Attack Detection and Identification for Automatic Generation Control Systems

Integrating today's power systems with communication infrastructure makes them vulnerable to cyber-attacks, which can disrupt their normal operation undetectable. Automatic generation control (AGC) is one of the vulnerable controllers in power grids, since it greatly depends on communication systems. This paper first shows that false data injection attacks (FDIAs) against an AGC system can be carried out stealthily with destructive outcomes. Then, it proposes an anomaly based attack detection and identification method for protecting the AGC system against cyber vulnerabilities. To detect attacks, the proposed method estimates the load frequency control system's states using an unknown input observer (UIO), and calculates the UIO's residual function. A discrepancy between the residual functions and a predefined threshold signifies an FDIA. Different identification UIOs are then used to determine the attack type, i.e., which system parameter(s) is (are) targeted by the attack. The effectiveness of the proposed method is corroborated using simulation results for a three-area power system and the IEEE 39-bus network.