Guaranteed False Data Injection Attack Without Physical Model

Abstract

Smart grids are increasingly vulnerable to False Data Injection Attacks (FDIAs) due to their growing reliance on interconnected digital systems. Many existing FDIA techniques assume access to critical physical model information, such as grid topology, to successfully bypass Bad Data Detection (BDD). However, this assumption is often impractical, as utilities may restrict access to this data, or the evolving nature of distribution grids—particularly with the integration of renewable energy—can render this information unavailable. Current methods that address the absence of physical model lack formal guarantees for BDD evasion. To bridge this gap, we propose a novel physical-model-free FDIA framework that 1) bypasses BDD with formal guarantees and 2) maximizes the attack impact without requiring explicit physical model. Our approach leverages an autoencoder (AE) with a regularized latent space to enforce physical consistency, using historical measurements to replicate the residual error distribution, ensuring BDD evasion. Additionally, we integrate a Generative Adversarial Network (GAN) to explore the measurement manifold and induce the most significant state changes, enhancing the impact of the attack. The key innovation lies in the AE-GAN hybrid model’s ability to replicate the residual error distribution while maximizing attack efficacy, offering a performance guarantee that existing methods lack. We validate our method across 11 representative grid systems, using real power profiles simulated in MATPOWER, and demonstrate its consistent ability to bypass BDD by preserving the residual error distribution. The results highlight the robustness and generalizability of the proposed FDIA framework.