Sub-Erroneous Outlier Detection of Cyber Attacks in a Smart Grid State Estimation System

摘要

Cyber-physical systems (CPS) are designed to provide observation and control of processes, designed for high operation, reliability, and safety performance levels. CPS were historically developed void of contact with the Internet or other cyber-attack threat vectors. The integration of the Internet, Internet of Things, and Industrial Internet of Things exposed the cybersecurity resource limited programmable logic controllers, intelligent electronic devices, sensors, and actuators to an expanded range of threats. The need for increased cyber security in this environment requires improvement in controls against vulnerabilities in CPS. Many CPS operate with the incorporation of a state estimation system. State estimation systems provide insight into the typically unobservable system state given observable measurements and relations of those measurements to the system state. Measurements outside of 3-sigma are discarded as bad measurements. Current methods establish the accepted boundary of measurements. The potential inclusion of cyber-attack data within accepted boundary define a set of sub-erroneous outliers which are within normal operations yet below current outliers. Outlier algorithms may be implemented to detect sub-erroneous outliers. A cyber-aware state estimator can accommodate for the attack and provide a correct state estimate given the implementation of a Cyber Attack Matrix constructed from sub-erroneous outlier detection. The sub-erroneous outlier detections evaluated found that a Grubb’s test or Mahalanobis distance provided good performance.