This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional m...This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional methods by considering both denial-of-service(DoS)and false data injection(FDI)attacks simultaneously.Additionally,the stability conditions for the system under these hybrid attacks are established.It is technically challenging to design the control strategy by predicting attacker actions based on Stcakelberg game to ensure the system stability under hybrid attacks.Another technical difficulty lies in establishing the conditions for mean-square asymptotic stability due to the complexity of the attack scenarios Finally,simulations on an unstable batch reactor system under hybrid attacks demonstrate the effectiveness of the proposed strategy.展开更多
The intelligent operation management of distribution services is crucial for the stability of power systems.Integrating the large language model(LLM)with 6G edge intelligence provides customized management solutions.H...The intelligent operation management of distribution services is crucial for the stability of power systems.Integrating the large language model(LLM)with 6G edge intelligence provides customized management solutions.However,the adverse effects of false data injection(FDI)attacks on the performance of LLMs cannot be overlooked.Therefore,we propose an FDI attack detection and LLM-assisted resource allocation algorithm for 6G edge intelligenceempowered distribution power grids.First,we formulate a resource allocation optimization problem.The objective is to minimize the weighted sum of the global loss function and total LLM fine-tuning delay under constraints of long-term privacy entropy and energy consumption.Then,we decouple it based on virtual queues.We utilize an LLM-assisted deep Q network(DQN)to learn the resource allocation strategy and design an FDI attack detection mechanism to ensure that fine-tuning remains on the correct path.Simulations demonstrate that the proposed algorithm has excellent performance in convergence,delay,and security.展开更多
This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the meas...This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the measurement residuals of partial sensors due to limited attack resources,is proposed to maximally degrade system estimation performance.The attack stealthiness condition is given,and then the estimation error covariance in compromised state is derived to quantify the system performance under attack.The optimal attack strategy is obtained by solving several convex optimization problems which maximize the trace of the compromised estimation error covariance subject to the stealthiness condition.Moreover,due to the constraint of attack resources,the selection principle of the attacked sensor is provided to determine which sensor is attacked so as to hold the most impact on system performance.Finally,simulation results are presented to verify the theoretical analysis.展开更多
Modern power grid is fast emerging as a complex cyber-physical power system(CPPS)integrating physical current-carrying components and processes with cyber-embedded computing,which faces increasing cy-berspace security...Modern power grid is fast emerging as a complex cyber-physical power system(CPPS)integrating physical current-carrying components and processes with cyber-embedded computing,which faces increasing cy-berspace security threats and risks.In this paper,the state(i.e.,voltage)offsets resulting from false data injection(FDI)attacks and the bus safety characterization are applied to quantify the attack consequences.The state offsets are obtained by the state estimation method,and the bus safety characterization considers the power net-work topology as well as the vulnerability and connection relationship of buses.Considering the indeterminacy of attacker’s resource consumption and reward,a zero-sum game-theoretical model from the defender’s perspective with incomplete information is explored for the optimal allocation of limited defensive resources.The attacker aims to falsify measurements without triggering threshold alarms to break through the protection,leading to load shedding,over-voltage or under-voltage.The defender attempts to ensure the estimation results to be as close to the actual states as possible,and guarantee the system’s safety and efficient defensive resource utilization.The proposed solution is extensively evaluated through simu-lations using the IEEE 33-bus test network and real-time digital simulator(RTDS)based testbed experiments of the IEEE 14-bus network.The results demonstrate the effec-tiveness of the proposed game-theoretical approach for optimal defensive resource allocation in CPPS when lim-ited resources are available when under FDI attacks.Index Terms—Optimal strategy,game theory,Nash equilibrium,CPPS,FDI attack.展开更多
In this article,an adaptive security control scheme is presented for cyber-physical systems(CPSs)suffering from false data injection(FDI)attacks and time-varying state constraints.Firstly,an adaptive bound estimation ...In this article,an adaptive security control scheme is presented for cyber-physical systems(CPSs)suffering from false data injection(FDI)attacks and time-varying state constraints.Firstly,an adaptive bound estimation mechanism is introduced in the backstepping control design to mitigate the effect of FDI attacks.Secondly,to solve the unknown sign time-varying statefeedback gains aroused by the FDI attacks,a type of Nussbaum function is employed in the adaptive security control.Then,by constructing a barrier Lyapunov function,it can be ensured that all signals of controlled system are bounded and the time-varying state constraints are not transgressed.Finally,the provided simulation examples demonstrate the effectiveness of the proposed controller.展开更多
This paper,from the view of a defender,addresses the security problem of cyber-physical systems(CPSs)subject to stealthy false data injection(FDI)attacks that cannot be detected by a residual-based anomaly detector wi...This paper,from the view of a defender,addresses the security problem of cyber-physical systems(CPSs)subject to stealthy false data injection(FDI)attacks that cannot be detected by a residual-based anomaly detector without other defensive measures.To detect such a class of FDI attacks,a stochastic coding scheme,which codes the sensor measurement with a Gaussian stochastic signal at the sensor side,is proposed to assist an anomaly detector to expose the FDI attack.In order to ensure the system performance in the normal operational context,a decoder is adopted to decode the coded sensor measurement when received at the controller side.With this detection scheme,the residual under the attack can be significantly different from that in the normal situation,and thus trigger an alarm.The design condition of the coding signal covariance is derived to meet the constraints of false alarm rate and attack detection rate.To minimize the trace of the coding signal covariance,the design problem of the coding signal is converted into a constraint non-convex optimization problem,and an estimation-optimization iteration algorithm is presented to obtain a numerical solution of the coding signal covariance.A numerical example is given to verify the effectiveness of the proposed scheme.展开更多
A nearest-neighbor-based detector against load redistribution attacks is presented.The detector is designed to scale from small-scale to very large-scale systems while guaranteeing consistent detection performance.Ext...A nearest-neighbor-based detector against load redistribution attacks is presented.The detector is designed to scale from small-scale to very large-scale systems while guaranteeing consistent detection performance.Extensive testing is performed on a realistic large-scale system to evaluate the perfor-mance of the proposed detector against a wide range of attacks,from simple random noise attacks to sophisticated load redistribution attacks.The detection capability is analyzed against different attack parameters to evaluate its sensitivity.A statistical test that leverages the proposed detector is introduced to identify which loads are likely to have been maliciously modified,thus,localizing the attack subgraph.This test is based on ascribing to each load a risk measure(probability of being attacked)and then computing the best posterior likelihood that minimizes log-loss.展开更多
A new privacy-preserving algorithm based on the Paillier cryptosystem including a new cooperative control strategy is proposed in this paper, which can resist the false data injection(FDI) attack based on the finite-t...A new privacy-preserving algorithm based on the Paillier cryptosystem including a new cooperative control strategy is proposed in this paper, which can resist the false data injection(FDI) attack based on the finite-time control theory and the data encryption strategy. Compared with the existing algorithms, the proposed privacy-preserving algorithm avoids the direct transmission of the ciphertext of frequency data in communication links while avoiding complex iterations and communications. It builds a secure data transmission environment that can ensure data security in the AC microgrid cyber-physical system(CPS). This algorithm provides effective protection for AC microgrid CPS in different cases of FDI attacks. At the same time, it can completely eliminate the adverse effects caused by the FDI attack. Finally, the effectiveness, security, and advantages of this algorithm are verified in the improved IEEE 34-node test microgrid system with six distributed generators(DGs) in different cases of FDI attacks.展开更多
Distributed secondary control,depending on the sparse communication topology,excels for its flexibility and expandability in microgrids.The communication network plays an important role in microgrid control,but it is ...Distributed secondary control,depending on the sparse communication topology,excels for its flexibility and expandability in microgrids.The communication network plays an important role in microgrid control,but it is vulnerable to cyber-attacks.In this paper,the mathematical model for false data injection(FDI)attacks in AC microgrids is established,and the corresponding detection mechanism based on the morphological gradient is designed for the location of cyber-attacks in communication topology.Then,we propose a median-based resilient consensus voltage control strategy to mitigate the negative effects caused by malicious cyber-attacks and ensure the safe operation of the microgrid.Combining the detection method and resilient consensus control,a novel eventdriven mitigation scheme is derived to improve the resilience of microgrids under cyber-attacks.Finally,a tested microgrid model composed of five different distributed generation(DG)units is simulated in the MATLAB/Simulink environment.The feasibility and effectiveness of the presented detection mechanism and resilient consensus strategy are verified by simulation results applying different scenarios.展开更多
Distributed secondary control has been proposed to maintain frequency/voltage synchronization and power sharing for distributed energy sources in AC microgrids(MGs).The cyber layer is susceptible to time delays and cy...Distributed secondary control has been proposed to maintain frequency/voltage synchronization and power sharing for distributed energy sources in AC microgrids(MGs).The cyber layer is susceptible to time delays and cyber failures and thus,a distributed resilient secondary control should be investigated.This paper proposes a distributed multi-scale attention and predictor-based control(DMAPC)strategy to address false data injection attacks and packet loss failures with time delays.The multi-scale attention mechanism enables the system to selectively focus on neighbors'states with higher confidence evaluated in different time scales,while the data-driven predictor compensates for lost neighbors'states in the nonlinear controller.The DMAPC does not impose strict limitations on the number of false communication links or upper bound for false data.Besides,the DMAPC is formulated as an uncertain system with time delays and is proven to be uniformly ultimately bounded.Extensive experiments on a hardware-in-the-loop MG testbed have validated the effectiveness of DMAPC,which successfully relaxes restrictions on cyber failures compared to existing strategies.展开更多
基金supported in part by Shanghai Rising-Star Program,China under grant 22QA1409400in part by National Natural Science Foundation of China under grant 62473287 and 62088101in part by Shanghai Municipal Science and Technology Major Project under grant 2021SHZDZX0100.
文摘This paper investigates the problem of optimal secure control for networked control systems under hybrid attacks.A control strategy based on the Stackelberg game framework is proposed,which differs from conventional methods by considering both denial-of-service(DoS)and false data injection(FDI)attacks simultaneously.Additionally,the stability conditions for the system under these hybrid attacks are established.It is technically challenging to design the control strategy by predicting attacker actions based on Stcakelberg game to ensure the system stability under hybrid attacks.Another technical difficulty lies in establishing the conditions for mean-square asymptotic stability due to the complexity of the attack scenarios Finally,simulations on an unstable batch reactor system under hybrid attacks demonstrate the effectiveness of the proposed strategy.
基金supported by the Science and Technology Project of State Grid Corporation of China under Grant Number 52094021N010(5400-202199534A-0-5-ZN).
文摘The intelligent operation management of distribution services is crucial for the stability of power systems.Integrating the large language model(LLM)with 6G edge intelligence provides customized management solutions.However,the adverse effects of false data injection(FDI)attacks on the performance of LLMs cannot be overlooked.Therefore,we propose an FDI attack detection and LLM-assisted resource allocation algorithm for 6G edge intelligenceempowered distribution power grids.First,we formulate a resource allocation optimization problem.The objective is to minimize the weighted sum of the global loss function and total LLM fine-tuning delay under constraints of long-term privacy entropy and energy consumption.Then,we decouple it based on virtual queues.We utilize an LLM-assisted deep Q network(DQN)to learn the resource allocation strategy and design an FDI attack detection mechanism to ensure that fine-tuning remains on the correct path.Simulations demonstrate that the proposed algorithm has excellent performance in convergence,delay,and security.
基金supported by the National Natural Science Foundation of China(61925303,62173034,62088101,U20B2073,62173002)the National Key Research and Development Program of China(2021YFB1714800)Beijing Natural Science Foundation(4222045)。
文摘This paper investigates the security issue of multisensor remote estimation systems.An optimal stealthy false data injection(FDI)attack scheme based on historical and current residuals,which only tampers with the measurement residuals of partial sensors due to limited attack resources,is proposed to maximally degrade system estimation performance.The attack stealthiness condition is given,and then the estimation error covariance in compromised state is derived to quantify the system performance under attack.The optimal attack strategy is obtained by solving several convex optimization problems which maximize the trace of the compromised estimation error covariance subject to the stealthiness condition.Moreover,due to the constraint of attack resources,the selection principle of the attacked sensor is provided to determine which sensor is attacked so as to hold the most impact on system performance.Finally,simulation results are presented to verify the theoretical analysis.
基金supported by the National Key Research and Development Program of China(No.2023YFB 3107603)the“Pioneer”and“Leading Goose”R&D Program of Zhejiang(No.2022C01239)+2 种基金the Special Support Plan for Zhejiang Province High-level Talents(No.2022R52012)the National Natural Science Foundation of China(No.52177119)the Funda-mental Research Funds for the Central Universities(Zhejiang University NGICS Platform).
文摘Modern power grid is fast emerging as a complex cyber-physical power system(CPPS)integrating physical current-carrying components and processes with cyber-embedded computing,which faces increasing cy-berspace security threats and risks.In this paper,the state(i.e.,voltage)offsets resulting from false data injection(FDI)attacks and the bus safety characterization are applied to quantify the attack consequences.The state offsets are obtained by the state estimation method,and the bus safety characterization considers the power net-work topology as well as the vulnerability and connection relationship of buses.Considering the indeterminacy of attacker’s resource consumption and reward,a zero-sum game-theoretical model from the defender’s perspective with incomplete information is explored for the optimal allocation of limited defensive resources.The attacker aims to falsify measurements without triggering threshold alarms to break through the protection,leading to load shedding,over-voltage or under-voltage.The defender attempts to ensure the estimation results to be as close to the actual states as possible,and guarantee the system’s safety and efficient defensive resource utilization.The proposed solution is extensively evaluated through simu-lations using the IEEE 33-bus test network and real-time digital simulator(RTDS)based testbed experiments of the IEEE 14-bus network.The results demonstrate the effec-tiveness of the proposed game-theoretical approach for optimal defensive resource allocation in CPPS when lim-ited resources are available when under FDI attacks.Index Terms—Optimal strategy,game theory,Nash equilibrium,CPPS,FDI attack.
基金Funds of National Science of China(Grant no.61973146,62173172,61833001)the Doctoral Research Initiation of Foundation of Liaoning Province(No.20180540047)the Distinguished Young Scientific Research Talents Plan in Liaoning Province(No.XLYC1907077,JQL201915402).
文摘In this article,an adaptive security control scheme is presented for cyber-physical systems(CPSs)suffering from false data injection(FDI)attacks and time-varying state constraints.Firstly,an adaptive bound estimation mechanism is introduced in the backstepping control design to mitigate the effect of FDI attacks.Secondly,to solve the unknown sign time-varying statefeedback gains aroused by the FDI attacks,a type of Nussbaum function is employed in the adaptive security control.Then,by constructing a barrier Lyapunov function,it can be ensured that all signals of controlled system are bounded and the time-varying state constraints are not transgressed.Finally,the provided simulation examples demonstrate the effectiveness of the proposed controller.
基金supported by the National Natural Science Foundation of China under Grant Nos.61925303,62088101,U20B2073,61720106011,and 62173002the National Key R&D Program of China under Grant No.2018YFB1700100the Beijing Natural Science Foundation under Grant No.4222045。
文摘This paper,from the view of a defender,addresses the security problem of cyber-physical systems(CPSs)subject to stealthy false data injection(FDI)attacks that cannot be detected by a residual-based anomaly detector without other defensive measures.To detect such a class of FDI attacks,a stochastic coding scheme,which codes the sensor measurement with a Gaussian stochastic signal at the sensor side,is proposed to assist an anomaly detector to expose the FDI attack.In order to ensure the system performance in the normal operational context,a decoder is adopted to decode the coded sensor measurement when received at the controller side.With this detection scheme,the residual under the attack can be significantly different from that in the normal situation,and thus trigger an alarm.The design condition of the coding signal covariance is derived to meet the constraints of false alarm rate and attack detection rate.To minimize the trace of the coding signal covariance,the design problem of the coding signal is converted into a constraint non-convex optimization problem,and an estimation-optimization iteration algorithm is presented to obtain a numerical solution of the coding signal covariance.A numerical example is given to verify the effectiveness of the proposed scheme.
基金the National Science Foundation(No.CNS-1449080,No.OAC-1934766)the Power System Engineering Research Center(PSERC)under projects S-72 and S-87。
文摘A nearest-neighbor-based detector against load redistribution attacks is presented.The detector is designed to scale from small-scale to very large-scale systems while guaranteeing consistent detection performance.Extensive testing is performed on a realistic large-scale system to evaluate the perfor-mance of the proposed detector against a wide range of attacks,from simple random noise attacks to sophisticated load redistribution attacks.The detection capability is analyzed against different attack parameters to evaluate its sensitivity.A statistical test that leverages the proposed detector is introduced to identify which loads are likely to have been maliciously modified,thus,localizing the attack subgraph.This test is based on ascribing to each load a risk measure(probability of being attacked)and then computing the best posterior likelihood that minimizes log-loss.
基金supported in part by National Key R&D Program of China (No. 2018YFA0702200)in part by National Natural Science Foundation of China (No. 61773099)。
文摘A new privacy-preserving algorithm based on the Paillier cryptosystem including a new cooperative control strategy is proposed in this paper, which can resist the false data injection(FDI) attack based on the finite-time control theory and the data encryption strategy. Compared with the existing algorithms, the proposed privacy-preserving algorithm avoids the direct transmission of the ciphertext of frequency data in communication links while avoiding complex iterations and communications. It builds a secure data transmission environment that can ensure data security in the AC microgrid cyber-physical system(CPS). This algorithm provides effective protection for AC microgrid CPS in different cases of FDI attacks. At the same time, it can completely eliminate the adverse effects caused by the FDI attack. Finally, the effectiveness, security, and advantages of this algorithm are verified in the improved IEEE 34-node test microgrid system with six distributed generators(DGs) in different cases of FDI attacks.
基金supported by the National Key Research and Development Program of China(2020YFE0200400)。
文摘Distributed secondary control,depending on the sparse communication topology,excels for its flexibility and expandability in microgrids.The communication network plays an important role in microgrid control,but it is vulnerable to cyber-attacks.In this paper,the mathematical model for false data injection(FDI)attacks in AC microgrids is established,and the corresponding detection mechanism based on the morphological gradient is designed for the location of cyber-attacks in communication topology.Then,we propose a median-based resilient consensus voltage control strategy to mitigate the negative effects caused by malicious cyber-attacks and ensure the safe operation of the microgrid.Combining the detection method and resilient consensus control,a novel eventdriven mitigation scheme is derived to improve the resilience of microgrids under cyber-attacks.Finally,a tested microgrid model composed of five different distributed generation(DG)units is simulated in the MATLAB/Simulink environment.The feasibility and effectiveness of the presented detection mechanism and resilient consensus strategy are verified by simulation results applying different scenarios.
基金supported by the Science and Technology Project of State Grid Corporation of China(No.5100202119559A-0-5-SF)。
文摘Distributed secondary control has been proposed to maintain frequency/voltage synchronization and power sharing for distributed energy sources in AC microgrids(MGs).The cyber layer is susceptible to time delays and cyber failures and thus,a distributed resilient secondary control should be investigated.This paper proposes a distributed multi-scale attention and predictor-based control(DMAPC)strategy to address false data injection attacks and packet loss failures with time delays.The multi-scale attention mechanism enables the system to selectively focus on neighbors'states with higher confidence evaluated in different time scales,while the data-driven predictor compensates for lost neighbors'states in the nonlinear controller.The DMAPC does not impose strict limitations on the number of false communication links or upper bound for false data.Besides,the DMAPC is formulated as an uncertain system with time delays and is proven to be uniformly ultimately bounded.Extensive experiments on a hardware-in-the-loop MG testbed have validated the effectiveness of DMAPC,which successfully relaxes restrictions on cyber failures compared to existing strategies.
