Data-Driven False Data Injection Attacks against
Power Grids: A Random Matrix Approach
Item Type Article
Authors Lakshminarayana, Subhash; Kammoun, Abla; Debbah, Merouane;
Poor, H. Vincent
Citation Lakshminarayana, S., Kammoun, A., Debbah, M., & Poor, H. V.
(2021). Data-Driven False Data Injection Attacks Against Power
Grids: A Random Matrix Approach. IEEE Transactions on Smart
Grid, 12(1), 635–646. doi:10.1109/tsg.2020.3011391
Eprint version Post-print
DOI 10.1109/TSG.2020.3011391
Publisher Institute of Electrical and Electronics Engineers (IEEE)
Journal IEEE Transactions on Smart Grid
Rights (c) 2021 IEEE. Personal use of this material is permitted.
Permission from IEEE must be obtained for all other users,
including reprinting/ republishing this material for advertising or
promotional purposes, creating new collective works for resale
or redistribution to servers or lists, or reuse of any copyrighted
components of this work in other works.
Download date 10/08/2022 01:31:50
Link to Item http://hdl.handle.net/10754/661757
1
Data-Driven False Data Injection Attacks Against
Power Grid: A Random Matrix Approach
Subhash Lakshminarayana Member, IEEE, Abla Kammoun Member, IEEE, Merouane Debbah Fellow, IEEE and
H. Vincent Poor Fellow, IEEE
Abstract—We address the problem of constructing false data
injection (FDI) attacks that can bypass the bad data detector
(BDD) of a power grid. The attacker is assumed to have access to
only power flow measurement data traces (collected over a limited
period of time) and no other prior knowledge about the grid.
Existing related algorithms are formulated under the assumption
that the attacker has access to measurements collected over a long
(asymptotically infinite) time period, which may not be realistic.
We show that these approaches do not perform well when the
attacker has a limited number of data samples only. We design an
enhanced algorithm to construct FDI attack vectors in the face
of limited measurements that can nevertheless bypass the BDD
with high probability. The algorithm design is guided by results
from random matrix theory. Furthermore, we characterize an
important trade-off between the attack’s BDD-bypass probability
and its sparsity, which affects the spatial extent of the attack
that must be achieved. Extensive simulations using data traces
collected from the MATPOWER simulator and benchmark IEEE
bus systems validate our findings.
I. INTRODUCTION
Information and communication technologies (ICTs) play a
key role in reducing costs and improving the quality of service
in critical infrastructures such as the power grid. However,
they also make the infrastructures vulnerable to cyber attacks,
which may cause widespread damage as witnessed in a recent
attack against the Ukraine power grid [2]. Hence, it is critical
to assess the vulnerabilities of ICT-enabled critical infrastruc-
tures and devise ways to protect them.
In this work, we study the problem of constructing false
data injection (FDI) attacks against state estimation (SE) in a
power grid from an attacker’s perspective. It has been shown
[3] that if the attacker obtains detailed knowledge of the power
grid topology and transmission line reactance values – i.e.,
the system’s measurement matrix – then he can construct
FDI attacks that bypass the grid’s bad data detector (BDD).
Subsequent research [4], [5], [6], [7] has shown that an attacker
can learn the power grid’s measurement matrix [4], or learn the
structure of its column space by estimating the basis vectors
[5], [6], [7] from accessed measurement data (i.e., nodal power
injections and line power flows) only. The focus of our work
is on constructing these data-driven FDI attacks.
S. Lakshminarayana is with the University of Warwick, Coventry, UK
(email: subhash.lakshminarayana@warwick.ac.uk). A. Kammoun is with the
Electrical Engineering Department, King Abdullah University of Science and
Technology, Thuwal, Saudi Arabia (abla.kammoun@gmail.com). M. Debbah
is with the Mathematical and Algorithmic Sciences Lab, Huawei Technologies
Co. Ltd., France (merouane.debbah@huawei.com). H. Vincent Poor is with
the Department of Electrical Engineering, Princeton University, USA (email:
poor@princeton.edu).
The work was partially presented at ICASSP-2018 [1].
Prior work on designing data-driven BDD-bypass attacks
[5], [6], [7] has studied the setting of a long measurement
period encompassing (asymptotically infinitely) many sam-
ples. These works are based on principal component analysis
(PCA), whose basic idea is to use the sample covariance
matrix to identify the eigen modes along which the data
exhibits the greatest variance. It is well known that PCA
performs efficiently when the measurement period is signif-
icantly large compared to the signal dimension [8]. Thus, FDI
attacks constructed using these techniques perform well when
the attacker has access to measurements from a large time
window.
However, for practical purposes, it is important to un-
derstand these attacks under a limited measurement time
window. The reasons include (i) active topology control [9]
or renewable energy integration [10] that leads to an in-
herently dynamic operating environment, thereby rendering
measurements outdated and irrelevant after some time; and
(ii) an attacker’s desire or need (e.g., due to limited resources
or limited exploitation time windows) to launch the attack
quickly. Thus, in a practical scenario, the measurement time
period may not be asymptotically large compared to the
signal dimension, especially for large power grids (refer to the
example presented in Section III-B). It has been demonstrated
that under such a regime, the principal component estimated
by PCA is inconsistent [11]. Indeed, our experiments show that
FDI attacks constructed by the existing PCA-based algorithms
[5], [6], [7] do not perform well (in terms of the BDD-bypass
probability) when applied in a limited measurement period
setting.
To address these shortcomings, in this paper, we analyze
the problem of finding BDD-bypassing attack using measure-
ment data collected from a limited time window (comparable
to the measurement signal dimension), and identify guiding
principles for the solution in this context. Under the limited
measurement period setting, a key issue is that only a few
eigen modes can be reliably estimated from the sample co-
variance matrix. This number in turn depends on the length
of the measurement period relative to the signal dimension.
To bypass the BDD with a high probability, it is important
for the attacker to identify these critical eigen modes. Direct
application of the PCA method as in [5], [6], [7] does not use
this knowledge, and hence, performs poorly. In this work, we
propose an enhanced algorithm to construct FDI attacks in the
face of limited measurements that can nevertheless bypass the
BDD with high probability.
Our algorithm design is based on results from random
arXiv:2002.02519v1 [cs.CR] 6 Feb 2020
2
matrix theory (RMT). The application is based on an important
observation that the power grid’s SE utilizes several redundant
sensor measurements to filter the effect of measurement noise
and obtain an optimal estimate on the system state [12], [13].
In other words, the dimension of the measurement vector is
much greater than the size of the system state. Under this
setting, the covariance matrix of the sensor measurements has
a structure similar to the so-called “spiked models” in RMT
[14], [15], which comprises of a low-rank perturbation of a
scaled identity matrix. Here, the leading few eigen modes
correspond to the subspace spanned by the signal (i.e., system
state), where as the bulk of the eigen modes (corresponding
to the redundant measurements) correspond to the noise sub-
space. For data obtained from the spiked model, RMT results
can be used to characterize the number of eigen modes that can
be estimated accurately as a function of the measurement time
window, as well as the corresponding estimation accuracy [14],
[15]. Using these results, the attacker can carefully design the
attack vector by restricting it to a lower-dimensional subspace
that is spanned by the accurately estimated eigen modes only,
and bypass the BDD with a high probability. Otherwise, the
inaccurately estimated basis vectors may mislead the attack
vector to a subspace that is different from the intended one,
thereby risking detection by the BDD.
However, restricting the attack vector to a lower-
dimensional subspace of the estimated column space limits
the attacker’s freedom in crafting the FDI attack. In particular,
a resource-constrained attacker may wish to minimize the
number of the meters that must be compromised, or equiva-
lently find a sparsest attack vector in the execution [16], [17].
Clearly, maximizing the sparsity of the attack vector is best
achieved if we have an unconstrained choice of this vector over
the full estimated column space of the measurement matrix.
Hence, the attacker faces a fundamental tradeoff. On the one
hand, as we observed, restricting the attack vector to a lower-
dimensional subspace (spanned by the accurately estimated
basis vectors) will enhance the BDD-bypass probability under
limited measurements; i.e., the restriction makes the attack
efficient temporally. On the other hand, this restriction may
reduce the sparsity of the optimized attack vector, thus making
it less efficient spatially. To understand the tradeoffs between
the conflicting objectives, we compute the sparsest attack
vector while constraining it to subspaces of varying lower
dimensions of the full estimated column space.
To summarize, the contributions of this work are as follows.
• We propose an enhanced algorithm to construct data-
driven FDI attacks in the limited measurement period
setting that can bypass the BDD with high probability
using results from RMT.
• We characterize an important trade-off between the FDI
attack’s BDD-bypass probability and the number of
power meters in the grid that the attacker has to com-
promise in achieving the attack.
• We illustrate the fundamental trade-off by performing
extensive simulations using benchmark IEEE bus sys-
tems. The results show that the attacker can significantly
enhance the BDD-bypass probability using our proposed
approach.
Our results provide important understanding about the de-
sign of FDI attacks by a temporal and/or spatial resource-
limited attacker against power systems. We note that although
this work analyzes the problem from an attacker’s point
of view, our results have practical relevance in the design
of defense strategies as well. For instance, moving target
defense (MTD) has been recently proposed as an effective
strategy to thwart FDI attacks by invalidating the attacker’s
existing knowledge of the grid [18]. The frequency of MTD
perturbations depends on the attacker’s ability to learn the
system parameters [18], since the system must be perturbed
before the attacker can gather sufficient information to learn
the MTD perturbations. In this context, our analysis presents
a fundamental understanding of the attacker’s capabilities in
designing FDI attacks by accessing the system measurements.
To the best of our knowledge, this work is the first to apply
RMT results in the context of smart grids. While RMT results
have found wide application in other domains such as wireless
communications, finance, physics etc. (we refer the reader to
reference [19], Chapter 1 for a comprehensive review of RMT
applications), its application to smart grids has been scarce. In
particular, the application of the RMT spiked model results to
FDI attack construction is novel and has not been considered
previously, and this is a key contribution of our work.
The rest of the paper is organized as follows. We describe
the system model in Section II. We review existing subspace
method based algorithms to construct data-driven FDI attacks
and point our their drawbacks in Section III. In Section IV,
we present data-driven FDI attacks with limited number of
measurements using RMT results and analyze its performance.
The trade-offs in data-driven FDI attacks are discussed in
Section V. The simulation results are presented in Section VI.
Finally, conclusions are drawn in Section VII. The technical
proofs are omitted due to the lack of space and can be found
in the supplementary material.
II. SYSTEM MODEL
We consider a power grid that is characterized by a set
of buses N = {0, 1, 2, . . . , N } and transmission lines L =
{1, 2, . . . , L}. The node with index 0 is used to represent
the reference node. The grid is assumed to operate in a
time slotted manner indexed by t = 1, 2, . . . , T. To model
power flows within the grid, we adopt the direct current (dc)
power flow model [13]. Under this model, the system state
corresponds to the nodal voltage phase angles, which we
denote by θ[t] = [θ
1
[t], . . . , θ
N
[t]]
T
; i.e., θ
i
[t], i ∈ N is
the voltage phase angle at bus i during the time slot t. For
the reference bus, θ
0
[t] = 0, ∀t. We assume that the system
state fluctuates around a mean value, e.g., due to the temporal
variations of the load. Thus, θ[t] =
¯
θ + [t], where [t]
is assumed to be an independent and identically distributed
(i.i.d.) random vector (across time) whose fourth order moment
is bounded and its covariance matrix is given by σ
2
θ
I, (where
I denotes an identity matrix). Here in,
¯
θ represents the bus
voltage phase angles due at a base load (e.g., obtained by
solving the optimal power flow considering a base load).
The temporal independence assumption of the system state
3
fluctuations can be met by taking measurements with sufficient
load/angle variations over time.
State Estimation & Bad Data Detection: The system state
θ[t] is monitored using sensors deployed at the buses and
transmission lines. These sensors measure respectively the
nodal power injections and the forward/reverse line power
flows. Under the DC power flow model, these measurements,
which we denote by z[t] ∈ R
M
(where M denotes the number
of measurements), are related to the system state θ[t] ∈ R
N
as
z[t] = Hθ[t] + n[t], t = 1, 2, ··· , T, (1)
where H ∈ R
M×N
is the measurement matrix and n[t] is the
sensor measurement noise. The noise is assumed to be zero-
mean Gaussian with covariance matrix σ
2
n
I, and independent
of the system state θ[t]. It is also assumed to be i.i.d. across
the time slots. Without the loss of generality we set σ
2
n
= 1
throughout the paper, and scale the covariance of the θ[t]
appropriately (i.e., we set (σ
0
θ
)
2
= (σ
2
θ
/σ
2
n
) in our analysis).
The measurement matrix H depends on the system topology
(i.e., the bus connectivity) and the branch reactances [13]. We
assume that within the considered time interval T , H does not
change. The estimate of the system state, denoted by
b
θ[t], is re-
covered from the measurement vector z[t] using a maximum-
likelihood (ML) technique [12]:
b
θ[t] =
H
T
H
−1
H
T
z[t].
After state estimation, the residual vector is given by r[t] =
z[t] − H
b
θ[t]. The BDD checks for possible measurement
inconsistencies in z[t] works by comparing the norm of the
residual vector r = ||r[t]||
2
against a pre-defined threshold τ.
It raises an alarm if r ≥ τ. The threshold τ is selected to
ensure a certain false-positive (FP) rate.
Attacker Model: We consider an attacker who can eavesdrop
on the measurement data communicated between the field de-
vices and the control center by exploiting vulnerabilities in the
communication system. However, the attacker is assumed to
be unaware of the semantics of the accessed data. Furthermore,
the attacker has no other information about the grid (e.g., its
topology or bus system).
The attacker’s objective is to craft FDI attacks against the
state estimation. Denote the attack vector by a[t] ∈ R
M
, the
sensor measurements under attack by z
a
[t], where z
a
[t] =
z[t] + a[t], and the BDD residual under attack by r
a
[t] =
||z
a
[t] −H
b
θ
a
[t]||
2
. It has been shown [3] that for an attack of
the form a[t] = Hc[t], the residual value remains unchanged
under the attack, i.e., r
a
[t] = r[t]. Hence, the BDD’s detection
probability for such attacks is no greater than the FP rate. We
will henceforth refer to these attacks as undetectable attacks.
Note that constructing an undetectable FDI attack requires the
knowledge of H. In data-driven FDI attack, the attacker strives
to construct an undetectable FDI attack by learning the system
parameters using the accessed measurement data.
III. SUBSPACE METHOD BASED ALGORITHM AND THE
DRAWBACKS
In this section, we review existing subspace based approach
for constructing undetectable data-driven FDI attacks [5], [6],
[7], and point out its drawbacks under a practical regime of
limited observation time window.
A. Algorithm Description
Note that designing an undetectable attack is equivalent
to finding a non-zero vector in Col(H), or equivalently, a
linear combination of the basis vectors that span Col(H).
The attacker must estimate the basis vectors using the noisy
measurement data z[t], t = 1, . . . , T. This problem is well
studied in the signal processing literature [20], and has been
used to guide the construction of data-driven FDI attacks.
The key idea is to use the covariance matrix of the mea-
surements Σ
z
= E[(z[t] −E[z[t]])(z[t] −E[z[t]])
T
]. From (1),
it follows that
Σ
z
= σ
2
θ
HH
T
+ I. (2)
Let UΛU
T
be the SVD of Σ
z
, where U = [u
1
, . . . , u
M
],
is a matrix consisting of the eigen vectors of Σ
z
, and Λ =
diag(λ
1
, . . . , λ
M
) is a matrix consisting of the eigen values of
Σ
z
. Note that the rank of the matrix σ
2
θ
HH
T
is N. Thus, the
first N columns of U corresponding to the N largest singular
values must form the basis vectors of Col(σ
2
θ
HH
T
). Since,
Col(σ
2
θ
HH
T
) is equivalent to Col(H), they also form the
basis vectors of Col(H) [20]. Thus, the attacker must estimate
the eigen vectors of Σ
z
in order to construct an undetectable
FDI attack vector.
We note that the attacker cannot directly execute the proce-
dure stated above since the Σ
z
is unknown. However, it can
be estimated using the measurement data {z[t]}
T
t=1
. Based on
this observation, the procedure to construct data-driven FDI
attacks is summarized in Alg.1. (We use the superscript bto
denote estimates of the corresponding quantities. The notation
A
s
denotes a matrix consisting of the first s columns of the
matrix A, i.e., A
s
= [a
1
, . . . , a
s
], for any integer value s. ).
ALGORITHM 1: Construction of Data-driven FDI attack
1. Using measurements {z[1], . . . , z[T ]}, compute the
sample covariance matrix
b
Σ
z
as
b
Σ
z
=
1
T − 1
T
X
t=1
(z[t] −
¯
z) (z[t] −
¯
z)
T
,
where
¯
z denotes the sample mean given by
¯
z =
1
T −1
P
T
t=1
z[t].
2. Perform singular value decomposition (SVD) of
b
Σ
z
as
b
Σ
z
=
b
U
b
Λ
b
U
T
, where
b
U = [
b
u
1
, . . . ,
b
u
M
] and
b
Λ = diag(
b
λ
1
, . . . ,
b
λ
M
).
3. Construct an undetectable FDI attack vector as
a[t] =
b
U
N
c[t], where c[t] ∈ R
N
.
B. Drawbacks of Existing Techniques
The aforementioned subspace estimation algorithm per-
forms well in a classical setting when the number of temporal
measurements are far greater than the system dimension (i.e.,
T M, M/T → 0). However, under a practical setting, it is
unreasonable to expect the availability of an “infinite time win-
dow”, especially for large bus systems. For instance, consider
the IEEE-118 bus system which has M = 490 measurements
per time slot (assuming a fully measured system). Under an
4
Fig. 1: Limting eigen value distribution of sample covariance
matrix. Figure due to [19].
optimistic assumption of obtaining a temporally decorrelated
measurement every minute, the attacker would require a mea-
surement time window of 4900 minutes, or approximately,
80 hours, for the ratio of M/T = 10. However, the system
topology may have changed well before this duration.
Thus, we focus on a practically relevant scenario, where
the number of measurements M and the measurement time
window T are reasonably large, where as their ratio of
M/T = p > 0 is a finite constant. This scenario is espe-
cially relevant for large power grids. Under this regime, the
principal components estimated by Algorithm 1 are known to
be inconsistent [11]. Thus, in rest of the paper, we present an
enhanced algorithm for strengthening the attack’s BDD-bypass
probability when the attacker has access to measurements from
a limited time window. Furthermore, we characterize an im-
portant trade-off between the attack’s BDD-bypass probability
and the number of compromised measurements in executing
the attack.
IV. DATA-DRIVEN FDI ATTACKS WITH LIMITED NUMBER
OF MEASUREMENTS
In this section, we present an enhanced algorithm for data-
driven FDI attacks based on RMT results [19]. From the
discussion in Section III, note that the problem at hand is
equivalent to estimating the principal eigen values/vectors of
Σ
z
from the corresponding sample covariance matrix
b
Σ
z
. In
this section, we characterize analytical results that address this
problem.
The covariance matrix of the measurements Σ
z
can be
expressed through eigen decomposition as
Σ
z
= I +
N
X
i=1
µ
i
u
i
u
H
i
, (3)
where {µ
i
}
N
i=1
denote the eigen values of σ
2
θ
HH
H
and
{u
i
}
N
i=1
the corresponding eigen vectors. We will henceforth
refer to µ
1
, . . . , µ
N
as the “spike” eigen values. The attacker
must estimate the spikes and the corresponding eigen vectors
from
b
Σ
z
(which we will henceforth refer to as the sample
covariance matrix and its eigen values are given by
b
λ
i
). This
can be done as follows.
First, consider the case with no spikes, i.e., measurements
generated as z[t] ∼ N(0, Σ
z
) where Σ
z
= I. The eigen values
of Σ
z
are given by [1, . . . , 1] ∈ R
M
. For this model, the
limiting eigen value distribution
1
of
b
Σ
z
is known to converege
to the Marcenko-Pastur (MP) law [21]. We denote the limiting
distribution by F, which is shown in Fig. 1. Now consider
measurements whose covariance matrix given is by (3). The
eigen values of Σ
z
are given by
[µ
1
+ 1, . . . , µ
N
+ 1
| {z }
N terms
, 1, . . . , 1
| {z }
M−N terms
]. (4)
We focus on the limiting eigen value distribution of
b
Σ
z
for
this model (i.e., measurements from the covariance model (3)).
Following (4), one would expect the “leading N eigen values”
of
b
Σ
z
to be found outside the distribution of MP law, F (see
Fig. 1). Surprisingly, the number of eigen values that can be
found outside F depends critically on the ratio p = M/T.
This result was formalized in [14] and stated in Theorem 2,
Appendix A. Herein, we only present the main idea. Consider
µ
1
> µ
2
> ··· > µ
s
>
√
p, 1 ≤ s ≤ N, (5)
where s ≤ N is the number of spike eigen values that are less
than
√
p. Then, the result [14] states that for all µ
i
>
√
p,
when M, T → ∞, M/T = p > 0, there exists a deterministic
and one-to-one mapping between eigen value of the sample
covariance matrix (
c
Σ
z
), i.e., between
b
λ
i
and µ
i
. In other
words, all µ
i
which satisfy µ
i
>
√
p can be recovered from
the eigen values of sample covariance matrix. A similar result
also holds for estimating the corresponding eigen vectors [15],
i.e., the corresponding eigen vectors (for which µ
i
>
√
p) can
be reliably recovered from the eigen vectors of the sample
covariance matrix (see Theorem 2). It is important to note that
for eigen modes corresponding to µ
i
<
√
p, these relationships
do not hold, and the corresponding eigen value/vectors cannot
be recovered. Thus, the quantity
√
p represents a fundamental
“phase transition” point in estimating the spike eigen val-
ues/vectors from the sample covariance matrix.
The result is important in this context, since it precisely
characterizes the information about Col(H) that the attacker
can recover from the measurements as a function of the
observation time window T (specifically, the ratio p = M/T).
To construct a data-driven FDI that can bypass the BDD with a
high probability, the attacker must first estimate the number of
eigen values/vectors, s, that can be reliably recovered from the
measurements {z[t]}
T
t=1
. Note that the attacker cannot directly
use (5) to determine s, since he does not have the knowledge
of µ
i
. Using the result of Theorem 2 (Appendix A), it follows
that for µ
i
>
√
p, with probability 1, we have
b
λ
i
> (1+
√
p)
2
.
Thus the attacker can determine s by counting the number
of eigen values of the sample covariance matrix that exceed
(1 +
√
p)
2
, i.e.,
s = {#i,
b
λ
i
> (1 +
√
p)
2
}. (6)
Note that direct application of subspace estimation algorithm
as proposed in [5], [6], [7] (Algorithm 1) uses all N estimated
1
Limiting eigen value distribution is the distribution of eigen values of
b
Σ
z
when M, T → ∞, M/T = p > 0.
![Fig. 1: Limting eigen value distribution of sample covariance matrix. Figure due to [19].](/figures/fig-1-limting-eigen-value-distribution-of-sample-covariance-1yznm1lg.webp)
