Detection And Defense Of Cyber Attacks In Multi-area Interconnected Power Grid

With the increasing application of modern communication,sensing,measurement and control technologies in the power generation-transmission-distribution-power consumption and other links in the power system,the communication network on the information side and the entities on the physical side have become closer.coupling,which makes the traditional power system gradually transform into a modern cyber-physical power system.On one hand,the aforementioned transformation improves the safety,reliability and efficiency of power system,on the other hand,the high coupling between the information side and the physical side also forces the modern power system to face the threat of cyber attacks.The automatic generation control system of the multi-area interconnected power grid is a typical application of the cyber-physical power system.The automatic power generation control system of the multi-area interconnected power grid is a typical application of the power cyber-physical system,which plays an important role in maintaining the power balance and frequency of the multi-area interconnected power grid.However,since its control effect is highly dependent on the uploading of measurement data and the issuance of control instructions by communication devices,it is inherently vulnerable to cyber attacks.However,the corresponding defense strategy research is still insufficient.This paper firstly sorts out the cyber attacks on the power system based on the three elements of information security,and analyzes the impact of various cyber attacks on the multi-area interconnected power grid.Then,from a data-driven perspective,a cyber attack detection strategy for regional interconnected power grids based on time series anomaly detection is designed,and a model-driven decentralized regional interconnected power grid cyber attack defense scheme is also proposed.The main work done in this paper is as follows:(1)The existing cyber attacks on the power system are summarized.According to the three elements of information security,the cyber attacks are divided into three types: integrity attacks,availability attacks,and confidentiality attacks,and the ways in which these three kinds of cyber attacks affect the multi-area interconnected power grid are analyzed..The automatic generation control system of the multi-area interconnected power grid is modeled and its vulnerability to cyber-attacks is analyzed,and the impact of cyber attacks on the power system is modeled.(2)A cyber attack detection method considering time series clustering based on unsupervised learning is proposed.By using the time series detection of the system’s area control error(ACE),it does not require the data of specific attack scenarios.Under the premise,it can effectively realize the detection of various cyber attacks.And it has strong robustness to the random fluctuation of load.(3)A decentralized defense strategy based on sliding-mode perturbation observer is proposed.The prosposed perturbation term can well unify the impact caused by the random combination of different cyber attacks.The sliding-mode perturbation observer can accurately estimate the perturbation caused by the random combination of cyber attacks.The designed closedloop compensation control can effectively eliminate the impact of cyber attacks.The proposed scheme only needs local data to operate autonomously in each area,so a decentralized structure can be realized.Therefore,multi-area cyber attacks can be detected and mitigated,thus ensures the stable operation of the power system.