Research On Model-Driven And Data-Driven Detection And Automatic Voltage Control (AVC) Attack On Power Plant

With the development and widespread application of information technology in the power industry,the threat of cyber-attacks encountered in the traditional computer industry and communications industry has also been introduced into power plants.When performing automatic voltage control(AVC),the dispatching center will send a control signal to the controlled unit to change its reactive power output and the voltage at high-voltage side.However,in the above process,the control signal may be tampered with by an attacker launching Man-in-the-Middle Attack.Once the AVC attack is successful,the most direct impact on the power grid is the change of the buses’ voltage amplitude in corresponding area of the attacked unit.It will even cause grid voltage instability,disconnection,voltage collapse,large-scale power failure and other failures,which will seriously affect the stable operation of the power system and the production and life of enterprises and residents,and cause major economic losses.Based on this background,this paper,starting from the theory of automatic voltage control(AVC),carries out further research on the construction and detection of AVC attacks.The main research contents are as follows:Firstly,the AVC is introduced,the mathematical model of coordinated secondary voltage control(CSVC)is briefly described,and the IEEE 39-Bus 6-Partition CSVC system is simulated to verify that CSVC can ensure as much as possible the safe operation of the voltage at each node and reasonably arrange the reactive power generation of the controlled generators in each area to increase the margin of reactive power that can be generated by the grid and achieve coordination in terms of economy and safety.Secondly,a single-zone,single-generator AVC attack vector is constructed,which can be implemented by Man-in-the-Middle Attack and is capable of causing maximum voltage excursions without causing AVC blocking on the plant side.And a three-layer optimization model for multi-zone,multi-generator AVC attack is proposed.The attacker in the upperlevel model maximizes the power system operation loss;the grid scheduler in the middlelevel model performs security-constrained economic dispatch(SCED);and the CSVC model is used in the lower-level model.The initial three-level nonlinear optimization problem is transformed into a two-level problem and then transformed into a single-layer nonlinear optimization model and solved using the BARON solver.The simulation of the six attack target selection schemes confirms that the scheme obtained from the three-layer optimization model proposed in this paper outperforms the two-layer optimization model as well as the other four stochastic schemes.Finally,an AVC attack detection method using the coordination of model driven method— Particle Filtering(PF)and data-driven method— multidimensional time series anomaly detection based on graph attention network(MTAD-GAT)is proposed.Random attacks are launched for various load scenarios in the simulation,and AVC attack detection is performed using the above method as well as XG-Boost and SVM,and the superiority of the proposed method is demonstrated using the successful attack detection rate and the unattacked false detection rate.