Detection of False-Data Injection Attacks in Cyber-Physical DC Microgrids
Power electronics-intensive dc microgrids use increasingly complex software-based controllers and communication networks. They are evolving into cyber-physical systems (CPS) with sophisticated interactions between physical and computational processes, making them vulnerable to cyber attacks. This paper presents a framework to detect possible false-data injection attacks (FDIAs) in cyber-physical dc microgrids. The detection problem is formalized as identifying a change in sets of inferred candidate invariants. Invariants are microgrids properties that do not change over time. Both the physical plant and the software controller of CPS can be described as Simulink/Stateflow (SLSF) diagrams. The dynamic analysis infers the candidate invariants over the input/output variables of SLSF components. The reachability analysis generates the sets of reachable states (reach sets) for the CPS modeled as hybrid automata. The candidate invariants that contain the reach sets are called the actual invariants. The candidate invariants are then compared with the actual invariants, and any mismatch indicates the presence of FDIA. To evaluate the proposed methodology, the hybrid automaton of a dc microgrid, with a distributed cooperative control scheme, is presented. The reachability analysis is performed to obtain the reach sets and, hence, the actual invariants. Moreover, a prototype tool, HYbrid iNvariant GEneratoR, is extended to instrument SLSF models, obtain candidate invariants, and identify FDIA.
O. A. Beg, T. T. Johnson and A. Davoudi, "Detection of False-Data Injection Attacks in Cyber-Physical DC Microgrids," in IEEE Transactions on Industrial Informatics, vol. 13, no. 5, pp. 2693-2703, Oct. 2017, doi: 10.1109/TII.2017.2656905.