Jestie 2020 3004744-R

This article has been accepted for publication in a future issue of this journal, but has not been
fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/JESTIE.2020.3004744, IEEE Journal
of Emerging and Selected Topics in Industrial Electronics
IEEE JOURNAL OF EMERGING AND SELECTED TOPICS IN INDUSTRIAL ELECTRONICS 1
Attack Detection and Isolation for Distributed Load

Shedding Algorithm in Microgrid Systems
Jiaqi Yan, Student member, IEEE, Fanghong Guo, Member, IEEE, Changyun Wen, Fellow, IEEE.
Abstract—Load shedding is usually adopted as an emergency However, as reported in [6], a centralized algorithm usu-
management to cope with large frequency deviation and supply- ally involves a number of disadvantages, such as high com-
demand imbalance in a microgrid (MG). As generators and loads putational cost, lack of flexibility, etc. Furthermore, it is
are usually highly distributed in MG, distributed load shedding
strategy is considered in this paper. In the proposed strategy, noted that the traditional power grids are undergoing huge
each agent first locally discovers the system’s global knowledge. evolution towards more intelligent ones, where loads and
Efficient load shedding decisions are then made with the ac- generators are highly distributed. Consequently, it is natural
quired information. Inspired by the fact that the communication and more reasonable to develop a distributed load shedding
channels are very vulnerable to malicious attacks, we further algorithm. For example, Gu et al. investigate a decentralized
address the security issue of the considered strategy. It is assumed
that an attacker intends to disrupt the information discovery under-frequency load shedding scheme for smart distribution
procedure and further deteriorates the system operation by networks [7]. Similarly, a multi-agent based load shedding
injecting malicious signals. By considering the injected signal algorithm is proposed in [8]. However, in above methods, the
as an external input with no prior knowledge, we first establish load shedding priority is not considered. Inspired by the work
necessary and sufficient conditions for the misbehaviors to be in [9], this paper first provides a multi-stage load shedding
observed. The design procedure of an unknown input observer
(UIO) is then presented, based on which, a detect and isolate strategy of MG system by considering different load priorities
mechanism is further developed to distributively detect and at each bus. With the developed strategy, each local bus
isolate the misbehaving agent, and mitigate the induced negative only acquires its local information and communicates with its
effects. The simulation and experimental results finally validate immediate neighbors. It is shown that through consensus-based
the effectiveness of our schemes. information exchanges, each agent can make load shedding
Index Terms—Distributed load shedding; cyber security; at- decision locally.
tack detection and isolation; unknown input observer (UIO). On the other hand, the proposed algorithm, although takes
full advantage of distributed resources, is also vulnerable to
I. I NTRODUCTION possible cyber attacks due to the wide use of communication
channels [10]. Typical attacks in smart grid include integrity
Microgrid (MG) is usually an independent power system
attacks ([11]–[14]), which damages the system operations by
with a small equivalent inertia constant. Therefore, both dra-
injecting false data into original measurements, and Denial-
matic load changes and insufficient power generations can
of-Service (DoS) attacks ([15], [16]), where the adversary
cause large frequency deviations in an MG system. In worse
degrades the system performance by jamming or breaking the
cases, they may even create an imbalance between power gen-
communications between agents.
eration and load consumption, and further lead to the collapse
Inspired by the fact that cyber threat is an area with growing
of system. To cope with this problem, efficient load shedding
concerns in smart grids, we further evaluate the proposed
operations are usually adopted as emergency managements to
load shedding strategy in adversarial environment. We study
maintain the system frequency and supply-demand balance by
the scenario where an intruder aims to deteriorate the system
cutting off some non-critical loads [1].
operation by maliciously injecting false signals into an agent’s
The problem of optimal load shedding in MG has been states at the information discovery stage. It is revealed that the
extensively investigated in recent decades. Various load shed- MG system performance can be heavily deteriorated by such
ding techniques have been proposed to determine the most type of attacks. For example, the frequency could fluctuate
appropriate loads to be shed [2]–[5]. In [2], a load shedding seriously, which may even lead to a system collapse. These
algorithm is proposed for MGs based on a distribution state observations urge the design of an efficient attack detection
estimator. A multiscenario under frequency load shedding and isolation mechanism.
problem is solved in [3] by applying genetic algorithms. Most In fact, research against cyber attacks in smart grid has been
of these approaches are centralized, where a fusion center is quite active in the last decades. By posing the attack detection
required to process the information from all generators and in grids as statistical learning problems, machine learning
loads and makes load shedding decisions. algorithms, such as support vector machines, Bayesian net-
J. Yan and C. Wen are with the School of Electrical and Electronic works, etc, are used in literatures to classify the measurements
Engineering, Nanyang Technological University, 639798, Singapore. Emails: as being either secure or attacked ([17], [18]). These data-
jyan004@e.ntu.edu.sg (J. Yan), ecywen@ntu.edu.sg (C. Wen). based approaches, although are proved to be effective working
F. Guo is the corresponding author and is with the Department of Automa-
tion, Zhejiang University of Technology, Hangzhou 310032, China. E-mail: against certain attacks, may fail in the scenario where the
fhguo@zjut.edu.cn. behaviors of intruders are arbitrary –which is quite the case
2687-9735 (c) 2020 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
Authorized licensed use limited to: UNIVERSITY OF BIRMINGHAM. Downloaded on July 23,2020 at 19:29:30 UTC from IEEE Xplore. Restrictions apply.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/JESTIE.2020.3004744, IEEE Journal
in practice. The reason is that the unexpected misbehaviors (DGs) and loads, as shown in Fig. 1. In order to illustrate
prevent the training data from being properly selected. our design clearly, we treat each local bus as an “agent”, and
Some works also exploit the traditional IT security mea- each agent is assigned a unique ID. In addition, to protect the
sures, such as firewalls, encryption and authentication ([19], privacy at local buses, each agent only has access to its local
[20]). These methods focus on the protection of information in information.
the cyberworld. However, the cyber and physical components Suppose that all the DGs in MG system are operating in the
become coupled in smart grid and thus their security is in- grid-forming mode with droop control function implemented
terdependent. Moreover, proactive mechanisms in IT security in the primary controllers. The frequency droop function is
have mainly focused on integrity and availability from a usually designed as follows
communication network point of view. They do not consider
ωi = ω ∗ − kPi (PGi − PGd i ), (1)
how the successful attacks affect the estimation and control
algorithms in the physical world. where ωi , PGi are the actual frequency and active power
The above issues have motivated another commonly adopted output at ith DG , ω ∗ , PGd i are the desired frequency and
strategy, which is to construct a model-based attack detection active power output, and kPi is the frequency droop gain.
system by using observer techniques by taking into account In practice, the droop gain in (1) can be either fixed in their
the dynamics of the physical systems and addressing how this primary controller or manually set by the MG operator [24].
model can be used to detect compromised nodes ([21], [22]). Hence it is assumed that kPi can be directly accessed by the
With such techniques, one could reconstruct the process states MG system operator.
with an observer, and make decision on possible misbehaviors According to [25], the frequency of the MG will be syn-
based on the residuals generated by the estimations. chronized as:
Since an attacker can inject arbitrary signals into the system, n
(PGd i − PGi )
P
in this paper, the malicious data is regarded as an unknown ∗ i=1
input without a priori knowledge being assumed. An unknown ωss = ω + n . (2)
1
P
input observer (UIO)-based mechanism is then proposed to kPi
i=1
detect and further isolate the attacked agent in the developed
load shedding algorithm. Compared to other observers, such In this paper, we mainly consider the under-frequency
as Kalman filter which assumes a Gaussian white noise model, load shedding problem in the MG system. Similar to the
UIO ensures its estimated state always track the actual process conventional power system, the frequency output of the DG-
state, regardless of the value and distribution of the unknown based MG system will drop if the total load consumption is
inputs [23]. This fact enables UIO to figure out any attacking larger than the total desired power output. Suppose we set a
behaviors based on the system model. load shedding triggering threshold as ω LS , which means that
The main contributions of this paper are summarized as once the frequency drops below ω ∗ − ω LS , i.e.,
follows: ω ∗ − ωss ≥ ω LS , (3)
(1) We provide a multi-stage and distributed load shed-
ding strategy. Its performance under cyber attacks, where the the load shedding process is activated.
agent’s normal behavior is manipulated by an intruder, is The key problem in the load shedding process is to deter-
further evaluated. By injecting malicious signals on a single mine 1) how many loads should be shed in total and 2) how
agent’s state, the attack is shown to deteriorate the load to allocate these shed loads among local buses. In this sub-
shedding process seriously, and harm the operation of MG section, a distributed algorithm is proposed to address these
system. two problems.
(2) Treating the attack signals as unknown exogenous in- According to (2), in order to maintain the system frequency
puts, a detection and isolation scheme is developed, where being close to the desired value ω ∗ , it is preferred to regulate
each agent is built with a bank of UIOs. The designed observer the total power output of all the DGs being equal to the sum
Pn
is proved to be only insensitive to the attacks injected on of the desired active power output, i.e., to make PGi =
i=1
a certain agent. Therefore, the misbehaving agent can be n
PGd i .
P
successfully detected and isolated by its neighbors. However, based on the triggering threshold defined
i=1
0 in (3), it is easy to derive the steady-state upper bound of the
Notations: For a vector a, ai and a are respectively applied
to denote its ith element and its transpose. For a matrix M , total power output is
we denote by [M ]S as the columns of M with index S. n
X 1
PGi ≤ PfLS = PGd + ω LS , (4)
kP
II. D ISTRIBUTED L OAD S HEDDING IN MG S YSTEM i=1
n n
We will first present a consensus-based distributed load where PGd =
P
PGd i , and 1
=
P 1
. Hence, as shown in
kP kPi
shedding algorithm in MG system. i=1 i=1
Fig. 2, to preserve the frequency output in the range [ω ∗ , ω ∗ −
A. Load shedding in MG system ω LS ], the minimum load to be shed can be determined as
n
Consider a microgrid system with n buses. Each bus is X
∆P = PGi − PfLS . (5)
assumed to be connected with local distributed generators i=1
where xi (k) denotes the state of agent i at current step,

Microgrid and wij > 0 is the updating weight. If we define x(k) ,
[x1 (k) x2 (k) · · · xn (k)]0 , and a transition matrix A ∈ Rn×n
as  P
Bus 1 Bus 2 Bus n 1 − j∈Ni wij if j = i

... aij = wij if j ∈ Ni , (8)
PG1 PL1 PG2 PL2 PGn P Ln 
0 otherwise

then (7) can be rewritten as

Agent 1 Agent 2 ... Agent n
x(k + 1) = Ax(k). (9)
Fig. 1. Illustration of distributed load shedding algorithm. Pn
Define x̄ = 1/n i=1 xi (0). An average consensus is reached
if
i lim x(k) = x̄ 1, (10)
k→∞
where 1 denotes the vector with all elements being 1. It has
 * + k p PGd
i i been proved in [26] that the average consensus is achieved
* i =  * − k p ( PG − PGd )
i i i exponentially with a doubly stochastic matrix A.
 * −  LS k pi
PGi C. Multi-stage load shedding strategy
Based on the average consensus algorithm, a multi-stage
PGdi PGLSi
and fully distributed load shedding strategy is proposed. In
what follows, we will detail each step:
Fig. 2. Illustration of droop control.
Step 0: Initialization
As a starting point, the number of agents and load shedding
threshold, i.e., n and PfLS , are set. Note that n can be directly
In addition, so as to describe the participation levels of load obtained by each agent with graph discovery algorithm (see
shedding on each bus, a participation coefficient γiL is defined, [24]). On the other hand, as indicated in (4), the calculation of
which is assigned between 0 to 0.1. To be concrete, a higher PfLS is based on PGd and k1P , which is a global knowledge of
flexibility for the loads on bus i to shift indicates a larger γiL . MG system. In order to make the strategy distributed, we apply
Specifically, if the loads in bus i is uninterrupted, then γiL = 0. the average consensus algorithm proposed in Sec II-B, with
Note that γiL is determined by agent i, and can be adjusted xi (0) = [PGd i , k1P ] for each agent i. Clearly, the algorithm
i
according to its actual operation conditions. Then the load to could make all agents to converge to the average value of PGd
be shed on bus i can be determined as and k1P . With each agent being informed of number n, PGd
γiL PiLmax and k1P are acquired, and thus PfLS is derived.
∆Pi = P
n ∆P, (6) Step 1: Obtain global information
γiL PiLmax
Pn
This discover the global information on i=1 PGi
Pnstep Lis toLmax
i=1
and i=1 γi Pi . Similar to Step 0, the average consensus
where PiLmax denotes the maximum capacity of shedable load algorithm is adopted, where each agent begins with the initial
in ith bus. value xi (0) = [PGi , γiL PiLmax ].
Step 2: Calculate the total load to be shed
B. Average consensus algorithm The total load needs to be shed in the MG P system, i.e.,
n
∆P , is calculated by each agent with (5), where i=1 PGi is
In this sub-section, we introduce some preliminaries on the acquired in Step 1.
average consensus algorithm, which will be applied in the load Step 3: Calculate the individual load to be shed
shedding algorithm proposed later. With the knowledge obtained from previous steps, each
Consider a simple, connected and undirected graph G = agent makes a local decision based on (6). We note that
{V, E}, where V = {1, 2, ..., n} denotes the set of agents, and after deploying its local load shedding decision, the agent
E ⊆ V × V indicates the set of edges. Note that eij ∈ E if will restart the information discovery process. This is due to
and only if agent i and j can communicate directly with each the necessity of dynamically updating the information on total
other. The neighborhood of i ∈ V is defined as Ni = {j ∈ active power so as to avoid an insufficient or excessive load
V|eij ∈ E}. shedding in real time.
Assume each agent i ∈ V is initialized with its local
knowledge, i.e., xi (0). At any time k, it broadcasts its state III. ATTACK M ODEL AGAINST D ISTRIBUTED L OAD
to all neighbors, and updates its own state according to the S HEDDING A LGORITHM
following equation: The distributed algorithm requires abundant information
exchange among agents. The high integration with the com-
X
xi (k + 1) = xi (k) + wij [xj (k) − xi (k)], (7)
j∈Ni
munication infrastructures makes cyber security become one
of the most important challenges in smart grid. To address Proof. For simplicity, we denote mi (t) , ei ui (t), which is a
such an issue, we now consider the performance of the vector with ith entry being ui (t), and others remaining 0.
proposed multi-stage load shedding algorithm in an adversarial As a direct result of Cauchy convergence criterion [28,
environment. chapter 2] and Eqn. (13), it holds that
An attacker is assumed to deteriorate the load shedding X∞
process by interrupting the consensus procedure of global lim |ui (t)| = 0,
k→∞
information discovery at Step 1. To this end, it injects ma- t=k
licious signals ui (k) at agent i, whose updating rule is thus further implying
manipulated to be ∞
X
X lim ||mi (t)||1 = 0.
xi (k + 1) = xi (k) + wij [xj (k) − xi (k)] + ui (k). (11) k→∞
t=k
j∈Ni
Furthermore, since A is doubly stochastic, so is Ak−t . One
Therefore, the matrix representation becomes thus derives that
x(k + 1) = Ax(k) + ei ui (k), (12) ||Ak−t mi (t)||1 = ||Ak−t ||1 ||mi (t)||1 = ||mi (t)||1 . (16)
where ei is the ith canonical basis vector in Rn . We further We then have the following result,
refer agent i to a misbehaving agent. k
X k
X
lim ||Ak−t mi (t)||1 = lim ||mi (t)||1 = 0. (17)
Remark 1. The considered attack model covers the scenarios k→∞
t=∞
k→∞
t=∞
where the behavior of an agent is manipulated by an ad-
One thus obtains that
versary and no longer follows the normal update law (7).
k k
It not only includes the cases of DoS and integrity attacks X
k−t
X
lim A mi (t) ≤ lim ||Ak−t mi (t)|| = 0.
on the in-going communication channels of this agent, but k→∞ k→∞
t=∞ t=∞
also captures the behaviors of the “selfish agent”. Namely, (18)
the agent refuses to follow the prescribed updating rule, but Since the left hand is clearly non-negative, we know
instead intentionally send self-designed data to neighbors to k
X
achieve their individual objectives. This is highly possible lim Ak−t mi (t) = 0. (19)
since the participating agents usually have different interests in k→∞
t=∞
networked systems. For example, [27] considers the situation
where a selfish agent broadcasts falsified data in order to Pkfrom Cauchy convergence criterion, as k goes to
Therefore,
infinity, t=0 Ak−t mi (t) has a finite limit. On the other hand,
place the load shedding responsibility to others. As reported since A is doubly stochastic, we know that limk→∞ Ak ei =
therein, this misbehavior may also cause serious consequences 1
n 1. Given the definition of mi (t), one concludes that
to the operations. However, this misbehavior will never be
prevented by any encryption and authentication methods, as ui (t)
lim Ak mi (t) = lim Ak ei ui (t) = 1.
the information is indeed sent from the authorized agents. As k→∞ k→∞ n
to be shown later, we can instead apply the observer-based Finally from Cauchy convergence criterion, there exists some
method in this paper to detect and isolate it to protect the constant c̄, such that
system security. k
X
lim Ak−t mi (t) = c̄ 1 . (20)
Clearly, such kind of malicious attack can potentially either k→∞
t=0
prevent the benign agents from reaching a consensus, or
Now from (12), we obtain that
manipulate the final agreement to be false. In what follows,
k
sufficient and necessary conditions would be proposed for the h X i
consensus to be achieved in the presence of an intruder. lim x(k + 1) = lim Ak+1 x(0) + Ak−t mi (t)
k→∞ k→∞
t=0
(21)
Theorem 1 (Sufficiency). Consider the manipulated update = (x̄ + c̄) 1 .
rule (12). Suppose A in (12) is doubly stochastic. If the sum By denoting c = x̄ + c̄, the first part of proof is completed.
of attacking signal is bounded, i.e., there exists a constant B Then from (16) and (20), it is held that
such that Pk
∞
X || limk→∞ t=0 Ak−t mi (t)||1
|ui (k)| ≤ B, (13) |c − x̄| =
n
k=0 Pk
limk→∞ t=0 ||Ak−t mi (t)||1
then the following results hold: =
n
1) All agents achieve a consensus, i.e., Pk
limk→∞ t=0 ||mi (t)||1
= (22)
lim x(k) = c1, with c being a constant; (14) n
k→∞
Pk
limk→∞ t=0 |ui (t)|
2) The bias induced by the attacker is quantified as =
n
B
|c − x̄| ≤ B/n. (15) ≤ ,
n
which proves
P∞ (15). It is noted that the equality holds if and Proposition 1 ([29]). There exists a UIO for system Σij , if
only if t=0 |ui (t)| = B. This indicates that if the intruder and only if the graph G is connected and i ∈ Nj .
knows how much attacking signal has been injected into the
Suppose that Σij satisfies the conditions in Proposition 1.
system in total, then it exactly knows the bias induced to the
That is, there exists a UIO for it. In what follows, the design
consensus value.
scheme of such an observer would be provided, followed by
Theorem 1 indicates that the attacking signal with a bounded the analysis of its effectiveness.
accumulative effect can make all agents achieve an incorrect 1) Design procedure of UIO: We now present the design
agreement, and thus be misled to believe on a manipulated procedure of the unknown matrices in (24) (namely, Fij , Kij
global information about ∆P . A false load shedding decision and Hij ):
will thus be made, which may cause different adverse impacts. (i) Choose Fij with all eigenvalues within the unit circle.
For example, it may involve abrupt increases of the load at That is, design Fij to be stable.
crucial locations to cause an overflow on the transmission lines (ii) Compute Hij as: Hij = [ei e0i ]Nj .
and incur significant damage to the utility company or user (iii) Denote A1 = (I − Hij Cj )A. With Fij from step (i),
equipment. (1)
solve the equation Fij = A1 − Kij Cj to obtain the
In practice, an intruder is more likely to adopt the attacking (1) (1)
matrix Kij . The existence of such a Kij requires
rule of (13), as the process without converging would alert that the pair (Cj , A1) is detectable. From [30, Lemma
the operators easily. However, in the rest of this paper, we 5.2], we conclude that the considered system meets this
place no assumption on ui (k). Namely, the value of ui (k) requirement. Therefore, such equation is solvable and
can be chosen arbitrarily by the intruder to achieve certain could be achieved with the pole placement routine.
attack goals. (2) (1) (2)
(iv) Compute Kij as: Kij = Fij Hij , Kij = Kij + Kij .
Note that the matrices Hij and Kij are calculated with the
IV. ATTACK D ETECTION A ND I SOLATION above procedure and a user-chosen stable matrix Fij . As a
Since the operation of power system can be seriously result, we complete the design of observer by applying these
deteriorated in the presence of attacks, it is important to matrices to (24).
design a mechanism to detect and isolate the possible security 2) Analysis of effectiveness: This part is devoted to effi-
breaches. By formulating the attacking signal ui (k) as an ciency analysis of the designed observer. Applying (24) to
unknown input, this section proposes a detection scheme based Σij yields
on the Unknown Input Observer (UIO). (1)
ij (k + 1) = (A − Hij Cj A − Kij Cj )ij (k)
(1)
A. Unknown Input Observer (UIO) + (A − Hij Cj A − Kij Cj − Fij )zij (k)
(1) (2)
Consider any agent j. Suppose that Nj = {j1 , j2 , ..., jp }, + [(A − Hij Cj A − Kij Cj )Hij − Kij ]yj (k)
let us define Cj = [ej1 , ej2 , ..., ejp ]0 . Denote the information + (I − Hij Cj )ei ui (k).
available to agent j as (25)
yj (k) = Cj x(k). (23) Based on the choices of the matrices from the proposed design
procedure, we have
Clearly, yj (k) encloses the information received from the
(1) (2)
neighbors of agent j. For simplicity, denote the system de- Fij = A − Hij Cj A − Kij Cj ; Kij = Fij Hij . (26)
scribed by (12) and (23) as Σij .
Furthermore, one notes that with Step (ii), Hij Ci produces
Based on Σij and the neighborhood information yj (k),
an n-dimensional diagonal matrix in the form of Hij Ci =
agent j is able to construct a full-order observer Oij , which
diag(0, · · · , 0, 1, 0, · · · , 0), which makes (I − Hij Cj )ei = 0
estimates the state of agent i, denoted by x̂ij (k), as: | {z } | {z }
i−1 n−i
zij (k + 1) = Fij zij (k) + Kij yj (k), holds. Then the dynamics of estimation error (25) becomes
(24)
x̂ij (k) = zij (k) + Hij yj (k), ij (k + 1) = Fij ij (k). (27)
where zij (k) is the internal state of Oij , and Fij , Kij , Hij Since Fij is chosen to be stable, ij (k) approaches 0 asymp-
are design matrices chosen according to the design procedure totically for any input trajectories ui (k).
given later. On the other hand, one could check that for any other
Definition 1 ([23]). Denote the estimation error of Oij canonical basis vector ep with p 6= i, it is held that (I −
as ij (k) = x(k) − x̂ij (k). If for any input ui (k), Hij Cj )ep 6= 0. This makes the estimation error ij (k + 1) in
limk→∞ ij (k) = 0, then Oij is an Unknown Input Observer (25) never vanish. As a result, the designed observer Oij is
(UIO). insensitive only to the misbehaviors/attacks on agent i.
A necessary and sufficient condition for the existence of

B. Distributed detection scheme with UIOs
UIO is given by the following proposition, and can be vali-
dated using topological properties of the network: In view of Proposition 1, each agent is only able to detect
and locate attacks within its neighborhood. Similar to that in
[30], let each agent have a monitoring system with a bank of

Calculate Change update
UIOs. That is, for every agent j, it establishes a UIO for each Build UIO for each
residuals
Attack detected at YES
rule with
neighboring agent i ϵ Nl ?
of its neighbors i ∈ Nj , by following the proposed design (32) and set index
procedure (i)-(iv). The observer Oij produces the residual as NO

rij (k) = Cj x̂ij (k) − yj (k). From former discussions, one
concludes that rij (k) is decoupled only from ui (k). By taking
Fig. 3. Attack detection and isolation algorithm of agent l.
the assumption that there is at most one active attack into
consideration, the following logic can be applied by agent j
for detection and identification: further check that Ã is still doubly stochastic, which implies
1) No attack is present, if all the benign agents can finally achieve an average consensus.
On the other hand, if agent i fails to receive information from
||rij (k)||1 < Θ(k), ∀i ∈ Nj ; (28)
all its neighbors for some time, it will cut off its associated
2) Agent i ∈ Nj is under attack, if bus in the physical layer.
( Since the load shedding algorithm relies on the number of
||rpj (k)||1 > Θ(k), networked nodes, the agents beyond the neighborhood of the
∀p ∈ Nj /{i}; (29)
||rij (k)||1 ≤ Θ(k), misbehaving one should also be informed of the isolation. To
this end, we design such a mechanism. That is, when an agent
3) There exists a misbehaving agent m, with m ∈
/ Nj , if
l identifies and isolates a misbehaving agent, it sets an index
||rij (k)||1 ≥ Θ(k), ∀i ∈ Nj , (30) as 1, and broadcasts this index to the rest of its neighbors in
addition to xl (k). As the reduced topology is still connected,
where Θ(k) is the isolation threshold.
all agents would be informed of such an index within finite
Remark 2. The threshold Θ(k) can be interpreted as a iterations, and thus acknowledge the number of agent has
design parameter that indicates how much estimation error reduced to n−1. Local load shedding decisions (6) will then be
the observer Oij can tolerate at time k. Adopting a larger applied in the new topology to recover the system frequency.
Θ(k) means that it wants to tolerate a larger estimation error, We summarize the overall algorithm for attack detection
and thus reduces the rate of false alarm. However, it also and isolation in Fig. 3, where the detailed steps of agent l
increases the lower bound of recognizable misbehaviors. This are illustrated. Since only the neighbors of the attacked node
fact indicates that the security of network would be sacrificed modify the network topology, no extra communication among
to some extent. As a result, there exists a trade-off in choosing agents is needed and the algorithm can be implemented total
Θ(k). Note that Θ(k) can be either constant or time-varying. distributively.
More information is provided in [31] for further reference.
Remark 3. We note that unknown input observers can be
Note that the design of UIOs can be conducted off-line. utilized in more general applications for attack detection.
Since the calculation of residual signal rij (k) only relies To be more specific, this paper deals with the attacks on
on local information, the above detection strategy could be information discovery process of distributed load shedding,
implemented in a distributed manner. whose mathematical model is a first-order system as in (12).
Based on this model, a UIO-based algorithm is proposed
C. Misbehaving agent isolation for attack detection and isolation. In fact, this approach can
In this paper, we assume that the considered graph G is 2- be directly applied to other industrial applications where
connected. That is, the graph remains connected after losing the distributed consensus algorithm is employed and thus
any single vertex. However, it is observed that this assumption have the same model as (12), like state-of-charge control
can be further relaxed with the graph re-configuration strategy in battery energy storage systems, formation control among
proposed in [24]. unmanned vehicles, etc. Furthermore, the ideas in this paper
Once the agent j locates the compromised agent i, it stops of constructing and designing UIOs can also be extended
sending and receiving information from this node, and changes to other cases, such as the attack detection and isolation in
the update rule as interconnected second-order systems, by integrating the system
X structure into the observer design. The essential point is to
xj (k + 1) = xj (k) + wjp [xp (k) − xj (k)]. (31) construct a bank of observers, generating a set of residuals
p∈Nj ,p6=i such that each residual is decoupled from the unknown inputs
Since the misbehaving agent i is monitored, and thus detected at only one agent.
by all its neighbors, (31) will be applied by ∀l ∈ Ni . Define
x̃(k) , [x1 (k) x2 (k) · · · xi−1 (k) xi+1 (k) · · · xn (k)]0 , and V. C ASE S TUDY
matrix Ã ∈ R(n−1)×(n−1) in a similar way to (8), we obtain This section provides some case studies to verify the theo-
the revised updating rule in matrix form as retical results.
A 220V (per phase RMS), 50Hz MG shown in Fig. 4 is
x̃(k + 1) = Ãx̃(k). (32)
considered as a testing system. The parameters of the system
Clearly, (32) works as isolating the misbehaving agent i in are summarized in Table I, where the unit of PGd i , PiLmax , (i =
communication network. As the graph is 2-connected, one can 1, 2, 3, 4) is W , and the unit of kpi , (i = 1, 2, 3, 4) is rad/(s ·
DG1 Agent 1 B41 Agent 4

DG4
B12 B34
DG2 Agent 2 Agent 3 DG3

B23
Fig. 4. Physical connection of MG system.
Agent 1 Agent 4 Agent 1 Agent 4
×
Agent 2 Agent 3 Agent 2 × Agent 3
Fig. 6. Experimental setup.
(a) (b)
shedding operation once the system frequency drops below
Fig. 5. Communication topology before and after attack isolation
49.5Hz.
It is noted that the calculation of PGd and k1P at Step 0 could
W ). For easy illustration, we choose the same communication be realized before the load shedding calculation. Consequently,
graph (Fig. 5(a)) as the physical one. To facilitate the process each agent conducts the initialization and acquires the system
of average consensus, the following doubly stochastic matrix parameters PGd and k1P . The case study is then divided into 2
is applied: phases with experimental results shown in Fig. 7:
 
0.6 0.3 0 0.1 1) Phase 1 (0 − 0.5s): In this phase, constant loads are
0.3 0.5 0.2 0  connected to the MG system with PL1 = 1.5e6, PL2 =
A=  0 0.2 0.6 0.2 .
 (33)
1.5e6, PL3 = 4e6, and PL4 = 3e6. We note that the
0.1 0 0.2 0.7 local loads are consistent with DG’s desired active power
output. Therefore, system frequency is maintained at the
This part investigates the performance of the proposed
nominal value of 50Hz.
method using Piecewise Linear Electrical Circuit Simulator
2) Phase 2 (0.5 − 5s): At t = 0.5s, a constant load is
(PLECS). The experimental setup is shown in Fig. 6. We also
added to Load 4, and PL4 changes to 3.5e6. From
detail the information of the setup as follows. Power-stage
Fig. 7, it is observed that a sudden frequency decline
simulations have been used to represent the physical system
occurs at this moment. The proposed multi-stage load
and the minimal step size for the simulation is 1 × 10−5 s,
shedding strategy is triggered once (4) is violated.
which is small enough to accurately reflect the dynamics of
The DGs’ power output at this triggering moment is
the MG system load shedding. In addition, all the inverters
PG1 = 1.5576e6, PG2 = 1.5049e6, PG3 = 4.0630e6,
are represented by average-models. To be specific, these
and PG4 = 3.3745e6. Set initial state as xi (0) =
converters are modelled as controlled AC voltage sources
[PGi , γiL PiLmax ]. The average consensus algorithm con-
without considering the switching states. This simplification is
verges at x̄ = [2.6250e6, 0.1875e6] within several mil-
reasonable since the converter switching behaviors have little
liseconds. ThenP4each agent canP4 discover the global in-
influence on the system-level power management and load
formation on i=1 PGi and i=1 γiL PiLmax and make
shedding. For the hardware-in-loop verification, one micro
local decision with (6).
controller (TI Launchpad LAUNCHXL-F28069M) is used
for each agent. Modbus TCP/IP communication protocol is 2) Multi-stage load shedding algorithm in the presence of
utilized for the distributed communication among these micro attacks: In this sub-section, we discuss the scenario where
controllers. In addition, in the communication network, these the proposed load shedding strategy is under cyber attacks.
controllers are connected to one switch (Cisco C2960), hence
the communication among these controllers is just within one
TABLE I
hop and the one-way-delay can be negligible. One 4-chanel PARAMETERS OF MG S YSTEM
digital oscilloscope is used to collect the outputs from the
Bus 1 Bus 2 Bus 3 Bus 4
PLECS. d d d d
PG 1.5e6 PG 1.5e6 PG 4e6 PG 3e6
1) Multi-stage load shedding algorithm without attacks: 1
P1Lmax 1e6
2
P2Lmax 2e6
3
P3Lmax 3e6
4
P4Lmax 4e6
We first study the performance of the proposed load shedding kP1 1e-5 kP2 1e-5 kP3 0.375e-5 kP4 0.5e-5
algorithm in benign environment. The triggering threshold is γ1 0 γ2 0.1 γ3 0.05 γ4 0.1
set to be ω LS = 0.5Hz. That is, the agents activate load B12 = 10Ω−1 , B23 = 10.6Ω−1 , B34 = 9.2Ω−1 , B41 = 9Ω−1
where the eigenvalues of F12 is assigned as [0.4, 0.5, 0.6, 0.7]0

with Control System Toolbox for MATLAB. The UIO for Σ32
is also constructed in a similar way.
As can be observed from the experimental results in Fig. 9,
the residual corresponding to node 3 is close to zero while the
other is large. Therefore, Agent 2 identifies Agent 3 as being
compromised and adopts (31) to isolate the misbehaving one.
A similar detection and isolation rule is also applied in Agent
4. The network topology is consequently reduced to Fig. 5(b).
Fig. 7. Performance of the multi-stage load shedding algorithm without attack.
The performance of the resulting system is evaluated in Fig.
10, where the system frequency is recovered to 49.5Hz with
For Psimplicity, we only consider the consensus procedure the proposed load shedding law, and validates the effectiveness
4
on PGi . That is, xi (0) = PGi . The discovery of of our approach,
P4 i=1 L Lmax
γ
i=1 i iP is assumed to be completed and correct.
Suppose agent 3 is being attacked within 6th -12th iteration, ·106
1
and its update rule is manipulated to ||r12 ||1
0.8
Residuals
||r32 ||1
x(k + 1) = Ax(k) + e3 u3 (k), (34) 0.6
where ( 0.4
−0.02e6, if 6 ≤ k ≤ 12, 0.2
u3 (k) = (35)
0, else. 0
5 10
We first show the influence of such an attack on system Iteration k
operation. Under (34), the agents achieve a false consensus
on c = 2.5900e6 instead of x̄1 = 2.6250e6. The manipulated Fig. 9. UIO residuals when an attack occurs in agent 3.
consensus leads to a false global information, and thus incor-
rect load shedding decision. As is illustrated in Fig. 8, the
system frequency declines heavily to around 49.2Hz because
of such an attack.
Fig. 10. Performance of the multi-stage load shedding algorithm after attack
detection and isolation.
Fig. 8. Performance of the multi-stage load shedding algorithm under attacks. VI. C ONCLUSION
In this paper, we propose a distributed load shedding algo-
To avoid such negative effects, the attack detection and rithm for MG system. Its performance is further explored in an
isolation algorithm proposed in this paper is adopted. As adversarial environment, where an attacker intends to disrupt
discussed in Section IV-B, each agent is built with a bank the consensus procedure in global information discovery, so as
of UIOs. Consider the ones at agent 2 as an example. The to purposely deteriorate the normal operation of MG system.
information collected at agent 2 is given by By considering the malicious data as an input signal with
y2 (k) = C2 x(k), (36) no prior knowledge, we design an unknown input observer
(UIO). A UIO-based detection and isolation mechanism is
with C2 = [e1, e3]0 . Following the design procedure, the UIO then developed to detect the attack and compensate for the
for Σ12 is designed as negative effects caused. Experimental and numerical results
are also presented to verify the theoretical outcomes.
 
0.5085 0 0.0209 0
0.0164 0.5000 0.0404 0 
F12 = 0.1168 0.2000 0.4915 0.2000 ,
 (37) R EFERENCES
0.0270 0 −0.0029 0.7000 [1] D. Xu and A. A. Girgis, “Optimal load shedding strategy in power
    systems with distributed generation,” in Power Engineering Society
0 −0.0209 1 0 Winter Meeting, 2001. IEEE, vol. 2. IEEE, 2001, pp. 788–793.
0.3000 0.1596  [2] M. Karimi, P. Wall, H. Mokhlis, and V. Terzija, “A new centralized
 , H12 = 0 0 ,
 
K12 =  (38) adaptive underfrequency load shedding controller for microgrids based
 0 0.1085   0 0 on a distribution state estimator,” IEEE Transactions on Power Delivery,
0.1000 0.2029 0 0 vol. 32, no. 1, pp. 370–380, 2016.
[3] Y.-Y. Hong, M.-C. Hsiao, Y.-R. Chang, Y.-D. Lee, and H.-C. Huang, [25] A. Ameli, A. Hooshyar, E. F. El-Saadany, and A. M. Youssef, “Attack
“Multiscenario underfrequency load shedding in a microgrid consist- detection and identification for automatic generation control systems,”
ing of intermittent renewables,” IEEE transactions on power delivery, IEEE Transactions on Power Systems, vol. 33, no. 5, pp. 4760–4774,
vol. 28, no. 3, pp. 1610–1617, 2013. 2018.
[4] Q. Zhou, Z. Li, Q. Wu, and M. Shahidehpour, “Two-stage load shedding [26] R. Olfati-Saber and R. M. Murray, “Consensus problems in networks
for secondary control in hierarchical operation of islanded microgrids,” of agents with switching topology and time-delays,” IEEE Transactions
IEEE Transactions on Smart Grid, 2018. on Automatic Control, vol. 49, no. 9, pp. 1520–1533, 2004.
[5] A. Ketabi and M. H. Fini, “An underfrequency load shedding scheme [27] J. Duan and M.-Y. Chow, “Data integrity attack on consensus-based load
for hybrid and multiarea power systems,” IEEE Transactions on Smart shedding algorithm for power systems,” in Industrial Electronics Society,
Grid, vol. 6, no. 1, pp. 82–91, 2015. IECON 2017-43rd Annual Conference of the IEEE. IEEE, 2017, pp.
[6] H. Gao, Y. Chen, Y. Xu, and C.-C. Liu, “Dynamic load shedding for an 7641–7646.
islanded microgrid with limited generation resources,” IET Generation, [28] H. L. Royden, Real analysis. Krishna Prakashan Media, 1968.
Transmission & Distribution, vol. 10, no. 12, pp. 2953–2961, 2016. [29] F. Pasqualetti, A. Bicchi, and F. Bullo, “Distributed intrusion detection
[7] W. Gu, W. Liu, J. Zhu, B. Zhao, Z. Wu, Z. Luo, and J. Yu, “Adaptive for secure consensus computations,” in Decision and Control, 2007 46th
decentralized under-frequency load shedding for islanded smart distribu- IEEE Conference on. IEEE, 2007, pp. 5594–5599.
tion networks,” IEEE Transactions on Sustainable Energy, vol. 5, no. 3, [30] A. Teixeira, H. Sandberg, and K. H. Johansson, “Networked control
pp. 886–895, 2014. systems under cyber attacks with applications to power networks,” in
[8] Y. Xu, W. Liu, and J. Gong, “Stable multi-agent-based load shedding American Control Conference (ACC), 2010. IEEE, 2010, pp. 3690–
algorithm for power systems,” IEEE Transactions on Power Systems, 3696.
vol. 26, no. 4, pp. 2006–2014, 2011. [31] P. M. Frank and X. Ding, “Survey of robust residual generation and
[9] W. Gu, W. Liu, C. Shen, and Z. Wu, “Multi-stage underfrequency evaluation methods in observer-based fault detection systems,” Journal
load shedding for islanded microgrid with equivalent inertia constant of Process Control, vol. 7, no. 6, pp. 403–424, 1997.
analysis,” International Journal of Electrical Power & Energy Systems,
vol. 46, pp. 36–39, 2013.
[10] R. Deng, G. Xiao, R. Lu, H. Liang, and A. V. Vasilakos, “False data
injection on state estimation in power systems—attacks, impacts, and
defense: A survey,” IEEE Transactions on Industrial Informatics, vol. 13,
no. 2, pp. 411–423, 2017.
[11] Y. Liu, P. Ning, and M. K. Reiter, “False data injection attacks against
state estimation in electric power grids,” ACM Transactions on Informa-
tion and System Security (TISSEC), vol. 14, no. 1, p. 13, 2011.
[12] L. Xie, Y. Mo, and B. Sinopoli, “Integrity data attacks in power market
operations,” IEEE Transactions on Smart Grid, vol. 2, no. 4, pp. 659–
666, 2011.
[13] H. Sandberg, A. Teixeira, and K. H. Johansson, “On security indices
for state estimators in power networks,” in First Workshop on Secure
Control Systems (SCS), Stockholm, 2010, 2010.
[14] R. Tan, H. H. Nguyen, E. Y. S. Foo, D. K. Y. Yau, Z. Kalbarczyk, R. K.
Iyer, and H. B. Gooi, “Modeling and mitigating impact of false data
injection attacks on automatic generation control,” IEEE Transactions
on Information Forensics and Security, vol. 12, no. 7, pp. 1609–1624.
[15] S. Liu, X. P. Liu, and A. El Saddik, “Denial-of-service (dos) attacks
on load frequency control in smart grids,” in Innovative Smart Grid
Technologies (ISGT), 2013 IEEE PES. IEEE, 2013, pp. 1–6.
[16] S. Liu, Z. Hu, X. Wang, and L. Wu, “Stochastic stability analysis
and control of secondary frequency regulation for islanded microgrids
under random denial of service attacks,” IEEE Transactions on Industrial
Informatics, vol. 15, no. 7, pp. 4066–4075, 2019.
[17] M. Ozay, I. Esnaola, F. T. Y. Vural, S. R. Kulkarni, and H. V. Poor,
“Machine learning methods for attack detection in the smart grid,” IEEE
transactions on neural networks and learning systems, vol. 27, no. 8,
pp. 1773–1786, 2015.
[18] C. Rudin, D. Waltz, R. N. Anderson, A. Boulanger, A. Salleb-Aouissi,
M. Chow, H. Dutta, P. N. Gross, B. Huang, S. Ierome et al., “Machine
learning for the new york city power grid,” IEEE transactions on pattern
analysis and machine intelligence, vol. 34, no. 2, pp. 328–345, 2011.
[19] D. Kang, J. Lee, B. Kim, and D. Hur, “Proposal strategies of key
management for data encryption in scada network of electric power
systems,” International Journal of Electrical Power & Energy Systems,
vol. 33, no. 9, pp. 1521–1526, 2011.
[20] C. Yan, D. Englender, M. Prvulovic, B. Rogers, and Y. Solihin, “Im-
proving cost, performance, and security of memory encryption and
authentication,” ACM SIGARCH Computer Architecture News, vol. 34,
no. 2, pp. 179–190, 2006.
[21] S. Rahmé, Y. Labit, and F. Gouaisbaut, “An unknown input sliding
observer for anomaly detection in tcp/ip networks,” in 2009 International
Conference on Ultra Modern Telecommunications & Workshops. IEEE,
2009, pp. 1–7.
[22] C. Mellucci, P. P. Menon, C. Edwards, and A. Ferrara, “Second-order
sliding mode observers for fault reconstruction in power networks,” IET
Control Theory & Applications, vol. 11, no. 16, pp. 2772–2782, 2017.
[23] J. Chen and R. J. Patton, Robust model-based fault diagnosis for dynamic
systems. Springer Science & Business Media, 2012, vol. 3.
[24] F. Guo, C. Wen, J. Mao, J. Chen, and Y.-D. Song, “Distributed
cooperative secondary control for voltage unbalance compensation in
an islanded microgrid,” IEEE Transactions on Industrial Informatics,
vol. 11, no. 5, pp. 1078–1088, 2015.

Jestie 2020 3004744-R

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Jestie 2020 3004744-R

Uploaded by

Copyright:

Available Formats

This article has been accepted for publication in a future issue of this journal, but has not been

Attack Detection and Isolation for Distributed Load

where xi (k) denotes the state of agent i at current step,

then (7) can be rewritten as

A necessary and sufficient condition for the existence of

[30], let each agent have a monitoring system with a bank of

procedure (i)-(iv). The observer Oij produces the residual as NO

DG1 Agent 1 B41 Agent 4

DG2 Agent 2 Agent 3 DG3

Fig. 4. Physical connection of MG system.

Agent 1 Agent 4 Agent 1 Agent 4

Fig. 6. Experimental setup.

where the eigenvalues of F12 is assigned as [0.4, 0.5, 0.6, 0.7]0

You might also like