Escolar Documentos
Profissional Documentos
Cultura Documentos
∗ ( ∗ )
PBFCL = P(t) – P(e) = sin (3)
( )
control input [10, 20]. The control input is calculated until the Here, b(i) is the bias and w(i, j) is the weight matrix between
cost function is minimized. the neurons.
The Neural Network Predictive Control algorithm is The output of the first hidden layer is given in the following
described below. matrix form.
i) Generate a reference signal.
ii) Predict the performance of the system depending on a110*1 = tansig([W] 110*2 a02*1 + b110*1) (6)
the previously calculated control input vector and neural
identifier. Similarly, the net input of the second hidden layer neuron is
iii) Calculate the new control input which will optimize the
CFM. 10 (7)
iv) Repeat the first two steps until optimization of CFM is n 2
(i) =
j =1
w (i, j )a 1 ( j) + b 2
(i)
achieved.
v) Provide the control input vector to the plant. Similarly, the output from the second hidden layer is
a210*1 = tansig([W] 210*10 a010*1 + b210*1) (8) SCADA system state estimation scheme or data sent from the
RTUs to the SCADA system can provoke negative
The net output from the hidden layers to output layer will be consequences. There are possibilities of the false data not
10
detectable by the state estimation scheme or even the false data
n 3 (i ) = w (i , j ) a
j =1
2
( j ) + b 2 (i ) (9) attack can be detectable without remedy.
There are mainly three types of attack that can happen in the
Finally the output from output layer will be smart grid system. Packet drop attacks can be caused at choke
points in the communication path, Distributed Denial of Service
TKE= purelin(W31*10 a210*1 + b3) (10) (DDoS) type attacks are mainly caused by disrupting, blocking or
jamming the flow of information through control and
To train the neural network, the Backpropagation algorithm communication networks, tampering communication data/signal
utilizing the Levenberg-Marquardt algorithm is used [10, 20]. type attacks not only delays communication but also
contaminates the data in the communication. In the literature,
In backpropagation algorithm, the gradient of the error several other cyber-attack scenarios are considered, for example,
function is determined to demonstrate the convergence of the intentionally data injection into the power system through
neural network under consideration. The error function of the telemetered data [24], malicious modification of network stored
considered network is data [25], coordinated data attack staged without being exposed
by the state estimation algorithm [26], and undetected
N 2 manipulation and the incorrect database parameters by cyber-
E ( x) = e
j =1 j
( x) (11)
attacks [27].
The National Electric Sector Cybersecurity Organization
Here, x is the weight of the neurons. Resource (NESCOR) recently defined many cybersecurity
realistic events that create negative impact on the power systems
The weights of the network are modified during the training
operation [28]. In this work, two NESCOR recommended
process until a desired performance is achieved. Therefore, the
realistic events have been considered to see the effectiveness of
update in x can be expressed as
cyber-attack on the performance of neural network controlled
bridge type FCL. Fig. 6 represents the cyber-attack scenarios
Δ x = −[Δ
2
E ( x )] − 1
Δ E (x) (12) considered in this work. Firstly, false data injection in the TKE
calculation scheme of the SCADA system has been used as input
The update in the x is further modified using the Levenberg- for the neural network predictive controller. This is considered as
Marquardt algorithm. Thus, the Levenberg-Marquardt algorithm Distributed Denial of Service (DDoS) type cyber-attack.
is used for convergence of the backpropagation algorithm [10, Secondly, tampering the signal or data attack can happen either
20]. in the RTU level or even in the communication channel between
the RTUs and SCADA system. In this work, a cyber-attack has
The cost function minimization (CMF) block works on the been considered, where data to be sent from the RTUs to the
receding horizon technique. The CMF block minimizes the SCADA are altered to values specified by the attacker.
difference between the instantaneous value of the total kinetic
energy and its steady state values over some operating time
horizon.
V. CYBER-ATTACKS IN POWER GRID
In power systems, numerous critical equipment and field
devices are used at the remote locations to effectively and
efficiently collect the customer operating conditions and thus
represents the wide area measurement and control technique. The
field devices like PLCs, IEDs, RTUs, PMUs, and smart meters
have algorithms which can be manipulated by either customers or
Fig.6. Cyber-attack scenarios.
cyber intruders [12]. By hampering and tampering the data
collection process, the utilities can get misleading feedbacks and
thus can cause interruptions which may ultimately result in a VI. SIMULATION RESULTS AND DISCUSSION
blackout. All simulations have been conducted in the Matlab/Simulink
The communication network in the power systems can be software platform. Both temporary and permanent balanced
exploited by the intruders to damage different layers present in (3LG: three-phase-to-ground) and unbalanced (1LG: single-
the grid. The RTUs forward the state estimation data to the phase-to-ground) faults are considered in the simulations. Also,
SCADA center [22, 23]. The false data injection either in the twenty-two fault points (A to V) as shown in the model system of
Fig. 1 have been considered. For the simulation, 20s and 50µs are ( )
Wc (sec) = / (13)
considered as simulation time and time step, respectively. The
temporary fault is considered to persist for 0.5 sec, while the
permanent fault persists for a substantial time.
Where, T is the simulation time and Wtotal is the total kinetic
A. Transient Stability Analysis for Permanent and Temporary energy of the system which can be evaluated from the rotor speed
Fault Without Considering Cyber-Attacks of each generator. Lower value of Wc, indicates better system’s
It is considered that for permanent fault, the circuit breakers performance. Table II and Table III represent the stability index
open at 0.0833 sec after the fault occurrence, reclose according to values for 3LG permanent and temporary faults, respectively, at
the optimal reclosing time (ORCT) [4, 5],[13] and reopen at three different fault positions in the IEEE 39 bus power system.
0.0833 sec after the reclosing. On the other hand, for temporary The values of the stability indexes prove the efficacy of the
fault, the circuit breakers open at 0.0833 sec after the fault neural network predictive controlled BFCL for improving the
occurrence and recloses according to the ORCT time [4, 5],[13]. transient stability.
The generators TKE responses for 3LG permanent fault at TABLE II
position B in the IEEE 39 bus power system is presented in Fig. VALUES OF WC WITH NEURAL NETWORK PREDICTIVE CONTROLLED BFCL FOR
7. Similarly, the generators total kinetic energy responses for PERMANENT FAULT
1LG temporary fault at position B in the IEEE 39 bus power Fault Wc values (with Wc values
system is represented in Fig. 8. It is explicit from the TKE Fault point neural network (without
responses that the neural network predictive controller based Type predictive controlled controller)
BFCL makes the system stable. BFCL) (sec) (sec)
A 0.501 1.521
3LG B 0.505 1.735
C 0.524 1.441
TABLE III
VALUES OF WC WITH NEURAL NETWORK PREDICTIVE CONTROLLED BFCL FOR
TEMPORARY FAULT
Fault Wc values (with Wc values
Fault Point neural network (without
Type predictive controlled controller)
BFCL) (sec) (sec)
A 0.503 1.462
3LG B 0.498 1.688
C 0.508 1.379
Fig.7. Total kinetic energy of the generators for 3LG permanent fault at position
B and without any cyber-attack.
B. Transient Stability Analysis in the Event of Distributed Denial
of Service (DDoS) type Attack.
For the neural network predictive controller, the TKE/TKED
is used as control input in this work. We collected speed response
from all the remotely located generators and calculated the
TKE/TKED in a simply designed SCADA system as represented
in Fig. 1, and Fig. 4. For initiating the DDoS attack, we
considered total loss of TKE/TKED by signal failure to the
considered controllers of the BFCL. Fig. 9 and Fig. 10 represent
the generators total kinetic energy responses considering DDoS
cyber-attack for three phase to ground and single phase to ground
permanent fault, respectively, at point B with the presence of
neural network predictive controlled BFCL. From the responses,
it is clear that for DDoS cyber-attack, the total kinetic energy
Fig.8. Total kinetic energy of the generators for 1LG temporary fault at position B goes out of step and control even with the presence of neural
and without any cyber-attack. network predictive controlled BFCL.
C. Transient Stability Analysis in the Event of Tampering the
To assess the transient stability, in this work the TKE based Communication Data/Signal type Attack
stability index, Wc [4, 5] has been used, which is given by
For initiating tampering the communication data/signal
attack, a malicious data was inserted in the TKE/TKED
calculation process in the SCADA system. Therefore, an abruptly
high value of TKE/TKED was passed to the controllers in
operation. Generators total kinetic energy responses considering
tampering the communication signal cyber-attack for 3LG and
1LG permanent faults at point B with the presence of neural
network predictive controlled BFCL are represented in Fig. 11
and Fig. 12 respectively. From the response, it is clear that for
tampering the communication signal cyber-attack, the total
kinetic energy goes out of step and control even with the
presence of neural network predictive controlled BFCL. Table IV
and Table V represent the Wc stability index values for 3LG
permanent fault considering DDoS and tampering the
communication signal cyber-attack.
Fig.9. Total kinetic energy of the generators considering DDoS cyber-attack and
3LG permanent fault at position B.
TABLE V
VALUES OF WC WITH NEURAL NETWORK PREDICTIVE CONTROLLED BFCL FOR
TAMPERING THE COMMUNICATION SIGNAL CYBER ATTACK
Wc values (with Wc values (with Wc values
Fault Fault controller and controller and (without
Type point cyber-attack) without cyber- controller
(sec) attack) (sec) and cyber-
attack) (sec)
A 1481 0.501 1.521
Fig.10. Total kinetic energy of the generators considering DDoS cyber-attack and 3LG B 1509 0.505 1.735
1LG permanent fault at position B. C 1492 0.524 1.441