Professional Documents
Culture Documents
IET Smart Grid - 2022 - Nayak - Vulnerability Assessment and Defence Strategy To Site Distributed Generation in Smart Grid
IET Smart Grid - 2022 - Nayak - Vulnerability Assessment and Defence Strategy To Site Distributed Generation in Smart Grid
DOI: 10.1049/stg2.12059
ORIGINAL RESEARCH
- -Revised: 16 December 2021 Accepted: 6 February 2022
KEYWORDS
distributed power generation, phasor measurement, power system cybersecurity and privacy, smart grid devices
-
This is an open access article under the terms of the Creative Commons Attribution License, which permits use, distribution and reproduction in any medium, provided the original work is
properly cited.
© 2022 The Authors. IET Smart Grid published by John Wiley & Sons Ltd on behalf of The Institution of Engineering and Technology.
Several research papers have proposed the PMU-placement- We implement our FDI attack model and defence strategy
based defence mechanism based on the AC model to protect on several IEEE standard test systems to evaluate their
against FDI attacks [16, 18, 25]. In [21–28], FDI attacks were effectiveness and computational complexity in securing the
formed based on AC power flow models. grid against hidden FDI attacks. We show that our attack
Cybersecurity measures should not incur high computa- modelling and defence algorithms do not incur high compu-
tional complexity in defending the smart grid. A low- tational costs even for large power systems. Our power flow
complexity security mechanism can help determine whether models do not simplify the non-linear operational and topo-
it is feasible to protect large power systems in a given time. logical characteristics of the grid. We use the proposed optimal
Furthermore, it must rapidly respond to cyber incidents to defence strategy to protect the power grid against hidden FDI
avoid catastrophic failures in grid operations. The attack and attacks and obtain secure locations for SMRs in the system.
defence methodologies must also be realistic to ensure systems' Finally, we find secure SMR sites in the SaskPower grid.
security without creating significant errors. However, a low The main contributions of this paper can be summarized
computational overhead, accurate vulnerability assessment and below:
defence model to prevent FDI attacks in AC power systems
have not been presented in prior studies. � We present an enhanced least-effort FDI attack model to
To address the issues discussed above, in this work, we perform an accurate cyber vulnerability analysis
present a novel AC-power-flow-based least-effort FDI attacks � We develop a novel reduced row echelon (RRE)-form-based
model (i.e. an attack model that computes the minimum greedy algorithm to calculate hidden FDI attack vectors in
number of sensor measurements to compromise) based on our the AC state estimation
previous work [27]. Unlike Ref. [27], in this work, we improve � We propose a novel optimal defence strategy to protect the
the model's scalability and accuracy in analysing cyber vul- smart grid against hidden FDI attacks. We do that by devel-
nerabilities of large AC power networks. We perform experi- oping a greedy algorithmic solution to find the optimal loca-
ments on IEEE standard test systems of different scales. tions to deploy secure power assets and defend the non-linear
Simulation results show that our attack model can effectively power network while achieving full observability of the system
evaluate the vulnerabilities of large power systems with � We identify suitable sites for SMRs in a smart grid envi-
significantly less computational complexity. ronment, which are secure from FDI attack threats under
Based on the vulnerability analysis of the power systems given PMU placement
presented in Ref. [27], we develop a novel AC-power-flow-
based defence strategy to prevent the risk of FDI attacks in The first two contributions in this paper are based on our
the system. In this work, we consider PMUs as devices that previous work [27], in this work, we enhance our attack
protect the state estimation against hidden FDI attacks. Our model's scalability and accuracy for large AC power networks
proposed defence strategy is generic as it can derive optimal (such as IEEE-300 bus system) and perform additional sim-
sites for any secure power asset to defend against hidden FDI ulations and analyses of the model's computational cost in
attacks. comparison with the prior work. Furthermore, we have added
Furthermore, finding optimal locations of distributed gen- two more contributions in this paper, namely novel optimal
erations (DGs) have been investigated in the literature [29–37] defence strategy against hidden FDI attacks and siting SMRs
to minimise energy loss in power transmission and distribu- under cybersecurity constraints, which were not discussed in
tion. In this work, we also present a case study to select secure our previous work. We have discussed the first two contribu-
sites for small-size nuclear reactors, known as small modular tions as the foundation for developing our defence strategy
reactors (SMRs) units, which are introduced as small-to- and the SMR localization technique.
medium-scale DGs with power generation of up to The rest of the paper is organized as follows: Section 2
300 MWe [38]. Many SMRs siting criteria must be considered presents the related work. Section 3 describes the DC and the
before the most optimal sites are identified. These include AC state estimation theory and methodology, followed by an
geographical [39], surface water [40], groundwater [41], introduction to the FDI attacks framework. Section 4 presents
geological [42], exclusion zones [43], transportation routes [44], our enhanced least-effort FDI attacks model. Section 5 dis-
socio-economic and environmental risks [45], and reserved cusses our optimal defence strategy. In Section 6, we discuss
land considerations [46]. Combining two or more of the above the methodology for siting DGs in the smart grid under
criteria to site SMRs is out of the scope of this paper. cybersecurity constraints. Section 7 shows the simulation re-
Integrating SMRs with the smart grid can pose cyber sults and analysis. Finally, Section 8 concludes the paper.
threats to them in the absence of proper security measures [4].
It is necessary to prevent exposure of SMRs to cyber incidents
to sustain their operational integrity. The siting of SMRs under 2 | RELATED WORK
the impact of cybersecurity has not been addressed in the
literature. As a case study, we use our vulnerability assessment This section discusses previous works on cyber vulnerability
and defence approaches to find secure sites for SMRs in the assessment and defence models for the power systems against
Saskatchewan Power Corporation grid (SaskPower), which is cyberattacks. It also reviews various techniques and factors
the principal electric utility in Saskatchewan, Canada [47]. considered for siting DGs in the power systems.
25152947, 2022, 3, Downloaded from https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/stg2.12059 by Readcube (Labtiva Inc.), Wiley Online Library on [16/05/2023]. See the Terms and Conditions (https://onlinelibrary.wiley.com/terms-and-conditions) on Wiley Online Library for rules of use; OA articles are governed by the applicable Creative Commons License
NAYAK AND AL‐ANBAGI
- 163
Modelling of FDI attacks and the protection schemes were evaluation for DER operation and assessed the detrimental
presented in [6–13, 15, 48–50] to analyse the vulnerabilities of effects of cyberattacks on DG. Studies in [55] discussed cyber
the system and defend against cyberattacks. For instance, Kim vulnerabilities of DERs in a cyber-physical system by
and Tong [6] developed an undetectable attack model followed employing a threat modelling technique and identified risks of
by a PMU-placement-based defence strategy using a graph- penetration at DGs on the overall grid operation.
theoretic condition to defend against FDI attacks. Kim and Siting SMRs in the smart grid without adequate cyberse-
Poor [7] demonstrated that it is more feasible for the attacker curity can expose them to cyberattacks. Previous research has
with limited resources to minimise the manipulations of the focussed on localizing power assets in a smart grid environ-
number of measurements to launch unobservable FDI attacks. ment under the impact of cybersecurity [16, 56–58]. In Ref. [6],
Studies in [8, 9] optimized the cost of the attack vector the authors discussed finding secure sites for PMUs to protect
computation by developing a k-sparse attack model. The them from different types of cyber threats. Refs. [57, 58]
proposed defence model in Ref. [8] considered minimizing the proposed greedy-algorithm-based strategies to address optimal
number of PMU placements to reduce the computational and placement problems for PMUs concerning cybersecurity in the
capital cost of the protection scheme. distribution grids. In this work, we use our proposed attack
Furthermore, Yang et al. [10] proposed a heuristic-based model and defence strategy to find secure locations for SMRs.
scheme to generate the least-effort attack vector by manipu- This area has not been addressed in the prior work yet.
lating minimum unit measurements. However, the overhead of
the brute-force search mechanism used in this work is high for
larger grid systems. Yang et al. [12] enhanced the least-effort 3 | STATE ESTIMATION AND FDI
attack model presented in Ref. [10] by reducing the computa- ATTACKS
tion complexity and introducing a greedy algorithm to defend
against hidden FDI attacks in the system. However, the attack This section presents an overview of the theory and method of
and defence models in the above work ignored the non-linear the AC state estimation, followed by the discussion of the FDI
characteristics and their related computational complexity. attacks framework.
Therefore, the authors did not provide effective simulation re-
sults for the actual smart grid. In addition, the above power flow
models were DC based to approximate the non-linear power 3.1 | AC state estimation
systems. FDI attacks constructed based on an AC model are
more damaging than the DC-based FDI attacks [23, 24]. Linear DC models simplify the complex power flow operation
There is insufficient work focussing on the modelling FDI and control equations associated with the non-linear power
attacks and defence strategies using the AC power flow model systems [59].
[16, 18, 21, 22, 25, 26]. The PMU placement strategy in Ref. Unlike the DC state estimation, the power flows and in-
[18] required a configuration of about 50% more PMUs to jections in the AC state estimation have a non-linear relationship
provide a reliable defence against cyber vulnerabilities. The with voltage magnitudes and phase angles. Also, the AC model
AC-based defence mechanism proposed in Ref. [25] required does not ignore the reactive power flows and injections, or the
additional PMU placements to achieve higher state estimation shunt admittances. Therefore, the real and the reactive power
accuracy. All of the above AC-based power system models did flow from bus i to j can be expressed as Ref. [21]:
not consider the computational complexity and the effective- � �
ness of the attack and defence models. In this work, we P ij ¼ V 2i gsi þ gij − Vi Vj gij cosθij þ bij sinθij ð1Þ
develop an effective AC-power-flow-based vulnerability
� �
assessment and defence model with a low computation cost. Qij ¼ −V 2i bsi þ bij − Vi Vj gij sinθij þ bij cosθij ; ð2Þ
Siting SMRs in the power grid has gained research interests
in recent years [51, 52]. The authors in Ref. [51] presented a
And the real and the reactive power injection at bus i can
fuzzy analytic hierarchy process based multi-criteria decision-
be shown as follows:
making technique to find suitable sites of SMRs in the sys-
tem while focussing on efficient power generation. Belles and X �
Omitaomu [52] considered geotechnical and resource accessi- P i ¼ Vi Vj Gij cosθij þ Bij sinθij ð3Þ
j∈Ni
bility factors, such as distance to cooling water and population,
grid capacity etc., for siting SMRs using spatial modelling and X �
geographic information system technology. Lokhov et al. [53] Qi ¼ Vi Vj Gij sinθij − Bij cosθij ð4Þ
listed various factors impacting the siting of SMRs in the po- j∈Ni
wer systems, such as social and economic challenges, envi-
ronmental regulatory issues, lack of infrastructure to support where gsi + jbsi and Gij + jBij are the shunt branch and line
the SMR deployment, and security challenges. admittance, respectively, and Ni is the set of buses connected to
Recent work has performed a cybersecurity impact analysis bus i. The measurements in the AC model are non-linearly
on the operation of Distributed Energy Resources (DERs). dependent on the state variables, as shown in the following
For example, Duan et al. [54] presented a cybersecurity expression:
25152947, 2022, 3, Downloaded from https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/stg2.12059 by Readcube (Labtiva Inc.), Wiley Online Library on [16/05/2023]. See the Terms and Conditions (https://onlinelibrary.wiley.com/terms-and-conditions) on Wiley Online Library for rules of use; OA articles are governed by the applicable Creative Commons License
164
- NAYAK AND AL‐ANBAGI
z ¼ hðxÞ þ e; ð5Þ Hence, we focus on modelling FDI attacks and defence stra-
tegies using the AC state estimation.
where z = [z1 z2 z3 … zm] is the m � 1 non-linear mea-
surement vector, which involves active and reactive power
measurements of the power systems. Here, the system state
vector x is the n � 1 state vector, which consists of voltage
3.2 | FDI attacks against the AC state
magnitudes and phase angles of the power system buses [26],
estimation
that is, x = [θ2 θ3 … θn V2 V3 … Vn]. Whereas in the DC
To execute FDI attacks in the power system, the attacker in-
model, the state variable x includes phase angles only. The
serts a false data attack vector a in the state estimation, which
m � 1 measurement error vector e = [e1 e2 e3 … em] ac-
the BDD mechanism cannot detect. The attacker requires in-
counts for standard deviations in each measurement in z re-
formation on the grid topology and the network parameters to
flected by the accuracy of the corresponding metre used [59]. h
carry out hidden FDI attacks. With this knowledge, the
() is a non-linear function between z and x. Bus 1 is regarded
attacker can manipulate the sensor measurements, which can
as a slack bus and its phase angle and voltage magnitude are:
mislead the control centre to make the wrong decisions dis-
θ1 = 0 and V1 = 1 p.u. [12].
rupting the power network. The attacker aims to either gain
The number of measurements of the sensors should be
economic advantages or interfere with grid operations using
more than the number of state variables (i.e. m > n) for the
FDI attacks [61].
accurate state estimation of the system [12, 60]. The AC-state
An FDI attack model developed in Ref. [62] showed that if
estimation problem can be solved using the following WLS
the attacker has knowledge of the Jacobian matrix J computed
optimization method:
in the state estimation, then it is possible to generate a false
data attack vector a that can bypass the BDD mechanism. In
min FðxÞ ¼ ðz − hðxÞÞT ⋅ W ⋅ ðz − hðxÞÞ ð6Þ
the state estimation, the BDD mechanism checks the differ-
ence between the measurement values received from the sen-
where the weight matrix W represents the inverse of the ac- sors and the estimated measurement values denoted as
curacy of the measurements. The functionality of h() is
decided by the type of the measurement, that is, real or reactive r ¼ z − hð^xÞ ð9Þ
power flows or injections. The standard iterative approach is
then used to solve this optimization problem [59]. The first- Here, r represents the residual between the measurement
order condition derived for the optimal solution of the state values estimated using the WLS method and the measurement
estimation problem can be given as values obtained from the sensors. Note that the value of r is
∂FðxÞ sensitive to the measurement errors e since the square of ith
j ¼ −2J T : ^x ⋅ W ⋅ ðz − hð^xÞÞ ¼ 0 ð7Þ measurement residual ri 2 is inversely related to the error
∂x x¼^x
variance for the same measurement [59]. If the value of r ex-
Here, ^x is the n � 1 estimated state vector, and the Jacobian ceeds a pre-specified threshold value τ, that is, ‖r‖2 > τ, then
matrix J consists of partial derivatives of Pi, Qi, Pij, and Qij there is a bad data present in the received sensor measure-
with respect to the state variables. The structure of the matrix J ments. The threshold value used in the BDD mechanism is the
is as follows: maximum allowable percentage variations in the sensor mea-
surements according to the IEEE standard [63], for example,
2 3
∂P ij ∂P ij 80% < Vpu < 110% indicates that Vpu is in the normal voltage
6 ∂θi ∂Vi 7 range.
6 7
6 7 This threshold value τ accounts for the errors in the
6 ∂Qij ∂Qij 7
6 7 calculation of the Jacobian matrix [59]. The threshold to detect
6 ∂θ ∂Vi 7
6 i 7 the bad data in the system is global across each IEEE standard
6 7: ð8Þ
6 ∂P i ∂P i 7 test system used in our experiments. We use V1 = 1 p.u. at the
6 7
6 ∂θ ∂Vi 7 reference bus for the sake of simplicity, where we initiate
6 i 7
6 7 the state estimation process and later calculate the attack
4 ∂Qi ∂Qi 5 vector and the PMU configuration in the power systems.
∂θi ∂Vi Therefore, the suitable voltage levels for the ith bus are
0:8 p:u: < Vpu i < 1:1 p:u.
An iterative process is used to solve the resulting non- If the attacker can successfully insert an m � 1 attack
linear equation from Equation (7). vector a in the system, the change in the measurement vector
The DC model ignores the phase angle differences, reac- can be shown as
tive power flows and injections, and all shunt elements and
branch resistances [59] that deviate the model from the actual z a ¼ z þ a; ð10Þ
power system, leading to erroneous state estimation [23]. On
the other hand, the AC power flow model does not involve which results into an erroneous estimated state vector as
such assumptions to simplify the complex power system. follows:
25152947, 2022, 3, Downloaded from https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/stg2.12059 by Readcube (Labtiva Inc.), Wiley Online Library on [16/05/2023]. See the Terms and Conditions (https://onlinelibrary.wiley.com/terms-and-conditions) on Wiley Online Library for rules of use; OA articles are governed by the applicable Creative Commons License
NAYAK AND AL‐ANBAGI
- 165
^xa ¼ ^x þ c; ð11Þ step is to identify the state variables to modify. The Jacobian
matrix J gives the relationship between the state variables and
Here, c is an n � 1 error vector representing the errors
the associated measurements as follows [21]:
introduced in the original estimated state variables due to the
attack vector. Consequently, the new residual value can be 2 3
∂h1 ∂h1 ∂h1
given as 6 ∂x1 ⋯
6 ∂x2 ∂xn 7
7
6 7
r a ¼ z a − hð^x þ c Þ: ð12Þ 6 ∂h2 ∂h2 ∂h2 7
6 ⋯ 7
6 ∂x1 ∂x2 ∂xn 7 ð15Þ
6 7
6 7
FDI attacks can evade the BDD if 6 ⋮ ⋮ ⋱ ⋮ 7
6 7
4 ∂hm ∂hm ∂hm 5
r a ¼ z a − hð^x þ c Þ ¼ z þ a − hð^x þ c Þ ¼ z − hð^xÞ ¼ r : ⋯
∂x1 ∂x2 ∂xn
ð13Þ
where a non-zero element ij of a row means that the
Equation (13) defines the condition to bypass the BDD measurement zi belongs to the state variable xj. Otherwise,
after state variable manipulation, where the new residual in the a row element is zero if the measurement is not dependent
system ra needs to be less than or equal to the pre-specified on the state variable at any given column. Therefore, the
threshold value τ in the BDD mechanism. minimum data manipulations to launch FDI attacks can be
Therefore, the attacker needs to compute the attack vector found by determining the row of the targeted measurement
a using the following condition to launch hidden FDI attacks and the non-zero indices in that row. As mentioned in
in the AC state estimation: Section 3, there are two types of state variables in the state
vector of the AC power system. Therefore, if the attacker
a ¼ hð^x þ c Þ − hð^xÞ. ð14Þ wants to attack multiple states simultaneously, the number
of measurements required for the manipulations is even
Equation (14) establishes the necessary condition for the higher.
existence of hidden FDI attacks in power systems that can Since the attacker has the constraint of limited resources,
bypass the BDD. In the next section, we utilize this condition the objective to calculate the least-cost attack vector a can be
to formulate our methodology for the hidden least-effort FDI defined as follows:
attack vector generation. �
minkhð^x þ c Þ − h ^x k0 : ð16Þ
4 | VULNERABILITY ASSESSMENT However, the attacker also needs to consider the system's
AGAINST FDI ATTACKS IN SMART GRID security constraint. The security constraint of the system can
be expressed as
This section discusses our methodology for modelling the
least-effort FDI attacks in the smart grid such that the J ⋅ c ¼ 0: ð17Þ
generated least-cost attack vector a can bypass the BDD, as
shown in Equation (14), and the security constraint of the Under ideal conditions where there is no bad data present
system. Our attacks model can effectively analyse cyber vul- in the system, Equation (17) is valid only if there exists no non-
nerabilities of large power networks with enhanced scalability zero error vector in the state estimation, that is, c = 0.
and a low computation cost. We develop the minimum cost From the attacker’s perspective, if there is a non-zero
FDI attacks generation model because it is more economical error vector c, such that J ⋅c = 0, the attacker can suc-
for the attacker, having limited resources, to carry out unde- cessfully launch an attack that can bypass the security
tectable FDI attacks in the system with minimal sensor constraint. Based on this vulnerability in the system, we
measurement manipulations. Later, we present our RRE-form- define the hidden attack vector generation problem in
based algorithm for an AC power flow model to calculate the Equation (18), where an error vector c is calculated and
sparsest attack vector a against the AC state estimation that injected into the Jacobian matrix in such a way that it does
cannot be detected by the BDD. not violate the BDD and the security constraint.
However, the values of each non-zero element in the error
vector c should be higher than a certain threshold τ to create a
4.1 | Formalization significant impact on the estimated state vector ^x. Therefore,
the objective of modelling unobservable least-effort FDI at-
As discussed in the previous section, the attacker needs to tacks can be defined as
calculate the attack vector a according to Equation (14). If the �
attacker aims to manipulate specific measurements, the first minc khð^x þ c Þ − h ^x k0 ; s:t: J ⋅ c ¼ 0; kck∞ > τ: ð18Þ
25152947, 2022, 3, Downloaded from https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/stg2.12059 by Readcube (Labtiva Inc.), Wiley Online Library on [16/05/2023]. See the Terms and Conditions (https://onlinelibrary.wiley.com/terms-and-conditions) on Wiley Online Library for rules of use; OA articles are governed by the applicable Creative Commons License
166
- NAYAK AND AL‐ANBAGI
The least-effort hidden FDI attacks generation problem in operation within each row, we exchange all the non-zero ele-
Equation (18) injects error vector c in the Jacobian matrix J ments with the elements at the last indices. We perform the
and ensures that all non-zero elements in c are beyond τ to elementary row transformation and column exchange opera-
create a significant impact on the state vector. As a result, the tions iteratively and obtain a new RRE form of the Jacobian
non-zero indices in the generated attack vector can cause sig- matrix in every iteration. We repeat the entire process until the
nificant manipulations in the measurements when added to the new RRE form of the matrix no longer changes. Finally, we
measurement vector z and thus disturb the accuracy of the calculate the sparsest attack vector a using the final RRE form
state estimation process. of the matrix Jr.
Notice that Equation (18) is a general least-effort hidden Notice that in the algorithmic solution discussed above for
FDI attack problem formulated in the absence of secure power finding the false data attack vector, the Jacobian matrix J must
assets in the grid. In this case, the entire Jacobian matrix J be a full column rank during the entire process. If the matrix
consists of an unprotected set of indices, where an error vector is not a full-column rank, then it can have a row that does
c can exist in the system such that it can suffice the security not contain any non-zero element in its RRE form. Since we
constraint of the system in Equation (17). discussed above that we select the row with the minimum non-
Since Equation (18) is a non-deterministic polynomial- zero elements in every iteration to perform further operations,
time (NP)-hard problem [10], it is difficult to solve it in targeting the row with all elements being zero will result in
polynomial time. Therefore, we find a near-optimal solution infinite column exchange operations. Therefore, the Jacobian
to Equation (18) to launch least-effort FDI attacks. To matrix J must always be a full column rank to calculate the
address this problem, we develop an RRE-form-based al- sparsest attack vector [62]. The RRE-form-based algorithm to
gorithm for the AC power systems to calculate the sparsest find the false data attack vector against the AC state estimation
attack vector against the AC state estimation. The proposed is shown in Algorithm 1.
RRE-form-based algorithm is based on the undetectable
FDI attacks generation objective shown in Equation (18),
which generates the attack vector a that can bypass 4.3 | Case study for vulnerability assessment
the BDD.
We present a case study for the IEEE 14-bus system to
investigate our proposed RRE-form-based algorithmic solu-
4.2 | An RRE-form-based algorithmic tion in obtaining the unobservable false data attack vector. The
solution measurements we consider to calculate the Jacobian matrix are
real and reactive power flows, real and reactive power in-
jections, and voltage magnitudes and phase angles at all buses.
Algorithm 1 RRE-form-based algorithm We compute the Jacobian matrix using a MATLAB package
MATPOWER and perform the experiments in MATLAB
R2017a.
Figure 1 shows the standard single-line diagram of the
IEEE 14-bus system. The ultimate RRE form for the IEEE
14-bus system obtained using our algorithm is as follows:
2 3
1 0 0 0 ⋯ 0 0 ⋯ 0 −2:43 2:54
60 1 0 0 ⋯ 0 0 ⋯ 0 9:04 9:43 7
6 7
60 0 1 0 ⋯ 0 0 ⋯ 0 1:59 −1:56 7
6 7
60 0 0 1 ⋯ 0 0 ⋯ 0 1:69 −1:65 7
6 7
6⋮ ⋮ ⋮ ⋮ ⋱ ⋮ ⋮ ⋱ ⋮ ⋮ ⋮ 7
6 7
60 0 0 0 ⋯ 1 0 ⋯ 0 1:09 −1:03 7
6 7
40 0 0 0 ⋯ 0 1 ⋯ 0 0:73 −0:22 5
0 0 0 0 ⋯ 0 0 ⋯ −1 1 1
ð19Þ
We now discuss the RRE-form-based algorithm to find the
optimal attack vector a against the AC state estimation. Ac-
cording to the proposed algorithmic solution, we first perform Notice that the last row in the above matrix contains the
elementary row transformation operations on the transpose of least number of non-zero elements. We select this row to
the Jacobian matrix (J)T and calculate its RRE form. Once we calculate the sparsest attack vector, as illustrated in the final
obtain the RRE form of (J)T, we find a row with the minimum step of Algorithm 1. In this regard, the attack vector a
number of non-zero elements in the matrix to perform the calculated for the IEEE 14-bus using our RRE-form-based
column exchange operations. In the column exchange algorithm is shown below:
25152947, 2022, 3, Downloaded from https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/stg2.12059 by Readcube (Labtiva Inc.), Wiley Online Library on [16/05/2023]. See the Terms and Conditions (https://onlinelibrary.wiley.com/terms-and-conditions) on Wiley Online Library for rules of use; OA articles are governed by the applicable Creative Commons License
NAYAK AND AL‐ANBAGI
- 167
connecting to that bus, that is, all the associated measurements 5.2 | The PMU placement algorithm
to the bus with a PMU are protected [12]. For example, placing
a PMU on bus i connecting to buses j and k secures all state There is no PMU placed in the system initially, that is, Js = 0.
variables including Vi, θi, Pi, Qi, Pij, Pik, Qij, Qik, as well as, Vj, Consequently, a non-zero error vector c exists in the system
θj, Vk, and θk from manipulations. Therefore, the PMU that satisfies the security constraint and enables the attacker to
placement on one bus protects all of the connected buses and compute the least-effort attack vector a using the matrix J s .
branches. Thus, we develop our PMU placement algorithm on the
After the PMU placement on a single bus, all of the cor- premise that an attack vector a already exists in the system.
responding measurements and state variables can be removed Nevertheless, the outcomes of the PMU placement algorithm
from the Jacobian matrix J because they are no longer useful do not depend on a particular attack vector (e.g. the input
for the attacker to compute the attack vector a. In this regard, attack vector a mentioned above). The algorithm expects
the matrix J can be divided into two sub-matrices Js and J s , as changes in the attack vector at every round after each PMU
the protected and unprotected set of indices, respectively. The placement based on which it derives the next suitable locations
security matrix Js should be of full rank to make the system for PMUs, as discussed below. Therefore, irrespective of the
fully observable and secure the AC state estimation. different scales and numbers of attack vectors, the algorithm
Configuring a PMU on a bus changes the objective defined always achieves full system observability at the end to prevent
in Equation (16) to calculate the minimum cost attack vector. FDI attacks.
Further, it also changes the existing security constraint in The PMU placement starts with configuring one bus at a
equation (17) to a new security constraint as follows: time and securing its corresponding measurements. In each
round, we use the greedy approach to configure a PMU on the
J s ⋅ c ¼ 0: ð21Þ most vulnerable bus (i.e. the bus with the highest number of
manipulated measurements). To elaborate, we select one bus
for a PMU in every round, which has the most number of
From the attacker's perspective, there are following two
measurements coinciding with the altered measurements in the
aspects to the updated security constraint [62]:
attack vector a. We continue this process until the security
� If the Jacobian matrix Js of h(x) is of a full rank, that is, rank matrix Js becomes full rank one.
The set of manipulated sensor measurements in the attack
(Js) = 2N − 2, then Js ⋅c = 0 if and only if c = 0. In this case,
vector a can be given as
the existence of hidden FDI attacks in the system is not
feasible � �
� If rank(Js) < 2N − 2, then there can exist a non-zero vector Ja ¼ Ja1 ; Ja2 ; ⋯ ; JaNa ; ð23Þ
c such that Js ⋅c = 0. Hence, the unobservable FDI attacks
can be successfully launched in the system where Na is the total number of manipulated measurements.
Each element in Ja is a 1 � n vector representing the row
In this regard, the new optimization problem for the index of the altered measurements in matrix J s . Let J bi be the
attacker to launch unobservable least-effort FDI attacks, after set of measurements in matrix J s that associates to bus i. To
configuring at least one PMU in the system, can be given as illustrate, for the IEEE 14-bus system, the set of measure-
ments in J s corresponding to bus number 3 can be shown as
minkhs ð^ x þ c Þ − hs ð^xÞk0 ;
c
s:t: J s ⋅ c ¼ 0; ð22Þ � �
kck∞ > τ: ∂P 34 ∂P 34 ∂P 3 ∂P 3 ∂Q34 ∂Q34 ∂Q3 ∂Q3
J b3 ¼ ; ; ; ; ; ; ; : ð24Þ
∂V3 ∂θ3 ∂V3 ∂θ3 ∂V3 ∂θ3 ∂V3 ∂θ3
Since the placement of a PMU secures the set of mea-
surements observed by the configured bus, it also updates the According to our defence strategy, we choose the most
protected set of indices in the Jacobian matrix J. Therefore, vulnerable bus, that is, the bus with the highest degree of
the modified hidden least-cost FDI attack problem in Equa- intersection between J bi and Ja, for the PMU placement. Our
tion (22) now focusses on the set of indices that remain un- objective to identify the most vulnerable bus for the PMU in
protected in J, denoted as the sub-matrix J s . each round is as follows:
Based on the above discussion, the objective of our
optimal defence strategy is to place the minimum number of �
PMUs on buses to secure the subsets of measurements until Ω b0i ¼ max jJ bi ⋂ J a j; ð25Þ
i∈½2;N−1�
the security matrix Js is full rank and the system becomes
completely observable. Eventually, there will be no non-zero
0�
vector c that can manipulate the state estimation vector where Ω bi represents the degree of the intersection, N is the
0
while satisfying Equation (21). Thus, hidden FDI attacks total buses in the grid, and bi is the most vulnerable bus
cannot exist in the AC state estimation because the solution to derived for the PMU placement. Bus 1 is considered as a
Equation (22) is no longer feasible. reference bus in the above objective. However, if there is more
25152947, 2022, 3, Downloaded from https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/stg2.12059 by Readcube (Labtiva Inc.), Wiley Online Library on [16/05/2023]. See the Terms and Conditions (https://onlinelibrary.wiley.com/terms-and-conditions) on Wiley Online Library for rules of use; OA articles are governed by the applicable Creative Commons License
NAYAK AND AL‐ANBAGI
- 169
�
than one bus with the same Ω b0i , then we select the bus compromised measurement vector Ja for the IEEE 14-bus
connecting to a higher number of buses to configure a PMU. system can be expressed as
As discussed above, all the measurements corresponding
0
to bus bi with a PMU can no longer be manipulated to Ja ¼ ½ Ja14 ; Ja26 ; Ja66 ; Ja67 ; Ja68 �: ð26Þ
calculate the attack vector a. Also, all the buses connecting
0
to bus bi are now protected. Hence, the rows and columns According to Algorithm 2, we calculate the degree of
of the matrix J s corresponding to the set of secured mea- intersection between J bi and Ja for each bus bi, where� i ∈ [2,
surements and state variables will move to the security 14]. Table 1 shows the degree of intersection Ω b0i for each
matrix Js. Further, the elements of the error vector c bus after one round of the PMU placement algorithm. We can
associated with bus b0i and its connected set of buses will see from Table 1 that bus 14 is the ideal location for the first
become zero since their state variables are no longer round of PMU placement since it has the highest measure-
vulnerable to manipulations. Consequently, the attacker ments coinciding with the attack vector. After configuring bus
needs to calculate a new attack vector from the remaining 14 with a PMU, we update the matrices Js and J s as discussed
unprotected measurements in J s , focussing on the new above and re-calculate the attack vector a using Algorithm 1.
objective given in Equation (22). Since the iterative PMU In the next iteration, we again find the next ideal location out
placement changes matrix J s in each round, the attacker has of the remaining unprotected buses, based on the updated Ja.
to re-calculate the false data attack vector a after every We repeat the same procedure until the matrix Js becomes a
PMU configuration. The new attack vector will update the full rank. In this way, we identify the optimal locations for the
compromised measurement vector Ja in each iteration, PMU configuration at buses 3, 5, 8, 11, 12, and 14 in the IEEE
which will yield the next most vulnerable bus of the grid, 14-bus system. Figure 2 shows the sequence of the PMU
according to Equation (25). The iterative PMU placement placement in the IEEE 14-bus system. Notice that the system
ends when rank(Js) = 2N − 2, where the system is fully becomes completely observable when the PMU placement
observable, and the existence of hidden FDI attacks be- process is completed. Therefore, the unobservable FDI attacks
comes infeasible. We store the outcome of each iteration of against the AC state estimation cannot exist since all the system
our algorithm internally to derive the number of buses state variables become secured.
placed with PMUs. In the next section, we use our novel optimal defence
Algorithm 2 shows our greedy-PMU placement algorithm. strategy to find secure locations for SMRs in the power sys-
tems. We implement the proposed PMU placement algorithm
on the grid to prevent unobservable FDI attacks and enable a
Algorithm 2: The PMU placement algorithm secure system to site SMRs.
vectors. Here, the numeric values in the attack vectors repre- open to FDI attacks. It also exposes other state variables
sent the compromised row indices in the Jacobian matrix of associated with those manipulated measurements causing
each test system. cascading failures.
We can see from Table 2 that our algorithm takes less than Figure 4b shows the percentage of the compromised
five iterations for any test system to obtain the minimum cost measurements for each test system. We can observe from
attack vector. Notice the number of measurements to Figure 4b that the attacker has to compromise around 11% of
compromise in each test system to launch hidden FDI attacks the total sensor measurements to launch hidden FDI attacks in
in the system. Since our RRE-form-based algorithm focusses the IEEE 9-bus system. In the IEEE 300-bus system, the
on generating the least-cost attack vector, it yields the optimal attacker needs to manipulate 0.7% of the total sensor mea-
number of measurements to compromise for constructing the surements. The descending trend in the fraction of the
attack vector. On the other hand, the AC-based attack model compromised measurements shows that the cost of hidden
presented in [22] derives at least 16 numbers of measurements FDI attacks is decreasing with the increasing system size.
necessary to compromise for the IEEE-14 and the IEEE-18 The results of our least-effort FDI attacks model show that
bus systems, compared to 5 and 7, respectively, in our work. the hidden FDI attack vector a can be successfully injected in
Hence, we verify that the proposed RRE-form-based algo- the AC state estimation while satisfying the objective of
rithm can calculate the relatively sparsest attack vector to Equation (18). This means that the existing security constraints
launch the least-effort hidden FDI attack in the AC power and the BDD mechanism are unable to prevent FDI attacks
systems. against the AC state estimation.
Figure 4a shows a comparison between the computational Figure 4c shows the minimum cost attack vector of our AC
cost (in terms of the time complexity in finding the attack power flow model and the DC power flow model presented in
vector) of the DC model and our AC-based RRE algorithm. Ref. [12]. We use these results to find the feasibility of the DC-
We show that even when using complex AC power models, the based FDI attack model in evaluating cyber vulnerabilities. We
total time elapsed in our algorithm is significantly less than that can see from Figure 4c that the minimum number of mea-
of simple DC models used in Refs. [10, 62]. surements to compromise in the DC-based FDI attack model
Notice the pattern of the compromised measurements in remains constant for all IEEE test systems. On the other hand,
the attack vectors shown in Table 2. This pattern means that if in our AC-based FDI attack model, the number shows an
a measurement of any state variable is under attack, then the increasing trend from the IEEE 9-bus to the 300-bus system.
remaining measurements corresponding to the same state This comparison shows that the attacker neglects to modify
variable and close to that compromised measurement in the certain measurements in the DC-based model required to
Jacobian matrix are also vulnerable to manipulations. There- calculate the attack vectors. This is due to the assumptions
fore, an attack on a single measurement makes its entire set involved in the DC power flow model and the DC state
25152947, 2022, 3, Downloaded from https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/stg2.12059 by Readcube (Labtiva Inc.), Wiley Online Library on [16/05/2023]. See the Terms and Conditions (https://onlinelibrary.wiley.com/terms-and-conditions) on Wiley Online Library for rules of use; OA articles are governed by the applicable Creative Commons License
172
- NAYAK AND AL‐ANBAGI
300-bus (9, 708, 709, 732, 733, 1394, 1419, 1420, 1421, 1422) 2 9.5
F I G U R E 4 (a) Time complexity for finding the attack vector, (b) Percentage of compromised measurements, (c) Comparison of AC and DC systems for
modelling false data injection attacks. RRE, reduced row echelon
estimation. These incorrect state variable estimations propa- configuring PMUs, which helps provide a more rapid response
gate into the branch power flows and power injections mea- to cyber incidents in real-time.
surements. Therefore, even though the DC model simplifies Our optimal defence strategy achieves accurate state esti-
the modelling of FDI attacks, it gives inaccurate outcomes that mation through securing all the system state variables with
can trigger the BDD [21]. The above comparison of the AC minimum PMU configurations. On the other hand, the AC-
and the DC systems for modelling FDI attacks shows that it is based defence techniques proposed by Yang et al. [25] have
more feasible for the attacker to model the hidden least-effort not considered minimizing the number of PMUs while
FDI attacks using the AC power systems. achieving high state estimation accuracy.
Table 4 shows a comparison between the number of PMUs
required to achieve maximum state estimation accuracy in the
7.2 | Defence strategy technique proposed in Ref. [25] and our approach. We can see
that our proposed approach uses fewer PMUs to secure all the
We run experiments on different IEEE standard test systems state variables. Furthermore, our defence strategy achieves
to evaluate the feasibility and the computational complexity of higher state estimation accuracy while achieving system
our proposed defence strategy. Table 3 shows the simulation observability and combating FDI attacks. Our approach does
results for different test systems, including the optimal number not require auxiliary PMU placements, and it does not include
of buses required for the PMU configuration and the CPU any extra computational overhead needed to find additional
time (in seconds) the PMU placement algorithm takes to buses for PMU configuration.
achieve complete system observability in each case. Notice that Algorithm 2 also incorporates the calculation
We can see from Table 3 that the fraction of buses placed of the attack vector a in every round. Therefore, the
with PMUs ranges between 40%–50% of the total number of complexity of the defence algorithm shown in Table 3 includes
buses. This result is consistent with the previous work in Refs. the cost for finding the attack vector a and the computation
[6, 25] that used DC and AC models, respectively. However, time required to find the optimal set of buses for PMU
the PMU placement techniques in Ref. [6], and Ref. [25] configuration. Based on the results shown in Table 3 and
considered that the system is not under FDI attacks during the Figure 4a, we confirm that the time complexity of our AC-
PMU configurations [8, 16]. In this case, the solutions of the based optimal defence strategy is very low.
defence techniques rely only on the initial state of the attack To show the effectiveness of our approach, we analyse its
and thereby become stagnant in responding to a variety of impact on the attack cost. Figure 5a shows the number of
attack vectors. On the other hand, the defence model proposed measurements needed to compromise the state estimation
in this work accounts for constant FDI attack threats while versus the percentage of buses with PMUs for different IEEE
25152947, 2022, 3, Downloaded from https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/stg2.12059 by Readcube (Labtiva Inc.), Wiley Online Library on [16/05/2023]. See the Terms and Conditions (https://onlinelibrary.wiley.com/terms-and-conditions) on Wiley Online Library for rules of use; OA articles are governed by the applicable Creative Commons License
NAYAK AND AL‐ANBAGI
- 173
14-bus 6 0.6
30-bus 12 3
118-bus 52 150
Test system Number of PMU placements in Ref. [25] Number of PMU placements (This work)
14-bus 11 6
30-bus 29 12
118-bus 65 52
test systems. We can see that the attack costs are the minimum configuration. Finally, we show the secure sites for SMRs. The
when there are no PMUs in the system. However, as the total number of buses in the SaskPower grid shown in Figure 3
number of PMUs increases, the minimum number of is 94. This grid resembles the IEEE 118-bus system [67]. We
sensor measurements also increases. Once the PMU place- compute the Jacobian matrix J for the state estimation of
ment algorithm achieves the full system observability, that is, the SaskPower grid based on the standard information of the
rank(Js) = 2N − 2, the solution to Equation (22) becomes IEEE 118-bus system. We obtained the power and voltage
infeasible. Thus, the hidden attack vector can no longer exist in magnitudes, phase angles, the shunt and line admittance at
the AC state estimation. generator and load buses, and branch resistance and reactance
Figure 5b shows the percentage of the protected state from the IEEE 118-bus system.
variables after each PMU configuration. We see that once the To run the vulnerability analysis, we use the RRE-form-
PMU placement algorithm satisfies its objective in each test based algorithm shown in Algorithm 1 to compute the hid-
system, all the system state variables are secured. den attack vector a. The attack vector a derived using the same
Figure 5c shows a comparison between the number of objective defined in Equation (18) for the SaskPower grid is
buses configured with PMUs to prevent hidden FDI attacks shown as follows:
using the DC model in [12] and our work. The comparison
shows the effectiveness of our approach in protecting the
aT ¼ ½ 0 ⋯ 0:06 ⋯ 0:06 ⋯ 0:43 ⋯ 0:15 − 0:15 0:06 0:43 �
system. We see that the differences in the results obtained for
the DC and the AC models are close for small test systems. ð27Þ
However, for large networks, there is a difference because our
approach is more realistic. Here, the non-zero indices in the attack vector aT shown
The above results show that our AC-based optimal defence above are 3, 46, 185, 431, 432, 433, and 434. Therefore, the
approach can effectively protect the system against hidden FDI attacker needs to manipulate seven sensor measurements to
attacks while securing the AC state estimation. Our model is launch the least-effort FDI attack in this grid. It takes two it-
also able to achieve complete system observability with a low erations for our AC-based RRE algorithm to produce the
computation cost. We also show that a defence strategy based hidden attack vector.
on the DC system is ineffective in the actual non-linear power Based on the above results, we note that the sparsest attack
grid to prevent hidden FDI attacks. vector a can be computed. These results satisfy the objective of
Equation (18) to launch hidden FDI attacks. Consequently, this
means that the test system is vulnerable to hidden FDI attacks.
7.3 | Case study: Selecting secure sites for Hence, to configure secure sites for SMRs, the system needs
SMRs effective defence mechanisms. We assume that PMUs are used
to secure the power assets. Thus, we apply our PMU-
To select secure sites for SMR power generation units, we first placement-based defence strategy to secure the state estima-
implement our least-effort FDI attacks approach on the tion of the SaskPower grid.
SaskPower grid to test its vulnerability against hidden FDI Figure 6 shows the optimal locations for the PMU
attacks. Based on the calculated false data attack vector a, we configuration in the SaskPower grid derived using our PMU
obtain the most vulnerable buses for iterative PMU placement algorithm (Algorithm 2). The total number of
25152947, 2022, 3, Downloaded from https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/stg2.12059 by Readcube (Labtiva Inc.), Wiley Online Library on [16/05/2023]. See the Terms and Conditions (https://onlinelibrary.wiley.com/terms-and-conditions) on Wiley Online Library for rules of use; OA articles are governed by the applicable Creative Commons License
174
- NAYAK AND AL‐ANBAGI
FIGURE 5 (a) Change in the attack cost with the phasor measurement unit placement, (b) Percentage of protected states, (c) Comparison of AC and DC
systems
POPLAR 83 92
McNEILL
RIVER 84 93
:230 kV :138kV & :SMR Locations – Scenario 1 94
BOUNDARY
Bus below Bus :PMU DAM
FIGURE 6 Suitable sites for small modular reactor power generation units
FDI attacks with low computational complexity and enhanced 12. Yang, Q., et al.: On optimal pmu placement-based defense against data
accuracy. integrity attacks in smart grid. IEEE Trans. Inf. Forensics Secur. 12(7),
We used our cyber vulnerability assessment model and the 1735–1750 (2017)
13. Bi, S., Zhang, Y.J.: Graphical methods for defense against false-data in-
optimal defence strategy to site SMR power generation units jection attacks on power system state estimation. IEEE Trans. Smart
under the impact of cybersecurity constraints. We presented a Grid. 5(3), 1216–1227 (2014)
case study to find secure sites for SMRs in Saskatchewan, 14. Farraj, A., et al.: A game-theoretic analysis of cyber switching attacks and
Canada. Although our case study is used for the power utility mitigation in smart grid systems. IEEE Trans. Smart Grid. 7(4),
in Saskatchewan, our approach can be used to find secure 1846–1855 (2015)
15. Deng, R., Zhuang, P., Liang, H.: CCPA: coordinated cyber-physical at-
locations for power assets in other power networks. tacks and countermeasures in smart grid. IEEE Trans. Smart Grid. 8(5),
As future work, we plan to carry out a detailed study on 2420–2430 (2017)
how close our near-optimal solutions to FDI attacks modelling 16. Manousakis, N.M., Korres, G.N.: A weighted least squares algorithm for
and defence strategy are to the actual optimal solutions. optimal pmu placement. IEEE Trans. Power Syst. 28(3), 3499–3500
(2013)
17. Gou, B.: Generalized integer linear programming formulation for optimal
ACK NOW L ED GE ME N T S pmu placement. IEEE Trans. Power Syst. 23(3), 1099–1104 (2008)
This work was funded by the Sylvia Fedoruk Canadian Center 18. Paudel, J., et al.: A strategy for pmu placement considering the resiliency
for Nuclear Innovation J2016-0032 ‘Developing Technical of measurement system. J. Power Energy Eng. 3(11), 29–36 (2015)
Capacity for Understanding the Practical, Regulatory and 19. Nuqui, R.F., Phadke, A.G.: Phasor measurement unit placement tech-
Economic Viability of Introducing a New Advanced Tech- niques for complete and incomplete observability. IEEE Trans. Power
Deliv. 20(4), 2381–2388 (2005)
nology: A Case Study of Introducing Nuclear Power into a 20. Cetinay, H., et al.: Comparing the effects of failures in power grids under
Small, Previously Non-Nuclear Jurisdiction’. the ac and dc power flow models. IEEE Trans. Netw. Sci. Eng. 5(4),
301–312 (2017)
CON FLIC T OF I N TE R ES T 21. Hug, G., Giampapa, J.A.: Vulnerability assessment of ac state estimation
with respect to false data injection cyber-attacks. IEEE Trans. Smart
No.
Grid. 3(3), 1362–1370 (2012)
22. Liu, X., Li, Z.: False data attacks against ac state estimation with
DATA AVAI L A BI L I T Y S TA T E ME N T incomplete network information. IEEE Trans. Smart Grid. 8(5),
Data sharing is not applicable. No new data was generated, or 2239–2248 (2016)
the article describes entirely theoretical research. 23. Rahman, M.A., Mohsenian-Rad, H.: False data injection attacks against
nonlinear state estimation in smart power grids. In: 2013 IEEE Power &
Energy Society General Meeting, pp. 1–5 (2013)
ORC ID 24. Jin, M., Lavaei, J., Johansson, K.H.: Power grid ac-based state estimation:
Irfan Al-Anbagi https://orcid.org/0000-0001-9192-7976 Vulnerability analysis against cyber attacks. IEEE Trans. Automat.
Control. 64(5), 1784–1799 (2018)
25. Yang, Q., et al.: PMU placement in electric transmission networks for
R EF ERE N CES reliable state estimation against false data injection attacks. IEEE Internet
1. Greer, C., et al.: Nist framework and roadmap for smart grid interop- Things J. 4(6), 1978–1986 (2017)
erability standards, release 3.0. Tech. Rep. (2014) 26. Chaojun, G., Jirutitijaroen, P., Motani, M.: Detecting false data injection
2. He, H., Yan, J.: Cyber-physical attacks and defences in the smart grid: a attacks in ac state estimation. IEEE Trans. Smart Grid. 6(5), 2476–2483
survey. IET Cyber-Phys. Syst.: Theory Appl. 1(1), 13–27 (2016) (2015)
3. Mo, Y., et al.: Cyber-physical security of a smart grid infrastructure. Proc. 27. Nayak, J., Al-Anbagi, I.: Modelling false data injection attacks against
IEEE. 100(1), 195–209 (2011) non-linear state estimation in ac power systems. In: 2020 8th Int. Conf.
4. Li, Z., Shahidehpour, M., Aminifar, F.: Cybersecurity in distributed po- on Smart Grid (icSmartGrid), pp. 37–42 (2020)
wer systems. Proc. IEEE. 105(7), 1367–1388 (2017) 28. Tran, N.N., et al.: Designing constraint-based false data injection attacks
5. Cintuglu, M.H., Ishchenko, D.: Secure distributed state estimation for against the unbalanced distribution smart grids, IEEE Internet Things J,
networked microgrids. IEEE Internet Things J. 6(5), 8046–8055 8(11), 9422–9435 (2021)
(2019) 29. Idris, R., Latif, Z.A.: Gis multi-criteria for power plant site selection.
6. Kim, J., Tong, L.: On phasor measurement unit placement against state In: 2012 IEEE Control and System Graduate Research Colloquium,
and topology attacks. In: 2013 IEEE Int. Conf. on Smart Grid Com- pp. 203–206. IEEE (2012)
munications, SmartGridComm, pp. 396–401 (2013) 30. Kaboli, A., et al.: A new method for plant location selection problem: a
7. Kim, T.T., Poor, H.V.: Strategic protection against data injection attacks fuzzy-ahp approach. In: 2007 IEEE Int. Conf. on Systems, Man and
on power grids. IEEE Trans. Smart Grid. 2(2), 326–333 (2011) Cybernetics, pp. 582–586. IEEE (2007)
8. Giani, A., Bent, R., Pan, F.: Phasor measurement unit selection for un- 31. Choudhary, D., Shankar, R.: An steep-fuzzy ahp-topsis framework for
observable electric power data integrity attack detection. Int. J. Crit. evaluation and selection of thermal power plant location: A case study
Infrastruct. Prot. 7(3), 155–164 (2014). https://doi.org/10.1016/j.ijcip. from India. Energy. 42(1), 510–521 (2012)
2014.06.001 32. Kabir, G., Sumi, R.S.: Power substation location selection using fuzzy
9. Giani, A., et al.: Smart grid data integrity attacks. IEEE Trans. Smart analytic hierarchy process and promethee: A case study from Bangladesh.
Grid. 4(3), 1244–1253 (2013) Energy. 72, 717–730 (2014)
10. Yang, Q., et al.: On false data-injection attacks against power system state 33. Naik, S.N.G., Khatod, D.K., Sharma, M.P.: Analytical approach for
estimation: modeling and countermeasures. IEEE Trans. Parallel Distr. optimal siting and sizing of distributed generation in radial distribution
Syst. 25(3), 717–729 (2013) networks. IET Gener. Transm. Distrib. 9(3), 209–220 (2014)
11. Yang, Q., et al.: Towards optimal pmu placement against data integrity 34. Hung, D.Q., Mithulananthan, N., Bansal, R.: Analytical expressions for dg
attacks in smart grid. In: 2016 Annual Conf. on Information Science and allocation in primary distribution networks. IEEE Trans. Energy Conv.
Systems (CISS), pp. 54–58 (2016) 25(3), 814–820 (2010)
25152947, 2022, 3, Downloaded from https://ietresearch.onlinelibrary.wiley.com/doi/10.1049/stg2.12059 by Readcube (Labtiva Inc.), Wiley Online Library on [16/05/2023]. See the Terms and Conditions (https://onlinelibrary.wiley.com/terms-and-conditions) on Wiley Online Library for rules of use; OA articles are governed by the applicable Creative Commons License
176
- NAYAK AND AL‐ANBAGI
35. Griffin, T., et al.: Placement of dispersed generation systems for reduced 55. Soyoye, O.T., Stefferud, K.C.: Cybersecurity risk assessment for
losses. In: Proc. of the 33rd annual Hawaii Int. Conf. on System Sciences, California’s smart inverter functions. In: 2019 IEEE CyberPELS
p. 9. IEEE (2000) (CyberPELS), pp. 1–5 (2019)
36. Samajpati, D.: Distributed generation allocation for power loss minimi- 56. Chen, J., Abur, A.: Placement of pmus to enable bad data detection in
zation and voltage improvement of radial distribution systems using state estimation. IEEE Trans. Power Syst. 21(4), 1608–1615 (2006)
genetic algorithm. Ph.D. dissertation (2014) 57. Jamei, M., et al.: Anomaly detection using optimally placed <tex-math
37. Nadhir, K., Chabane, D., Tarek, B.: Firefly algorithm for optimal allo- notation="latex">μPMU </tex-math> sensors in distribution grids.
cation and sizing of distributed generation in radial distribution system IEEE Trans. Power Syst. 33(4), 3611–3623 (2018)
for loss minimization. In: 2013 Int. Conf. on Control, Decision and 58. Jamei, M., et al.: Phasor measurement units optimal placement and
Information Technologies (CoDIT), pp. 231–235. IEEE (2013) performance limits for fault localization. IEEE J. Sel. Area. Commun.
38. Subki, M.H.: Global development and deployment plan of small- 38(1), 180–192 (2020)
medium reactors (smrs) (2012). https://inis.iaea.org/collection/ 59. Abur, A., Exposito, A.G.: Power system state estimation: theory and
NCLCollectionStore/_Public/50/003/50003436.pdf implementation. CRC press (2004)
39. Almalki, R., Piwowar, J., Siemer, J.: Geographical considerations in site 60. Abdallah, A., Shen, X.S.: Efficient prevention technique for false data
selection for small modular reactors in saskatchewan. Geosciences. 9(9), injection attack in smart grid. In: 2016 IEEE Int. Conf. on Communi-
402 (2019) cations (ICC), pp. 1–6. IEEE (2016)
40. Zanacic, E., McMartin, D.: Water supply assessment for siting small 61. Liang, G., et al.: A review of false data injection attacks against modern
modular reactors in Saskatchewan. In: Canadian Nuclear Society, Pro- power systems. IEEE Trans. Smart Grid. 8(4), 1630–1638 (2016)
ceedings. Saskatoon (2018) 62. Liu, Y., Ning, P., Reiter, M.K.: False data injection attacks against state
41. Ferris, D.M., Potter, G., Ferguson, G.: Characterization of the hydraulic estimation in electric power grids. ACM Trans. Inf. Syst. Secur. 14(1),
conductivity of glacial till aquitards. Hydrogeol. J. 28(5), 1827–1839 1–33 (2011)
(2020) 63. Yingram, M., Premrudeepreechacharn, S.: Investigation over/under-
42. Sprague, A., et al.: Developing subsurface geological criteria for small voltage protection of passive islanding detection method of distributed
modular reactors (smr), in saskatchewan. In: 40th Annual Conference of generations in electrical distribution systems. In: 2012 Int. Conf. on
the Canadian Nuclear Society. Saint John, NB, Canada (2020) Renewable Energy Research and Applications (ICRERA), pp. 1–5
43. Lulik, B., DeMontigny, D., Hussein, E.: Is an exclusion zone needed for a (2012)
small modular reactor? In: Canadian Nuclear Society, Proceedings, 64. Wang, X., et al.: Detection and isolation of false data injection attacks in
Saskatoon, (2018) smart grid via unknown input interval observer. IEEE Internet Things J.
44. Mehran, B., et al.: Case study scenarios in site selection of hazardous 7(4), 3214–3229 (2020)
material facilities based on transportation preferences. J. Mod. Transp. 65. Zhang, Y., Wang, J., Liu, J.: Attack identification and correction for pmu
27(4), 317–333 (2019) gps spoofing in unbalanced distribution systems. IEEE Trans. Smart
45. Zhang, X., et al.: A multicriteria small modular reactor site selection Grid. 11(1), 762–773 (2019)
model under long-term variations of climatic conditions-a case study for 66. SaskPower: Saskpower system map. https://www.saskpower.com/Our-
the province of saskatchewan, Canada. J. Clean. Prod. 290, 125651 (2021) Power-Future/Our-Electricity/Electrical-System/System-Map. Accessed
46. Omoruyi, B.: Indigenous peoples’ participation in regulatory framework 21 Apr 2020
for small modular reactors operations in Canada. In: 1st International 67. Station, T.A.E.E.: IEEE 118-bus system. https://electricgrids.engr.tamu.
Conference on Generation IV and Small Reactors. Ottawa, ON, Canada edu/electric-grid-test-cases/ieee-118-bus-system/. Accessed 21 Apr 2020
(2018) 68. Baker, M., Burgess, R.: Design and experience of a back-to-back hvdc
47. SaskPower: Saskpower. https://www.saskpower.com/. Accessed 01 Dec link in western Canada. In: 1991 Int. Conf. on Advances in Power System
2020 Control, Operation and Management, APSCOM-91. IET, pp. 686–693
48. Li, Y., Huang, R., Ma, L.: False data injection attack and defense method (1991)
on load frequency control. IEEE Internet Things J. 8(4), 2910–2919 69. Islam, S., Chowdhury, N.: A case-based windows graphic package for the
(2021) education and training of power system restoration. IEEE Trans. Power
49. Wang, X., et al.: Detection and isolation of false data injection attacks in Syst. 16(2), 181–187 (2001)
smart grids via nonlinear interval observer. IEEE Internet Things J. 6(4), 70. Kennedy, W., et al.: Five years experience with a new method of field
6498–6512 (2019) testing cross and quadrature polarized mho distance relays. ii. three case
50. Luo, X., et al.: Interval observer-based detection and localization against studies. IEEE Trans. Power Deliv. 3(3), 887–893 (1988)
false data injection attack in smart grids. IEEE Internet Things J. 8(2), 71. Jonnavithula, S., Billinton, R.: Topological analysis in bulk power
657–671 (2021) system reliability evaluation. IEEE Trans. Power Syst. 12(1), 456–463
51. Shrestha, R., Wagner, D., Al-Anbagi, I.: Fuzzy ahp-based siting of small (1997)
modular reactors for power generation in the smart grid. In: 2018 IEEE 72. MATPOWER.: Form the power flow jacobian. https://matpower.org/
Electrical Power and Energy Conf. (EPEC), pp. 1–6. IEEE (2018) docs/ref/matpower5.0/makeJac.html. Accessed 01 Dec 2020
52. Belles, R.J., Omitaomu, O.A.: Evaluation of potential locations for siting
small modular reactors near federal energy clusters to support federal
clean energy goals. Oak Ridge National Lab.(ORNL), Oak Ridge, TN
(United States), Tech. Rep. (2014) How to cite this article: Nayak, J., Al-Anbagi, I.:
53. Lokhov, A., et al.: Small modular reactors: nuclear energy market po- Vulnerability assessment and defence strategy to site
tential for near-term deployment. Org. for Economic Co-Op. and distributed generation in smart grid. IET Smart Grid.
Development, Tech. Rep. (2016)
5(3), 161–176 (2022). https://doi.org/10.1049/stg2.
54. Duan, N., et al.: Cybersecurity analysis of distribution grid operation with
distributed energy resources via co-simulation. In: 2020 IEEE Power 12059
Energy Society General Meeting (PESGM), pp. 1–5 (2020)