Coordinated False Data Injection Attacks in AGC System and Its Countermeasure

The Automatic Generation Control (AGC) system is vital for power system frequency stability. The frequency and tie-line power flow are measured and transmitted to the control room to form Area Control Error (ACE), which is then sent to each generator for power generation adjustment. Due to the vulnerability of the Inter-Control Center Communication (ICCP) protocol, which is used for data transmission, many attacks such as Denial of Service, timing de-synchronization, and False Data Injection (FDI) attack can be inflicted upon the compromised system. In this paper, we investigated the attacking mechanism and the impact of the coordinated FDI attack. Compared with the single attack model, the coordinated FDI attack has a smaller Time to Emergency (TTE) value and wider parameter ranges. Therefore, it is stealthier and more harmful to the AGC system. However, it is found that the pattern of the corrupted ACEs (attacked by a specific coordination FDI attack) follows a specific fashion. Therefore, we proposed a self-learning and evolving approach to detect this stealthy attack. The real data from an electric company helps to train and test the pattern recognition model. The coordinated attack is simulated and compared in a 3-area AGC system, while the proposed detection method is verified via the IEEE 39-bus test system.