Detection of False Data Injection Attacks in A Sma
Detection of False Data Injection Attacks in A Sma
Article
Detection of False Data Injection Attacks in a Smart Grid Based
on WLS and an Adaptive Interpolation Extended Kalman Filter
Guoqing Zhang 1,2 , Wengen Gao 1,2, * , Yunfei Li 1,2 , Xinxin Guo 1,2 , Pengfei Hu 1,2 and Jiaming Zhu 1,2
Abstract: An accurate power state is the basis of the normal functioning of the smart grid. However,
false data injection attacks (FDIAs) take advantage of the vulnerability in the bad data detection
mechanism of the power system to manipulate the process of state estimation. By attacking the
measurements, then affecting the estimated state, FDIAs have become a serious hidden danger that
affects the security and stable operation of the power system. To address the bad data detection
vulnerability, in this paper, a false data attack detection method based on weighted least squares
(WLS) and an adaptive interpolation extended Kalman filter (AIEKF) is proposed. On the basis of
applying WLS and AIEKF, the Euclidean distance is used to calculate the deviation values of the
two-state estimations to determine whether the current moment is subjected to a false data injection
attack in the power system. Extensive experiments were conducted to simulate an IEEE-14-bus
power system, showing that the adaptive interpolation extended Kalman filter can compensate for
the deficiency in the bad data detection mechanism and successfully detect FDIAs.
Keywords: false data injection attacks; adaptive interpolation extended Kalman filter; state estimation;
Euclidean distance; smart grid
Citation: Zhang, G.; Gao, W.; Li, Y.;
Guo, X.; Hu, P.; Zhu, J. Detection of
False Data Injection Attacks in a
Smart Grid Based on WLS and an
Adaptive Interpolation Extended 1. Introduction
Kalman Filter. Energies 2023, 16, 7203. The modern power system is developing towards intelligence, and plenty of intelligent
https://doi.org/10.3390/en16207203 devices, such as smart meters and sensors, promote the transformation of the power system
Academic Editors: Ying-Yi Hong,
in the modes of power generation, transformation, transmission, and distribution, which
Javier Contreras and Michael
makes the smart grid a typical cyber–physical system (CPS) [1,2]. In a smart grid, the
Negnevitsky supervisory control and data acquisition (SCADA) system collects and analyzes real-time
data from field devices across the network. Finally, the SCADA reports back to the control
Received: 8 August 2023 center, which then makes adjustments to the power generation and distribution of the grid
Revised: 10 October 2023
based on this information [3].
Accepted: 20 October 2023
The susceptibility of the power cyber–physical system (CPS) to cyber attacks is a result
Published: 23 October 2023
of the unpredictable nature of sensor data in the perception layer and the unrestricted
communication channels for data exchange [4,5]. Among the many types of cyber attacks,
attacks against smart grids and industrial control systems are the most common; the
Copyright: © 2023 by the authors. damage caused to the system cannot be underestimated, seriously affecting the normal
Licensee MDPI, Basel, Switzerland. production activities of society. For example, in 2010, the “Stuxnet” virus attack on a
This article is an open access article Belarusian enterprise, which caused anomalies in uranium enrichment centrifuges and
distributed under the terms and generators at the Iranian nuclear power plant, resulted in damage to many pieces of
conditions of the Creative Commons equipment [6]. In 2015, Black Energy, a cyber virus targeting the power grid, caused power
Attribution (CC BY) license (https:// outages at some Ukrainian power plants, disrupting the power supply to many factories in
creativecommons.org/licenses/by/ the Ivano-Frankivsk region and affecting production [7]. The investigation revealed that
4.0/).
the incident resulted in the malicious deletion of historical grid measurements stored in the
SCADA, which made recovery extremely difficult.
A false data injection attack (FDIA) is a novel attack method specifically targeting the
integrity of state estimation data in the power CPS [8,9]. The attackers inject false data,
which affects the power flow calculation, control decisions, etc., through smart grid sensors,
controllers, and remote control units to tamper with the original data of the grid. This
situation can potentially result in the malfunction of grid equipment and, in severe cases,
the complete paralysis of the power network, which not only poses a significant threat to
grid security but also carries the potential for substantial economic losses. Figure 1 shows the
structure of a smart grid system and an illustration of an FDIA.
Attacker
Electricity Transmission
Meters
Electricity Distribution
Remote Terminals
Electricity Consumption
Liu et al. [10] first introduced the topic of FDIAs in the literature, where it was
hypothesized that an attacker could access the current configuration information of a
smart grid and manipulate meter or sensor measurements. Such an attack could insert
false data into specific state variables, avoiding detection by current bad data detection
algorithms. Yang et al. [11] delved into the challenge of determining the most effective
attack strategy. This strategy, known as an injection attack strategy, involves selecting a
specific set of meters to manipulate in a way that maximizes the resulting damage. They
not only formalized this problem but also developed efficient algorithms to pinpoint the
ideal set of meters for such attacks. It is important to highlight that even if these attacks are
isolated to specific devices, their impact on the smart grid can be catastrophic due to the
grid’s intricate interconnections. As described by He et al. [12], electricity theft by attackers
by modifying smart meter data has seriously affected utility security. Therefore, many
researchers have devoted themselves to the detection of false data injection attacks in order
to safeguard the security of the smart grid.
When the power system is subjected to malicious false data injection, the state estima-
tion result of the WLS under attack is updated in real time by incorporating an estimation
algorithm of an extended Kalman filter, which has a hysteresis in its state estimation process,
and by observing disparities in the estimation outcomes produced by the two algorithms,
making it possible to detect the FDIA. Meanwhile, to improve the accuracy and reduce the
linearization error of the EKF, the adaptive interpolation strategy is introduced. Therefore,
Energies 2023, 16, 7203 3 of 20
in this paper, we propose a detection method based on WLS and AIEKF. Considering that
the two algorithms have different degrees of correspondence to real-time information, the
FDIA can be effectively detected. The main contributions can be summarized as follows:
• Considering the linearization error of the EKF algorithm in state estimation in a power
system, the adaptive interpolation strategy is introduced. The pseudomeasurements
between two consecutive measurements are inserted by linear interpolation to improve
the estimation accuracy.
• We propose a novel FDIA detection method that combines AIEKF and WLS, marking
the first instance of their joint application in this context.
• We conduct many experiments on an IEEE-14-bus power system to demonstrate the
proposed algorithm’s performance in detecting FDIAs. The result shows that the
method can effectively detect FDIAs.
The remainder of the paper is structured as follows. Section 2 provides an overview
of relevant literature pertaining to the detection of FDIAs. Section 3 outlines the system
model employed in this study. In Section 4, we delve into the details of the proposed AIEKF
algorithm. In Section 5, the detection principle is described. The experiments and results
are presented in Section 6. Finally, in Section 7, we present our concluding remarks and
suggest directions for future work. A list of abbreviations and acronyms is provided in
Table 1.
2. Related Work
Since the concept of FDIAs was introduced, the issues related to FDIAs have received
a great deal of attention in both academic research and industry. Many scholars have
studied bad data in state estimation and proposed corresponding detection methods for
FDIAs based on their research. Although FDIA detection algorithms differ from each other,
the algorithms can be classified into two categories [13]: model-based algorithms and
data-driven algorithms.
issues. Chen et al. [15] introduced a novel method for detecting FDIAs using kernel density
estimation. This method utilizes the concept of kernel density estimation, which utilizes
historical data to estimate the probability distributions of both measurements and control
commands. Additionally, it calculates confidence intervals for these estimates at a specified
significance level. Zhao et al. [16] proposed a method that employs short-term state predic-
tion in smart grids to detect spurious data injection attacks. This method utilizes real-time
and predicted states to pinpoint potential false data injections by analyzing the differences
between them. By continuously monitoring and comparing the accuracy of short-term state
predictions, this approach enhances the security and resilience of smart grid systems by
improving the detection of malicious attacks. Li et al. [17] proposed a detection method
based on the watermark embedding technique. The method uses a dynamic watermark
embedding technique to embed security-enhancing markers (watermarks) into the grid
measurement data to ensure the integrity and authenticity of the data. Then, the data
embedded with the watermark are processed and detected using the EKF algorithm to
identify possible faulty data insertion attacks. Through the joint application of dynamic
watermarking and EKF, this method can improve the detection capability of smart grid
systems against FDIAs and provide increased security. The above methods cannot be
used alone; they must be used with the help of some determination methods to determine
the existence of FDIAs. Some determination methods are available, such as Euclidean
distance [16,18], maximum normalized residuals [19,20], chi-square testing [18,21], Cumu-
lative sum testing [22,23], Kullback–Leibler distance [14,24], and cumulative error sum of
squares probability density curves [25,26].
3. System Model
The state estimation of the power system usually deeply relies on the system model.
The selection and establishment of the model have a substantial impact on the results of
the system state calculation, which directly lead to the accuracy of the acquired state. State
estimation in the power system is a crucial element within EMS, as it provides essential real-
time information about the grid’s operational status, and it is the basis for other high-level
applications to realize the calculation and analysis.
Energies 2023, 16, 7203 5 of 20
The measurements for power system state estimation are collected from the grid by
SCADA or phase measurement units (PMUs). PMUs are able to provide accurate and
synchronized phase measurements for geographically dispersed buses in the grid by taking
advantage of the high accuracy, sub-microsecond time synchronization, and unprecedented
reporting rate [31]. And if the system is completely observable with PMU measurements,
the state estimation process is a linear procedure. The proposed algorithm aims at solving
the linearization of EKF for state estimation. Therefore, the proposed algorithm can be
applied to the mentioned PMU-based state estimation problem by reducing the linearization
steps of the AIEKF algorithm. We can discuss a situation in which there are m measurements
and n state variables. In an AC power system, the connection between measurements and
state variables is characterized by a nonlinear relationship, which can be represented as:
z = h( x) + e (1)
where z ∈ Rm×1 is the measurement vector; x ∈ Rn×1 is the state vector, typically bus
voltage amplitude and phase; e ∈ Rm×1 is the measurement error vector that satisfies
e = (e1 , e2 , . . . , em ) T ∼ N (0m×1 , R); and h(·) represents the nonlinear relationship between
the measurement vector (z) and the state vector (x).
To analyze the correlation between the bus voltage, phase angle, and bus current of the
grid system and determine the nonlinear relationship h(·), we must streamline the power
system branch by representing it through an equivalent circuit, as illustrated in Figure 2.
Subsequently, utilizing the AC model of the power system, we establish the connection
between the state variables and measurements, which can be formulated as follows:
Pi+jQi Pj+jQj
Pij +jQij Pji +jQ ji
i j
Gij +jBij
jy 0 jy 0
∑ Vj
Pi = Vi Gij cos θij + Bij sin θij (2)
j∈ T
∑ Vj
Qi = Vi Gij sin θij − Bij cos θij (3)
j∈ T
estimated values. With the smallest objective function value, the obtained x is the closest
approximation to the true state of the system. Based on the weighted least squares method,
the objective function (J ( x̂)) can be expressed as:
J ( x̂) = [z − h( x̂)] T R−1 [z − h( x̂)]. (6)
Then,
x̂ = arg min [z − h( x̂)] T R−1 [z − h( x̂)] (7)
To solve the nonlinear WLS problem, we can linearize the measurement equation
around x, then apply the linear WLS method. The final result is expressed as:
h i−1
x̂k+1 = x̂k + G x̂k H T x̂k R−1 z − h x̂k (8)
G x̂k = H T x̂k R−1 H x̂k (9)
where k is the k-th iteration index, and H ∈ Rm×n is the Jacobian matrix of the measurement
equation, which can be expressed as:
∂P ∂Q
T
∂Vi ∂Pi ∂Qi ij ij
∂V ∂V ∂V ∂V ∂V
H= (10)
∂Vi ∂Pi ∂Qi ∂Pij ∂Qij
∂θ ∂θ ∂θ ∂θ ∂θ
where H0 represents the original hypothesis, i.e., there are no bad data, and χ2(m−n),p is the
chi-square test threshold with a confidence level of p and a degree of freedom corresponding
to (m − n).
The LNR test stands as another commonly employed approach for bad data detection.
Its core concept revolves around the normalization of measurement residuals, which can
be formulated as follows:
|z − h ( x̂ )|
ri = i √ i (12)
Ωii
−1
Ω= I − H ( x̂ ) H T ( x̂) R−1 H ( x̂ ) H T ( x̂) R−1 R (13)
where zi is the ith measurement, Ωii is the ith diagonal entry of Ω, and I is the identity
matrix. If there exit bad data in the power system, the largest normalized residual is larger
than the threshold (ε).
The chi-square test and LNR test are generally effective for detecting natural bad data,
which typically induce large measurement residuals [35].
z f = h( x) + a + e (14)
where a ∈ Rm×1 is the attacked vector.
As an elaborate FDIA, the attacked vector requires a certain condition, which is
expressed as:
a = h( x̂ + c) − h( x̂) (15)
where c ∈ Rn ×1
is the deviation of the state variable, and x̂ is the state-estimated vector without
an FDIA.
As indicated by the equation above, FDIAs can lead to an identical measurement resid-
ual vector compared to the condition without an attack. To be specific, the measurement
residuals between the pre-attack and post-attack states can be described as follows:
r = z − h( x̂) (16)
zk = h( xk ) + ek (19)
where xk and zk denote the state vector and the measurement vector at time k, respectively;
f (.) denotes the state transfer equation from k − 1 to k; h(.) denotes measurement equation;
and ωk−1 and ek denote the process and measurement noise, respectively, which are
independent of each other.
Since the KF algorithm can only deal with linear system problems, it is not applicable
to nonlinear problems such as power systems, so the EKF algorithm is derived. The EKF
algorithm first uses Taylor’s formula to linearize the nonlinear system, then filters it using
the basic formula of the KF algorithm. Specifically, state Equation (18) carries out Taylor
series expansion at the state estimation quantity (x̂k−1 ) and ignores items at quadratic
levels and higher. Similarly, measurement Equation (19) carries out Taylor series expansion
at the state prediction quantity (x̃k ) and ignores items at quadratic levels and higher. The
linearization models are expressed as:
∂ f ( x̂k−1 )
xk ≈ f ( x̂k−1 ) + ∂ x̂k−1 ( x k −1 − x̂k−1 ) + ωk−1
x̂k−1 (20)
= Fk−1 xk−1 + ωk−1 + uk−1
∂h( x̃k )
zk ≈ h( x̃k ) + ∂ x̃k ( xk − x̃k ) + ek
x̃k (21)
= Hk xk + ek + yk
∂ f ( x̂k−1 )
where Fk−1 = ∂ x̂k−1 x̂ is the Jacobian matrix of the state equation, uk−1 = f ( x̂k−1 ) −
k −1
∂ f ( x̂k−1 ) ∂h( x̃k )
∂ x̂k−1 x̂ x̂k−1 is an externality item, Hk = ∂ x̃k x̃ is the Jacobian matrix of the mea-
k −1 k
∂h( x̃k )
surement equation, and yk =h( x̃k ) − ∂ x̃k x̃ x̃k is an externality item.
k
Energies 2023, 16, 7203 8 of 20
On the basis of Equations (18) and (19), the basic formula of the EKF algorithm is expressed
as follows:
(1) Prediction steps:
x̃k|k−1 = Fk−1 x̂k−1 (22)
h i
x̂k = x̃k|k−1 + Kk zk − Hk x̃k|k−1 (25)
η f = ε Tf Q− 1
k εf (28)
ηh = εhT R− 1
k εh (30)
where εh is the difference between h( x) and the corresponding linear approximation.
As shown in Equations (28) and (30), ε f and εh are normalized by Qk and Rk . Under
the process, ε f and εh are numerically non-negative. Hence, if ε f Qk and εh Rk , η f
and ηh are both much less than 1, and the system can be considered quasilinear. Otherwise,
according to the size of the nonlinearization index, the pseudomeasurements must be
added between two consecutive sampling points to increase the sampling rate and reduce
the degree of nonlinearity of the system.
The interpolation factor (r) is closely related to the sizes of ε f and εh . The larger
nonlinearization indices η f and ηh are, the larger the interpolation factor (r) is. Conversely,
the interpolation factor (r) is smaller. It is important to emphasize that ε f = 0 and εh = 0
in the linear system. Therefore, the system does not interpolate.
Energies 2023, 16, 7203 9 of 20
The finite state machine model is shown in Figure 3. In practical applications, we can
introduce as many states as required to the FSM model to accommodate the nonlinearity indices.
There are three parameters in each state (i): the interpolation factor (ri ), the upper threshold
(Ui ), and the lower threshold (Li ). In addition, as the state (i) changes, the interpolation factor
is set to ri+1 > ri . The selection of the interpolation factor (r) is shown in Algorithm 1.
The thresholds of each state are different, and they are set depending on different
scenarios. When selecting the thresholds, it is necessary to ensure that the upper threshold
(Ui ) is larger than the lower threshold (Li ). Furthermore, as Ui and Li become smaller, the
interpolation factor (r) and estimation accuracy increase, and the algorithm consumes more
time. It is important to highlight that the nonlinear indices can take on discrete values. To
maintain small values for both η f and ηh , here is how the process works: If either η f or ηh
exceeds Ui , r parameter is increased to minimize the nonlinear error. Conversely, if both η f
and ηh are below Li , r is reduced to lower computational complexity. The specific values of
r for each state can be found in Table 2.
State 1
ηf1 or ηh1 > U1
Ui: Upper Threshold
Li: Lower Threshold
ηf2 & ηh2 < L2
State 4 State 2
A flow chart illustrating the AIEKF algorithm is provided in Figure 4, and its detailed steps
are as outlined as follows:
(1) Initialization: setting the initial state variable (x̂0 ) and state error covariance (P̂0 ).
(2) Adaptive Interpolation: In order to strike a compromise between computational
efficiency and estimation precision, the algorithm incorporates an adaptive interpolation
strategy, which comprises three key steps. Initially, we calculate the nonlinearity indices
of the state transition function and the measurement function (referred to as η f and ηh ,
respectively) using Equations (28) and (30), respectively. In the next step, we ascertain
the interpolation factor (r) by utilizing a finite-state machine model. Finally, r pseudomea-
surements are introduced between two actual measurements through linear interpolation,
which is designed to mitigate the adverse impacts of nonlinearity.
(3) EKF: On the basis of determining the number of interpolation factors (r), the
power system is estimated using the EKF algorithm. Initially, leveraging the state and its
covariance matrix from time k − 1, we derive a prior estimation at time k in accordance
with Equations (22) and (23). Secondly, the correction of the a priori estimation is used
to obtain an a posteriori estimation according to Equations (24)–(26). Thirdly, filtering is
performed between two consecutive samples based on the size of the interpolation factor.
Then, the above steps are repeated until the end of the sampling time.
Start
Initialization
Adaptive
Interpolation
Calculating nonlinear metrics for state EKF
equation and measurement equation
State prediction
Determining interpolation factor ‘r’ using
finite state machine
State update
i = i+1
k = k+1 Increasing pseudo-measurements by linear
interpolation
Yes
Number of iterations i < r+1
No
No
Time end
Yes
End
5. Detection of FDIAs
This section proposes a methodology for FDIA detection based on power system
state estimation. As a nonlinear system in the smart grid, it is difficult to guarantee the
estimation accuracy using traditional state estimation methods. Meanwhile, in order to
improve the stability of the detection algorithm, the real-time state information of the grid
buses is solved according to the system model equation and AIEKF algorithm.
Once the attacker begins to tamper with the measuring instruments, the result of
Equation (25) is different from the previous result and expressed as:
f
x̂k = x̃k|k−1 + Kk [zk + ak − Hk x̃k|k−1 ]
(31)
= x̂k + Kk ak
Energies 2023, 16, 7203 11 of 20
f f
where x̂k is the estimated state after the FDIA. To better facilitate estimation, ck = x̂k − x̂k
is introduced. Then, for the next time (k + 1), it can be represented as:
f f f f
x̂k+1 = x̃k+1|k + Kk+1 [zk+1 − Hk+1 x̃k+1|k ]
f f (32)
= x̃k+1|k + Kk+1 [zk+1 + ak+1 − Hk+1 x̃k+1|k ]
= x̂k+1 + [ I − Kk+1 Hk+1 ] Fk ck + Kk+1 ak+1
The analysis above highlights that the injection bias is influenced by both the currently
injected false data and the bias present in the previously estimated state. Over time, this
injection bias accumulates and gradually shifts the estimated state closer to the actual
system state. When the power system is subjected to an FDIA, the altered measurements
make the WLS state estimation results swing towards the new mean. For the AIEKF
algorithm, due to the constraints of the state transfer matrix and the fact that its estimation
is jointly determined by the predicted and measured values, the state estimation has some
hysteresis, and only small oscillations occur.
Based on WLS and AIEKF estimation results, considering the influence of bus states on
the system, the Euclidean distance in multidimensional spaces is introduced. The Euclidean
distance detection threshold required in FDIA detection is obtained from historical data,
and the Euclidean distance between two points estimated by WLS and AIEKF states is
calculated online in real time and used as the basis for attack detection. The expression for
the Euclidean distance at time k is expressed as follows:
s
n 2
d(k) = ∑ x̂W i,k
LS − x̂ AIEKF
i,k (33)
i =1
where x̂Wi,k
LS denotes the WLS-based state estimation at time k, x̂ AIEKF denotes the AIEKF-
i,k
based state estimation, and n denotes the system dimension.
In the n-dimensional grid system state space, the Euclidean distance is employed to
quantify the spatial separation between two points within the same state space at a given
time point. The Euclidean distance of the two state estimation algorithms stabilizes in a
certain range during regular power system operation, which provides a basis for false data
injection attack detection. The detection threshold is expressed as:
τD = max{d(1), . . . , d(n), . . .} + µ (34)
where µ is the threshold margin, which is introduced to prevent false alarms triggered by
minor data fluctuations while the detection system is operating under normal conditions.
Attack detection is performed by comparing the Euclidean distance between the
detection threshold and the two points in the state space, and when d(k) ≥ τD , it is
considered that there exits an FDIA in the power system; otherwise, it is considered that no
attack occurs. The relation can be expressed as:
d(k) < τD , No FDI A
(35)
d(k) ≥ τD , FDI A
In order to distinguish between bad data and FDIAs, bad data detection is also required
at the end of the above steps. Only if d(k ) ≥ τD and J ( x̂ ) < χ2(m−n),p hold can we conclude
that the power system is under FDIAs. The proposed FDIA detection method based on
WLS and AIEKF is shown in Algorithm 2.
Energies 2023, 16, 7203 12 of 20
*
G *
G
8 3
*
G G
7 4 2 1
11 5
G
9 10
12
6
14 13
1.6
1.02 True value
1.5 WLS estimate
1 EKF estimate
AIEKF estimate
1.4 0.98
Voltage amplitude (p.u.)
0.96
1.3
30 32 34
1.2
1.1
0.9
0.8
0.7
0 10 20 30 40 50 60
t (min)
-5 True value
-4.4 WLS estimate
-5.02
EKF estimate
-4.5 -5.04 AIEKF estimate
-5.06
-4.8
-4.9
-5
-5.1
-5.2
-5.3
0 10 20 30 40 50 60
t (min)
1.08
1.06
1.04
1.02
0.98
1 2 3 4 5 6 7 8 9 10 11 12 13 14
Bus
Figure 8. Bus voltage amplitude estimation.
To validate the efficacy of the AIEKF algorithm introduced in this paper for state
estimation, we use the root mean square error (RMSE) as a metric to assess the accuracy of
the algorithm’s estimations. The RMSE calculation formula is provided below.
v
u1 N
u
RMSE = t ∑ ( xi − x̂i )2 (36)
N i =1
where xi is the ith component of the true value of the state variable, x̂i is the ith component
of the estimation of the state variable, and N is the dimension of the state variable.
Energies 2023, 16, 7203 15 of 20
0
-8.7 True value
-2 WLS estimate
-8.75 EKF estimate
AIEKF estimate
-4
-8.8
-8
-10
-12
-14
-16
-18
1 2 3 4 5 6 7 8 9 10 11 12 13 14
Bus
Figure 9. Bus voltage phase estimation.
The RMSE performance metric is calculated in the IEEE-14-bus system, and the results
are shown in Table 4. As shown in Table 4, the RMSE of the AIEKF algorithm is the smallest
of the three algorithms. Compared with WLS and EKF, the RMSE of the AIEKF algorithm
decreases by 79% and 67%, respectively.
Algorithm RMSE
WLS 0.0969
EKF 0.0616
AIEKF 0.0201
2
Pre-attack measurements
False data attack values
1.5 Post-attack measurements
Measurement value
1
0.5
-0.5
-1
5 10 15 20 25 30 35 40
Measurement unit
Figure 10. Measurement distribution before and after an attack on the IEEE-14-bus power system.
Once the measurements are tampered with, the state variable (x) changes. Assuming
that the system is subjected to a false data injection attack at 75 min, bus 11 is selected to
observe the change in bus voltage magnitude and phase angle before and after the false
data injection attack occurs. State estimation of system buses using the AIEKF algorithm
is performed to improve the stability and accuracy of the detection algorithm. The state
estimation results of the two algorithms are shown in Figures 11 and 12. As shown in
the figures, in the first 75 min without an attack, AIEKF outperforms WLS in terms of
estimation. The system is attacked by false data injection in the 75th minute, and the two
algorithms converge to the state expectation at different moments. It is clear that AIEKF
converges slowly and with small fluctuations, while WLS is affected by a sudden change in
the measurements and converges quickly to the new state value.
1.45
Ture value
WLS estimate
1.4 AIEKF estimate
1.35
Voltage amplitude (p.u.)
1.3
1.25
1.2
1.15
1.1
1.05
1
0 25 50 75 100 125 150
Time (min)
Figure 11. The voltage amplitude change of bus 11 before and after an attack.
Energies 2023, 16, 7203 17 of 20
-8
Ture value
WLS estimate
-9 AIEKF estimate
-10
-12
-13
-14
-15
-16
0 25 50 75 100 125 150
Time (min)
Figure 12. The voltage phase change of bus 11 before and after an attack.
4.8 24
22
20
4.7
18
Residual
16
4.6
14
Pre-attack residual 12
Post-attack residual
Bad data detection residual
4.5 10
0 25 50 75 100 125 150
Time (min)
Figure 13. The residual of WLS estimation before and after an attack.
Energies 2023, 16, 7203 18 of 20
This paper proposes a detection method based on the computation of the Euclidean
distance between two points in the state space to detect FDIAs. Using Monte Carlo
simulation with 1000 independent experiments, we can obtain the normal-case Eu-
clidean distance distribution. The maximum value is taken as the detection threshold,
i.e., max{d(1), . . . , d(n), . . .} = 1.847. The detection margin (µ) is set to 0.03, and according
to Equation (30), the detection threshold can be derived as τD = 1.85. After an attack, the
Euclidean distance changes to 17.9586. Figure 14 shows the Euclidean distance distribution
based on the two algorithms before and after an attack.
20
Euclid distance
18 Detection threshold
16
14
Euclid distance
12
10
0
0 25 50 75 100 125 150
Time (min)
As can be seen from the figure, during the first 75 min, when the system is not under
attack, the Euclidean distance between the state points stays within a certain range below
the predefined detection threshold, which indicates that the system does not detect an attack
according to the judgment conditions. When the system is attacked after the 75th minute,
the two algorithms converge to the new state values at different moments. At this moment,
the Euclidean distance of the voltage state estimate fluctuates considerably with the attack
and exceeds the predefined detection threshold. Therefore, FDIAs can be detected, which
triggers the attack alarm system.
7. Conclusions
In this research, we introduce an approach that combines weighted least squares with
an adaptive interpolation extended Kalman filter to detect FDIAs in power systems. AIEKF
effectively reduces the nonlinear errors associated with the extended Kalman filters, leading
to enhanced accuracy in estimating the state of the power system. When a power system is
subject to false data injection attacks, the state estimation weighted least squares statistic
is characterized by a real-time nature, where changes in state variables are instantaneous,
whereas adaptive interpolation extended Kalman filtering is characterized by hysteresis,
and a change in state variables requires a process. Based on the difference between the
two algorithms, the Euclidean distance is introduced as a metric for detecting whether the
system is injected with false data or not. Additionally, the relevant detection threshold is
obtained using Monte Carlo simulation. The experiments show that the method is effective
in detecting false data injection attacks.
Subsequent research will consider the study of the localization of FDIAs and the
development of a new joint estimation algorithm that can simultaneously achieve the
detection and localization of false data injection attacks.
Energies 2023, 16, 7203 19 of 20
Author Contributions: Conceptualization, G.Z.; methodology, Y.L. and W.G.; software, G.Z. and
X.G.; validation, J.Z.; formal analysis, X.G.; resources, W.G.; data curation, P.H.; writing—original
draft preparation, G.Z.; writing—review and editing, W.G. and Y.L.; visualization, P.H. and X.G.;
supervision, W.G.; project administration, Y.L.; funding acquisition, W.G. All authors have read and
agreed to the published version of the manuscript.
Funding: This research was supported in part by the National Natural Science Foundation of China
(NSFC) (U21A20146), the Collaborative Innovation Project of Anhui Universities (GXXT-2020-070),
the Open Research Fund of Anhui Province Key Laboratory of Detection Technology and Energy
Saving Devices (JCKJ2022C02, JCKJ2022A10), and the Open Research Fund of the Key Laboratory of
Advanced Perception and Intelligent Control of High-end Equipment of the Ministry of Education
(GDSC202208).
Data Availability Statement: Not applicable.
Acknowledgments: We thank the anonymous reviewers for their valuable comments.
Conflicts of Interest: The authors declare no conflict of interest.
References
1. Marashi, K.; Sarvestani, S.S.; Hurson, A.R. Consideration of Cyber-Physical Interdependencies in Reliability Modeling of Smart
Grids. IEEE Trans. Sustain. Comput. 2018, 3, 73–83. [CrossRef]
2. Guo, H.; Pang, Z.H.; Sun, J.; Li, J. An Output-Coding-Based Detection Scheme Against Replay Attacks in Cyber-Physical Systems.
IEEE Trans. Circuits Syst. II 2021, 68, 3306–3310. [CrossRef]
3. Ghosh, S.; Sampalli, S. A Survey of Security in SCADA Networks: Current Issues and Future Challenges. IEEE Access 2019, 7,
135812–135831. [CrossRef]
4. Zhou, J.; Chen, B.; Yu, L. Intermediate-Variable-Based Estimation for FDI Attacks in Cyber-Physical Systems. IEEE Trans. Circuits
Syst. II 2020, 67, 2762–2766. [CrossRef]
5. Gao, Y.; Ma, J.; Wang, J.; Wu, Y. Event-Triggered Adaptive Fixed-Time Secure Control for Nonlinear Cyber-Physical System with
False Data-Injection Attacks. IEEE Trans. Circuits Syst. II 2023, 70, 316–320. [CrossRef]
6. Wang, Y.; Gu, D.; Peng, D.; Chen, S.; Yang, H. Stuxnet Vulnerabilities Analysis of SCADA Systems. Commun. Comput. Inf. Sci.
2012, 345, 640–646. [CrossRef]
7. Liang, G.; Weller, S.R.; Zhao, J.; Luo, F.; Dong, Z.Y. The 2015 Ukraine Blackout: Implications for False Data Injection Attacks. IEEE
Trans. Power Syst. 2016, 32, 3317–3318. [CrossRef]
8. Lu, K.D.; Wu, Z.G. Multi-Objective False Data Injection Attacks of Cyber–Physical Power Systems. IEEE Trans. Circuits Syst. 2022,
69, 3924–3928. [CrossRef]
9. Yu, W.; Bu, X.; Hou, Z. Security Data-Driven Control for Nonlinear Systems Subject to Deception and False Data Injection Attacks.
IEEE Trans. Netw. Sci. Eng. 2022, 9, 2910–2921. [CrossRef]
10. Liu, Y.; Reiter, M.K.; Ning, P. False data injection attacks against state estimation in electric power grids. In Proceedings of the
2009 ACM Conference on Computer and Communications Security (CCS), Chicago, IL, USA, 9–13 November 2009; pp. 1–33.
[CrossRef]
11. Yang, Q.; Yang, J.; Yu, W.; An, D.; Zhang, N.; Zhao, W. On False Data-Injection Attacks against Power System State Estimation:
Modeling and Countermeasures. IEEE Trans. Parallel Distrib. Syst. 2014, 25, 717–729. [CrossRef]
12. He, Y.; Mendis, G.J.; Wei, J. Real-Time Detection of False Data Injection Attacks in Smart Grid: A Deep Learning-Based Intelligent
Mechanism. IEEE Trans. Smart Grid 2017, 8, 2505–2516. [CrossRef]
13. Musleh, A.S.; Chen, G.; Dong, Z.Y. A Survey on the Detection Algorithms for False Data Injection Attacks in Smart Grids. IEEE
Trans. Smart Grid 2020, 11, 2218–2234. [CrossRef]
14. Moslemi, R.; Mesbahi, A.; Velni, J.M. A fast, decentralized covariance selection-based approach to detect cyber attacks in smart
grids. IEEE Trans. Smart Grid 2018, 9, 4930–4941. [CrossRef]
15. Chen, Y.; Huang, S.; Liu, F.; Wang, Z.; Sun, X. Evaluation of Reinforcement Learning-Based False Data Injection Attack to
Automatic Voltage Control. IEEE Trans. Smart Grid 2019, 10, 2158–2169. [CrossRef]
16. Zhao, J.; Zhang, G.; Scala, L.M.; Dong, Z.Y.; Chen, C.; Wang, J. Short-Term State Forecasting-Aided Method for Detection of Smart
Grid General False Data Injection Attacks. IEEE Trans. Smart Grid 2017, 8, 1580–1590. [CrossRef]
17. Li, X.; Wang, Z.; Zhang, C.; Du, D.; Fei, M. A Novel Dynamic Watermarking-Based EKF Detection Method for FDIAs in Smart
Grid. IEEE/CAA. J. Autom. Sinica 2022, 9, 1319–1322. [CrossRef]
18. Manandhar, K.; Cao, X.J.; Hu, F.; Liu, Y. Combating False Data Injection Attacks in Smart Grid using Kalman Filter. In Proceedings of
the 2014 International Conference on Computing, Networking and Communications (ICNC), Honolulu, HI, USA, 3–6 February 2014;
pp. 16–20. [CrossRef]
19. Shi, W.; Wang, Y.; Jin, Q.; Ma, J. PDL: An Efficient Prediction-Based False Data Injection Attack Detection and Location in Smart
Grid. In Proceedings of the 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC), Tokyo, Japan,
23–27 July 2018; pp. 676–681. [CrossRef]
Energies 2023, 16, 7203 20 of 20
20. Abreu, O.A.; Messina, F.; Vega, L.R. Stealth Attacks on the SADI with Prior Information on the State Covariance Matrix. In
Proceedings of the 2022 IEEE Biennial Congress of Argentina (ARGENCON), San Juan, Argentina, 7–9 September 2022; pp. 1–7.
[CrossRef]
21. Huang, K.; Xiang, Z.; Deng, W.; Yang, C.; Wang, Z. False Data Injection Attacks Detection in Smart Grid: A Structural Sparse
Matrix Separation Method. IEEE Trans. Netw. Sci. Eng. 2021, 8, 2545–2558. [CrossRef]
22. Khalaf, M.; Youssef, A.; El-Saadany, E. Joint Detection and Mitigation of False Data Injection Attacks in AGC Systems. IEEE Trans.
Smart Grid 2019, 10, 4985–4995. [CrossRef]
23. Kurt, M.N.; Yilmaz, Y.; Wang, X. Distributed Quickest Detection of Cyber-Attacks in Smart Grid. IEEE Trans. Inf. Forensics Secur.
2018, 13, 2015–2030. [CrossRef]
24. Cheng, G.; Lin, Y.; Zhao, J.; Yan, J. A Highly Discriminative Detector Against False Data Injection Attacks in AC State Estimation.
IEEE Trans. Smart Grid 2022, 13, 2318–2330. [CrossRef]
25. Wang, Y.; Shi, W.; Jin, Q.; Ma, J. An Accurate False Data Detection in Smart Grid Based on Residual Recurrent Neural Network
and Adaptive threshold. In Proceedings of the 2019 IEEE International Conference on Energy Internet (ICEI), Nanjing, China,
27–31 May 2019; pp. 499–504. [CrossRef]
26. Mousavian, S.; Valenzuela, J.; Wang, J.H. Real-time data reassurance in electrical power systems based on artificial neural
networks. Electr. Pow. Syst. Res. 2013, 96, 285–295. [CrossRef]
27. Mahi-al-rashid, A.; Hossain, F.; Anwar, A.; Azam, S. False Data Injection Attack Detection in Smart Grid Using Energy Consump-
tion Forecasting. Energies 2022, 15, 4877. [CrossRef]
28. Yu, J.J.Q.; Hou, Y.; Li, V.O.K. Online False Data Injection Attack Detection With Wavelet Transform and Deep Neural Networks.
IEEE Trans. Industr. Inform. 2018, 14, 3271–3280. [CrossRef]
29. Wang, Y.F.; Zhang, Z.H.; Ma, J.H.; Jin, Q. KFRNN: An Effective False Data Injection Attack Detection in Smart Grid Based on Kalman
Filter and Recurrent Neural Network. IEEE Internet Things J. 2022, 9, 6893–6904. [CrossRef]
30. Jorjani, M.; Seifi, H.; Varjani, A.Y. A Graph Theory-Based Approach to Detect False Data Injection Attacks in Power System AC
State Estimation. IEEE Trans. Ind. Informat. 2021, 17, 2465–2475. [CrossRef]
31. Muscas, C.; Pegoraro, P.A.; Sulis, S.; Pau, M.; Ponci, F.; Monti, A. New Kalman Filter Approach Exploiting Frequency Knowledge
for Accurate PMU-Based Power System State Estimation. IEEE Trans. Instrum. Meas. 2020, 69, 6713–6722. [CrossRef]
32. Deng, R.L.; Zhuang, P.; Liang, H. False Data Injection Attacks Against State Estimation in Power Distribution Systems. IEEE
Trans. Smart Grid 2019, 10, 2871–2881. [CrossRef]
33. Yuan, C.; Zhuo, Y.; Liu, G.; Dai, R.; Lu, Y.; Wang, Z. Graph Computing-Based WLS Fast Decoupled State Estimation. IEEE Trans.
Smart Grid 2020, 11, 2440–2451. [CrossRef]
34. Manousakis, N.M.; Korres, G.N. Application of State Estimation in Distribution Systems with Embedded Microgrids. Energies
2021, 14, 7933. [CrossRef]
35. Radhoush, S.; Vannoy, T.; Liyanage, K.; Whitaker, B.M.; Nehrir, H. Distribution System State Estimation and False Data Injection
Attack Detection with a Multi-Output Deep Neural Network. Energies 2023, 16, 2288. [CrossRef]
36. Ganjkhani, M.; Fallah, S.N.; Badakhshan, S.; Shamshirband, S.; Chau, K.-W. A Novel Detection Algorithm to Identify False Data
Injection Attacks on Power System State Estimation. Energies 2019, 12, 2209. [CrossRef]
37. Akhlaghi, S.; Zhou, N.; Huang, Z. A Multi-Step Adaptive Interpolation Approach to Mitigating the Impact of Nonlinearity on
Dynamic State Estimation. IEEE Trans. Smart Grid 2018, 9, 3102–3111. [CrossRef]
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual
author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to
people or property resulting from any ideas, methods, instructions or products referred to in the content.