This article has been accepted for publication in a future issue of this journal, but has not been
fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2018.2804669, IEEE
Transactions on Industrial Informatics
Deep Learning Based Interval State Estimation of
AC Smart Grids against Sparse Cyber Attacks
Huaizhi Wang, Member, IEEE, Jiaqi Ruan, Guibin Wang, Member, IEEE, Bin Zhou, Senior Member, IEEE,
Yitao Liu, Member, IEEE, Xueqian Fu, Member, IEEE, Jianchun Peng, Senior Member, IEEE
Abstract—Due to the aging of electric infrastructures, conven-
tional power grid is being modernized towards smart grid that en-
ables two-way communications between consumer and utility, and
thus more vulnerable to cyber-attacks. However, due to the attack-
ing cost, the attack strategy may vary a lot from one operation sce-
nario to another from the perspective of adversary, which is not
considered in previous studies. Therefore, in this paper, scenario
based two-stage sparse cyber-attack models for smart grid with
complete and incomplete network information are proposed. Then,
in order to effectively detect the established cyber-attacks, an in-
terval state estimation (ISE) based defense mechanism is devel-
oped innovatively. In this mechanism, the lower and upper bounds
of each state variable are modeled as a dual optimization problem
that aims to maximize the variation intervals of the system varia-
ble. At last, a typical deep learning, i.e., stacked auto-encoder
(SAE), is designed to properly extract the nonlinear and non-sta-
tionary features in electric load data. These features are then ap-
plied to improve the accuracy for electric load forecasting, result-
ing in a more narrow width of state variables. The uncertainty
with respect to forecasting errors is modeled as a parametric
Gaussian distribution. The validation of the proposed cyber-attack
models and defense mechanism have been demonstrated via com-
prehensive tests on various IEEE benchmarks.
Index Terms—Cyber physical power system, false data injec-
tion attack, state estimation, deep learning, smart grid security.
I. INTRODUCTION
Since the beginning of the 21st century, electric power grid
on which modern society depends has been undergoing signifi-
cant adjustments. Concretely, growing concerns with respect to
climate change and global warming from fossil fuel-fired power
plants have led to a desire to widely-use of renewable energy.
Meanwhile, the requirement for sophisticated control system
becomes a pressing need to facilitate the integration of all com-
ponents involved. In addition, due to the rapid falling cost, the
centralized electric grid is moving forward to a highly-distrib-
uted grid, with power being balanced immediately at the local
level [1]. These adjustments, coupling with technology im-
provements, create a deeply-intertwined smart gird that is a
combination of physical infrastructures, such as substations and
transmission lines, and complicated cyber assets [2]. In general,
This work is jointly supported by National Natural Science Foundations of
China (51707123, 51507103, 51477104), Natural Science Foundations of
Guangdong Province (2017A030310061, 2017A030310317,
2015A030310316, 2016A030313041) and the Foundation of Shenzhen Sci-
ence and Technology Committee (JCYJ20170302153607971).
H. Wang, J. Ruan, G. Wang (Corresponding Author), Y. Liu and J. Peng
are with the College of Mechatronics and Control Engineering, Shenzhen
University, Shenzhen 518060, China (e-mail: wanggb@szu.edu.cn).
B. Zhou is with the College of Electrical and Information Engineering, Hu-
nan University, Changsha 410082, China (e-mail: binzhou@hun.edu.cn).
X. Fu is with the College of Information and Electrical Engineering, China
Agricultural University, Beijing 100083, China (e-mail: fux-
ueqian@cau.edu.cn).
1551-3203 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
1
smart grid exhibits high system efficiency, reliability and sus-
tainability because of various adopted distribution intelligences,
bi-directional communications and additional advancements.
However, the building infrastructures in smart grid are being
confronted with various security issues and have been proved
to be very vulnerable to well-coordinated cyber-attacks [3],
threatening the economic and secure health of the Nations [4].
Up to date, the existing studies with regard to cyber-attack on
smart grid can be categorized into two groups. One group con-
centrates on how to availably launch an unobservable cyber-at-
tack from the perspective of adversaries. False data injection
attack [5], load redistribution attack [6], network topology at-
tack [7], denial of service attack [8] and transmission line rating
attack [9] were proposed to fulfill various attacking objectives,
such as illegal financial profit [10]. These stealthy cyber-attacks
were launched through compromising the measurement equip-
ment or invading the data transmission process and energy man-
agement system (EMS) [11], with complete and incomplete net-
work information. However, most of these attacks were mod-
eled and constructed based on direct current (DC) model and
may thus contribute to a large residual to AC state estimation
[12]. Another demerit over the existing attack models is that the
operation scenarios are generally not considered. In reality, sys-
tem scenario remains continuously changing over time due to
various factors, such as the variation of electric load, preference
of operators and connectivity of the power network [13]. Con-
sequently, the attack strategy may vary significantly from one
operation scenario to another while maintaining sparsity for
constructing an attack vector, because each attack on any meas-
urement spot has risk to be detected. Therefore, the design of
cyber-attacks based on AC grid model under different operation
scenarios would help us to understand the in-depth of cyber se-
curity and thus deserves further investigations and endeavors.
The cyber-attacks on smart grid may obscure the control cen-
ter into taking erroneous reasoning, lead to transmission con-
gestion, or even cause catastrophic blackouts following cascad-
ing failures [14]. The second group of the researches focus on
detecting cyber-attacks and characterizing their consequences
on state estimates, from three aspects, i.e., physical security,
communication security and information security [15]. Physical
security aspect aims to optimally locate a set of basic measure-
ments or phasor measurement units (PMU), ensuring that power
grid is immune from cyber-attacks [16]. Concerns at communi-
cation security are widely-reflected in various cryptography
techniques, such as encryption, authentication and data aggre-
gation [17], to recognize measurement corruptions. With re-
gards to information security, statistical [18] and non-statistical
methods [19] based state estimators were proposed to track real
power system dynamics reliably, in presence of kinds of mali-
cious attacks. However, these presented detection strategies are
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2018.2804669, IEEE
Transactions on Industrial Informatics
2

either reliant on redundant measurement schemes with addi-
tional investment cost, or designed for a specific network topol-
ogy [20]-[21]. Even more, a lengthy pre-training process is re-
quired for several proposals to determine a few thresholds so
that the deviations from nominal operating states can be approx-
imated [18]. Last but not least, due to the ever-evolving nature
of the attack threats, the existing anomaly detecting approaches
may not be comprehensive for all kinds of attacks, especially
for those constructed on account of operation scenarios.
Recognizing these limitations and challenges above, this pa-
per is devoted to investigating a cyber-attack modeling of AC
grids and its corresponding defense mechanism. Compared
with existing studies on similar topics, the contributions of this
paper are mainly summarized as below. At first, operation sce-
nario based two-stage sparse cyber-attack models of AC grid
with complete and incomplete network information are origi-
nally proposed. The first stage is developed to perform AC OPF
and so to characterize the behaviors of the power network. The
second stage determines the minimal subset of contaminated
meters over several scenarios such that a specific line can be
overloaded. Secondly, temporal correlation is generally exhib-
ited in nodal states with the evolving of system changes because
the variations in smart grid, such as load demands, have time
series characteristics. Consequently, if nodal states can be prior
approximated based on the temporal correlation, any cyber-at-
tack would evidently compel the approximate nodal states to be
more or less deviated, thus making cyber-attacks be recogniza-
ble. Based on this analysis, a novel interval state estimator is
ingeniously developed and then applied to detect measurement
anomaly. In this estimator, the outer bounds for each state var-
iable are modeled as a dual nonlinear programming problem,
subjected to power balance constraints and electric load uncer-
tainties. For each state variable, any deviation that does not fall
within its bounds could be viewed as an abnormal condition,
possibly indicating a data manipulating.
The accuracy of the proposed defense mechanism for detect-
ing anomaly in principle relies on the electric load uncertainties
that can be statistically evaluated by applying various forecast-
ing methods. Specifically, more accurate results for electric
and benefits of the scenario based cyber-attack strategy and ISE
based defense mechanism have been extensively demonstrated
on IEEE benchmarks. The obtained results reveal the inner at-
tacker’ behaviors and also highlight the significance and ur-
gency of defending power systems against cyber-attacks.
II. OPERATION SCENARIO BASED CYBER ATTACK MODEL
To evade the residual test in dispatch center, attack strategy
should be designed to completely satisfy the underlying system
model [27]. However, most of the attack models were generally
constructed based on simplified DC model and may thus be in-
accurate and not general [28]. In addition, attackers would be
inclined to contaminate as few measurements as possible to set
up an attack with least efforts [29]. Moreover, an attacker may
adopt the most vulnerable scenario to launch a high sparse at-
tack because the system vulnerability is varied over time [30].
Therefore, understanding these behaviors of attackers is criti-
cally significant so that appropriate countermeasures can be fur-
ther designed to either beforehand protect the system being im-
mune from attacks or precisely identify the cyber-attacks in real
time. Consequently, in this paper, operation scenario based two-
stage sparse cyber-attack models of AC grid with complete and
incomplete network information is originally proposed to fully
accommodate the above-mentioned realistic issues.
A. Attack Model with Complete Network Information
Here, we assume that the attacker has pre-knowledge of the
real-time topology and parameters of the entire power network,
including line impedance and generator cost function. In addi-
tion, the attacker is able to get access to historical load pattern
and generation dispatch. Moreover, we also assume that the at-
tacker has the capability to perform OPF. With these assump-
tions, the operation scenario based two-stage attack model with
complete network information can be formulated. In stage I, AC
OPF is performed to approximately evaluate all the measure-
ment values. Stage II is applied to minimize the L0-norm of the
attack vector, expressed as:
Stage I:  Pit , Qit , Pijt , Qijt   arg min  k  f1k  PGkt   f 2 k  QGkt   (1)
G

load forecasting (ELF) could mitigate electric load uncertainties s. t.: E Vit ,  it , PGkt , QGkt , Lit   0 (2)
and thus improve the effectiveness of the defense mechanism.
F Vit ,  it , PGkt , QGkt , Lit   0 (3)
Therefore, advanced ELF approach is also of a pressing need.
So far, three typical methodologies, including physical model- Stage II: Objective min zt  h  xt  0
(4)
ing [22], statistical methods [23] and soft-computing based in-
telligent algorithms [24], were implemented for ELF. However, s. t.: 
it  G cos   B sin  
a
P  P   j V V
it
B
a
it
a
jt ij
a
ijt ij
a
ijt (5)
almost all these three types of methodologies adopt shallow Q Q   
V V  G sin   B cos  
a a a a a
(6)
it it it jt ij ijt ij ijt
learning models as their core of iterative principle [25]. The j B

nonlinear features and invariant structures in electric load data a 2

P  P   V  G  V V  G cos   B sin  

ijt
a
ijt it ij
a
it
a
jt ij
a
ijt ij
a
ijt (7)
may not be fully extracted by these shallow models. Recently,
a 2
deep learning, as a new branch of machine learning, has at- Q  Q  V  B  V V  G sin   B cos  

ijt
a
ijt it ij
a
it
a
jt ij
a
ijt ij
a
ijt (8)
tracted much attentions and been applied in a variety of fields,
such as data mining and wind speed forecasting [26]. Previous Vi min  Vita  Vi max (9)
studies demonstrate that deep learning is capable of unfolding P min
 P P  P a max
Gk kt kt Gk (10)
the nonlinear features and hidden structures in time series data
min  a max
from the lowest level to the highest level when compared to Q Gk  Q Q  Q
kt kt Gk (11)
shallow learning models. Therefore, the third contribution of 2 2
this paper is that a typical deep learning, i.e., SAE, is introduced P 
lt  Plta    Qlt  Qlta   S lmax (12)
and designed for ELF to mitigate its inherent uncertainty and where and ∗ ∗
are the optimal active- and reactive power
thus to narrow down the width of state variables, making ISE injections at the ith bus under tth scenario, i∈ΩB, ΩB is the set
based defense mechanism be more effective. The validations
of system buses, t∈ΩS, ΩS is the set of operation scenarios.

1551-3203 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2018.2804669, IEEE
Transactions on Industrial Informatics
Here, a scenario is an operational status of smart grid at a given
moment [13]. In reality, system operational status is
continuously varied over time because of the load patterns,
preference of system operators and connectivity of the power
network. In this paper, to simplify the analysis of the problem,
load pattern is considered as the only factor that affects scenario.
∗
and ∗ are optimal active- and reactive power flow from
the ith bus to the jth bus under tth scenario. In addition, f1k( ) elements is suggested as the final optimal cyber-attack strategy.
and f2k( ) are the cost functions of the kth active- and reactive
power generators, k∈ΩG, ΩG is the set of generators. E(•) and
F(•) are the equality and inequality constraints in OPF. Vit, θit,
and Lit are the voltage magnitude, phase angle and system load.
, , and are the incremental changes in bus
power injections and line power flows for attack construction
[31]. Moreover, xt is the state vector, including bus voltage
magnitudes, that are and , and phase angle deviation
after implementing the constructed attack. h(xt) is the
vector functions (5)-(8) that specify the relationships between
the constructed attack and state variables. zt represents a
measurement vector that includes real bus power injections, i.e.,
Pit and Qit, and real power flow measurements, i.e., Pijt and Qijt.
Furthermore, Gij and Bij denote real- and imaginary parts of
nodal admittance matrix. and are the lower and
upper limits for Vi. , , and are the kth
generator’s active- and reactive power capacity limits.
represents the apparent power limits for lth branch, l∈ΩL, ΩL
is the set of transmission lines.
Given a scenario t, network topology, all the bus loads and
generation costs are required to be determined at first. Then,
stage I is implemented by the attacker to observe the values of
all the measurements, i.e., ∗ , ∗ , ∗ and ∗ . Afterwards,
the attacker alters the incremental changes in bus power
injections and line flows, that are , , and , to
construct an attack so as to contaminate state variable xt. At last,
the attack model in stage II is solved sequentially to minimize
the number of nonzero elements in attack vector, i.e., the L0-
norm of (zt-h(xt)), because each nonzero element in (zt-h(xt))
indicates one more measurement spot required to be
manipulated. In other words, the purpose of the attack model is
to maximize the number of zero-valued elements in (zt-h(xt))
and so the attack vector exhibits high-sparsity.
While, to solve (4)-(12), there are two problems required to
be addressed beforehand. One problem is how to deal with the
small-valued nonzero elements in the attack vector from (1)-
(12). As presented in [32], these nonzero elements could be
treated as noise if they are within the variance range of the
measurement noise. Hence, in this paper, only the elements with
values being larger than the noise are considered as non-zero
elements. Another problem is that the L0-norm objective (4) is
nonconvex and NP hard and thus very difficult to be solved. So
far, DC model based linear L0 norm problem was solved by
using various methods, such as nuclear norm minimization [2],
matrix transformation [3] and least absolute shrinkage and
selection operator [33]. However, these methods cannot be
directly applied to deal with the AC model based nonlinear L0
norm problem in (4). Recently, several studies found that the
L0-norm minimization can be relaxed to L1-norm minimization
for sparse attack evaluation and promising results were
presented [30], [34]. Therefore, in this paper, we solve the
1551-3203 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
3
relaxed L1-norm problem for sparse attack construction.
The attack vector under a scenario is estimated by solving the
model (1)-(12). Obviously, the attack vector would be different
in various scenarios because the estimated operational status of
smart grid varies with the load patterns. Considering a set of
scenarios ΩS, e.g., 96 scenarios over a day with 15-minutes
interval, the most sparse attack vector in ΩS with least non-zero
B. Attack Model with Incomplete Network Information
Like most previous studies, the attack model in (1)-(12)
strongly assumes that the attacker is kind of omnipotent and has
all-encompassing knowledge of the network information, such
as grid topology and line parameters. However, in reality, get-
ting access to all these information comes at an unbearable cost
and effort for attackers because they are generally kept confi-
dential and highly secured in dispatch center. Therefore, con-
sidering attackers with incomplete network information is of a
more realistic scenario [35]. Motivated by this, a novel scenario
based two-stage sparse cyber-attack model with incomplete net-
work information is proposed, as follows:
Stage I: (1)
s. t.: (2)-(3)
xdt  xdt0 C
(13)
Stage II: Objective min zt A  h  A  xt  (14)
0
s. t.: (5)-(8), (9), (10)-(11), (12), (13)
℧
where and ℎ℧ ( ) are the measurements and vector
℧
functions in the attacking region. is the state variables of
the boundary buses that connect the attacking region and non-
attacking region. is the initialized state values of boundary
buses. The use of (13) is to guarantee that the values of bound-
ary nodal states consisting of voltage magnitudes and phase an-
gles remain unchanged [36] after implementing an attack to by-
pass traditional residual test. In addition, in the attack model
with incomplete information, bus i should be confined within
the attacking region, i.e., i∈℧ . Likewise, j∈℧ , k∈℧ and l
∈℧ are also required, ℧ , ℧ and ℧ are the sets of buses,
generators and lines in the attacking region, respectively.
In the attack model (14), the system topology and line
parameters in attacking region, and values of boundary state
variables are required to be determined for constructing an
attack, without any pre-knowledge of the non-attacking region.
The values of boundary state variables could be obtained by
either intruding into the dispatch center or applying quasi-
regional state estimation [37]. The most important advantage of
the model (14) is that the attacking region can be chosen freely
according to the interests of the attackers. Consequently, the
most sparse attack vector in the set of pre-determined scenarios
ΩS is taken as the final optimal cyber-attack strategy.
By solving the two-stage model, i.e., (4) or (14), the attackers
can successfully launch a cyber-attack, in which the redundant
measurements are observed within their normal operating levels
and no extra gross error is produced. Therefore, the launched
attack is stealthy to system operators but well-coordinated to
overload a given line. Line overflow is usually used for
vulnerability analysis because it can make the system be more
vulnerable and may in principle lead to catastrophic blackouts
with devastating economic damage [38]. The two-stage attack
models can also be implemented to overload multiple lines by
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2018.2804669, IEEE
Transactions on Industrial Informatics
adding more line capacity constraints (12). The target lines
could be selected to minimize the number of attacking nodes
[39] or to destabilize the grid. In addition, all the measurements
in the proposed attack models are assumed to be attackable. If
some of them cannot be attacked, such as the generator output
measurements and bus injection measurements of zero injection
buses [6], the two-stage models can still be implemented by
putting extra restraints on the set of unattackable measurements,
e.g., all the incremental changes of the unattackable
measurements for constructing an attack are set to zero.
The two-stage attack models require the estimates of bus
power injections and line power flows by performing OPF, and
thus differ from the cyber-attacks against OPF [40]-[42] in three
aspects. At first, the attack models in this paper are formulized
based on AC model. While, the attacks against OPF are
established based on DC model that may bring in detectable
errors. Secondly, the attackers may take advantage of operation
scenarios to construct an optimal attack. To better understand
the potential behaviors from the attackers’ point of view,
operation scenario is considered in our attack models but not
considered in the attacks against OPF. Thirdly, the purpose of
the attack models in this paper is to overload a given line (12)
by contaminating least measurements. While, the attacks
against OPF are designed to minimize the fuel cost by
manipulating only the power injection measurements. These
three aspects contribute to the novelties of the proposed attacks.
III. DEEP LEARNING BASED INTERVAL STATE ESTIMATION
To reliably detect operation scenario based cyber-attacks, an
interval state estimator is proposed in this section. This estima-
tor synthesizes deterministic state values and probabilistic state
uncertainties to approximate the outer bounds of state variables.
The deterministic state values are obtained by applying OPF to
accommodate supply and forecasted load economically. And
the probabilistic state uncertainties are evaluated by modeling
the outer bounds of state variables as a dual nonlinear program-
ming problem. The proposed ISE mainly consists of deep learn-
ing based electric load forecast, OPF, forecast uncertainty mod-
eling, state uncertainty evaluation and interval state estimation,
as illustrated in Fig.1. The status- and analog measurements in
supervisory control and data acquisition (SCADA) are cycli-
cally performed to update the network topology and system pa-
rameters [18]. In addition, the generation schedule information
in real-time market is also required for OPF. The details of each
subpart and their inter-relationships are given as below.
Fig.1 Overview of the proposed interval state estimator.
A. Deep Learning Based Electric Load Forecast
In the proposed ISE, the outer bounds of state variables rely
on the accuracy for ELF. More accurate ELF results would
further narrow down the width of state variables such that the
possibility for detecting data manipulating can be properly
increased. Conventional ELF approaches generally adopt
1551-3203 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
4
shallow learning models as their training principles [25].
However, it is found that these models may not be adequate to
discover the hidden features and invariant structures in time
series data [43]. Therefore, deep learning with powerful feature
extraction capability is more attractive for ELF. In this paper,
SAE, as a typical deep learning, based ELF is innovatively
proposed to improve the forecasting accuracy. This approach is
a hybrid of an unsupervised learning subpart with auto-encoder
(AE) as its building block and a logistic regressor for prediction.
A AE is a feed-forward, non-recurrent neuron network that
aims to reproduce its own inputs. In general, an AE consists of
a encoder and a decoder. The encoder takes the input u∈ℝd into
the hidden layer to generate a latent map y∈ℝh [44]. Then, the
decoder maps latent variables y to a reconstruction output u' of
the same size as u. The encoder and decoder are described as:
y   Wu  b  (15)
u '   W ' y  b '  (16)
where u and u' represent the inputs and outputs, respectively. W
and W' are the input-to-hidden and hidden-to-output weights, b
and b' correspond to their biases, σ is an activation function. The
model parameters of AE, i.e., weights and biases, are trained by
minimizing the error between the inputs and outputs, as follows:
2
W , W ', b, b '  arg min 
u   W '  Wu  b    b '  (17)
It should be noted that the decoder in AE only uses latent
variables in hidden layer to perfectly reconstruct the original
inputs, which means that the latent variables retain adequate
information for the inputs. Therefore, the learned nonlinear
transformation, defined by these model parameters in hidden
layer, can be viewed as an advanced feature extractor [45].
Namely, this extractor is able to effectively preserve the hidden
abstract features and invariant structures in data. This is the
reason why we choose SAE for ELF.
Stacking the encoder in AE hierarchically creates a SAE by
taking the learned features in current encoder as the input of an
adjacent upper encoder. The decoders as well as their model
parameters are discarded. Specifically, considering a SAE, the
first layer is trained as an independent AE with the inputs as the
training dataset. Once the model parameters in first layer have
been determined, the hidden layer of the first AE and the
adjacent hidden layer above is treated as a new AE and trained
likewise. In this way, multiple AEs can be stacked by layer-
wisely executing the encoding rule of each layer in a forward
order, and a SAE is thus formulated. Afterwards, a standard
predictor, i.e., logistic regressor, is required to be added on the
topmost layer of SAE so as to apply deep SAE for ELF. A
typical instance of a 3-layer SAE with a subsequent regressor is
illustrated in Fig.2. Accordingly, the entire model parameters
throughout the deep architecture are required to be slightly
adjusted in a supervised way until the loss function reaches its
minimum. This adjustment process is referred as fine-tuning. In
general, back-propagation algorithm is adopted to complete the
fine-tuning process. Consequently, once the optimal states of all
the model parameters are obtained, the proposed deep SAE
architecture can be applied for ELF.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2018.2804669, IEEE
Transactions on Industrial Informatics
5

NS 2
 =  i 1   ri  y   i   -M    N S -1 (21)
Therefore, according to statistics, given a confidence level
100(1-α)%, the error distribution for ELF can be formulated as
a prediction interval with lower and upper bounds, described as:
 Llow ,Lup    -1 2  , 1 2   (22)
 
where ∆ and ∆ denote the lower and upper bounds of
an electric load noise, κ is the critical value for Г. The square
bracket in (22) means that the elements in it are one-to-one
match from equation left to equation right. From (22), it can be
seen that the electric load uncertainty under a given confidence
level is able to be formulated as an interval with specific bounds.
Fig.2 A typical instance of the proposed deep SAE architecture for ELF. D. State Uncertainty Evaluation
B. Optimal Power Flow The nodal states are approximated in Section III-B by per-
In power system, OPF represents the problem of determining forming OPF with the forecasted load. However, these approx-
the best operating levels for generators to balance supply and imated nodal states would suffer from more or less fluctuations
forecasted load, with the objective of minimizing operating cost. because there always have forecasting errors for ELF. Thus, to
In the ISE method, OPF is used to obtain the median values of distinguish normal fluctuations from abnormal consequence
state variables. As shown in Fig.1, real-time network topology after an cyber-attack, an novel uncertainty evaluation model is
and system parameters from SCADA measurements, genera- proposed to assess the outer bounds of the variations of state
tion schedule information from real-time market and forecasted variables. The uncertainty evaluation model is a series of dual
electric load are fed as the inputs to OPF module. With these nonlinear programming problems, expressed as:
information, the optimal generation set points could be deter- Objectives:   x t ,  x t    min eT  xt ,min -eT  xt  (23)
 
mined by applying interior point method to automatically adjust
the output of generators subjected to power balance constraints. S.t.: Pit  PGit  PDit   jB VitV jt  Gij cos ijt  Bij sin ijt  (24)


Thereafter, solving power flow equations via Newton-Raphson

Qit  QGit  QDit   j VitV jt  Gij sin ijt  Bij cos ijt  (25)
method leads to the deterministic state values, i.e., voltage mag- B

nitudes and phase angles throughout the grid. These estimated  i PGit   i PDit  Ploss (26)
B B
magnitudes and angles are latterly used for ISE.
C. Forecast Uncertainty Modeling
 i QGit   i QDit B
(27)
B

In Section III-A, we focus on developing more accurate point  Pit, low   PDit   Pit, up (28)
 
forecaster for ELF. However, the forecasting errors for ELF are  Qit , low   QDit   Qit , up (29)
inevitable due to the chaotic nature of the climate system, (3)
making power system be deviated from its optimal operating where ∆ and ∆ are the lower- and upper bounds of the
states. Hence, the forecasting errors should be approximately
γth state variable under the tth scenario, γ∈ΩΓ, ΩΓ is the set of
modeled at first, before we quantify the deviations of system
states. Considering a given model for ELF, the forecasting state variables. In addition, ⃗ is a vector with the value of 1
errors are mainly caused by data noise because electric load data for the γth element and 0 for others, ΔPGit, ΔPDit and ΔQDit are
always exhibits strong stochastics. The noise has a significant generation variation, active- and reactive power variations of
negative impact on forecasting accuracy so that it is difficult to the ith bus, ΔPloss is the incremental change in power loss.
be evaluated in a deterministic manner [46]. Thus, we model ∆ , and ∆ , are the lower and upper limits for active
data noise as a probabilistic Gaussian distribution that relies on load variation under a given confidence level α, ∆ , and
its inputs, as follows, ∆ , correspond to the limits for reactive load variation.
       M     ,      (18) Equation (23) consists of two independent objectives at the
where ε(χ) represents a data noise with a given input χ, Г same time. Both objectives are subjected to the constraints (3),
denotes a Gaussian distribution with mean Mε and variance . (24)-(29), and applied to evaluate the lower and upper variation
It should be noted that the data noise model (18) can also fit bounds of the γth state variable, respectively. In addition, (28)-
other shapes of distributions with competitive performance. (29) describe that all load variations should be within their
predetermined bounds. These bounds are statistically assessed
Given the results from SAE based forecaster , the error
by applying data noise analysis (18)-(22). In addition, (24)-(25)
dataset DSdn for data noise analysis is obtained as:
are power injection constraints, and (26)-(27) specify that the

DSdn  r1  y  1  ,..., rNS  y  NS  (19) sum of the output variations for all generators should be equal
where Ns and r are the number of error samples and real load to the total variations of system consumption. Moreover, (3)
demand. Then, the mean and variance of the error dataset are denotes all other inequality constraints that should be
statistically evaluated as [47]: considered here, including voltage limit constraints, generator
NS capacity constraints and transmission line capacity constraints.
M  =  i 1  ri  y  i   N S (20)

1551-3203 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2018.2804669, IEEE
Transactions on Industrial Informatics
6

E. Interval State Estimation

Based on the above analysis, it is clear that the deterministic
state values and probabilistic state uncertainties could be ap-
proximated by performing OPF and state uncertainty evaluation
model (23), respectively. Therefore, by synthesizing these two
types of quantities, the outer bounds of state variables under a
given scenario t can be evaluated accurately, as follows:
 x t , x t    x t   x t , x t + x t  (30)
where xγt is the deterministic state value of the γth bus, and
and correspond to its lower and upper variation bounds.
With these outer bounds, a novel defense mechanism for
anomaly state detecting is designed accordingly, as given below.
IV. ISE BASED DEFENSE MECHANISM
Generally, once an attacker successfully launched a cyber-
attack by injecting malicious measurements, the state estima-
tion results would no doubt be modified. However, due to the Fig.3 The flowchart of the proposed ISE based defense mechanism.
temporal correlations of electric load, the variation of each state
variable would be limited within specified bounds, as expressed V. NUMERICAL RESULTS AND ANALYSIS
in (30). Therefore, if the approximated nodal states from con- In this section, the efficiency and benefits of the operation
ventional state estimator do not fall within their corresponding scenario based sparse cyber-attack and ISE based defense
pre-determined bounds obtained from the proposed ISE method, mechanism have been extensively tested and benchmarked on
an alarm for anomaly in the measurement data should be raised IEEE 9-bus, 14-bus, 30-bus and 118-bus systems.
to indicate a high possibility of data manipulating. Accordingly, A. Investigations on Attack Strategy
based on this analysis, a novel defense mechanism against
1) Experimental settings: In this subsection, the proposed
sparse cyber-attack is proposed, described as follows,
 attack model with complete network information are tested on

Alarm  O x t   x t , x t ，    (31) 
IEEE 9-bus and 14-bus systems, and model with incomplete in-
where denotes the estimated nodal states from conven- formation are investigated on IEEE 30-bus and 118-bus sys-
tems, respectively. The attacking regions in IEEE 30-bus and
tional state estimator, O denotes ‘or’ operator that means that
118-bus systems are shown in Fig.4(a)-(b). The line parameters
any estimated nodal state that lies beyond its bounds would trig-
and topologies in all the four test systems are from matpower
ger the Alarm whose value is true or false.
[50]. All these test systems are assumed to be fully observable
The advantages of the ISE based defense mechanism are
with their respective measurements that are listed in Table I.
multifold. At first, this mechanism can be integrated in conven-
For each test system, two additional meters are installed at the
tional bad data detector and doesn’t need any additional redun-
slack bus to measure its voltage magnitude and phase angle.
dant measurements and protection strategies [48]. Therefore,
The meter placements for the four test systems are from [51].
very less investment is required. Secondly, the proposed de-
With these meters, the dimensions of the parameters in (1)-(14)
fense mechanism is much generalized because no assumptions
could be determined. Take IEEE 9-bus system as an example,
with respects to the nature of attacks and system topology have
the dimensions of measurement vector zt and system state xt are
been made. Thirdly, the ISE based mechanism requires no pre-
24×1 and 17×1, respectively. ΩB and ΩG are set to 9 and 3.
training process to determine the detection thresholds when
Meanwhile, h(xt) has the same dimension with zt. In addition,
compared to several previous studies, e.g., [12], [18] and [49].
the operation scenarios for the four test systems, in which the
These thresholds in our method, i.e., the outer bounds of nodal
load points are required to follow designated load patterns, are
state variables, are automatically approximated step by step by
generated by performing OPF every 15-minutes. Moreover, the
taking advantage of the temporal correlations in electric load
L0-norm objectives, i.e., (1) and (13), are relaxed to L1-norm
data. Note that the deep SAE also should be pre-trained to de-
minimization problems and solved by using yalmip [52]. The
termine its parameters. However, here, SAE is applied to com-
number of maximum iterations is set to 300. Meanwhile, any
plete the ELF task. The pre-training process for ELF is neces-
small-valued element below 1e-4 is viewed as an element with
sary for all defense mechanisms in EMS, including those in [12],
the value of 0. The proposed attack models are implemented in
[18] and [49]. Last but not least, the proposed mechanism ex-
Matlab R2014a and carried out on a PC with an Core(TM) i7-
hibits high accuracy due to the adopted deep SAE that is applied
6700 CPU and a RAM of 32.00 GB.
to narrow down the width of state variable fluctuations. The
flowchart of the proposed defense mechanism is given in Fig.3.

1551-3203 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2018.2804669, IEEE
Transactions on Industrial Informatics
7

Fig.7 Attacks under a workday for IEEE 14-bus, 30-bus and 118-bus systems.
60
Overload 1 line Overload 1 line
Overload 2 lines Overload 2 lines
50
Overload 3 lines Overload 3 lines
Fig.4 Incomplete network topologies for IEEE systems and daily load profiles. Overload 4 lines Overload 4 lines
40
TABLE I Overload 5 lines Overload 5 lines

THE MEASUREMENT PLACEMENTS FOR DIFFERENT TEST SYSTEMS 30

Test System 9-bus 14-bus 30-bus 118-bus
20
Num. of lines 9 20 41 186
Num. of state variables 17 27 59 235 10

Num. of injection measurements 8 14 30 78

0
Num. of flow measurements 14 34 46 222 6 10 15 20 25 30 35 40 45 48 5 10 15 20 25

2) Numerical results: A series of simulations are conducted
to demonstrate the feasibility of the proposed attack models. At
first, it is assumed that all load points in the four test systems
follow the same typical daily load curves, including the curves
from a workday (Apr.20), a weekend (Mar.21) and a holiday
(Jan.1), as shown in Fig.4(c). The three daily load curves are
collected from a real transmission company in Dongguan 2016,
China. For IEEE 9-bus system, the attack strategy is designed
under the workday to overload lines 4-9 or 5-6. The number of
contaminated meters varied with the daily scenarios and the
residuals before and after the attacks are presented in Fig.5. The
number of contaminated meters is used as the evaluation metric
because a smaller set of these meters leads to a lower attacking
cost. In addition, the contaminated meters with respect to the
attacks designed to overload lines 3-6 or 7-8 under the typical
weekend and holiday are shown in Fig.6. We also present the
Fig.8 Sparsity of the attacks for overloading multiple lines.
However, the results from Figs.5-8 may not be general
because the daily load curves may differ substantially even for
workdays due to the chaotic nature of the weather system.
Therefore, to simulate the scenarios in real power industries,
three workdays, including a rainstorm workday (Apr. 12), a
cloudy workday (Jul. 21) and a sunny workday (Nov.28), are
considered. Taking IEEE 14-bus system as the test system, on
the given workdays, we assume that the load points at buses 2-
4, 5-7, 8-10 and 11-14 follow four different load patterns from
Changan (CA), Chashan (CS), Fenggang (FG), Humen (HM)
towns in Dongguan 2016, as shown in Fig.9. These four towns
have very different economic structures and gross domestic
products. The attacks are constructed to overload the lines 2-4,
4-9 or 7-8, and their contaminated meters are shown in Fig.10.
0.8
CA
1 0.8

attack strategies under the workday on IEEE 14-bus, 30-bus and 0.7 CS
FG
0.8
0.7

0.6 0.6
118-bus systems, as depicted in Fig.7. The above attacks are HM
0.6
0.5
0.5
designed to overload a single line, which may be of very limited 0.4
0.4
0.4

threat because power system operates in an N-1 secured state. 0.3 0.3
0.2
As presented in Section II-B, the proposed attack models can 0.2 0.2

also be implemented to overload multiple lines. The sparsity of 0.1

20 40 60 80
0
20 40 60 80
0.1
20 40 60 80

the attack strategies under the workday for overloading multiple

Fig.9 Four load patterns from CA, CS, FG and HM on three typical workdays.
lines on IEEE 14-bus and 118-bus systems is illustrated in Fig.8. 30
Rains torm
Cloudy
45
Sunny
25
28
35

26
15
25

24
15

5
22 20 40 60 80
20 40 60 80 20 40 60 80

Fig.10 Attacks with different weather conditions for IEEE 14-bus.

Fig.5 Attack strategies under a workday and residuals for IEEE 9-bus system.
Fig.6 Attack strategies under a weekend and holiday for IEEE 9-bus system.
3) Analysis: From Fig.5, it is clear that the attack strategies
are more or less varied with different scenarios. This suggests
that it is necessary to consider the impact of operation scenarios
on attacking behaviors, which is generally omitted in previous
studies. In addition, it can be seen that all the residuals, no mat-
ter it is the residual before or after an attack, have the same
magnitude of orders, i.e., they all are around the value of 0.5e-
8 per unit and below the value of 1.5e-8 per unit. This implies
that the redundant measurements in power system could not
contribute any recognizable residuals when there have stealthy
cyber-attacks and thus the attacks strategies from the proposed
models would not be detected by conventional residual test.
Moreover, we checked all the residuals after the attacks in

1551-3203 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2018.2804669, IEEE
Transactions on Industrial Informatics
8

Figs.5-7 and found that all attacks would bypass traditional re-
sidual tests. These residual tests demonstrate that the proposed
cyber-attack models are invisible for power systems and further
prove the feasibility of the proposed attack models.
From Figs.5-7, it is evident that the variation trends for the
presented attack strategies over the scenarios can be categorized
into three classes. In the first class, the number of meters
required to be tampered with is roughly proportional to the load
level, such as the attacks to overload lines 5-6 in Fig.5(a), 1-5
in Fig.7(a), and 4-5 in Fig.7(c). The second class is the attack
strategies in which the number of contaminated meters varied
inversely with the load levels to some extent, such as the attacks
to overload lines 4-9 in Fig.5(a), 6-12 in Fig.7(a), and 5-11 in
Fig.7(c). The last class belongs to the attacks in which the
variation of the number of contaminated meters is not obvious.
Here, we counted the number of attacks for each class and the
results are statistically tabulated in Table II. In this Table, the
success rates for bad data detecting (SRBDD) in all the cases
amount to 0%, indicating none of the attacks could be identified
in traditional bad data detector. These statistical results further
demonstrate the feasibility of the proposed attack models.
Additionally, note that few attack models in some cases have
no solutions. This is because the generator capacity constraints
(7)-(8) cannot be satisfied to overload the given lines. In
addition, it also can be seen from Table II that in the workday,
the percentages of the three attack classes are 39.29%, 41.07%
and 12.50%, respectively. In the weekend and holiday, the
percentages correspond to 32.14%, 37.50%, 23.21% and 5.36%,
26.79%, 51.79%, respectively. These results indicate that the
behaviors of an attacker are varied significantly with scenarios
and locations of the lines. Understanding these behaviors would
help us to further improve the cyber security of smart girds.
TABLE II
THE STATISTICAL RESULTS FOR EACH ATTACKING CLASS
Test systems Typical day Sum
First
class
Second
class
Third
class
Workday (Apr.20) 9 6 2 0
IEEE 9-bus
Weekend (Mar.21) 9 5 0 3
system
Holiday (Jan.1) 9 1 0 6
Workday (Apr.20) 20 5 12
IEEE 14-
bus system
Weekend (Mar.21) 20 5 10
Holiday (Jan.1) 20 0 5
Workday (Apr.20) 8 4 2 2
IEEE 30-
bus system
Weekend (Mar.21) 8 4 2 2
Holiday (Jan.1) 8 0 1 6
IEEE 118-
Workday (Apr.20) 19 7 7
Weekend (Mar.21) 19 4 9
bus system
Holiday (Jan.1) 19 2 9
Fig.8 explains how the sparsity of the attacks varies with the
number of overloading lines. Any point in this figure represents
a percentage ratio of the attack samples for contaminating a
given number of meters to the total samples. IEEE 14-bus
system has 20 lines and so the total numbers of the samples for
overloading 1-5 lines are C120-C520, respectively. From Fig.8(a), it
is clear that a small number of contaminated meters is required
for most of the samples with 1 overloaded line. Meanwhile, as
the number of overloaded lines increases, the percentage of the
samples requiring more contaminated meters increases. This is
also true for IEEE 118-bus system in which there are 19 lines
in the attacking region. Therefore, we can conclude that the
sparsity of the attack strategies from the proposed models
would be reduced when more lines are required to be attacked.
From Fig.10, it can be seen that the attack strategies differ a
lot with the overloading lines and scenarios, which is consistent
with the observations from Figs.5-7. In addition, considering
overloading a given line, it is apparent that the profiles of the
attacks vary with different weathers and climates, but exhibit
more or less similar variation trends. For example, all the three
attack profiles under three different types of weather in Fig.10(b)
have a high quantity of contaminated meters around the 40th
and 60th scenarios and a low quantity around the 20th scenarios.
This is understandable because their load patterns in Fig.9 are
different but have similar variation trends. Therefore, the results
in Fig.10 illustrate that the proposed attack models can be
applied in practice with more complex scenarios, in which the
load patterns with different weather conditions reflect the real
demands faced by power industries.
B. Investigations on Defense Mechanism
1) Experimental settings: In this subsection, the efficiency
of the ISE based defense mechanism is comprehensively tested.
In reality, the proposed mechanism can be executed at any time
scale. However, for simplicity, we cyclically update the defense
mechanism every 15-minutes in order to accommodate the sce-
narios adopted in Section V-A. We also assume that all system
topologies and line parameters remain unchanged over the typ-
ical days. A 6-layers of SAE is properly designed to fulfill the
load forecast task. The input parameters of the SAE architecture
are time series load data at previous 12 time steps. The numbers
of hidden neural in each layer are set to 30, 45, 20 and 15. The
output of the 6-layer SAE is the forecasted electric load data at
current time step. All the model parameters, including the
weights and biases, are initialized between 0-1 and trained
based on the layer-wise pre-training and fine-tuning process.
The training dataset of electric load are also collected from
Dongguan and covers the whole year of 2016 with a 15-minutes
resolution. Apparently, there are 35040 time series data and
35028 samples for training. Every 50 samples are viewed as a
batch and used to update all the parameters once based on their
aggregated gradient descents until they meet their optimal states.
No solu-
tion
SRBDD The whole pre-training process only use the existing optimiza-
1 0%
1 0%
tion tools in Matlab, such as fmincon, and thus no computa-
2 0% tional bottlenecks are expected. On our experimental platform,
1 2 0%
3 2 0% the pre-training process only takes 12 minutes and 16 seconds,
13 2 0%
0 0%
which is far less than the time for completing the length pre-
0 0% training processes in several previous studies [12], [18] and [49].
1 0%
4 1 0% This is because these pre-training processes have to regenerate
5 1 0%
7 1 0% many scenarios by performing economic dispatch in order to
determine their thresholds. Once the model parameters in SAE,
i.e., weights W and biases b, are determined, the forecasting er-
rors over the training dataset are modeled as a Gaussian distri-
bution. The mean and variance of this distribution are calculated
from (20)-(21). Then, the outer bounds of the electric load are
quantified by assigning the confidence level a value of 95%, i.e.,
α=0.05 and κ=0.8352. At last, the uncertainties in each state
variable can be evaluated by solving (23)-(30) and the defense
mechanism could be used for anomaly detecting by performing
(31). It is worth to note that the proposed defense mechanism
has few parameters to be determined beforehand, only includ-
ing the parameters in SAE, the confidence level α and topology
information that is already existed in EMS. Therefore, this de-
fense mechanism is very suitable for real-time implementations.
2) Numerical results: Firstly, it is assumed that all the active
and reactive variations are limited at 10% of their given demand
within 15-minutes. We also assume that the attacker adopts the
optimal attack vector over a typical day, which is the vector
with least contaminated meters, to implement the attack. For

1551-3203 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2018.2804669, IEEE
Transactions on Industrial Informatics
9

instance, considering IEEE 9-bus system, the attack in Fig.5(a)

at the 35th scenario under the workday, i.e., at 8:45am, to over-
load line 4-9 is launched. The interval state estimation results
detected by using the proposed defense mechanism are pre-
sented in Fig.11. Similarly, the defense mechanism is per-
formed to identify the optimal attack to overload line 5-6 and
the interval estimation results are illustrated in Fig.12. In addi-
tion, Fig.13 presents the interval results after attacking line 7-8
over the typical weekend. Considering IEEE 14-bus and 30-bus Fig.13 Interval state estimation results after attacking line 7-8 in fig6(a).
system, the interval estimation results corresponding to their
optimal attack strategies over the workday are presented in
Figs.14-15, respectively.
In this paper, SAE is applied to improve the accuracy for ELF
and thus shorten the width of the variation of state variables,
making anomaly states be easier for detection. The forecasting
performances of SAE over the training dataset in 2016 are eval-
uated by mean absolute percentage error (MAPE) and presented
in Table III. The forecasting results from persistence method,
back-propagation (BP) algorithm and shallow support vector Fig.14 Interval state estimation results after attacking line 6-12 in fig7(a).
machine (SVM) are also given for comparison. Obviously, the
average of MAPE from SAE based approach is 3.51% and that
from SVM is 5.10%. Here, the MAPE represents the variation
bound of electric load within 15 minutes. With these two quan-
tities, the intervals on IEEE 14-bus system after we implement
the optimal attack to overload line 7-8 over the sunny workday
are presented in Fig.16. And the interval results on IEEE 118-
bus system are graphically illustrated in Fig.17. The above in-
terval results may not be practical because the forecasting devi-
ations of electric load from real loads may fluctuate in a large

Voltage in p.u
extent. Therefore, annual predictions of electric load in CA, CS, Fig.15 Interval state estimation results after attacking line 2-5 in fig7(b).
1.08 0
FG and HM towns and Dongguan city over the whole year of Normal states
Abnormal states for SVM and DL
2016 are extensively carried out. SAE is adopted as the fore- 1.06 -2 Abnormal states only for DL

casting approach. The maximum, minimum and average values

1.04 -4
of MAPE over 2016 are statistically tabulated in Table IV. Ob-
viously, the maximum MAPE of the five electric load datasets 1.02 -6
is 13.77%, which means that the maximum variation of the elec- LB from SVM
1 -8
tric load within 15-minutes is 13.77%. The maximum MAPE UB from SVM
LB from DL

occurs at the 46th scenario. Under this scenario, we count the 0.98
UB from DL
-10
1 2 3 4 5 6 7 8 9 10 11 12 13 14 1 2 3 4 5 6 7 8 9 10 11 12 13 14
abnormal states on IEEE 118-bus system after we implemented

Voltage in p.u
several cyber-attacks. In addition, the impacts of electric load Fig.16 Interval state estimation results after attacking line 7-8 in fig9(c).
1.06 35
variations on the number of abnormal states are also analyzed Normal states
Abnormal states for SVM and DL
and the results are partly plotted in Fig.18. Abnormal states only for DL

1.04 30

1.02 25

1 20
1 20 40 60 80 100 1 20 40 60 80 100
Bus No. Bus No.
Fig.17 Interval state estimation results after attacking line 11-13 in fig7(c).
Fig.11 Interval state estimation results after attacking line 4-9 in fig5. 6 7
Line 1-3
6 Line 3-5
5
Line 4-11
5 Line 5-11
4 Line 13-15
4 Line 8-5
3
3

2
2

1 1

0 0
5 10 15 20 25 30 35 40 5 10 15 20 25 30 35 40

Fig.12 Interval state estimation results after attacking line 5-6 in fig5. Fig.18 The plot of the number of abnormal states varied with the load variations.
TABLE III

1551-3203 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2018.2804669, IEEE
THE ANNUAL MAPE OF DIFFERENT FORECASTING APPROACHES
Spring Summer Autumn Winter
Persist. 6.90% 7.11% 8.85% 6.26%
BP 5.35% 6.27% 6.40% 5.74%
SVM 4.88% 5.41% 5.69% 4.42%
DL 2.93% 3.56% 3.72% 3.83%
TABLE IV
THE STATISTICAL MAPE FROM SAE BASED ELF APPROACH
CA CS FG HM
Max 13.77% 7.35% 12.04% 12.73%
Min 0.00% 0.06% 0.11% 0.04%
Average 4.22% 2.39% 3.36% 3.81%
3) Analysis: From Fig.11, it is clear that 11 state variables
consisting of 3 voltage magnitudes and 8 phase angles fall out
of their interval bounds. This means that the proposed defense
mechanism is very valid to detect the anomaly states caused by
sparse cyber-attacks. In addition, the interval profiles of state
variables in Figs.12-13 are very similar because the imple-
mented attacks are under two scenarios at the same time, i.e.,
47th scenarios. It is clear that many estimated state variables fall
beyond their interval bounds with dash lines. Therefore, it can
be concluded that for a given power system, the proposed de-
fense mechanism exhibits robustness to identify various sparse
attacks over different scenarios. Moreover, all the red multipli-
cation symbols in Figs.13-15 demonstrate that the proposed de-
fense mechanism are very effective to detect the anomaly states
for systems with different topologies. Note that the number of
state variables beyond the outer bounds in Figs.14-15 is rela-
tively smaller than the numbers in Figs.11-13. This is because
IEEE 9-bus system has fewer generators and electric load points.
From Table III, it is clear that the SAE based approach per-
forms the best among the four algorithms. This is because of the
nonlinear features and invariant structures in electric load data
that cannot be fully modeled by shallow learning models, such
as BP and SVM. Contrarily, the primary advantage of SAE is
the compact representation of the input parameters, which leads
SAE to learn in a layer-wise manner that offers an effective way
to extract the deep inherent features and high-level invariant
structures in time series data. This advantage accounts for the
relatively better performance of the SAE based forecasting
method. In addition, from Figs.16-17, it can be found that more
accurate results for ELF are capable to narrow down the width
of the bounds of state variables. It is apparent that deep SAE
can hugely increase the number of abnormal state variables. For
example, in Fig.16, SVM based interval state estimator is able
to discover 6 anomaly states, while deep SAE based estimator
can find 11 anomaly states. Therefore, the probability for de-
tecting data manipulating can be hugely increased by using the
SAE based estimator. This demonstrates the necessity for the
use of deep learning. Moreover, it is obvious that the widths of
the intervals in Fig.16 are narrower than the widths in Fig.14.
This is because the variations of the electric load in Fig.16 are
set based on the forecasting results from SVM and SAE.
Fig.18 presents that all the cyber-attacks can be effectively
detected when the electric load variation within 15-minutes is
13.77%. This is due to that at least one abnormal state falls be-
yond the interval bounds. For example, an abnormal voltage
magnitude is found after we implement the attack on line 13-15.
In addition, when the electric load fluctuates in a large extent,
e.g., more than 15%, some attacks are capable to bypass the in-
terval estimation without triggering any alarm for anomaly.
Even worse, our simulations indicate that none of the sparse at-
tacks could be identified by using the proposed defense mecha-
nism if the electric load variation is up to 40%. However, the
1551-3203 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
Transactions on Industrial Informatics
10
ISE based mechanism adopts the forecasting deviation of elec-
Average
7.28% tric load from real load as the value of load variation. The fore-
5.94% casting deviation is evaluated by applying data noise analysis
5.10%
3.51% (18)-(22) and updated every 15-minutes. Therefore, although
the daily electric load variation may fluctuate in a large extent,
e.g., more than 40%, the load variations within 15-minutes are
Dongguan
13.26% much smaller. Table IV lists the statistical MAPEs over the
0.01%
3.51%
whole year of 2016 and shows that the maximum value of load
fluctuation within 15-minutes is 13.77%. Therefore, the pro-
posed defense mechanism is very effective for anomaly detec-
tion because all attacks could be detected when the load varia-
tion is within 13.77%.
In order to further demonstrate the effectiveness of the pro-
posed defense mechanism, all the attack strategies presented in
Table II are launched and checked. We found that for any im-
plemented attack, at least one anomaly state falls beyond the
intervals obtained from the proposed defense mechanism,
which means that the success percentage for detecting data ma-
nipulating is up to 100%. In other words, all the attacks have
been successfully detected by using the proposed defense
mechanism. These results further demonstrate that the ISE
based mechanism is valid for attacks with various scenarios,
different system topologies and environmental conditions.
VI. CONCLUSIONS
In this paper, operation scenario based sparse cyber-attack
models with complete and incomplete network information are
innovatively proposed. In addition, a ISE based defense
mechanism is developed to detect the possibility for data
manipulating. The feasibility and effectiveness of the proposed
attack models and defense mechanism have been demonstrated
on various IEEE test benchmarks. From the numerical results,
we can conclude that operation scenario may be exploited by
attackers to construct an optimal attack and thus should be
considered in sparse attack modeling because the attack vectors
may vary a lot in different scenarios. Meantime, the case studies
show that the ISE based defense mechanism is 100% effective
to detect the anomaly states caused by the attacks proposed. The
proposed mechanism not only requires less investment and no
assumptions on system topologies and attack types, but also
exhibits high detection accuracy because of the adopted deep
learning for ELF. It has been demonstrated that the deep
learning is able to narrow down the width of intervals of state
variables, and the success rate for detecting data manipulating
is thus hugely increased. In addition, we also show that the
proposed defense mechanism is also valid when the forecasting
deviation of electric load reaches its maximum. These results
reveal the vulnerability of power systems and further highlight
the necessity for updating of traditional bad data detector.
Our potential future works will be focused on developing an
algorithm for solving the L0-norm minimization problem, im-
proving the statistical accuracy for forecast uncertainty model-
ing and incorporating more attacks to check the robustness of
the proposed defense mechanism. Moreover, the defense mech-
anism with renewable energy is also considered as one of our
future plans because a high penetration of renewable energy in
smart grid is highly expected.
REFERENCES
[1] A. S. Zaher et al., "Enhanced situational awareness and decision support
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2018.2804669, IEEE
Transactions on Industrial Informatics
for operators of future distributed power network architectures," 2016
IEEE PES Innovative Smart Grid Technologies Conference Europe
(ISGT-Europe), Ljubljana, 2016, pp. 1-6.
[2] L. Liu, M. Esmalifalak, Q. Ding, V. A. Emesih and Z. Han, "Detecting
False Data Injection Attacks on Power Grid by Sparse Optimization," in
IEEE Transactions on Smart Grid, vol. 5, no. 2, pp. 612-621, March 2014.
[3] Y. Liu, P. Ning, and M. K. Reiter, "False data injection attacks against
state estimation in electric power grids," in Proc. 16th ACM Conf. Comput.
Commun. Security, Chicago, IL, USA, Nov. 2009, pp. 21-32.
[4] G. Liang, S. R. Weller, J. Zhao, F. Luo and Z. Y. Dong, "The 2015 Ukraine
Blackout: Implications for False Data Injection Attacks," in IEEE Trans-
actions on Power Systems, vol. 32, no. 4, pp. 3317-3318, July 2017.
[5] Q. Yang, J. Yang, W. Yu, D. An, N. Zhang and W. Zhao, "On False Data-
Injection Attacks against Power System State Estimation: Modeling and
Countermeasures," in IEEE Transactions on Parallel and Distributed Sys-
tems, vol. 25, no. 3, pp. 717-729, March 2014.
[6] Y. Yuan, Z. Li and K. Ren, "Modeling Load Redistribution Attacks in
Power Systems," in IEEE Transactions on Smart Grid, vol. 2, no. 2, pp.
382-390, June 2011.
[7] J. Zhang and L. Sankar, "Physical System Consequences of Unobservable
State-and-Topology Cyber-Physical Attacks," in IEEE Transactions on
Smart Grid, vol. 7, no. 4, pp. 2016-2025, July 2016.
[8] Z. Tan, A. Jamdagni, X. He, P. Nanda and R. P. Liu, "A System for De-
nial-of-Service Attack Detection Based on Multivariate Correlation Anal-
ysis," in IEEE Transactions on Parallel and Distributed Systems, vol. 25,
no. 2, pp. 447-456, Feb. 2014.
[9] H. Ye, Y. Ge, X. Liu and Z. Li, "Transmission Line Rating Attack in Two-
Settlement Electricity Markets," in IEEE Transactions on Smart Grid, vol.
7, no. 3, pp. 1346-1355, May 2016.
[10] L. Xie, Y. Mo and B. Sinopoli, "Integrity Data Attacks in Power Market
Operations," in IEEE Transactions on Smart Grid, vol. 2, no. 4, pp. 659-
666, Dec. 2011.
[11] J. Ni, K. Zhang, K. Alharbi, X. Lin, N. Zhang and X. S. Shen, "Differen-
tially Private Smart Metering With Fault Tolerance and Range-Based Fil-
tering," in IEEE Transactions on Smart Grid, vol. 8, no. 5, pp. 2483-2493,
Sept. 2017.
[12] G. Chaojun, P. Jirutitijaroen and M. Motani, "Detecting False Data Injec-
tion Attacks in AC State Estimation," in IEEE Transactions on Smart Grid,
vol. 6, no. 5, pp. 2476-2483, Sept. 2015.
[13] Y. Fu, M. Liu and L. Li, "Multiobjective Stochastic Economic Dispatch
With Variable Wind Generation Using Scenario-Based Decomposition
and Asynchronous Block Iteration," in IEEE Transactions on Sustainable
Energy, vol. 7, no. 1, pp. 139-149, Jan. 2016.
[14] S. Pal; B. Sikdar; J. Chow, "Classification and Detection of PMU Data
Manipulation Attacks Using Transmission Line Parameters," in IEEE
Transactions on Smart Grid, vol.PP, no.99, pp.1-1.
[15] O. Beg; T. Johnson; A. Davoudi, "Detection of False-data Injection At-
tacks in Cyber-Physical DC Microgrids," in IEEE Transactions on Indus-
trial Informatics, vol. 13, no. 5, pp. 2693-2703, Oct. 2017.
[16] T. T. Kim and H. V. Poor, "Strategic Protection Against Data Injection
Attacks on Power Grids," in IEEE Transactions on Smart Grid, vol. 2, no.
2, pp. 326-333, June 2011.
[17] A. Barenghi, L. Breveglieri, I. Koren and D. Naccache, "Fault Injection
Attacks on Cryptographic Devices: Theory, Practice, and Countermeas-
ures," in Proceedings of the IEEE, vol. 100, no. 11, pp. 3056-3076, Nov.
2012.
[18] A. Ashok; M. Govindarasu; V. Ajjarapu, "Online Detection of Stealthy
False Data Injection Attacks in Power System State Estimation," in IEEE
Transactions on Smart Grid, vol.PP, no.99, pp.1-1.
[19] J. Zhao, G. Zhang, M. La Scala, Z. Y. Dong, C. Chen and J. Wang, "Short-
Term State Forecasting-Aided Method for Detection of Smart Grid Gen-
eral False Data Injection Attacks," in IEEE Transactions on Smart Grid,
vol. 8, no. 4, pp. 1580-1590, July 2017.
[20] R. Deng, G. Xiao, R. Lu, H. Liang and A. V. Vasilakos, "False Data In-
jection on State Estimation in Power Systems—Attacks, Impacts, and De-
fense: A Survey," in IEEE Transactions on Industrial Informatics, vol. 13,
no. 2, pp. 411-423, April 2017.
[21] G. Liang, J. Zhao, F. Luo, S. R. Weller and Z. Y. Dong, "A Review of
False Data Injection Attacks Against Modern Power Systems," in IEEE
Transactions on Smart Grid, vol. 8, no. 4, pp. 1630-1638, July 2017.
[22] L. Li, K. Ota and M. Dong, "When Weather Matters: IoT-Based Electrical
Load Forecasting for Smart Grid," in IEEE Communications Magazine,
vol. 55, no. 10, pp. 46-51, OCTOBER 2017.
[23] Y. Chakhchoukh, P. Panciatici and L. Mili, "Electric Load Forecasting
Based on Statistical Robust Methods," in IEEE Transactions on Power
1551-3203 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
11
Systems, vol. 26, no. 3, pp. 982-991, Aug. 2011.
[24] K. Zor, O. Timur and A. Teke, "A state-of-the-art review of artificial in-
telligence techniques for short-term electric load forecasting," 2017 6th
International Youth Conference on Energy (IYCE), Budapest, 2017, pp.
1-7.
[25] Huaizhi Wang, Haiyan Yi, Jianchun Peng, Guibin Wang, Yitao Liu, Hui
Jiang, Wenxin Liu, Deterministic and probabilistic forecasting of photo-
voltaic power based on deep convolutional neural network, In Energy
Conversion and Management, Volume 153, 2017, Pages 409-422.
[26] C. Y. Zhang, C. L. P. Chen, M. Gan and L. Chen, "Predictive Deep Boltz-
mann Machine for Multiperiod Wind Speed Forecasting," in IEEE Trans-
actions on Sustainable Energy, vol. 6, no. 4, pp. 1416-1425, Oct. 2015.
[27] R. Deng, G. Xiao and R. Lu, "Defending Against False Data Injection At-
tacks on Power System State Estimation," in IEEE Transactions on Indus-
trial Informatics, vol. 13, no. 1, pp. 198-207, Feb. 2017.
[28] X. Liu; Z. Li, "False Data Attacks Against AC State Estimation With In-
complete Network Information," in IEEE Transactions on Smart Grid ,
vol. 8, no. 5, pp. 2239-2248, Sept. 2017.
[29] J. Hao, R. J. Piechocki, D. Kaleshi, W. H. Chin and Z. Fan, "Sparse Mali-
cious False Data Injection Attacks and Defense Mechanisms in Smart
Grids," in IEEE Transactions on Industrial Informatics, vol. 11, no. 5, pp.
1-12, Oct. 2015.
[30] J. Liang, L. Sankar and O. Kosut, "Vulnerability Analysis and Conse-
quences of False Data Injection Attack on Power System State Estima-
tion," in IEEE Transactions on Power Systems, vol. 31, no. 5, pp. 3864-
3872, Sept. 2016.
[31] Z. Qin, Q. Li and M. C. Chuah, "Defending against Unidentifiable Attacks
in Electric Power Grids," in IEEE Transactions on Parallel and Distrib-
uted Systems, vol. 24, no. 10, pp. 1961-1971, Oct. 2013.
[32] J. Hao, R. J. Piechocki, D. Kaleshi, W. H. Chin and Z. Fan, "Optimal ma-
licious attack construction and robust detection in Smart Grid cyber secu-
rity analysis," 2014 IEEE International Conference on Smart Grid Com-
munications (SmartGridComm), Venice, 2014, pp. 836-841.
[33] M. Ozay, I. Esnaola, F. T. Y. Vural, S. R. Kulkarni and H. V. Poor, "Sparse
Attack Construction and State Estimation in the Smart Grid: Centralized
and Distributed Models," in IEEE Journal on Selected Areas in Commu-
nications, vol. 31, no. 7, pp. 1306-1318, July 2013.
[34] M. Ozay, I. Esnaola, F. T. Yarman Vural, S. R. Kulkarni and H. Vincent
Poor, "Distributed models for sparse attack construction and state vector
estimation in the smart grid," 2012 IEEE Third International Conference
on Smart Grid Communications (SmartGridComm), Tainan, 2012, pp.
306-311.
[35] J. Zhang, Zhigang Chu, L. Sankar and O. Kosut, "False data injection at-
tacks on power system state estimation with limited information," 2016
IEEE Power and Energy Society General Meeting (PESGM), Boston, MA,
2016, pp. 1-5.
[36] X. Liu and Z. Li, "Local Load Redistribution Attacks in Power Systems
With Incomplete Network Information," in IEEE Transactions on Smart
Grid, vol. 5, no. 4, pp. 1665-1676, July 2014.
[37] Y. Zhang, L. Wang, Y. Xiang and C. W. Ten, "Power System Reliability
Evaluation With SCADA Cybersecurity Considerations," in IEEE Trans-
actions on Smart Grid, vol. 6, no. 4, pp. 1707-1721, July 2015.
[38] G. Hug and J. A. Giampapa, "Vulnerability Assessment of AC State Esti-
mation With Respect to False Data Injection Cyber-Attacks," in IEEE
Transactions on Smart Grid, vol. 3, no. 3, pp. 1362-1370, Sept. 2012.
[39] Y. Tan, Y. Li, Y. Cao and M. Shahidehpour, "Cyber-Attack on Overload-
ing Multiple Lines: A Bilevel Mixed-Integer Linear Programming
Model," in IEEE Transactions on Smart Grid, vol. PP, no. 99, pp. 1-1.
[40] Q. Yang et al., "Toward Data Integrity Attacks Against Optimal Power
Flow in Smart Grid," in IEEE Internet of Things Journal, vol. 4, no. 5, pp.
1726-1738, Oct. 2017.
[41] M. A. Rahman, E. Al-Shaer and R. G. Kavasseri, "A formal model for
verifying the impact of stealthy attacks on optimal power flow in power
grids," 2014 ACM/IEEE International Conference on Cyber-Physical Sys-
tems (ICCPS), Berlin, 2014, pp. 175-186.
[42] K. Khanna, B. K. Panigrahi and A. Joshi, "Bi-level modelling of false data
injection attacks on security constrained optimal power flow," in IET Gen-
eration, Transmission & Distribution, vol. 11, no. 14, pp. 3586-3593, 9 28
2017.
[43] H.Z. Wang, G.Q. Li, G.B. Wang, J. C. Peng, H. Jiang, and Y. T. Liu, Deep
learning based ensemble approach for probabilistic wind power forecast-
ing, Applied Energy, Volume 188, 2017, Pages 56-70.
[44] Y. Lv, Y. Duan, W. Kang, Z. Li and F. Y. Wang, "Traffic Flow Prediction
With Big Data: A Deep Learning Approach," in IEEE Transactions on
Intelligent Transportation Systems, vol. 16, no. 2, pp. 865-873, April 2015.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2018.2804669, IEEE
Transactions on Industrial Informatics
12

[45] Y. Chen, Z. Lin, X. Zhao, G. Wang and Y. Gu, "Deep Learning-Based

Classification of Hyperspectral Data," in IEEE Journal of Selected Topics
in Applied Earth Observations and Remote Sensing, vol. 7, no. 6, pp.
2094-2107, June 2014.
[46] C. Wan, Z. Xu, P. Pinson, Z. Y. Dong and K. P. Wong, "Probabilistic
Forecasting of Wind Power Generation Using Extreme Learning Ma-
chine," in IEEE Transactions on Power Systems, vol. 29, no. 3, pp. 1033-
1044, May 2014.
[47] B. Muthén, "Moments of the censored and truncated bivariate normal dis-
tribution," Br. J. Math. Stat. Psychol. vol. 43 no. 1 pp. 131-143 1990.
[48] M. S. Rahman, M. A. Mahmud, A. M. T. Oo and H. R. Pota, "Multi-Agent
Approach for Enhancing Security of Protection Schemes in Cyber-Physi-
cal Energy Systems," in IEEE Transactions on Industrial Informatics, vol.
13, no. 2, pp. 436-447, April 2017.
[49] S. K. Singh; K. Khanna; R. Bose; B. K. Panigrahi; A. Joshi, "Joint Trans-
formation based Detection of False Data Injection Attacks in Smart Grid,"
in IEEE Transactions on Industrial Informatics , vol.PP, no.99, pp.1-1
[50] Zimmerman R, Gan D. MATPOWER: A Matlab Power System Simula-
tion Package. [Online]. Available:<http://www.pserc.cornell.edu.
matpower>.
[51] J. Zhao, M. Netto and L. Mili, "A Robust Iterated Extended Kalman Filter
for Power System Dynamic State Estimation," in IEEE Transactions on
Power Systems, vol. 32, no. 4, pp. 3205-3216, July 2017.
[52] J. Löfberg, “YALMIP: A toolbox for modeling and optimization in
MATLAB,” in Proc. IEEE Int. Symp. Comput. Aided Control Syst. Des.
(CACSD), 2004, pp. 284–289.

1551-3203 (c) 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.