Subspace Methods for Data Attack on State Estimation: A Data Driven Approach (1406.0866v1)

Abstract: Data attacks on state estimation modify part of system measurements such that the tempered measurements cause incorrect system state estimates. Attack techniques proposed in the literature often require detailed knowledge of system parameters. Such information is difficult to acquire in practice. The subspace methods presented in this paper, on the other hand, learn the system operating subspace from measurements and launch attacks accordingly. Conditions for the existence of an unobservable subspace attack are obtained under the full and partial measurement models. Using the estimated system subspace, two attack strategies are presented. The first strategy aims to affect the system state directly by hiding the attack vector in the system subspace. The second strategy misleads the bad data detection mechanism so that data not under attack are removed. Performance of these attacks are evaluated using the IEEE 14-bus network and the IEEE 118-bus network.

• The paper introduces novel subspace methods for data attacks on state estimation in cyber-physical systems, enabling attackers to distort results and evade detection without requiring full system knowledge.
• Numerical results demonstrate that these subspace methods effectively perturb state estimation on IEEE test systems and evade detection, showing significant impact even with partial data access and comparable to full-knowledge attacks.
• The findings highlight the vulnerability of sensor-based systems to data-driven attacks and emphasize the need for enhanced data security measures beyond basic sensor authentication for improved system resilience.

Subspace Methods for Data Attack on State Estimation

The paper presents a novel approach utilizing subspace methods for launching data attacks on state estimation in cyber physical systems (CPS), particularly focusing on power grids. These attacks aim to distort the system state estimation by modifying sensor data while remaining undetected by standard bad data detection mechanisms. This research is significant as it addresses the practical limitations faced by adversaries in acquiring detailed network topology and system parameters required for traditional data attack strategies.

Overview

This paper develops two main attack strategies that rely on learning the underlying subspace of measurements collected from the sensors:

1. Unobservable Subspace Attack: This strategy uses the system's operating subspace to inject false data into sensor measurements in such a way that the resulting corrupted measurements are indistinguishable from valid ones. The authors derive the conditions under which these attacks can remain unobservable, even under scenarios with partial measurement access. The theoretical foundation for these conditions is provided through graph theoretic insights, primarily focusing on the power grid's network topology to ensure the feasibility of attacks with partial sensor observations.
2. Data Framing Attack: This strategy manipulates the data such that non-compromised measurements are erroneously identified and removed by the system's bad data detection processes. By cleverly designing the attack vector, the adversary can ensure that the remaining tempered data still possess significant discrepancies, thus severely misguiding the state estimation process. The paper outlines a quadratically constrained quadratic programming (QCQP) formulation for determining optimal attack vectors that maximize the energy in the normalized residues misrepresenting valid data as corrupt.

Numerical Results

Simulations conducted on the IEEE 14-bus and 118-bus networks validate the effectiveness of these subspace-based attack strategies. The results illustrate that both full and partial measurement observability can lead to significant perturbations in state estimation, demonstrating robustness even when the full system information isn't available to the adversary. Importantly, the paper shows these techniques can achieve comparable impact to attacks that assume full knowledge of the system model, highlighting the strengths of subspace methods in practical attack frameworks.

Implications and Future Directions

While the paper presents a robust method for executing data attacks using limited system information, the results emphasize the vulnerability of sensor-based systems to sophisticated adversarial strategies exploiting data-driven techniques. Practically, this underscores the need for power grid operators and CPS designers to enhance data encryption and access controls beyond sensor data authentication, as even indirect access to sensor measurements could suffice for adversaries to conduct impactful attacks.

From a theoretical standpoint, future research could explore extensions to dynamic CPS models, enhancing the understanding of subspace-based attacks in a broader spectrum of system operations. Moreover, further investigations into countermeasures specifically tailored against the presented attack strategies, especially utilizing adaptive filtering and anomaly detection approaches, are warranted to augment system resilience.

Overall, this paper contributes a substantial advancement in understanding data-driven attack methodologies on state estimation in CPS and poses essential considerations for strategic defense enhancements in sensor-intensive domains.