution. Thus, utility companies should implement robust cyber-security measures to mitigate such risks. In order to assess the impact of cybersecurity breaches on AMI, this paper presents a cyber-attack scenario on grid measurements obtained via smart meters and assesses the stochastic grid estimations under attack. This paper also presents an efficient method for the detection and identification of anomalous data within the power grid by leveraging the distance between measurements and the confidence ellipse centered around the estimated value. To assess the proposed method, a comparative analysis is done against the chi-square test for detection and the largest normalized distribution test for the identification of bad data. Furthermore, by using a Danish low-voltage grid as a base case, this paper introduces two test cases to evaluate the performance of the proposed method under single and multiple-node cyber-attacks on the grid state estimation. Results show a notable improvement in accuracy when using the proposed method. Additionally, based on these numerical results, protective countermeasures are presented for the grid.

查看原文本刊更多论文

保护绿色电网：缓解对智能电表测量的网络攻击的数据异常检测方法

智能电表是先进计量基础设施（AMI）的重要组成部分，它提供了一个远程监测和控制电力使用情况的机会，是客户与公用事业公司之间的桥梁。在电网中安装数以百万计的智能电表是向绿色转型迈出的一步。然而，这也构成了一个巨大的网络安全漏洞。对 AMI 的网络攻击可能导致不准确的账单、能源盗窃、服务中断、隐私泄露、网络漏洞和恶意软件传播。因此，公用事业公司应采取强有力的网络安全措施来降低此类风险。为了评估网络安全漏洞对 AMI 的影响，本文针对通过智能电表获取的电网测量数据提出了一个网络攻击场景，并评估了攻击下的随机电网估算。本文还提出了一种有效的方法，利用测量值之间的距离和以估计值为中心的置信椭圆来检测和识别电网中的异常数据。为了评估所提出的方法，本文对用于检测的卡方检验和用于识别不良数据的最大归一化分布检验进行了比较分析。此外，本文还以丹麦低压电网为基础案例，引入了两个测试案例，以评估所提出的方法在单节点和多节点网络攻击下对电网状态估计的性能。结果表明，使用所提方法后，准确性有了显著提高。此外，基于这些数值结果，还提出了电网保护对策。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Journal of Critical Infrastructure Protection COMPUTER SCIENCE, INFORMATION SYSTEMS-ENGINEERING, MULTIDISCIPLINARY

CiteScore

8.90

自引率

5.60%

发文量

审稿时长

>12 weeks

期刊介绍： The International Journal of Critical Infrastructure Protection (IJCIP) was launched in 2008, with the primary aim of publishing scholarly papers of the highest quality in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology, law and policy to craft sophisticated yet practical solutions for securing assets in the various critical infrastructure sectors. These critical infrastructure sectors include: information technology, telecommunications, energy, banking and finance, transportation systems, chemicals, critical manufacturing, agriculture and food, defense industrial base, public health and health care, national monuments and icons, drinking water and water treatment systems, commercial facilities, dams, emergency services, nuclear reactors, materials and waste, postal and shipping, and government facilities. Protecting and ensuring the continuity of operation of critical infrastructure assets are vital to national security, public health and safety, economic vitality, and societal wellbeing. The scope of the journal includes, but is not limited to: 1. Analysis of security challenges that are unique or common to the various infrastructure sectors. 2. Identification of core security principles and techniques that can be applied to critical infrastructure protection. 3. Elucidation of the dependencies and interdependencies existing between infrastructure sectors and techniques for mitigating the devastating effects of cascading failures. 4. Creation of sophisticated, yet practical, solutions, for critical infrastructure protection that involve mathematical, scientific and engineering techniques, economic and social science methods, and/or legal and public policy constructs.