OLTC-Induced False Data Injection Attack On VoltVA

This article has been accepted for publication in a future issue of this journal, but has not been
fully edited. Content may change prior to final publication. Citation information: DOI
10.1109/ACCESS.2019.2904959, IEEE Access
Digital Object Identifier
OLTC-Induced False Data Injection

Attack on Volt/VAR Optimization in
Distribution Systems
DARANITH CHOEUM, (Student Member, IEEE), DAE-HYUN CHOI, (Member, IEEE)
School of Electrical and Electronics Engineering, Chung-Ang University, Seoul 156-756, South Korea
Corresponding author: Dae-Hyun Choi (e-mail: dhchoi@ cau.ac.kr).
This work was supported in part by the Korea Electric Power Corporation under Grant R17XA05-75, and in part by the National Research
Foundation of Korea (NRF) Grant through the Korea Government (MSIP) under Grant 2018R1C1B6000965.
ABSTRACT This paper presents a new class of false data injection attacks (FDIAs) on Volt/VAR
optimization (VVO), which may result in abnormal voltage conditions along the radial medium voltage
(MV) distribution feeder with an on-load tap changer (OLTC), capacitor banks (CBs), solar photovoltaic
(PV) systems and smart meters. In comparison with existing FDIAs against voltage control that do not
consider the VVO process, we propose a new attack strategy with which the adversary can maliciously
change the distribution feeder voltage profile by misleading the VVO function through stealthily injecting
false data into smart meter measurements that are used for VVO. The proposed attack strategy is formulated
as a bilevel optimization problem using mixed integer linear programming (MILP). Injected false load data
that raise or lower the tap position of the OLTC are calculated at the upper level while the VVO process is
guaranteed to correctly operate with false data at the lower level. The bilevel optimization problem is finally
reformulated to a single-level optimization problem based on Karush–Kuhn–Tucker conditions of the lower
level optimization problem. A simulation study is carried out in an IEEE 33-bus distribution system with an
OLTC, CBs, PV systems, and smart meters, and our results demonstrate the feasibility and capability of the
proposed attack approach in terms of voltage level, attack effort, and PV penetration rate.
INDEX TERMS False data injection attack (FDIA), volt/var optimization (VVO), on-load tap changer
(OLTC), smart meter, active distribution network
NOMENCLATURE Vt,d Voltage magnitude for node d at period t.

A. VVO FORMULATION V min(max)
Minimum(Maximum) limit of the allowed
Nt Total number of prediction horizon steps. voltage range for node d.
Nd Total number of nodes. PV
Pbt,d Predicted PV real power output for node d at
rd Resistance of the line from node d. period t.
xd Reactance of the line from node d. QPV
t,d PV reactive power output for node d at period
line t.
Pt,d Real power flow from node d to d + 1 at
period t. QCAP
t,d Reactive power output of CB for node d at
period t.
Qline
t,d Reactive power flow from node d to d + 1 at
load
period t. Pbt,d Predicted real load consumption for node d
node at period t.
Pt,d Net real power consumption for node d at
b load
Q Predicted reactive load consumption for node
period t. t,d
d at period t.
Qnode
t,d Net reactive power consumption for node d
at period t. T apOLTC
t Tap position of OLTC at period t.
P (Q)lat Real(Reactive) power flow through the lat- aOLTC Step size of change in OLTC tap position.
t,d
eral branch from node d at period t.
VOLUME , 2019 1
2169-3536 (c) 2018 IEEE. Translations and content mining are permitted for academic research only. Personal use is also permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI
Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS
bCap
t,d Binary switch status of the capacitor for node
d at period t; “1” for ON and “0” OFF. %[DGT.C[GT
N T apOLTC
max Maximum switching operations of OLTC #FXCPEGF/GVGTKPI+PHTCUVTWEVWTG
during the prediction horizon Nt . Vpduw#Phwhu
Ordg#Gdwd
B. ATTACK FORMULATION
load,a
Pbt,d Manipulated real load consumption for node (CNUG&CVC+PLGEVKQP
d at period t. &KUVTKDWVKQP/CPCIGOGPV5[UVGO
b load,a
Q Manipulated reactive load consumption for
t,d
Yrow2YDU#Rswlpl}dwlrq
node d at period t.
load
∆Pt,d Injected false real load consumption data for
node d at period t. 2J[UKECN.C[GT
∆Qload
t,d Injected false reactive load consumption data &KUVTKDWVKQP5[UVGO
for node d at period t.
D ROWF/#FE/#SY/#Vpduw#Phwhu
δt,d Binary attack status for node d at period t;
“1” with attack and “0” without attack.
FIGURE 1. Cyber physical framework illustrating cyber attack on VVO.
τ Limit factor for the magnitude of injected
false real load consumption data.
ω Weight for attack effort. the abnormal feeder voltage profile. Fig. 1 illustrates a two-
layered framework that consists of cyber and physical layers,
R Maximum number of compromised smart
corresponding to an AMI/DMS and an electric distribution
meters.
system, respectively. As shown in this figure, in the cyber
M Sufficient large positive constant. layer the corrupted smart meter measurements due to false
data injection from the adversary are, through the AMI
I. INTRODUCTION network, fed into the VVO module in DMS, which in turn
Volt/VAR optimization (VVO) is one of the key applications enables VVO to calculate the distorted optimal solutions
in distribution management systems (DMSs) for efficiently of voltage regulators and PV systems (e.g., incorrect tap
managing and controlling active distribution networks with positions of OLTC and wrong reactive power dispatch of
distributed energy resources (DERs) (e.g., solar photovoltaic PV systems). As a result, the distorted solutions lead to an
(PV) system and energy storage system (ESS)) [1]. In ac- abnormal feeder voltage profile and provide consumers with
tive distribution networks, VVO is carried out to determine degraded voltage quality in the physical layer. This paper
optimal voltage levels along the distribution feeder under contributes to the following two aspects: (i) the proposal for
all loading conditions through the coordination of voltage a new class of false data injection attack (FDIA) strategies
regulators such as on-load tap changers (OLTCs) at substa- with which the adversary can distort the feeder voltage by
tions and capacitor banks (CBs) and the smart inverters of misleading VVO to calculate the wrong OLTC tap positions
DERs. Recently, advanced information and communication through the injection of false data into smart meter mea-
technology (ICT) such as advanced metering infrastructure surements; and (ii) impact analysis of VVO subject to the
(AMI) with smart meters provides voltage regulators with proposed attacks.
real-time loading and voltage measurements, consequently In the power system engineering field, a first class of cyber
adjusting voltage profile more quickly and accurately [2]. data attack has been known as FDIA against DC model-based
However, as the coupling between the electric distribution state estimation [4] where the adversary can maliciously
system and ICT system becomes considerably stronger, the change the estimate of the state of the transmission system
applications in DMS may become more vulnerable to poten- while avoiding bad data detection in the energy management
tial cyber attacks through the ICT system. The 2015 Ukraine system (EMS). A more detailed review of the literature
blackout [3] has been known as the first cyber attack against related to the subject of FDIA in electric power systems can
electric distribution systems wherein ICT networks and com- be categorized into the following two parts:
ponents were compromised, and it resulted in blackouts in • Cyber attack on electric transmission system: A large
three Ukrainian regions. This paper attempts to investigate body of literature has been accumulated on the sub-
the impact of cyber attacks on VVO in DMS. ject of FDIA in electric transmission system [5]–[14],
The main objective of this paper is to propose a novel ranging from attacks against AC state estimation [5],
attack strategy with which the adversary malfunctions the impact analysis of automatic generation control (AGC)
operation of VVO by injecting false data into smart meter attack [6], online static security and contingency analy-
measurements that are used for VVO, consequently yielding sis attack [7], [8], topology data attack through the ma-
2 VOLUME , 2019
nipulation of the status of circuit breaker and switch [9]– proposed in [27]. A considerable amount of literature
[12], load redistribution attack through the injection has been published recently on the attack model and
of malicious load data in a bilevel optimization prob- impact analysis in voltage control [28]–[34], including
lem [13] and a trilevel optimization problem [14] us- the manipulation of the OLTC tap position [28], [29],
ing mixed integer linear programming (MILP). While attack on Volt-VAR control (VVC) under different ca-
many studies have formulated new attack models and pacitor bank configurations [30], the voltage change due
conducted their impact analysis in electric transmission to the malfunction of DERs through the injection of
systems from an adversary perspective, various defend- false generation setpoint signal [31] and reactive current
ing strategies to mitigate the impact of cyber attack measurement [32], an event tree-based impact assess-
on electric power system operations, from a system ment framework [33], and a denial-of-service attack
operator perspective, have been proposed. In [15], the mitigation framework [34].
least-budget dependent method against FDI attack was Although extensive research has been carried out on the
presented where securely protected sensors were deter- subject of the FDIA problem at both the transmission and
mined by solving a mixed integer nonlinear program- distribution system levels, to the best of our knowledge, no
ming (MINLP) problem based on Bender’s decomposi- research has been conducted to present FDIA against VVO
tion. In [16], a bilevel MILP problem was formulated and investigate the impact of such an attack on the voltage
to determine the minimum number of measurements re- level along the distribution feeder. In prior work [28]–[34],
quired to be protected. A new FDIA detection approach the authors considered an attack scenario where the adversary
using load forecast data, generation schedules, and syn- can attack against voltage control algorithms without the
chrophasor data was proposed in [17]. In [18], a frame- VVO process being considered. The main contributions of
work for quantifying the impact of a cyber attack on bus this paper are suggested as follows:
and transmission line protection systems was developed
where the expected load curtailment index was proposed 1) We propose two types of FDIAs on VVO. The adversary
to assess potential system loss from the attack. More stealthily raises or lowers the tap position of OLTC
recently, FDIA detection strategies based on various by misleading the VVO process by injecting false data
machine learning methods were presented where mea- into smart meter measurements that are used for VVO,
surements can be categorized into non-attack events and consequently leading to the abnormal voltages along the
attack events by using: temporal characteristics of FDIA distribution feeder.
using conditional deep belief network (CDBN) [19], 2) We formulate the proposed attack approach in a bilevel
semisupervised online learning method [20], and non- mixed integer linear programming (MILP) optimization
nested generalized exemplars (NNGE) through pre- problem that consists of upper and lower level optimiza-
processing of the state extraction method (STEM) [21]. tion problems. The former calculates injected false data
A broader range of FDIA models and defending meth- for the OLTC tap position to stealthily increase or de-
ods in the electric transmission system are summarized crease while the adversary spends the least attack effort.
well in [22] and [23]. The latter enables VVO to operate correctly even with
• Cyber attack on electric distribution system: In compar- the injected false data. The bilevel optimization problem
ison with extensive research on the FDIA problem at the is then transformed to a single-level MILP optimization
transmission system level, studies about the FDIA prob- problem using Karush–Kuhn–Tucker (KKT) conditions
lem at the distribution system level are relatively few. of the lower level optimization problem.
In [24], a least-effort FDIA against three-phase balanced 3) We quantify the performance of the proposed attacks
distribution system state estimator was proposed where in the IEEE 33-bus distribution system in terms of: i)
the adversary can reduce his/her effort with only the the OLTC tap position; ii) voltage magnitude along the
information of local state obtained by approximating the feeder; and iii) attack effort as a function of the mag-
entire system state using a small number of power flow nitude of injected false data and a maximum number
or injection measurements. The possibility of a cyber of compromised smart meters. Furthermore, we study
threat on a distribution automation system (DAS) was the impact of the proposed attacks with varying amount
first addressed in [25] and [26], where the attack impact of PV penetration as well as with different number of
assessment model [25] that consists of a terminal device prediction horizon in the VVO on the voltage profile.
level and control center server level was developed, and The rest of this paper is organized as follows. Section II
an efficient secret key distribution protocol without re- provides an overview of the VVO model and the KKT
quiring much computation of encryption algorithm [26] conditions of the optimization problem. Section III states the
was proposed. More recently, a unified attack model and attack problem and elaborates the formulation of the pro-
security assessment framework for active distribution posed VVO attack strategies using a bilevel and single-level
systems was developed based on limited stochastic Petri MILP optimization programming. The simulation results for
net (LSPN) graph theory, and the index that quantify the proposed attack approach are provided in Section IV, and
the attack performance and the system robustness was the conclusions are given in Section V.
VOLUME , 2019 3
PV
II. BACKGROUND real power output Pbt,d and its coefficient cPV defined as
The main notations used throughout this paper are summa- s
rized in the nomenclature section. Bold symbols represent PV 1 − (P FdPV,min )2
cd =
vectors. Hat symbols represent estimates of true parameter (P FdPV,min )2
value. The other undefined symbols in the nomenclature
section are explained in the text. where P FdPV,min is the minimum power factor of the PV
system at node d. The range of allowable voltages for all
A. VOLT/VAR OPTIMIZATION MODEL nodes can be expressed in (13) where V min and V max are
For each node d with a scheduling period t and prediction selected to be 0.95 p.u. and 1.05 p.u. The decision variable
horizon Nt , the VVO problem is generally formulated as vectors from the VVO problem are denoted as V, Pline , Qline ,
follows: Pnode , Qnode , QCAP , QPV , TapOLTC , and bCAP .
Nd
Nt X
X In this paper, we convert the mixed-integer nonlinear pro-
min J = |Vt,d − V nom | (1) gramming (MINLP)-based VVO algorithm into a MILP op-
t=1 d=1 timization problem. To this end, the nonlinear equations for
s.t. the objective function (1) and the constraints for the number
of switching operations for the OLTC (10) are linearized as,
line line node lat
α : Pt,d+1 = Pt,d − Pt,d+1 − Pt,d+1 (2) respectively,
χ: Qline
t,d+1 = Qline
t,d − Qnode lat
t,d+1 − Qt,d+1 (3) ∆Vt,d = |Vt,d − V nom | (14)
!
line
rd Pt,d + xd Qline
t,d −
J : ∆Vt,d ≥ Vt,d − V nom
(15)
λ : Vt,d+1 = Vt,d − (4)
V0 +
J : ∆Vt,d ≥ V nom
− Vt,d (16)
θ : Vt,1 = V nom + aOLTC T apOLTC
t (5) and
node load PV
γ : Pt,d = Pbt,d − Pbt,d (6)
U− : N T apOLTC
t ≥ T apOLTC
t − T apOLTC
t−1 (17)
∇ : Qnode b load PV CAP
t,d = Qt,d − Qt,d − Qt,d (7) +
U : N T apOLTC
t ≥ T apOLTC
t−1 − T apOLTC
t (18)
CAP CAP,nom
β : QCAP
t,d = bt,d Qd (8) Nt
X
bCAP
t,d ∈ {0, 1} (9) ξ: N T apOLTC
t ≤ N T apOLTC
max . (19)
Nt t=1
X
|T apOLTC
t − T apOLTC OLTC
t−1 | ≤ N T apmax (10) Furthermore, the binary and integer decision variables
t=1 in (9) and (11) are relaxed with continuous variables as the
T apOLTC
t ∈ {−16, . . . , −1, 0, 1, . . . , 16} (11) following linear constraints:
PV b PV
κ : −c Pt,d ≤ QPV PV b PV
t,d ≤ c Pt,d (12) ζ : 0 ≤ bCAP
t,d ≤ 1 (20)
min max
Φ:V ≤ Vt,d ≤ V . (13) ρ : −16 ≤ T apOLT C
≤ 16. (21)
t
In this formulation, the objective function is to minimize the In this paper, the linear programming (LP)-based VVO prob-
total deviation of voltages from the nominal voltage for all lem through the relaxation above needs to be formulated
nodes during the prediction horizon in (1). Equations (2)–(4) in order to develop our attack strategy illustrated in the
represent the linearized distribution real power flow, reactive following section. It is noted that the proposed attack strategy
power flow, and voltage for node d at the scheduling period includes the KKT conditions of the VVO problem, however,
t, respectively [35]. Equation (5) represents the substation no KKT conditions of the MILP optimization problem exist.
voltage, which can be determined by the OLTC tap position
T apOLTC , along with the step size for changing tap positions In the LP-based VVO formulation, all variable vectors (α,
t
aOLTC . For each node d, the nodal real and reactive power χ, λ, θ, γ, ∇, β, κ, Φ, J, U, ζ, and ρ) corresponding to the
balance equations can be expressed in terms of the real and/or equality/inequality constraints are the Lagrangian multipliers
reactive power of the load, CBs, and PVs in (6) and (7). that have non-negative values. In particular, the Lagrangian
Equation (8) represents the reactive output that is supported multiplier vector associated with its inequality constraint
by the CB for node d at scheduling period t. Here, QCAP,nom consists of two types of Lagrangian multiplier subvectors,
d
is the size of the capacitors and bCAP corresponding to the upper and lower limit of inequality
t,d is a binary decision
variable that determines the switch status of the capacitors constraints, respectively (e.g., κ = [κ+ , κ− ] in (12)).
in (9). During the prediction horizon Nt , the total number
of switching operations for the OLTC is limited by its corre- B. KKT CONDITIONS
sponding switching threshold N T apOLTC max in (10) along with A general optimization problem with linear equality and
the integer position of the OLTC tap in (11). Equation (12) inequality constraints is formulated as follows:
represents the reactive power capability of the PV system at
node d, which can be described in terms of the predicted PV min J(x, a) (22)
x
4 VOLUME , 2019
A higher voltage level caused by attack I can increase

881 consumer energy consumption and decrease the distribution
.6%
%QPVTQNNGT system efficiency owing to increasing power loss. On the
.QCF .QCF .QCF
other hand, a lower voltage level caused by attack II can have
.QCF .QCF
a detrimental impact on voltage stability and lead to voltage
1.6%
collapse with the violation of the minimum voltage limit .
5OCTV
/GVGT
.QCF 28 %$ 28
Prior to the proposed attack, the adversary is required to
FIGURE 2. Illustration of VVO attack manipulating smart meter data. have the following capabilities:
s.t. (R1) The adversary can compromise smart meters by ob-

serving and manipulating their measurements.
λ : Fx = a, (23) (R2) The adversary has the capability to execute the VVO
κ : Gx ≤ a, (24) having the knowledge of distribution system topology
including the line parameters and the location of volt-
Here, x and a are the vectors for decision variables and pa-
age regulating devices, PV systems and smart meters.
rameters, respectively. F and G are linear matrices associated
(R3) The adversary has the knowledge of operating parame-
with the equality and inequality constraints, respectively.
ters for voltage regulators (e.g., the range of the OLTC
Given the Lagrangian function (L(x, a) = J(x, a) − tap position and the size of CB) and the prediction value
λ(Fx − a) + κ(Gx − a)), the KKT conditions are written as of the PV generation output with the power factor of the
1) ∇x L(x, a) = 0 PV systems.
⇒∇x J(x, a)-λ∇x (Fx − a)+κ∇x (Gx − a) =0,
2) Fx = a,
3) Gx ≤ a.
4) κ(Gx − a)=0, κ ≥ 0, B. BILEVEL OPTIMIZATION PROBLEM FOR THE
PROPOSED ATTACKS
where the first conditions are the first-order optimal condi-
tions, the second and third conditions are the primal fea-
Based on the aforementioned attack assumptions, the two
sibility conditions, and the fourth conditions are the dual
proposed attack strategies are formulated as a bilevel MILP
feasibility or the complimentary slackness conditions.
optimization problem as follows:
In this paper, we apply the KKT conditions to a bilevel
Nd
( )
optimization attack problem where the LP VVO problem at a X
D
lower level is replaced by its KKT conditions. Attack I: max T apOLTCt −ω δt,d (25)
d=1
III. FORMULATION OF VOLT-VAR OPTIMIZATION or

Nd
( )
ATTACK X
D
A. STATEMENT OF THE PROPOSED ATTACK PROBLEM Attack II: min T apOLTC
t +ω δt,d (26)
d=1
In this paper, we consider a closed-loop VVO architecture
where load measurements from smart meters are periodically s.t.
Nd
fed into the VVO module through AMI networks as shown X
load
in Fig. 2. We assume that the VVO algorithm is executed in ∆Pt,d =0 (27)
a medium voltage (MV) distribution system that is equipped d=1
Nd
with voltage regulators (e.g., OLTC and CBs), PV systems, X
and smart meters. In this environment, as shown in Fig. 2, ∆Qload
t,d = 0 (28)
d=1
the primary goal of the adversary is to stealthily move the tap load D
position of the OLTC by injecting false data into smart meter ∆Pt,d 6= 0 ⇔ δt,d =1 (29)
measurements, consequently leading to changes in voltage load load load
−τ Pbt,d ≤ ∆Pt,d ≤ τ Pbt,d (30)
along the MV distribution feeder. The proposed attacks are XNd
classified into the following two types: D
δt,d ≤R (31)
• Attack I: The tap position of the OLTC is switched d=1
upward as much as possible in order to increase the −cload
d ∆P load
t,d ≤ ∆Qload
t,d ≤ cload load
d ∆Pt,d (32)
voltage profile.
• Attack II: The tap position of the OLTC is switched Nd
Nt X
X
downward as much as possible in order to decrease the min ∆Vt,d (33)
voltage profile. t=1 d=1
VOLUME , 2019 5
s.t. tion problem. To this end, the lower level optimization prob-
node load,a PV lem is replaced by its KKT equations, which are classified
γ : Pt,d = Pbt,d − Pbt,d (34)
into four types of conditions as follows:
load,a load load
η: Pbt,d = Pbt,d + ∆Pt,d (35)
∇ : Qnode b load,a − QPV QCAP The first-order optimality conditions
t,d = Q t,d t,d − t,d (36)
Given the Lagrangian function of the VVO problem at the
µ: Qb load,a b load
=Q load
t,d + ∆Qt,d (37)
t,d lower level, which is illustrated in subsection II-B, the first-
Eqn. (2) − (5), Eqn. (8) (38) order optimality conditions can be derived as
Eqn. (12) − (21) (39) −
1 − Jt,d +
−Jt,d =0 (43)
In the upper level (25)–(32), the adversary computes false −λt,d−1 + λt,d − Φ− +
t,d + Φ+
−
t,d
−
− θt = 0
Jt,d +
Jt,d (44)
load
load data (∆Pt,d , ∆Qload
t,d ) that are injected into smart me- λt,d rd
ters in order to maximize (attack I) or minimize (attack − nom − αt,d−1 +αt,d = 0 (45)
V
II) the OLTC tap positions and minimize the attack effort λt,d xd
− nom − χt,d−1 +χt,d = 0 (46)
simultaneously while maintaining the undetectable condition V
along with the limited attack capability. The multi objective −∇t,d −βt,d = 0 (47)
function (25) or (26) for attack I or attack II consists of −∇t,d −κ− +
t,d + κt,d = 0 (48)
two terms, corresponding to the OLTC tap position and a −
total number of injected false load data where δt,d D
equals to βt,d QCAP,nom
d − ζt,d +
+ζt,d =0 (49)
D
one when smart meter at node d is attacked, otherwise δt,d γt,d −ηt,d = 0 (50)
equals to zero. In the second term for the objective function, ∇t,d −µt,d = 0 (51)
ω represents a penalty weight for the attack effort. A larger
D −αt,d−1 −γt,d = 0 (52)
ω yields a smaller number of δt,d = 1 along with a reduced
false data magnitude, and hence, it saves the attack effort; yet, −χt,d−1 −∇t,d = 0 (53)
it prevents the adversary from manipulating the OLTC tap aOLTC θt − ρ− + − − + +
t + ρt + Ut − Ut+1 −Ut + Ut+1 = 0 (54)
position significantly. Equations (27) and (28) guarantee that −ξt − Ut− −Ut+ = 0. (55)
the injected false data are undetected by system operators.
The number of injected false data are counted in (29), which The primal feasibility conditions
is equivalent to the following constraints: The primal feasibility conditions are all equality and inequal-
load load D ity constraints for the lower level optimization problem:
∆Pt,d + τ Pt,d δt,d ≥ 0 (40)
load
∆Pt,d − load D
τ Pt,d δt,d ≤0 (41) Eqn. (34) − (39) (56)
D The complimentary conditions
δt,d ∈ {0, 1}. (42)
The complimentary conditions are expressed as the multi-
Equations (30) and (31) represent the limit for the magnitude plication of all inequality constraints and their Lagrangian
and the number of injected false data, respectively. In (32), multipliers.
the injected false reactive power data are bounded by the
−
limit in terms of the injected false real power data and Jt,d (−Vt,d + V nom − ∆Vt,d )
the following coefficient cload
d in terms of the power factor + J + (Vt,d − V nom − ∆Vt,d ) = 0 (57)
(P Fdload ) at node d t,d
− +
s κt,d −QPV PV b PV PV PV b PV
t,d − c Pt,d + κt,d Qt,d − c Pt,d = 0
load 1 − (P Fdload )2 (58)
cd = .
(P Fdload )2 −
Ut −N T apt OLTC OLTC
− T apt−1 + T apt OLTC

+
+ Ut −N T apOLTC + T apOLTC OLTC

On the other hand, the lower level (33)–(39) represents t t−1 − T apt = 0 (59)
the VVO problem that is illustrated in subsection II-A. Only N
X t
!
the difference from the previous VVO formulation is that the ξt N T apOLTC
t − N T apOLTC
max =0 (60)
VVO problem at the lower level includes the modified nodal t=1
real and reactive power balance equations (34)–(37), which Φ− +
t,d (−Vt,d + Vmin ) + Φt,d (Vt,d − Vmax ) = 0 (61)
are expressed as a function of the injected false data delivered − +
−bCAP bCAP

from the upper level.
ζt,d t,d + ζt,d t,d − 1 = 0 (62)
ρ− OLTC
− 16 + ρ+ OLTC

t,d −T apt t,d T apt − 16 = 0. (63)
C. SINGLE-LEVEL OPTIMIZATION PROBLEM FOR THE It is noted that the complimentary conditions above are
PROPOSED ATTACKS nonlinear owing to the multiplication of two continuous
In this paper, the bilevel MILP optimization-based attack decision variables. Thus, to formulate the attack method in
strategy is converted into an equivalent single-level optimiza- an MILP optimization problem, the nonlinear complimentary
6 VOLUME , 2019
conditions can be relaxed as the linear constraints with addi-

J− J+ κ− κ+ −
tional binary decision variables (δt,d , δt,d , δt,d , δt,d , δtU ,
+ + − + − + − + 1.6%
δtU , δtξ , δt,d
Φ Φ
, δt,d ζ
, δt,d ζ
, δt,d , δtρ , and δtρ ) as follows:
J−
 −
 Jt,d − M δt,d ≤0

J−
−Vt,d + V nom + ∆Vt,d ≤ M (1 − δt,d

 )
+ J + (64)
Jt,d − M δt,d ≤ 0 %$

 %$ %$ %$
J+

Vt,d − V nom + ∆Vt,d ≤ M (1 − δt,d

)
 −

− κ

 κt,d − M δt,d ≤ 0 %$ %$
κ−

PV PV b PV
Qt,d + c Pt,d ≤ M (1 − δt,d )



%$
κ+
κ+
t,d − M δt,d ≤ 0 (65) %$

κ+
 PV PV b PV
−Q t,d + c Pt,d ≤ M (1 − δt,d )




δ κ− + δ κ+ ≤ 1

%$
t,d t,d
U−
 −
Ut − M δt ≤ 0

N T apOLTC + T apOLTC − T apOLTC ≤ M (1 − δ U − )


t t−1 t t
+
Ut+ − M δtU ≤ 0
 FIGURE 3. Modified IEEE 33-bus system with OLTC, CBs, and PV systems.
+

N T apOLTC − T apOLTC
t−1 + T apt
OLTC
≤ M (1 − δtU )

t
(66)
single-level optimization problem:
ξ+
(
+
ξt − M δt ≤ 0 ( Nd
)
PNt +
≤ M (1 − δtξ )
X
− t=1 N T apOLTC
t + N T apOLTC max Attack I: max T apOLTC
t −ω D
δt,d (72)
(67) d=1
 −
Φt,d ≤ M δt,d Φ− or

 Nd
( )
Φ−

Vt,d − Vmin ≤+ M (1 − δt,d )
 X
D
T apOLTC

Attack II: min +ω δt,d (73)

Φt,d t
 Φ+t,d ≤ M δt,d
(68) d=1
+
−Vt,d + Vmax ≤ M (1 − δt,d )

 Φ s.t.

 Φ−
 +
δ + δΦ ≤ 1 Eqn. (27) − (32) (74)
 t,d
− ζ−


 ζt,d ≤ M δt,d Eqn. (43) − (56), (64) − (71) (KKT conditions). (75)
ζ−

CAP
bt,d ≤ M (1+ − δt,d )



+ ζ IV. SIMULATION RESULTS
ζt,d ≤ M δt,d (69)
A. SIMULATION SETUP
−bCAP + 1 ≤ M (1 − δ ζ + )



 t,d t,d In this section, we assess the performance of the proposed
δ ζ − + δ ζ + ≤ 1


attack approach in the modified IEEE 33-bus distribution test
 t,d t,d
− system [35], which is illustrated in Fig. 3. In this test system,


 ρt ≤ M δtρ
−
the base MVA is set to 100 MVA. The modified IEEE 33-bus
−
+ 16 ≤ M (1 − δtρ )

OLTC
T apt


 system includes one OLTC, nine CBs, four PV systems and
ρ+ 32 smart meters. The smart meters are located from node 2
ρ+
t ≤ M δt (70)

OLTC ρ+ to node 33. An integer tap position of OLTC at the substation
−T apt + 16 ≤ M (1 − δt )


 ranges from -16 to 16 with its step change aOLTC = 0.003.
δ ρ− + δ ρ+ ≤ 1.


t t The maximum number of tap changes for OLTC during the
The dual feasibility conditions predicted horizon is set to N T apOLTC
max = 3. The CBs are
All the non-negative Lagrangian multiplies belong to the dual connected to nodes 4, 7, 8, 14, 23, 24, 25, 30, and 32, and the
feasibility conditions as follows: maximum output of each CB is QCAP,nom
d = 30kVAr. The PV
systems are installed at nodes 11, 16, 17, and 31. The profiles
[α; χ; λ; θ; γ; ∇; η; µ; β; κ; Φ; J, U, ξ, ζ, ρ] ≥ 0. (71) for the predicted PV real power output and load coefficient
are shown in Fig. 4 and Fig. 5, respectively. For simplicity,
the predicted PV real power output and load coefficient are
assumed to be identical for all nodes. The scheduling period
is 1 h for VVO with a predicted horizon Nt = 1. The
Finally, using the aforementioned KKT conditions, the comparison of the attack performance for VVO with different
proposed attack strategy can be formulated as the following predicted horizons between Nt = 1 and Nt = 4 is conducted
VOLUME , 2019 7
-3
×10
3
1.04
PV real power output (p.u.)
2.5
Voltage magnitude (p.u.)

2 1.02
1.5
1
0.98
0.5
0 0.96
1 5 10 15 20 24 1 5 10 15 20 25 30 33
Time ( hour ) Node
FIGURE 4. Profile of the predicted value with a resolution of 1 h for PV real FIGURE 6. Voltage profile for 33 nodes during 24 h without attack.
power output.
1.05
1

0.9
Load coffecient
0.8
1
0.7
0.6
0.5
0.95
0.4 1 5 10 15 20 25 30 33
1 5 10 15 20 24 Node
Time ( hour )
FIGURE 7. Voltage profile for 33 nodes during 24 h with attack I.
FIGURE 5. Profile of the predicted value with a resolution of 1 h for load
coefficient.
Figs. 6, 7 and 8 show cyber voltage profiles for all nodes

in the following subsection. Initially, the parameters for the during 24 h without attack, with attack I, and with attack
attack optimization problem are given as follows: the limit II, respectively. Fig. 6 provides a performance benchmark
for injected real load attack measurement τ = 0.5, maximum for the proposed attack strategies where the voltages are
number of compromised smart meters R = 25, and large maintained within their acceptable limits [0.95 p.u., 1.05
positive constant for the relaxation M = 105 . The proposed p.u.]. Compared to Fig. 6, we observe from Figs. 7 and 8
attack model is implemented in computer (IntelCore i7-4790 that attacks I and II tend to increase or decrease feeder
CPU clocking at 3.6 GHz and 4 GB of RAM) using the voltages, respectively, while the voltages are still maintained
optimization toolbox in MATLAB R2018a.
B. IMPACT OF THE PROPOSED ATTACKS ON VOLTAGE

1.04
PROFILE
In this subsection, we conduct an impact analysis of voltage
1.02
conditions along the distribution feeder subject to the pro-
posed attacks I and II. We consider two types of voltages
1
belonging to different layers as shown in Fig. 1: 1) voltage
in cyber layer; and 2) voltage in physical layer. The former 0.98
represents the optimal voltage schedule that is calculated by
the VVO. The latter represents the voltage value that involves 0.96
the actual operating condition of the distribution system.
Voltage in the physical layer is computed by distribution 0.94
1 5 10 15 20 25 30 33
system power flow analysis [36]. In this paper, voltages in
Node
the cyber layer and in the physical layer are denoted by the
cyber voltage and the physical voltage, respectively. FIGURE 8. Voltage profile for 33 nodes during 24 h with attack II.
8 VOLUME , 2019
15
1.06
OLTC tap position
10 1.04

Without attack 1.02
5 With attack I
With attack II 1
0 Without attack
0.98
With attack I (cyber layer)
With attack I (physical layer)
0.96 Lower limit
1 5 10 15 20 24 Upper limit
Time (hour) 0.94

1 5 10 15 20 25 30 33
FIGURE 9. Comparison of three different tap positions of OLTC during 24 h Node
among without attack and with attacks I and II.
FIGURE 10. Comparison of three different voltage profiles at 8 a.m.: (i) without
attack; (ii) with attack I (cyber layer); and (iii) with attack I (physical layer).
at their acceptable levels. This observation is due to the

fact that the OLTC tap position becomes higher or lower
by the adversary that successfully constructs and injects the
false load attack vector into the VVO module, respectively,
consequently distorting the normal voltage profile. Fig. 9 1.06
compares the OLTC tap positions between without attack and
1.04
with attacks I and II. In the case of no attack, we observe
from Fig. 9 that the OLTC tap position ranges from 7 to 15 1.02
where a lower tap position is associated with a higher amount
of PV generation (2 p.m.∼4 p.m.) and a higher tap position 1
with a lower amount of PV generation (7 p.m.∼11 p.m.). As Without attack
0.98
expected, compared to the tap positions of OLTC without With attack I (cyber layer)
With attack I (physical layer)
attack, they increase or decrease owing to attacks I and II, 0.96 Lower limit
Upper limit
respectively, as shown in Fig. 9. However, it is observed from
this figure that the OLTC tap position has the maximum value 0.94
1 5 10 15 20 25 30 33
at any scheduling time during attack I. This observation may Node
be regarded as an abnormal operation of the OTLC by system FIGURE 11. Comparison of three different voltage profiles at 10 p.m.: (i)
operators. In this case, the adversary needs to wait another without attack; (ii) with attack I (cyber layer); and (iii) with attack I (physical
day when the schedule that has different OLTC tap positions layer)
at some nodes can be obtained from attack I.

Next, we evaluate the impact of the proposed attacks on the
physical voltage at two randomly selected scheduling time
slots. Figs. 10 and 11 show two cyber voltages without attack
and with attack I along with one physical voltages with attack 1.06
I at 8 a.m. and 10 p.m., respectively. We can observe from
Without attack
these figures that both cyber and physical voltages remain 1.04
With attack II (cyber layer)

within the allowable range and are listed in the decreasing With attack II (physical layer)
Lower limit
1.02
order of their magnitudes, as follows: the physical voltage Upper limit
with attack > the cyber voltage with attack > the cyber 1
voltage without attack. We verify from this result that the
adversary with attack I successfully increases the physical 0.98
voltage through the manipulation of the OLTC tap position

0.96
without being detected by system operators in the cyber layer.
We also observe from Figs. 10 and 11 that attack I has no 0.94
5 10 15 20 25 30 33
detrimental impact on voltage quality because no physical Node
voltage violation occurs after the attack. However, it is noted
FIGURE 12. Comparison of three different voltage profiles at 8 a.m.: (i) without
that a higher voltage operating condition requires more power attack; (ii) with attack II (cyber layer); and (iii) with attack II (physical layer).
supply from the substation, and hence, it has a detrimental
impact on system efficiency.
VOLUME , 2019 9
1.06 0.005
Voltage magnitude difference (p.u.)

Without attack 0
1.04 With attack II (cyber layer)
With attack II (physical layer)

Lower limit -0.005
1.02 Upper limit
-0.01
1
-0.015
0.98
-0.02
Low PV output
0.96 -0.025 Medium PV output
High PV output
0.94 -0.03
1 5 10 15 20 25 30 33 1 5 10 15 20 25 30 33
Node Node
FIGURE 13. Comparison of three different voltage profiles at 10 p.m.: (i) FIGURE 14. Impact of three different PV penetration rates on voltage
without attack; (ii) with attack II (cyber layer); and (iii) with attack II (physical magnitude differences between without attack and with attack I .
layer).
0.045
Figs. 12 and 13 illustrate the impact of attack II on both

0.044
cyber and physical voltages at 8 a.m. and 10 p.m.. Compared
to the result from Figs. 10 and 11 without voltage violation, 0.043
we verify from Figs. 12 and 13 that the adversary with attack
0.042
II causes physical voltage violations below the minimum
voltage limit at some nodes while the cyber voltage with 0.041
attack at any node still remains within the allowable range. 0.04
We observe from Figs. 12 and 13 that the physical voltage Low PV output
violations occur at two groups of nodes at 8 a.m., {nodes 0.039 Medium PV output
High PV output
13∼18} and {nodes 29∼33}, whereas the physical voltage 0.038
1 5 10 15 20 25 30 33
violations does at 10 p.m. at only {nodes 13∼18}. This Node
observation derives from the fact that due to no available PV
FIGURE 15. Impact of three different PV penetration rates on voltage
reactive power injection at 10 p.m., the PV systems do not magnitude differences between without attack and with attack II .
contribute to increased voltages above the minimum limit,
which in turn results in raising the OLTC tap position.
a higher OLTC tap position than high PV penetration. As
C. IMPACT OF PV ON THE VVO ATTACK a result, low PV penetration provides more room for the
In this subsection, we quantify the impact of three different adversary using attack II to minimize the OLTC tap position
amounts of PV real power output on the performance of and decrease voltages eventually.
the proposed attacks, corresponding to different scheduling
time slots: (1) low PV generation at 6 p.m.; (2) medium PV D. IMPACT OF THE ATTACK EFFORT ON THE VVO
generation at 11 a.m.; and (3) high PV generation at 2 p.m. ATTACK
Figs. 14 and 15 show the comparison of voltage magnitude In this subsection, we investigate the impact of the attack
differences among different PV penetration rates when at- effort on the performance of the proposed attacks. Here,
tacks I and II occur, respectively. Here, the voltage magnitude the attack effort is defined as two attack limit factors, τ
difference is defined as the deviation of physical voltage with and R, for: (1) the magnitude of injected false load data τ ;
attack from cyber voltage without attack. We observe from and (2) the maximum number of injected false load data R,
Fig. 14 that the adversary using attack I can cause more respectively. For the simulation study, three different values
negative voltage deviation from the normal voltage level with of the attack effort are selected with τ = 0.4, 0.6 and
a higher PV penetration rate. This phenomenon is due to 0.8 and R = 5, 15 and 25. In this simulation, the impact
the fact that the voltage level at the substation is lower at a assessment of attack II subject to varying attack effort is
high PV penetration than at low PV generation, and hence, conducted. Fig. 16 shows the OLTC tap positions during
the adversary can obtain more room to maximize the OLTC 24 h after the attack with varying τ . Along with the result
tap position for increasing the voltage level at any node. from Fig. 16, it is observed that the increase of value of τ
Compared to Fig. 14, Fig. 15 demonstrates that the adversary results in a lower OLTC tap position at some scheduling time
using attack II can have a more significant impact on positive slots, which consequently lead to an increase in the physical
voltage deviation at low PV penetration than at a high PV voltage magnitude difference at any node as shown in Fig. 17.
penetration rate. It is noted that low PV penetration causes Fig. 18 shows the OLTC tap positions during 24 h after
10 VOLUME , 2019
16 16
τ=0.4 R=5
14 14
τ=0.6 R=15
12 12
τ=0.8 R=25
OLTC tap position
OLTC tap position

10 10
8 8
6 6
4 4
2 2
0 0
-2 -2
1 5 10 15 20 24 1 5 10 15 20 24
Time ( hour ) Time ( hour )
FIGURE 16. Tap positions of OLTC with three different attack limit factors τ . FIGURE 18. Tap positions of OLTC with three different attack efforts R.
0.045 0.04

τ=0.4 R=5
τ=0.6 R=15
0.04 0.035
τ=0.8 R=25
0.035 0.03
0.03 0.025
0.025 0.02
0.02 0.015
1 5 10 15 20 25 30 33 1 5 10 15 20 25 30 33
Node Node
FIGURE 17. Voltage profiles with three different attack limit factors τ . FIGURE 19. Voltage profiles with three different attack efforts R.
the attack with varying R. Similar to the result from Fig. 16, interval (i.e., Nt = 1) as static VVO, otherwise as look-ahead
it is observed from Fig. 18 that the OLTC tap positions at VVO with multi-step prediction intervals. In comparison
some scheduling time slots become lower with increasing with the static VVO approach, the benefit of the look-ahead
R. As shown in Fig. 19, it is also observed that the voltage VVO approach lies in that during the multi-step prediction
magnitude differences fluctuate further with a larger value of horizon, look-ahead VVO allows OLTC, CB, and PV systems
R. with inter-temporal constraint to reserve their capacities and
In addition, with different values of R, the location of operate efficiently, thus operating the VVO process more
nodes with the attacked smart meters (i.e., load measure- effectively along with the reduction of the total cost (i.e.,
ments) are summarized as follows: {node 11, node 23, nodes the deviation of optimal voltage from nominal voltage) of
28∼30} for R = 5, {node 4, node 6, node 14, node 16, VVO. To fairly compare the attack performance between
node 18, node 21, node 23, nodes 25∼32} for R = 15, and static VVO and look-ahead VVO, we assume that identical
{nodes 4∼9, nodes 14∼32 for R = 25. It is noted from this smart meters for both VVO methods are attacked.
result that, to achieve the desired attack result, in general Figs. 20 and 21 show voltage magnitude differences of
the adversary injects false data into smart meters that are static VVO (Nt = 1) and look-ahead VVO (Nt = 4) at 10
further away from the substation. For a secure VVO operation a.m. due to attack I and attack II, respectively. We observe
against false data injection attacks, this may provide some from these figures that the voltage magnitude difference in
practical guideline wherein smart meters installed around the static VVO is larger than in the look-ahead VVO. We can
end node of the distribution system need to be protected with conjecture from this observation that in view of robustness to
a higher priority. cyber attack, look-ahead VVO still outperforms static VVO.
Finally, the main observations from the simulation studies
E. IMPACT OF THE NUMBER OF PREDICTION HORIZON can be summarized as follows:
ON THE VVO ATTACK • The proposed attacks I and II are undetectable because
This subsection evaluates the impact of the proposed attacks the cyber voltages remain within the allowable range
on VVO with different number of prediction horizon Nt . after the attack.
In this paper, we define VVO with a one-step prediction • Attack I increases cyber voltage and physical voltage
VOLUME , 2019 11
vector and the VVO operation with attack vector, respec-

×10-3
5 tively. Then, we reformulated the bilevel optimization-based
Attack I on static VVO attack method into a single-level optimization problem using
Attack I on look-ahead VVO Karush–Kuhn–Tucker conditions of the lower level optimiza-
0
tion problem. Numerical examples simulated in the IEEE 33-
bus distribution system demonstrated that the proposed attack
-5
approach can stealthily result in an abnormal feeder voltage
profile in both the physical and the cyber layers.
-10 In the future, we will extend the proposed attack model
to a more practical attack in a realistic unbalanced three-
phase distribution system with a voltage-dependent load
-15
1 5 10 15 20 25 30 33 model. Another interesting direction for future research is to
Node
develop an effective mitigation strategy to protect distribution
FIGURE 20. Comparison of attack I performance between static VVO and systems from false data injection attacks against VVO.
look-ahead VVO at 10 a.m.
REFERENCES
0.06
[1] L. Wang, F. Bai, R. Yan, and T. K. Saha, “Real-time coordinated voltage
Attack II on static VVO control of pv inverters and energy storage for weak networks with high pv
penetration,” IEEE Trans. Smart Grid., vol. 33, no. 3, pp. 3383–3395, May
0.055 Attack II on look-ahead VVO

2018.
0.05 [2] T. V. Dao, S. Chaitusaney, and H. T. N. Nguyen, “Linear least-squares
method for conservation voltage reduction in distribution systems with
0.045 photovoltaic inverters,” IEEE Trans. Smart Grid., vol. 8, no. 3, pp. 1252–
1263, May 2017.
0.04 [3] G. Liang, S. R. Weller, J. Zhao, F. Luo, and Z. Y. Dong, “The 2015 ukraine
blackout: Implications for false data injection attacks,” IEEE Trans. Power
0.035
Syst., vol. 32, no. 4, pp. 3317–3318, July 2017.
0.03 [4] Y. Liu, M. K. Reiter, and P. Ning, “False data injection attacks against
state estimation in electric power grids,” in Proceedings of the 16th ACM
0.025 Conference on Computer and Communications Security, Nov 2009, pp.
1 5 10 15 20 25 30 33 21–32.
Node [5] W.-L. Chin, C.-H. Lee, and T. Jiang, “Blind false data attacks against ac
state estimation based on geometric approach in smart grid communica-
FIGURE 21. Comparison of attack II performance between static VVO and
tions,” IEEE Trans. Smart Grid., vol. 9, no. 6, pp. 6298–6306, Nov 2018.
look-ahead VVO at 10 a.m.
[6] R. Tan et al., “Modeling and mitigating impact of false data injection
attacks on automatic generation control,” IEEE Trans. Smart Grid., vol. 12,
no. 7, pp. 1609–1624, July 2017.
where the latter is larger than the former. However, no [7] J. Chen et al., “Impact analysis of false data injection attacks on power
voltage violation at any node in physical layer occurs. system static security assessment,” J. Mod. Power Syst. Clean Energy.,
vol. 4, no. 3, pp. 496–505, July 2016.
• Attack II decreases cyber voltage and physical voltage
[8] J.-W. Kang, I.-Y. Joo, and D.-H. Choi, “False data injection attacks on
where the latter is less than the former. Voltage viola- contingency analysis: Attack strategies and impact assessment,” IEEE
tions in physical layer are identified at some nodes. Access., vol. 6, pp. 8841 – 8851, Mar 2018.
• Attack I has a more detrimental impact on physical [9] J. Kim and L. Tong, “On topology attack of a smart grid: Undetectable
attacks and countermeasures,” IEEE J. Sel. Areas Commun., vol. 31, no. 7,
voltage profile with a higher PV penetration whereas pp. 1294–1305, July 2013.
attack II does with a lower PV penetration. [10] G. Liang, S. R. Weller, F. Luo, J. Zhao, and Z. Y. Dong, “Generalized fdia-
• The increase of attack effort in terms of the magnitude based cyber topology attack with application to the australian electricity
market trading mechanism,” IEEE Trans. Smart Grid., vol. 9, no. 4, pp.
and the number of injected false load data leads to more 3820–3829, July 2018.
voltage deviation from the normal voltage level. [11] X. Liu and Z. Li, “Local topology attacks in smart grids,” IEEE Trans.
• Static VVO with one-step prediction interval is more Smart Grid., vol. 8, no. 6, pp. 2617 – 2626, Nov 2017.
[12] J. Zhang and L. Sankar, “Physical system consequences of unobserv-
susceptible to attacks I and II than look-ahead VVO with able state-and-topology cyber-physical attacks,” IEEE Trans. Smart Grid.,
multi-step prediction intervals. vol. 7, no. 4, pp. 2016–2025, July 2016.
[13] Y. Yuan, Z. Li, and K. Ren, “Modeling load redistribution attacks in power
systems,” IEEE Trans. Smart Grid., vol. 2, no. 2, pp. 382–390, June 2011.
V. CONCLUSIONS
[14] X. Liu and Z. Li, “Trilevel modeling of cyber attacks on transmission
In this paper, we presented a novel false data injection attack lines,” IEEE Trans. Smart Grid., vol. 8, no. 2, pp. 720–729, Mar 2017.
that causes changes in voltage profile along a distribution [15] R. Deng, G. Xiao, and R. Lu, “Defending against false data injection
feeder by misleading VVO through false load data injection attacks on power system state estimation,” IEEE Trans. Ind. Informat.,
vol. 13, no. 1, pp. 198–207, Feb 2017.
into smart meters and manipulating tap positions of an on- [16] X. Liu, Z. Li, and Z. Li, “Optimal protection strategy against false data
load tap changer. We first formulated two attack strategies injection attacks in power systems,” IEEE Trans. Smart Grid., vol. 8, no. 4,
that increase or decrease the tap position of an on-load tap pp. 1802–1810, July 2017.
[17] A. Ashok, M. Govindarasu, and V. Ajjarapu, “Online detection of stealthy
changer in a bilevel optimization problem where the upper false data injection attacks in power system state estimation,” IEEE Trans.
level and lower level correspond to the construction of attack Smart Grid., vol. 9, no. 3, pp. 1636–1646, May 2018.
12 VOLUME , 2019
[18] X. Liu et al., “Power system risk assessment in cyber attacks considering distribution power grids with pvs,” IEEE Trans. Smart Grid., vol. 7, no. 4,
the role of protection systems,” IEEE Trans. Smart Grid., vol. 8, no. 2, pp. pp. 1824–1835, July 2016.
572–580, Mar 2017. [29] A. Anwar, A. N. Mahmood, and M. Ahmed, “False data injection attack
[19] Y. He, G. J. Mendis, and J. Wei, “Real-time detection of false data injection targeting the ltc transformers to disrupt smart grid operation,” in ICST &
attacks in smart grid: A deep learning-based intelligent mechanism,” IEEE SecureComm, Beijing, China, Sept 2014, pp. 252 – 266.
Trans. Smart Grid., vol. 8, no. 5, pp. 2505–2516, Sept 2017. [30] A. Teixeira et al., “Security of smart distribution grids: Data integrity
[20] M. Ozay et al., “Machine learning methods for attack detection in the smart attacks on integrated volt/var control and countermeasures,” in 2014
grid,” IEEE Trans. Neural Netw. Learn. Syst., vol. 27, no. 8, pp. 1773– American Control Conference (ACC), Portland, OR, USA, June 2014, pp.
1786, Aug 2016. 4372 – 4378.
[21] U. Adhikari, T. H. Morris, and S. Pan, “Applying non-nested generalized [31] D. Shelar and S. Amin, “Security assessment of electricity distribution
exemplars classification for cyber-power event and intrusion detection,” networks under der node compromises,” IEEE Trans. Control Netw. Syst.,
IEEE Trans. Smart Grid., to be published. vol. 4, no. 1, pp. 23–36, Mar 2017.
[22] G. Liang, J. Zhao, F. Luo, S. R. Weller, and Z. Y. Dong, “A review of false [32] A. Teymouri, A. Mehrizi-Sani, and C.-C. Liu, “Cyber security risk assess-
data injection attacks against modern power systems,” IEEE Trans. Smart ment of solar pv units with reactive power capability,” in IECON 2018 -
Grid., vol. 8, no. 4, pp. 1630–1638, July 2017. 44th Annual Conference of the IEEE Industrial Electronics Society, DC,
[23] R. Deng, G. Xiao, R. Lu, H. Liang, and A. V. Vasilakos, “False data USA, Oct 2018, pp. 2872 – 2877.
injection on state estimation in power systems—-attacks, impacts, and [33] L. Langer, P. Smith, M. Hutle, and A. Schaeffer-Filho, “Analysing cyber-
defense: A survey,” IEEE Trans. Ind. Informat., vol. 13, no. 2, pp. 411– physical attacks to a smart grid: A voltage control use case,” in 2016 Power
423, April 2017. Systems Computation Conference (PSCC), Genova, Italy, June 2016, pp.
[24] R. Deng, P. Zhuang, and H. Liang, “False data injection attacks against 1–7.
state estimation in power distribution systems,” IEEE Trans. Smart Grid., [34] C. Cameron, C. Patsios, P. Taylor, and Z. Pourmirza, “Using self-
to be published. organizing architectures to mitigate the impacts of denial-of-service at-
[25] X. Ye, J. Zhao, Y. Zhang, and F. Wen, “Quantitative vulnerability assess- tacks on voltage control schemes,” IEEE Trans. Smart Grid., to be pub-
ment of cyber security for distribution automation systemss,” Energies., lished.
vol. 8, pp. 5266–5286, June 2015. [35] M. E. Baran and F. F. Wu, “Network reconfiguration in distribution
[26] I. H. Lim et al., “Security protocols against cyber attacks in the distribution systems for loss reduction and load balancing,” IEEE Trans. Power Del.,
automation system,” IEEE Trans. Power Del., vol. 25, no. 1, pp. 448–455, vol. 4, no. 2, p. 1401–1407, Apr 1989.
Jan 2010. [36] W. H. Kersting, Distribution System Modeling and Analysis. New York:
[27] R. Fu et al., “Security assessment for cyber physical distribution power CRC Press, 2017.
system under intrusion attacks,” IEEE Access., to be published.
[28] Y. Isozaki et al., “Detection of cyber attacks against voltage control in
VOLUME , 2019 13

OLTC-Induced False Data Injection Attack On VoltVA

Uploaded by

Copyright:

Available Formats

You might also like

OLTC-Induced False Data Injection Attack On VoltVA

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

OLTC-Induced False Data Injection Attack On VoltVA

Uploaded by

Copyright:

Available Formats

This article has been accepted for publication in a future issue of this journal, but has not been

Digital Object Identifier

OLTC-Induced False Data Injection

NOMENCLATURE Vt,d Voltage magnitude for node d at period t.

Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS

Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS

Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS

Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS

A higher voltage level caused by attack I can increase

s.t. (R1) The adversary can compromise smart meters by ob-

III. FORMULATION OF VOLT-VAR OPTIMIZATION or

Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS

Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS

conditions can be relaxed as the linear constraints with addi- 

Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS

Voltage magnitude (p.u.)

Voltage magnitude (p.u.)

Figs. 6, 7 and 8 show cyber voltage profiles for all nodes

B. IMPACT OF THE PROPOSED ATTACKS ON VOLTAGE

Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS

Voltage magnitude (p.u.)

Time (hour) 0.94

at their acceptable levels. This observation is due to the

at some nodes can be obtained from attack I.

With attack II (cyber layer)

voltage through the manipulation of the OLTC tap position

Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS

Voltage magnitude difference (p.u.)

With attack II (physical layer)

Voltage magnitude difference (p.u.)

Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS

OLTC tap position

Voltage magnitude difference (p.u.)

Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS

vector and the VVO operation with attack vector, respec-

0.055 Attack II on look-ahead VVO

Author et al.: Preparation of Papers for IEEE TRANSACTIONS and JOURNALS

You might also like

conditions can be relaxed as the linear constraints with addi-