Decision Tree Based Anomaly Detection for Remedial Action Scheme in Smart Grid using PMU Data
- Iowa State Univ., Ames, IA (United States)
The advanced and persistent cyber threats facing the critical infrastructure such as the smart grid are exponentially rising which require sophisticated defense strategy. Remedial Action Scheme (RAS), also known as Special Protection Scheme (SPS), relies on the interconnected cyber physical system for automated protection which is exposed to the multitude of vulnerabilities. In this paper, we propose an innovative approach to develop an Intelligent Remedial Action Scheme (IRAS) which can detect and distinguish cyber attacks from the physical disturbances in smart grid and later take smart corrective actions as required to minimize the impact on system reliability and economy. Specifically, we have proposed the decision tree based anomaly detection methodology which can distinguish between the normal tripping during power line faults and malicious tripping attack on the physical relays in the context of RAS. The classification model is developed using differential features of voltage and current phasors. Next, as a proof of concept, we have implemented and validated the proposed methodology in cyber physical environment at Iowa State's PowerCyber testbed. Finally, the proposed methodology is tested on modified IEEE 39 bus system in offline and real-time mode. Our experimental results show that the proposed method is efficient in detecting attacks and performing corrective actions within an acceptable time frame.
- Research Organization:
- Iowa State Univ., Ames, IA (United States)
- Sponsoring Organization:
- USDOE Office of Cybersecurity, Energy Security, and Emergency Response (CESER)
- Contributing Organization:
- Iowa State University
- DOE Contract Number:
- OE0000830
- OSTI ID:
- 1985682
- Report Number(s):
- DOE-ISU-0000830-13
- Journal Information:
- 2018 IEEE Power & Energy Society General Meeting (PESGM), Conference: 2018 IEEE Power & Energy Society General Meeting (PESGM)
- Country of Publication:
- United States
- Language:
- English
Similar Records
Attack-resilient algorithms and testbed federation for wide-area protection and control in smart grid
Data-driven cyber attack detection and mitigation for decentralized wide-area protection and control in smart grids