Jamming aided Generalized Data Attacks: Exposing Vulnerabilities in Secure Estimation
JJamming aided Generalized Data Attacks:Exposing Vulnerabilities in Secure Estimation
Deepjyoti Deka, Ross Baldick and Sriram Vishwanath
Department of Electrical & Computer Engineering, The University of Texas at AustinEmail: [email protected], [email protected], [email protected]
Abstract —Jamming refers to the deletion, corruption or dam-age of meter measurements that prevents their further usage.This is distinct from adversarial data injection that changes meterreadings while preserving their utility in state estimation. Thispaper presents a generalized attack regime that uses jamming ofsecure and insecure measurements to greatly expand the scopeof common ‘hidden’ and ‘detectable’ data injection attacks inliterature. For ‘hidden’ attacks, it is shown that with jamming,the optimal attack is given by the minimum feasible cut in aspecific weighted graph. More importantly, for ‘detectable’ dataattacks, this paper shows that the entire range of relative costs foradversarial jamming and data injection can be divided into threeseparate regions, with distinct graph-cut based constructions forthe optimal attack. Approximate algorithms for attack design aredeveloped and their performances are demonstrated by simula-tions on IEEE test cases. Further, it is proved that preventionof such attacks require security of all grid measurements. Thiswork comprehensively quantifies the dual adversarial benefits ofjamming: (a) reduced attack cost and (b) increased resilience tosecure measurements, that strengthen the potency of data attacks.
I. I
NTRODUCTION
State Estimation in a vital component for robust controlof power system and efficient electricity market operations. Itinvolves collection of measurements from meters distributedacross the grid that are communicated through SCADA (Su-pervisory Control and Data Acquisition) systems and thenusing them for determining the system state. Presence of fastersampling meters like phasor measurement units (PMUs) [1]and Wide-Area Monitoring and Control Systems has led togreater data collection and heightened focus on reliable stateestimation. This is because these new meters and their digitalcommunication expose the grid to adversarial data attacks.Adversaries, often cyber in nature, can coordinately changemeter readings to produce an incorrect state estimate that cansubsequently result in grid failures and sub-optimal electricityprices. In fact, practical adversarial attacks have been widelystudied in research (‘Aurora’ test attack [4], PMU timing attack[5]) and also reported in national media (cyberspying [2],‘Dragonfly’ virus [3]). There has thus been a surge in recentresearch aimed at identifying power grid vulnerabilities anddesigning resilience to adversarial attacks.The authors of [6] were along the first to identify theproblem of ‘hidden’ data attacks that can change the stateestimate by bypassing bad-data detection checks at the esti-mator. The central idea behind ‘hidden’ attacks in [6] is thedesign of a vector of data injections in the column space of the measurement matrix used in state estimation. Differentadversarial goals (Eg. minimizing number of compromisedmeasurements, minimum attack energy and cost) and operatingconditions (Eg. type of measurements, power flow model,presence of secure measurements) have led to diverse researchapproaches to the problem of optimal attack construction.For adversaries interested in minimizing the number of mea-surement corruptions in a DC-power flow based estimator,[7] uses a l − l relaxation based framework to designthe optimal ‘hidden’ attack, while [8] uses mixed integerlinear programming. For state estimation relying on voltagephasor and line flow measurements (collected from PMUs),[9], [10] provide a graph-cut based ‘hidden’ attack framework.Similarly, [14] discuss conditions for feasible data attack ona Kalman-Filter based estimator for AC power flow systems.For the related problem of preventing data attacks, techniquesdiscussed in literature include heuristic scheme [11], greedyschemes [7], [10] among others.Aside from the mentioned research on ‘hidden’ attacks,a recent line of work has analyzed ‘detectable’ data attacksthat affect state estimation despite failing bad-data detectionchecks. An attacker in this case prevents the bad-data re-mover from removing some/all of the tempered measurementsfrom the system. In this context, reference [12] demonstratesthe construction of a basic ‘detectable’ attack (termed ‘dataintegrity’ attack) by using half of the measurements in theoptimal ‘hidden’ attack, and by damaging the rest. The stateestimator here removes only the damaged measurements asbad-data while the other half manipulated by the adversarypasses the bad-data detection test and causes the attack.Reference [13] generalizes this technique by creating ‘de-tectable’ attacks from graph cuts that may include a minorityof incorruptible measurements. This generalization produceseven greater reduction in attack cost (minimum being )over ‘hidden’ attack costs. More importantly, the framework in[13] produces feasible ‘detectable’ attacks in systems secureagainst all ‘hidden’ attacks. In this paper, we analyze bothattack regimes: ‘hidden’ and ‘detectable’ for adversaries thathave an additional tool: measurement jamming.By jamming, we refer to any adversarial action that pre-vents the state estimator from receiving or using a particularmeasurement. Jamming may be conducted by several practicaltechniques including wireless jammers, GPS spoofers, coordi-nated Denial of Service attack [15] or even by physical damageto the device, meter and communication equipment [16]. a r X i v : . [ c s . CR ] S e p hough jamming attacks have been implemented in research,there are few studies analyzing their impact on constructingoptimal adversarial attacks. References [17] and [18] usejamming of flow measurements with attack on breaker statusesto design topology attacks on state estimation. The authors of arecent paper [19] have used measurement jamming to design‘detectable’ attacks. However, [19] limits adversarial actionto insecure measurements and leaves encrypted measurementsuntouched. Though secure/encrypted measurements are indeedsecure against data injection, they are jammable (Eg. thoughmeter damage). Including jamming of secure measurementsinto the attack framework thus generalizes ‘detectable’ and‘hidden’ attacks, and enables a complete analysis of the effectof jamming on attack cost and grid resilience. This is theprincipal focus of this work.We develop a graph-theoretic framework to study gener-alized ‘hidden’ and ‘detectable’ data attacks by an adversaryequipped with three techniques. They include: (a) jammingand (b) data injection in insecure measurements, and (c)jamming of secure measurements. The distinct costs of thesetechniques will depend on the adversarial instruments andalgorithms used for their implementation and measurementsecurity available in the grid. Despite the possible variationin exact costs, we show that the design of the optimal attackdepends only on the relative costs of jamming and injection.In particular, we show that • for ‘hidden’ attacks, the optimal generalized attack isgiven by the solution to a minimum weight graph-cutproblem on a weighted graph, for all permissible costs ofjamming and data injection; • for ‘detectable’ attacks, the range of costs for the jam-ming and data injection tools can be divided into threeintervals based on their relative values (Fig. 5). In eachcost region, the optimal generalized attack is constructedby solving at most two minimum weight constrainedgraph-cut problems specific to that interval.It needs to be mentioned that if jamming is limited to insecuremeasurements, the optimal ‘detectable’ attack is described bytwo cost intervals [19] with one graph-cut problem each, un-like three cost intervals, each with two optimization problemshere. As the constrained graph cut problems are in generalnot solvable in polynomial time, we give iterative min-cutbased approximate algorithms that can be used for attackconstruction. Simulations on IEEE test cases elucidate costimprovements produced by our generalized attack frameworkover traditional data attacks.The second significant result of this paper states that ourgeneralized attacks are feasible even in systems with only oneinsecure measurement. Preventing them requires extendingsecurity to all measurements. Our attack framework is thusmore potent than previously studied ‘hidden’ [9], [10] and‘detectable’ attacks [13], [19] that can be prevented with muchless number of secure measurements as detailed later.The rest of this paper is organized as follows. The nextsection presents a description of the system models used instate estimation, bad-data removal and considered adversarial
Bus 9
Bus 1
Bus 10
Bus 12
Bus 14
Bus 13
Bus 2
Bus 4
Bus 3
Bus 7
Bus 8
Bus 5
Bus 11
Bus 6
Fig. 1. IEEE 14-bus test system [20] tools and attack types. Traditional ‘hidden’ and ‘detectable’attack regimes that involve manipulation of insecure measure-ments are discussed in Section III. Next, our generalized attackframework for ‘hidden’ and ‘detectable’ attacks is presentedin Section IV along with graph-theoretic formulations tostudy the effect of different adversarial costs on the optimalattack design. The algorithms to design the optimal ‘hidden’and ‘detectable’ generalized attacks are given in Section V.Simulations of the proposed algorithms on IEEE bus systemsfor a range of jamming and bad-data injection costs andcomparisons with existing work are shown in Section VI.Finally, concluding remarks are presented in Section VII.II. S
TATE E STIMATION , B AD -D ATA R EMOVAL &A DVERSARIAL A CTION
The power grid represents a set V of n buses (nodes)connected by a set E of | E | transmission lines (directededges). As an example, the IEEE bus test system [20] isgiven in Figure 1. Measurement Model : We use the DC power flow model[22] for the grid in this paper. Here, voltage magnitudesare assumed to be constant at unity on all buses and thestate vector of the system comprises of all bus phase angles x ∈ R n . Transmission lines are assumed to be perfectlyinductive (zero resistance) with a diagonal susceptance matrix B . We use x i to denote the phase angle at bus i and B ij todenote the susceptance of line ( i, j ) . We consider a m lengthmeasurement vector z ∈ R m that comprises of a) active powerflows on lines and b) voltage phase angles on buses, collectedfrom conventional meters and phasor measurement units in thegrid. The relation between z and x is given by z = Hx + e (1)where H is the m × n full-ranked measurement matrix and e is a zero mean Gaussian measurement noise vector withknown covariance Σ . If the k th and k th entries (rows) in z ( H ) measures the power flow on line ( i, j ) and the phase angle eter Measurements State Estimation Bad Data
Detection
Bad
Good Bad-Data Remover
Fig. 2. State Estimator for a power system [21], [22] at node i respectively, then the DC power flow gives z ( k ) = B ij ( x ( i ) − x ( j )) , z ( k ) = x ( i ) H ( k , :) = [0 .. B ij .. − B ij .. (2) H ( k , :) = [0 .. .. .. (3)Without a loss of generality, we introduce a n + 1 th ‘refer-ence’ bus with phase angle in the system and accordinglyappend to the state vector x . Note that the phase anglemeasurement at any bus i is equivalent to a flow on ahypothetical line of unit conductance between bus i and the‘reference’ bus. To represent this, we augment an additionalcolumn h g to matrix H with value − for rows representingphase angles and otherwise. We thus convert every entry in z into a flow measurement given by z = Hx = [ H | h g ] (cid:104) x (cid:105) Note that the augmented measurement matrix has the structureof a susceptance weighted graph incidence matrix of rank n .From this point, we use x and H to denote the augmentedstate vector and measurement matrices respectively. State Estimation : The complete DC state estimator used inthis paper is given in Figure 2 [21], [22].The true state estimate x ∗ is generated from measurementvector z by a weighted least-square minimizer that mini-mizes the weighted residual’s magnitude given by J ( x, z ) = (cid:107) Σ − . ( z − Hx ) (cid:107) over variable x . As shown in Fig. 2, thisstep is followed by a threshold ( λ ) based bad-data detector thatdetermines the presence of bad-data by the following test: (cid:107) Σ − . ( z − Hx ∗ ) (cid:107) ≤ λ accept x ∗ > λ detect bad-data (4)If bad-data is detected, the bad-data remover is called toidentify and remove bad-data as described below. Bad-data Removal:
Using basic linear algebra[21], [22], it can be shown that the residual vector r = z − Hx ∗ = [ I − H ( H T Σ − H ) − H T Σ − ] z . Basedon the assumption that probability of bad-data affectinggreater number of locations is low, the estimator removesthe minimum number of measurements such that theremaining measurements satisfy the bad-data check inEq. (4). The optimal identification and removal schemefor multiple incorrect measurements is NP-hard [21], [13]and hence iterative or greedy schemes are used in practice. Unless otherwise stated, we assume that the unmanipulatedmeasurement vector z is clean and leads to estimation of thecorrect state vector x ∗ . Adversarial Tools and Attack Types:
Following past workin literature, we consider the adversary’s goal to produce anon-zero change in the estimated state vector x ∗ using anminimum cost attack. In reality, the adversary motivation maybe economic (Eg. creating sub-optimal prices [23]) or gridinstability (Eg. producing/hiding grid failures) or be restrictedto specific buses (Eg. targeted attacked [10]). Keeping theadversarial goal as changing the state estimate analyzes thegrid security in the strongest terms, where the grid controlleris agnostic and gives equal weight to all adversaries.We denote the secure set of measurements in z that areencrypted against adversarial data injection by S . However,measurements in S can suffer from bad-data arising frommeasurement noise. The remaining insecure measurements aredenoted by set S c . As stated in the Introduction, we considerthree adversarial tools here. Among them, data injection isdenoted by an additive vector a that modifies the measurementvector z to z + a . As secure measurements are immune todata injection, a ( i ) = 0 ∀ i ∈ S . In contrast, jamming can beconducted on both secure and insecure measurements and isrepresented by removal of the jammed measurements from z .Let p I , p S c J and p SJ denote the costs of data injection, jamminginsecure measurements, and jamming secure measurementsrespectively. Further, a permissible set of costs are assumedto follow: Assumption : p S c J ≤ p SJ ≤ p I Note that data injection involves changing meter measurementsby precisely formatted real values and following communica-tion protocols to ensure their usage at the state estimator. Inconstrast, jamming can be involved by physical [16] or cyberdestruction [15] of the meter reading. Further, an adversaryequipped with data injection can conduct jamming by insertinggarbage values into the measurements. Thus, we assume thatinjection cost p I is not less that jamming costs. Secondly,jamming a secure measurement can be considered at leastas costly as jamming an insecure measurement as securemeasurements are encrypted and may require bypassing theresident security features leading to p S c J ≤ p SJ . We assumethe adversary to know/estimate these costs from the respectiveinstrumentation and skills necessary for deployment. We showlater that the attack construction depends on the relative valuesof these adversarial costs rather than their exact values.A feasible attack refers to a successful attack; a feasibleattack with minimum attack cost is called an optimal attack.We use injection attacks to refer to attacks that use datainjection alone. For attacks that additionally use jamming ofinsecure measurements, we use the phrase jamming attacks .Attacks proposed in this work that use all three adversarialtools are termed generalized attacks . Finally, we prefix theattack denotation by its ‘type’. The two types of attacksdiscussed in this paper are defined below. efinition 1. ‘Hidden’ attack [6]: This well-studied attack is not detectedby the bad-data detector. The adversary ensures feasibility bymanipulating measurements in a way such that the measure-ment residue remains unchanged. ‘Detectable’ attack [12], [13]: This attack initially failsthe bad-data detection test but passes it after the estima-tor removes bad-data. The adversary ensures feasibility bymanipulating measurements such that the minimum set ofmeasurements that are removed to pass the detection test doesnot include all manipulated measurements. In the next section, we describe traditional attack frame-works (injection attacks and jamming attacks) that operatethrough insecure measurements only. This background willhelp analyze generalized data attacks in subsequent sections.III. D
ATA A TTACKS USING INSECURE MEASUREMENTS
We analyze both ‘hidden’ and ‘detectable’ traditional (in-jection and jamming) attacks where the adversary is limitedto attacking insecure measurements in set S c . First, we focuson injection attacks. A. Injection Attacks
Here, the adversary’s strategy is entirely represented by theinjection vector a that is added to the measurement vector z . As data injection is the only tool available, its cost p I does not influence the attack construction. Consider the caseof a ‘hidden’ injection attack. As mentioned in Definition 1,the attack is successful if it doesn’t change the measurementresidual. If a = Hc (cid:54) = 0 for some c ∈ R n +1 , this holds as (cid:107) Σ − . ( z − Hx ∗ ) (cid:107) = (cid:107) Σ − . ( z + a − H ( x ∗ + c )) (cid:107) and the stateestimate is modified to x ∗ + c . The optimal ‘hidden’ injectionattack is given by the sparest a in the following [9], [10]: min c ∈ R n +1 −{ } (cid:107) a (cid:107) (H-I)s.t. a = Hc, c ( n + 1) = 0 , a ( i ) = 0 ∀ i ∈ S ( S : Secure Set ) Next, we look at a ‘detectable’ injection attack. By Definition 1and the state estimator’s bad-data removal technique describedafter Eq. 4, it is clear that an injection vector a (cid:54) = 0 willsuccessfully change the state estimate only if removal of some k < (cid:107) a (cid:107) entries from the measurement vector is sufficient topass the bad-data detection test, while preserving observability.We describe the construction of such an injection vector a now. For any Hc (cid:54) = 0 , include more than half of the non-zeroentries in Hc in a and replace the rest by . Observe that (cid:107) a (cid:107) > (cid:107) Hc − a (cid:107) here. Thus, measurements correspondingto the non-zero terms in ( Hc − a ) are incorrectly identifiedas bad-data instead of the injected measurements in a . Afterremoval of bad-data from measurement vector and eliminationof corresponding rows from the measurement matrix H , a nowlies in the column space of the modified measurement matrixand a feasible attack is conducted. The optimal measurementsfrom Hc to include in the attack vector a are given by the unity terms in the optimal binary vector d of the following[13], [19]: min d ∈{ , } m ,c ∈ R n +1 −{ } (cid:107) d (cid:107) (D-I)s.t. c ( n + 1) = 0 , d ( i ) = 0 ∀ i ∈ S (cid:107) d (cid:107) > (cid:107) Hc (cid:107) / for feasibility ) (5) rank ( DH ) = n, diag ( D ) = − ( − d ) ∗ ( Hc ) spty (6)Here, a ∗ b refers to the element-wise multiplication betweenvector a and b , while a spty denotes the sparsity pattern invector a . In the rank constraint (6), D is a − diagonalmatrix with value of for removed measurements. We nowdescribe graph-theoretic solutions for attack construction forboth attack types. Graph-Theoretic Solution : We construct undirected graph G H with n +1 nodes and edges corresponding to measurementrows in H . We denote secure and insecure edges in G H corresponding to secure and insecure measurements in H respectively. Due to the unimodular structure of H , it canbe shown that the optimal solutions of Problems H-I or D-I remain unchanged if c is restricted to be a − binaryvector and H is replaced by the unweighted incidence matrix A H of G H . In this case, the non-zero terms in A H c in factcorrespond to a graph-cut in G H [9], [13]. Thus, the optimalattack design can be stated as a graph cut problem as describedbelow: Theorem 1. [9, Theorem 2] The optimal ‘hidden’ injection attack inProblem H-I is given by the minimum cardinality cut C ∗ in G H with no secure edges.[13, Theorem 2] The optimal ‘detectable’ injection attack inProblem D-I is given by any (cid:98) | C ∗ | / (cid:99) insecure edges in C ∗ , where C ∗ denotes the minimum cardinality cut in G H with a minority of secure edges ( | C ∗ ∩ S | < | C ∗ | / ). It follows immediately that the cost of the optimal ‘de-tectable’ injection attack is never greater than . / | C ∗ | times the cost of the optimal ‘hidden’ injection attack C ∗ .Next, we add jamming of insecure measurements to the attackframework and discuss its implications. B. Jamming Attacks
Here the adversary can jam and remove insecure measure-ments at a cost p S c J in addition to injecting data at cost p I .Note that for a non-zero change in state estimate, adversaryshould inject data into at least one insecure measurement. Thedesign of the optimal ‘hidden’ jamming attack is given by: Theorem 2.
The optimal ‘hidden’ jamming attack for allpermissible p I and p S c J is constructed by injecting data intoone edge and jamming the remaining edges in the minimumcardinality cut in G H with no secure edges. Brief Proof steps : Using Theorem 1 and p S c J ≤ p I , itis clear that the least cost ‘hidden’ jamming attack designedsing the optimal ‘hidden’ injection attack is given by Theo-rem 2. Its global optimality can be proved by contradiction.Now we look at ‘detectable’ jamming attacks as discussedin [19]. Consider a cut C in graph G H with n SC and n S c C secure and insecure edges respectively, with n S c C > n SC . UsingTheorem 1, C is feasible for a ‘detectable’ injection attack. Ifthe adversary jams k CJ < n S C C − n SC insecure measurementsin C , the remaining | C | − k CJ measurements still constitute afeasible cut with a majority of insecure edges. The adversarycan thus inject data into (cid:98) | C |− k CJ (cid:99) insecure edges in C to conduct a successful ‘detectable’ jamming attack of attackcost p C given by p C = p S c J k CJ + p I (cid:98) | C | − k CJ (cid:99) = ( p S c J − p I / k CJ + p I | C | + 2 − ( | C | − k CJ ) mod 22 (7)Note that if p S c J < p I / the attack cost p C of cut C decreaseswith increasing k CJ and is lowest at k CJ = n S c C − n SC − .Similarly, it can be shown that for p S c J ≥ p I / , the attack costis minimum at k CJ = 1 − | C | mod 2 . Using these values of k CJ in the Eq. (7) for attack cost leads to the following resulton optimal attack design. Theorem 3. [19, Theorem 2] The construction of the optimal‘detectable’ jamming attack with jamming cost p S c J and datainjection cost p I for insecure measurements is given by: . p S c J < p I / : Give weights of p I − p S c J and p S c J to secureand insecure edges respectively in G H and find the minimumweight cut C ∗ with n SC ∗ < | C ∗ | / secure edges. Use n SC ∗ insecure edges for bad-data injection and jam the otherinsecure edges. . p S c J ≥ p I / : Find the minimum cardinality cut C ∗ with aminority of secure edges in G H . Use (cid:98) | C ∗ | (cid:99) insecure edgesfor data injection and jam (1 − | C ∗ | mod 2) insecure edges. A detailed derivation of Theorem 3 is given in [19]. Themain argument is also elucidated through the example inFig. 3. To conclude, the range of permissible relative costsfor jamming insecure measurements is thus separable intotwo intervals with distinct designs for optimal ‘detectable’jamming attack.In the next section, we present our generalized attackframework that allows jamming (not data injection) of securemeasurements by the adversary.IV. D
ATA A TTACKS WITH J AMMING SECUREMEASUREMENTS
The adversary in this case has three tools (jamming se-cure measurement, jamming insecure measurement, and datainjection in insecure measurement) with distinct costs permeasurement ( p SJ , p S c J , and p I ). From Assumption , we have p S c J ≤ p SJ ≤ p I . The introduction of jamming of securemeasurements creates major changes in the adversarial strategyas it relaxes the feasibility requirements for both ‘hidden’ and‘detectable’ attacks as noted below. 𝒑 𝑺 𝒄 𝑱 ≥ 𝒑 𝑰 𝒑 𝑺 𝒄 𝑱 < 𝒑 𝑰 Jammed Data injected Insecure, untouched 𝑪: Feasible cut 𝑪 ∗ 𝑪 ∗ Lower cost Lower cost
Secure, untouched
Insecure
Secure
Fig. 3. Effect of jamming cost p S c J and data injection cost p I onthe minimum ‘detectable’ jamming attack C ∗ derived from a cut C with n SC ( < | C | / secure and n S c C insecure edges. Secure edges in the cut arecolored red while untouched, jammed and injected insecure edges are coloredwhite, blue and green colors respectively. When p S c J < p I / , attack cost canbe reduced by replacing one data injection with jamming two measurementsas shown in the cuts on the left of C . For p S c J ≥ p I / , attack cost isreduced by replacing two jammed measurements by one measurement withdata injection while leaving the other untouched as shown on the right side ofcut C . Optimal attacks C ∗ got from this replacement are given by Theorem 3. A. ‘Hidden’ Generalized Attacks
Theorem 1 and 2 states that feasible cuts for ‘hidden’injection and jamming attacks cannot include any secure edge.With the ability to jam secure measurements, this is no longernecessary. Consider a cut C with n SC secure and n S c C > insecure edges. If all n SC secure edges are removed by jam-ming, the remaining cut can provide a ‘hidden’ attack whereone insecure edge is used for data injection and the rest arejammed. The total attack cost is p SJ n SC + p S c J n S c C + ( p I − p S c J ) .The optimal attack is thus given by: Theorem 4.
Give weights of p SJ and p S c J to secure andinsecure edges respectively in G H and find the minimumweight cut C ∗ with non-zero number of insecure edges. Theoptimal ‘hidden’ generalized attack is constructed by usingone insecure edge in C ∗ for data injection and jamming theremaining cut-edges. Note that the optimal attack design here has the same formfor all relative values of jamming and injections costs. Next,we look at ‘detectable’ generalized attacks.
B. ‘Detectable’ Generalized Attacks
We study how the design of a ‘detectable’ attack changeswhen jamming of secure measurements is allowed. To do so,we consider a cut C in graph G H with n SC secure and n S c C insecure edges. We can have two cases for C : A) n SC < n S c C and B) n SC ≥ n S c C . Theorem 1 and 3 state that to conducta successful ‘detectable’ injection or jamming attack, theadversary requires graph-cuts with a majority of insecureedges (Case A). Thus, we have emma 1. A ‘detectable’ generalized attack can be con-structed from cut C having n SC secure and n S c C insecureedges if n S c C > and the adversary initially jams k SC ≥ [ n SC − n S c C + 1] + secure cut-edges, where [ a ] + = max { , a } . This step ensures that after removal of k SC jammed securemeasurements, the remaining cut has a majority of insecureedges as shown in Fig. 4. Further, jamming of secure edgescan lead to a reducing in attack cost as well. For example,if p S c J + p SJ ≤ p I , a feasible cut C ’s data injected insecureedge can be replaced with jamming of two edges in C , onesecure and another insecure to lower the attack cost. This isdemonstrated by the cut on the right side in Fig. 4. Cost reduction Infeasible Cut Jam secure
Insecure,
Jammed Data injected
Insecure, untouched
Secure, untouched
Secure Insecure
Feasible Cut
Insecure,
Jammed
Fig. 4. Effect of jamming secure measurements on design of ‘detectable’generalized attacks. The cut on the left is infeasible due to a minority ofinsecure edges. Jamming secure measurements leads to a feasible cut in themiddle. Finally for p S c J + p SJ ≤ p I , attack cost can be reduced by replacingone data injected edge with two jammed edges (one secure and one insecure). To analyze the effect of jamming cost for secure edges,we follow the approach in Theorem 3. We aim to determinethe optimal ‘detectable’ generalized attack strategy overdifferent range of costs for p I , p SJ and p S c J . We begin withthe following cost interval. Cost Interval I : [ p S c J ≥ p I / (cid:84) [ p SJ ≥ p I / Using Theorem 3 for p S c J ≥ p I / , the minimum cost attackusing the remaining | C |− k SC edges is constructed by injectingdata into (cid:98) | C |− k SC (cid:99) and jamming (1 − ( | C | − k SC ) mod 2) insecure edges. The total cost is given by: p C = p SJ k SC + p I (cid:98) | C | − k SC (cid:99) + p S c J (1 − ( | C | − k SC ) mod 2) (8)As p SJ ≥ p I / , we note that p C is increasing with k SC . UsingLemma 1, the minimum cost is achieved at k SC = [ n SC − n S c C +1] + . For Case A ( n SC < n S c C ), this gives k SC = 0 (no jammingof secure measurement), and the optimal attack is identical instructure to the optimal ‘detectable’ jamming attack for [ p S c J ≥ p I / in Theorem 3. For Case B ( n SC ≥ n S c C ), the optimal k SC equals n SC − n S c C + 1 . The attack cost thus reduces to p C = p SJ ( n SC − n S c C + 1) + p I n S c C ( using Eq. (8) )= p SJ n SC + ( p I − p SJ ) n S c C + p SJ (9)Excluding the constant term, this optimal attack cost for C inCase B is equal to its cut-weight if secure and insecure edgesare given weights p SJ and p I − p SJ respectively.As G H has cuts in both Case A and Case B, the optimal‘generalized’ attack selects the minimum cost one among theoptimal attacks for Cases A and B. This is summarized below: Theorem 5.
The optimal ‘detectable’ generalized attack in G H for the cost interval [ p S c J ≥ p I / (cid:84) [ p SJ ≥ p I / is givenby the minimum cost attack among the optimal solutions ofthe following two graph optimization problems: Problem I-A . Find the minimum cardinality feasible cut C ∗ in G H with a minority of secure edges. Use (cid:98) (1 + | C ∗ | ) / (cid:99) insecure edges for bad-data injection and jam (1 − | C ∗ | mod 2) insecure edges. Problem I-B . Give weights of p SJ and p I − p SJ to secureand insecure edges respectively in G H and find the minimumweight cut C ∗ with ( n SC ∗ ≥ | C ∗ | / secure edges and ( n S c C ∗ > insecure edges. Inject data into all insecure edgesand jam ( n SC ∗ + 1 − n S c C ∗ ) secure edges. Next we analyze cut C with n SC secure and n S c C > insecure edges in the second cost interval. Cost Interval II : [ p S c J < p I / (cid:84) [ p SJ + p S c J ≥ p I ] By Lemma 1, the adversary initially jams k SC ≥ [ n SC − n S c C + 1] + secure cut-edges leaving ( n SC − k SC ) secure and n S c C ∗ insecure edges. As p S c J < p I / , the minimumcost attack constructed from the remaining edges includesdata injection into n SC − k SC + 1 measurements and jammingthe rest of the insecure measurements (see Theorem 3). Thisgives an attack cost of: p C = p SJ k SC + p I ( n SC − k SC + 1) + p S c J ( n S c C − n SC + k SC − p SJ + p S c J − p I ) k SC + ( p I − p S c J )( n SC + 1) + p S c J n S c C (10)As p SJ + p S c J ≥ p I , the attack cost in Eq. (10) increases with k SC . The minimum attack cost is thus attained for Case A( n SC < n S c C ) at k SC = 0 , and for Case B ( n SC ≥ n S c C ) at k SC = n SC − n S c C + 1 . The corresponding attack costs are givenby: p C = ( p I − p S c J )( n SC + 1) + p S c J n S c C ( for Case A ) (11) p C = p SJ ( n SC + 1) + ( p I − p SJ ) n S c C ( for Case B ) (12)Observe that in either case, ignoring additive constants, theoptimal attack cost is given by the cut-weight of C withdistinct weights for secure and insecure measurements. Wecan thus determine the optimal ‘detectable’ generalized attackin this interval as follows: heorem 6. The optimal ‘detectable’ generalized attack in G H for the cost interval [ p S c J < p I / (cid:84) [ p SJ + p S c J ≥ p I ] isgiven by the minimum cost attack among the optimal solutionsof the following two graph optimization problems: Problem II-A . Give weights of p I − p S c J and p S c J to secureand insecure edges respectively in G H and find the minimumweight cut C ∗ with ( n SC ∗ < | C ∗ | / ) secure edges. Inject datainto ( n SC ∗ + 1) insecure edges and jam the other insecureedges. Problem II-B . Give weights of p SJ and p I − p SJ to secureand insecure edges respectively in G H and find the minimumweight cut C ∗ with ( n SC ∗ ≥ | C ∗ | / secure edges and ( n S c C ∗ > insecure edges. Inject data into all insecure edgesand jam ( n SC ∗ + 1 − n S c C ∗ ) secure edges. Finally, we look at cost interval III with low jamming costs.
Cost Interval III : [ p S c J < p I / (cid:84) [ p SJ + p S c J < p I ] As p S c J < p I / constraint is common to Interval II, thepreliminary analysis here is identical to the discussionpreceding Eq. (10) and leads to the following attack cost: p C = ( p SJ + p S c J − p I ) k SC + ( p I − p S c J )( n SC + 1) + p S c J n S c C (13)where k SC ≥ [ n SC − n S c C + 1] + is the number of jammedsecured measurements. Observe that the attack cost decreases on increasing k SC in this Interval. The minimum attack cost isthus obtained when k SC = max k SC = n SC for both Cases Aand B. The optimal attack cost for cut C is given by: p C = p SJ n SC + p S c J n S c C + ( p I − p S c J ) ( for Cases A, B ) (14)which is an additive constant away from C ’ cut-weight ifsecure and insecure edges are given weights p SJ and p S c J re-spectively. The optimal ‘detectable’ generalized attack designis given by the following theorem. Theorem 7.
The optimal ‘detectable’ generalized attack in G H for the cost interval [ p S c J < p I / (cid:84) [ p SJ + p S c J < p I ] is given by the optimal solution of the following graphoptimization problem: Problem III . Give weights of p SJ and p S c J to secure and insecureedges respectively in G H and find the minimum weight cut C ∗ with non-zero insecure edges. Inject data into one insecureedge and jam all other secure and insecure edges. To summarize, the design of the optimal ‘detectable’ gen-eralized attack can be divided into three intervals that coverthe entire range of permissible jamming and data injectioncosts as shown in Fig. 5. In Internals I (Theorem 5) and II(Theorem 6), the optimal attack is given by the minimumof two constrained graph-cut problems, while in Interval III(Theorem 7), it is given by the solution of a single problem.The following points are worth noting.1) Problems I-A and II-A pertaining to Case A in IntervalsI and II are identical to the sub-problems for designingoptimal ‘detectable’ jamming attacks in Theorem 3. .1 .2 .3 .4 .5 .6 .7 .8 .9 1.1.2.3.4.5.6.7.8.91 jamming cost in S c / injection cost in S c j a mm i ng c o s t i n S / i n j e c t i on c o s t i n S c Interval IIInterval III Interval INot permissible
Fig. 5. Separation of the range of relative costs for jamming secure ( p SJ ) andinsecure ( p S c J ) measurements into intervals with distinct formulations for opti-mal ‘detectable’ generalized attack. Interval I denotes [ p S c J ≥ p I / (cid:84) [ p SJ ≥ p I / , Interval II denotes [ p S c J < p I / (cid:84) [ p SJ + p S c J ≥ p I ] and Interval IIIdenotes [ p S c J < p I / (cid:84) [ p SJ + p S c J < p I ] . The fourth interval p SJ < p S c J isnot permissible by Assumption .
2) Problems I-B and II-B pertaining to Case B in IntervalsI and II are identical.3) Problem III in Interval III is identical to the problemof designing optimal ‘hidden’ generalized attacks inTheorem 4.The first two observations arise from the constraint p SJ + p S c J ≥ p I in Intervals I and II. This constraint restricts the optimalnumber of jammed secured measurements at the minimumnecessary for feasible attack construction, which is for cutswith majority of insecure edges. Thus Problems I-A and II-A are similar to the ones in Theorem 3. For Interval III, theconstraint p SJ + p S c J < p I implies that the attack cost canbe reduced by replacing data injection at one measurementwith jamming of a pair of insecure and secure measurementsor jamming two insecure measurements. Thus, the optimal‘detectable’ generalized attack in Interval III includes only onemeasurement with data injection and is identical to the optimal‘hidden’ generalized attack in Theorem 4.For all permissible costs as per Assumption , the reductionin attack cost as a result of jamming is shown through sim-ulations in Section VI. In addition, the next theorem presentsthe threat to grid resilience posed by generalized attacks. Theorem 8. . A system is vulnerable to generalized data attacks (both‘hidden’ and ‘detectable’) even if it contains only one insecuremeasurement. . Addition of new secure measurements alone does not preventgeneralized attacks.Proof: Consider the graph G H . As mentioned in Theo-rems 4, 5, 6 and 7, a feasible generalized attack requires a cutin G H with non-zero number of insecure edges. Such a cutoes not exist only if all measurements are secure. Hence thefirst statement holds. Addition of new secure measurementscan increase the attack cost of a cut but does not change itsfeasibility. Hence the second statement holds.It follows from Theorem 8 that the prevention of general-ized attacks needs all existing insecure measurements to be replaced with secure ones, rather than addition of new securemeasurements. This is a much stricter requirement than thatfor traditional ‘hidden’ and ‘detectable’ attacks which can beprevented by adding n and O ( m/ new secure measurementsrespectively [10], [13]. Here, n is the number of buses (ex-cluding ‘reference’ bus) and m is number of measurements inthe grid. Thus, our generalized attack framework underminesgrid resilience to data attacks and cyber adversaries beyondpreviously studied attack models. In the next section, wecomment on the hardness of designing generalized data attacksand develop approximate iterative algorithms to solve them.V. A LGORITHM F OR G ENERALIZED A TTACK C ONSTRUCTION
Consider the graph G H with sets S and S c of secure andinsecure edges respectively. The adversary is assumed to knowthe costs associated with jamming an insecure measurement,jamming a secure measurement and injecting data into aninsecure measurement, given by p S c J , p SJ and p I respectively.We first discuss algorithm for designing ‘hidden’ generalizedattacks. ‘Hidden’ generalized attacks : By Theorem 4, the optimalattack of this type is given by the minimum weight cut C ∗ withnon-zero insecure edges in G H , where secure and insecureedges have weight p SJ and p S c J respectively. Algorithm outputs the optimal attack. Algorithm 1
Optimal ‘Hidden’ Generalized Attack Design
Input:
Graph G H , Set S ( S c ) of secure (insecure) edges withedge-weights p SJ ( p S c J ) i ← , w ← ∞ while i ≤ | S c | do Pick i th edge ( s, t ) in S c . C ← minimum weight ‘ s − t ’ cut separating s and t in G H if w > C ’s weight then w ← C ’s weight, C f ← C end if i ← i + 1 end while Use C f for optimal attack in Theorem 4. Working and Complexity : In each iteration of the WhileLoop (Step 2), Algorithm picks an insecure edge in S c andfinds the minimum weight cut C that contains it. The feasiblecut C f is updated if the current cut C has lower weight.At the end of the iteration, the optimal attack is constructedby injecting data into one insecure edge and jamming therest of the edges in C f . Since, minimum ‘ s − t ’ cut can be computed using max-flow algorithm in O ( nm log( n /m )) time [27], Algorithm has polynomial time complexity of O ( | S c | nm log( n /m )) . Here n and m are number of nodesand edges in graph G H . ‘Detectable’ generalized attacks : As analyzed in the pre-vious section, the relative values of costs of jamming anddata-injection change the design of ‘detectable’ generalizedattacks. Attack construction in Interval III is identical to thatof ‘hidden’ generalized attacks and is solved in polynomialtime by Algorithm . Here, we discuss the construction ofattacks in Intervals I ( [ p S c J ≥ p I / (cid:84) [ p SJ ≥ p I / ) and II( [ p S c J < p I / (cid:84) [ p SJ + p S c J ≥ p I ] ). Theorems 5 and 6 statethat in either interval, the optimal ‘detectable’ generalizedattack is determined by solving two constrained graph-cutproblems on G H . In each of these problems (I-A, I-B, II-A and II-B), the constraint involves finding a cut C in G H of Case A( n SC < | C | / ) or Case B( n SC ≥ | C | / ) where n SC is the number of secure edges in the cut. Reference [13]states that finding a cut where edges of one kind are inmajority is equivalent to the NP-hard ‘ratio-cut’ problem [24].Thus, determining the optimal ‘detectable’ generalized attackin Intervals I and II is NP-hard in general.Now, we provide an approximate algorithm (Algorithm ) for solving constrained graph-cut problems of the formincluded in Theorems 5 and 6. Algorithm is a generalizationof an iterative min-cut based algorithm in [19], with additionalconstraints. The exact weights for secure and insecure edgesand constraint (Case A or B) are specified by the particularproblem being solved. Working and Complexity:
We describe Algorithm withgraph-cut constraint specified by Case A ( n SC < | C | / ). Theanalysis for Case B follow in a similar way. The edge-weightsof secure and insecure edges are specified by Problem I-A orII-A. Step 1 computes the minimum weight cut C in G H andchecks if it satisfies the cut constraint in Case A (Step 4).If the constraint is not satisfied, one secure edge is selectedrandomly in C and its edge-weight is increased by β (Step 5).Here β ’s value is taken as either ∞ or the secure edge-weightfor Case A (insecure edge-weight for Case B). Following this,the minimum weight cut is recomputed and checked to see ifthe cut constraint is satisfied. This process is iterated untila feasible cut is obtained or the cut-weight grows beyondthreshold γ , at which point the algorithm declares no solution.We discuss the complexity for β = ∞ and Case A.Here, the algorithm computes a maximum of | S | min-cutcomputations, one for each secure edge. Since each min-cut can be computed in O ( | n || m | + | n | log | n | ) time [28],Algorithm has a worst-case computational complexity of O ( | S || n || m | + | S || n | log | n | ) for constraint specified by CaseA.It needs to be noted that the finding the existence of afeasible cut of Case A or B is NP-hard [13] and henceobtaining the optimal cut is NP-hard as well. Thus, Algorithm for optimal attack construction is approximate and may notreturn a solution for all system configurations. Determining theapproximation gap of Algorithm will depend on approxima- lgorithm 2 ‘Minimum Weight Constrained Graph-Cut Con-struction Input:
Graph G H , Set S and S c of secure and insecureedges respectively, edge weights and Case (A or B) given byproblem (I-A, I-B, II-A or II-B), β, γ Compute min-weight cut C in G H w C ← C ’s weight if Case A then while ( w C < γ )&&(2 | C (cid:84) S | ≥ | C | ) do Pick i ∈ C (cid:84) S , increase weight by β Compute min-weight cut C in G H w C ← C ’s weight end while if | C (cid:84) S | < | C | then Construct attack for Problem using C else Declare no solution end if else while ( w C < γ )&&( | C (cid:84) S c | = 0 or | C (cid:84) S c | > | C | ) do if | C (cid:84) S c | = 0 then Pick i ∈ C (cid:84) S , increase weight by ∞ else Pick i ∈ C (cid:84) S c , increase weight by β end if Compute min-weight cut C in G H w C ← C ’s weight end while if | C (cid:84) S c | ≤ | C | then Construct attack for Problem using C else Declare no solution end if end if tions of the ratio-cut problem for feasibility and additionallyon reducing the cut-size for optimality. In the next section,we present simulation results to justify the good performanceof Algorithm in designing optimal ‘detectable’ generalizedattacks. VI. R ESULTS ON
IEEE
TEST SYSTEMS
We discuss the performance of Algorithm and Algorithm in designing ‘hidden’ and ‘detectable’ generalized attacks bysimulations on IEEE -bus and -bus test systems [20]. Ineach simulation run, we put flow measurements on all lines andphase angle measurements on (randomly selected) of thesystem buses. We vary the fraction of secure measurementsin either system, and observe its effect on average cost ofconstructing data attacks as specified by Theorems 4, 5, 6and 7. We first consider Algorithm that gives the optimal‘hidden’ generalized attack as well as ‘detectable’ generalizedattack in Interval III. Here, the costs of jamming insecure and secure measurements are taken respectively as . and . relative to the cost of injecting data into an insecuremeasurement, respecting the inequality in Assumption . Fig. 6presents the trends in average costs of ‘hidden’ injection,‘detectable’ injection and ‘hidden’ generalized attacks for theIEEE -bus and -bus test systems for configurations where‘hidden’ injection attacks are feasible. It is clearly observedthat adding jamming to the adversarial tools reduces the costof ‘hidden’ attacks greatly. In fact ‘hidden’ generalized attacksare less expensive than ‘detectable’ injection attacks which onaverage cost less than of the cost of ‘hidden’ injectionattacks [13].Next we consider Algorithm and use it to generate ‘de-tectable’ generalized attacks in Intervals I and II (see Fig. 5).For Intervals I and II specified in Fig. 5, the relative costs ofjamming an insecure measurement are respectively taken as . and . times the cost of data injection. The relative costof jamming a secure measurement to that of data injectioninto an insecure measurement is taken as . in both intervals,as per Assumption . To show the adversarial advantageof jamming secure measurements, we compare the averagecosts of ‘detectable’ generalized (DG) attacks with that of‘detectable’ jamming (DJ) attacks in each case. Fig. 7 presentsthe average DG and DJ attack costs for the IEEE -bus and -bus test systems in cases with feasible ‘hidden’ injectionattacks. It can be observed that though jamming of securemeasurements reduces the average attack costs, its effect ismore pronounced in Interval I where cost of jamming aninsecure measurement is higher. Similarly, Fig. 7 demonstratesthe trends in average DG and DJ attack costs for the samesystems, but by considering cases with feasible ‘detectable’injections attacks. Even in this case, the cost improvement inDG over DJ attacks is greater in Interval I.Note that the rise in attack cost with increase in the fractionof secure measurements in the system is greater in Fig. 8than in Fig. 6 and Fig. 7. This disparity is due to the factthat in Figs. 6 and 7, we only record attack costs for systemconfigurations with feasible ‘hidden’ injection attacks. As thenumber of such configurations decreases rapidly with increas-ing number of secure measurements, we end up averaging overfewer configurations leading to lower recorded average attackcosts. The number of feasible configurations for ‘detectable’injection attacks does not decrease as rapidly, hence Fig. 8 hascost curves with steeper slopes in general.VII. C ONCLUSION
We introduce ‘generalized’ data attacks on state estimationin this paper. In our attack framework, an adversary usesthree tools with distinct costs: jamming of encrypted (se-cure) measurements, data injection and jamming of insecuremeasurements to optimize the cost and expand the scope oftraditional data attacks in literature. We consider both ‘hidden’and ‘detectable’ data attacks and present novel graph-cut basedformulations for construction of optimal generalized attacksof each type. We show that the optimal ‘hidden’ attack with .5 0.55 0.6 0.65 0.7 0.75 0.811.522.5 Fraction of secure measurements in the system A v e r age c o s t o f op t i m a l a tt a cks w hen ‘ h i dden ’ i n j e c t i on a tt a ck e x i s t s ‘hidden’ injection attack, 14−bus‘detectable’ injection attack, 14−bus‘hidden’ generalized attack, 14−bus‘hidden’ injection attack, 57−bus‘detectable’ injection attack, 57−bus‘hidden’ generalized attack, 57−bus Fig. 6. Average cost of ‘hidden’ injection, ‘detectable’ injection and ‘hidden’generalized attacks (when ‘hidden’ injection attack exists) produced byAlgorithm on the IEEE and bus test systems with flow measurementson all lines, phasor measurements on of the buses and protection on afraction of measurements selected randomly. The cost of data injection ( p I )is taken as . The costs of jamming an insecure measurement ( p S c J ) and asecure measurement ( p SJ ) are taken as . and . respectively. A v e r age c o s t o f op t i m a l D J and D G a tt a cks i n I n t e r v a l s I and II w hen ‘ h i dden ’ i n j e c t on a tt a ck e x i s t s DJ, 14−bus, Interval IDG, 14−bus, Interval IDJ, 14−bus, Interval IIDG, 14−bus, Interval IIDJ, 57−bus, Interval IDG, 57−bus, Interval IDJ, 57−bus, Interval IIDG, 57−bus, Interval II
Fig. 7. Average cost of ‘detectable’ generalized (DG) and ‘detectable’jamming (DJ) attacks (when ‘hidden’ injection attack exists) in Cost Intervals Iand II, produced by Algorithm (with finite β ) on the IEEE and bus testsystems with flow measurements on all lines, phasor measurements on of the buses and protection on a fraction of measurements selected randomly.In Interval I and II, the costs of jamming an insecure measurement are takenas . and . respectively. The costs of jamming a secure measurement anddata injection are taken as . and respectively in both intervals. adversarial jamming is given by the minimum weight graph-cut where the edge-weights for secure and insecure measure-ments are based on the costs of jamming and data injectionin the system. We prove that the optimal ‘hidden’ attack withjamming is exactly constructed using a polynomial time min-cut based algorithm. For ‘detectable’ attacks, we show that the A v e r age c o s t o f op t i m a l D J and D G a tt a cks i n I n t e r v a l s I and II w hen ‘ de t e c t ab l e ’ i n j e c t i on a tt a ck e x i s t s DJ, 14−bus, Interval IDG, 14−bus, Interval IDJ, 14−bus, Interval IIDG, 14−bus, Interval IIDJ, 57−bus, Interval IDG, 57−bus, Interval IDJ, 57−bus, Interval IIDG, 57−bus, Interval II
Fig. 8. Average cost of ‘detectable’ generalized (DG) and ‘detectable’ jam-ming (DJ) attacks (when ‘detectable’ jamming attack exists) in Cost Intervals Iand II produced by Algorithm (with finite β ) on the IEEE and bus testsystems with flow measurements on all lines, phasor measurements on of the buses and protection on a fraction of measurements selected randomly.In Interval I and II, the costs of jamming an insecure measurement are takenas . and . respectively. The costs of jamming a secure measurement anddata injection are taken as . and respectively in both intervals. entire range of relative costs for data injection and jamming ofsecure and insecure measurements can be divided into threeseparate intervals, each with distinct ‘constrained graph-cut’based optimal attack construction. We present approximate al-gorithms that use iterative min-cut computations to determinethe optimal ‘detectable’ attack in each interval. Due to the abil-ity to jam secure measurements, our generalized frameworkhas very relaxed constraints on attack feasibility comparedto traditional models. This reduces the cost of ‘hidden’ and‘detectable’ attacks as well as increases adversarial immunityagainst grid security. Specifically, we show that our general-ized data attacks are even feasible for systems with a singleinsecure measurement and hence are not prevented by addingnew secure measurements. We present simulation results ofour proposed attack framework on IEEE test cases for differentcosts of adversarial tools and discuss the performance of ouralgorithms. Jamming of secure measurements indeed severelyweakens grid security by reducing attack cost and expandingattack feasibility significantly over that of traditional dataattacks. Techniques to efficiently prevent generalized attacksby improving state estimation and theoretical analysis ofthe performance of our designed approximate algorithms aredirections of our future work in this domain.R EFERENCES[1] A. G. Phadke, “Synchronized phasor measurements in power systems”,
IEEE Comput. Appl. Power , vol. 6, 1993.[2] S. Gorman, “Electricity grid in U.S. penetrated by spies”,
Wall St. J.
International Journal of Critical Infrastructure Protection , 2012.[6] Y. Liu, P. Ning, and M. K. Reiter, “False data injection attacks againststate estimation in electric power grids”,
Proc. ACM Conf. Comput.Commun. Security , 2009.[7] T. Kim and V. Poor, “Strategic Protection Against Data Injection Attackson Power Grids”,
IEEE Trans. Smart Grid , vol. 2, no. 2, 2011.[8] O. Vukovic, K. C. Sou, G. Dan, and H. Sandberg, “Network-awaremitigation of data integrity attack on power system state estimation”,
IEEE Journal on Selected Areas in Communications , vol. 30, no. 6, 2012.[9] D. Deka, R. Baldick, and S. Vishwanath, “Optimal Hidden SCADAAttacks on Power Grid: A Graph Theoretic Approach”,
ICNC , 2014.[10] D. Deka, R. Baldick, and S. Vishwanath, “Data Attack on StrategicBuses in the Power Grid: Design and Protection,
IEEE PES GeneralMeeting , 2014.[11] O. Kosut, L. Jia, R. J. Thomas, and L. Tong, “Limiting false data attackson power system state estimation”,
Proc. Conf. Inf. Sci. Syst. , 2010.[12] J. Kim, L. Tong, and R. J. Thomas, “Data Framing Attack on StateEstimation with Unknown Network Parameters”,
Asilomar Conferenceon Signals, Syst., and Computers , 2013.[13] D. Deka, R. Baldick, and S. Vishwanath, “Data Attacks on the PowerGrid DESPITE Detection”,
IEEE PES Innovative Smart Grid Technolo-gies , 2015. Available at: http://arxiv.org/abs/1505.01881[14] F. Pasqualetti, F. Dorfler, and F. Bullo, “Attack detection and identifica-tion in cyber-physical systems”,
IEEE Transactions on Automatic Control ,vol. 58, 2013.[15] L. Shichao, L. P. Xiaoping, and S. E. Abdulmotaleb, “Denial-ofservice(dos) attacks on load frequency control in smart grids”,
IEEE PESInnovative Smart Grid Technologies
IEEE InfocomCCSES Workshop , 2014.[18] D. Deka, R. Baldick, and S. Vishwanath, “One Breaker is Enough:Hidden Topology Attacks on Power Grids”,
IEEE PES General Meeting ,2015. Available at: http://arxiv.org/abs/1506.04303[19] D. Deka, R. Baldick, and S. Vishwanath, “Optimal Data At-tacks on Power Grids: Leveraging Detection & MeasurementJamming”,
IEEE Smartgridcomm
Kluwer Academic Publishers , 1999.[22] A. Abur and A. G. Exposito, “Power System State Estimation: Theoryand Implementation”,
CRC , 2000.[23] L. Xie, Y. Mo, and B. Sinopoli, “False data injection attacks in electricitymarkets”,
IEEE SmartGridComm , 2010.[24] M. R. Garey and D. S. Johnson, “Computers and Intractability: A Guideto the Theory of NP-Completeness”,
W. H. Freeman , 1979.[25] S. Boyd and L. Vandenberghe, “Convex Optimization”,
CambridgeUniversity Press , 2004.[26] M. X. Goemans and D. P. Williamson, “Improved approximation al-gorithms for maximum cut and satisfiability problems”,
Journal of theACM , vol. 42, 1995.[27] A. V. Goldberg and R. E. Tarjan, “A new approach to the maximum-flowproblem”,
Journal of the ACM , vol. 35, 1988.[28] M. Stoer and F. Wagner, “A simple min-cut algorithm”,