Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

A Cyber-Physical Anomaly Detection for Wide-Area Protection Using Machine Learning

Journal Article · · IEEE Transactions on Smart Grid
 [1];  [2]
  1. Idaho National Laboratory (INL), Idaho Falls, ID (United States); Iowa State University
  2. Iowa State University, Ames, IA (United States)
+ Show Author Affiliations
Wide-area protection scheme (WAPS) provides system-wide protection by detecting and mitigating small and large-scale disturbances that are difficult to resolve using local protection schemes. As this protection scheme is evolving from a substation-based distributed remedial action scheme (DRAS) to the control center-based centralized RAS (CRAS), it presents severe challenges to their cybersecurity because of its heavy reliance on an insecure grid communication, and its compromise would lead to system failure. This article presents an architecture and methodology for developing a cyber-physical anomaly detection system (CPADS) that utilizes synchrophasor measurements and properties of network packets to detect data integrity and communication failure attacks on measurement and control signals in CRAS. The proposed machine leaning-based methodology applies a rules-based approach to select relevant input features, utilizes variational mode decomposition (VMD) and decision tree (DT) algorithms to develop multiple classification models, and performs final event identification using a rules-based decision logic. Here, we have evaluated the proposed methodology of CPADS using the IEEE 39 bus system for several performance measures (accuracy, recall, precision, and F-measure) in a cyber-physical testbed environment. Furthermore, our experimental results reveal that the proposed algorithm (VMD-DT) of CPADS outperforms the existing machine learning classifiers during noisy and noise-free measurements while incurring an acceptable processing overhead.
Research Organization:
Iowa State University, Ames, IA (United States)
Sponsoring Organization:
USDOE
Grant/Contract Number:
OE0000830
OSTI ID:
1985651
Report Number(s):
DOE-ISU-0000830-7
Journal Information:
IEEE Transactions on Smart Grid, Journal Name: IEEE Transactions on Smart Grid Journal Issue: 4 Vol. 12; ISSN 1949-3053
Publisher:
IEEECopyright Statement
Country of Publication:
United States
Language:
English

References (26)

Intrusion detection system for network security in synchrophasor systems conference January 2013
Decision tree‐induced fuzzy rule‐based differential relaying for transmission line including unified power flow controller and wind‐farms journal December 2014
Design and implementation of wide area special protection schemes conference January 2004
WACS-Wide-Area Stability and Voltage Control System: R&D and Online Demonstration journal May 2005
Wide-Area Protection and Emergency Control journal May 2005
Cyber-Physical Attack-Resilient Wide-Area Monitoring, Protection, and Control for the Power Grid journal July 2017
Security Evaluation of Two Intrusion Detection Systems in Smart Grid SCADA Environment conference September 2018
Decision Tree Based Anomaly Detection for Remedial Action Scheme in Smart Grid using PMU Data conference August 2018
Leveraging MapReduce and Synchrophasors for Real-Time Anomaly Detection in the Smart Grid journal July 2019
Multi-Agent Approach for Enhancing Security of Protection Schemes in Cyber-Physical Energy Systems journal April 2017
Fault Classification and Section Identification of an Advanced Series-Compensated Transmission Line Using Support Vector Machine journal January 2007
A Novel Back Up Wide Area Protection Technique for Power Transmission Grids Using Phasor Measurement Unit journal January 2010
Real-Time Identification of Dynamic Events in Power Systems Using PMU Data, and Potential Applications—Models, Promises, and Challenges journal February 2017
Multidimensional Intrusion Detection System for IEC 61850-Based SCADA Networks journal April 2017
Catastrophe Predictors From Ensemble Decision-Tree Learning of Wide-Area Severity Indices journal September 2010
Assessment of ROCPAD Relay for Islanding Detection in Distributed Generation journal June 2011
An Intelligent Wide Area Synchrophasor Based System for Predicting and Mitigating Transient Instabilities journal June 2012
Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid journal June 2013
Evolution Pathway Towards Wide Area Monitoring and Protection—A Real-World Implementation of Centralized RAS System journal May 2014
Model-Based Attack Detection and Mitigation for Automatic Generation Control journal March 2014
Developing a Hybrid Intrusion Detection System Using Data Mining for Power Systems journal November 2015
Online Detection of Stealthy False Data Injection Attacks in Power System State Estimation journal January 2016
Variational Mode Decomposition and Decision Tree Based Detection and Classification of Power Quality Disturbances in Grid-Connected Distributed Generation System journal July 2018
Ensemble-Based Algorithm for Synchrophasor Data Anomaly Detection journal May 2019
Multi-Agent Based Attack-Resilient System Integrity Protection for Smart Grid journal July 2020
Variational Mode Decomposition journal February 2014

Similar Records

Related Subjects

24 POWER TRANSMISSION AND DISTRIBUTION
Wide-area protection
cybersecurity
machine learning
synchrophasor
variational mode decomposition