False data injection attacks against state estimation in electric power grids

<jats:p> A power grid is a complex system connecting electric power generators to consumers through power transmission and distribution networks across a large geographical area. System monitoring is necessary to ensure the reliable operation of power grids, and <jats:italic>state estimation</jats:italic> is used in system monitoring to best estimate the power grid state through analysis of meter measurements and power system models. Various techniques have been developed to detect and identify bad measurements, including <jats:italic>interacting bad measurements</jats:italic> introduced by <jats:italic>arbitrary, nonrandom</jats:italic> causes. At first glance, it seems that these techniques can also defeat malicious measurements injected by attackers. </jats:p> <jats:p> In this article, we expose an unknown vulnerability of existing bad measurement detection algorithms by presenting and analyzing a new class of attacks, called <jats:italic>false data injection attacks</jats:italic> , against state estimation in electric power grids. Under the assumption that the attacker can access the current power system configuration information and manipulate the measurements of meters at physically protected locations such as substations, such attacks can introduce <jats:italic>arbitrary</jats:italic> errors into certain state variables without being detected by existing algorithms. Moreover, we look at two scenarios, where the attacker is either constrained to specific meters or limited in the resources required to compromise meters. We show that the attacker can systematically and efficiently construct attack vectors in both scenarios to change the results of state estimation in <jats:italic>arbitrary</jats:italic> ways. We also extend these attacks to <jats:italic>generalized false data injection attacks</jats:italic> , which can further increase the impact by exploiting measurement errors typically tolerated in state estimation. We demonstrate the success of these attacks through simulation using IEEE test systems, and also discuss the practicality of these attacks and the real-world constraints that limit their effectiveness. </jats:p>