Detecting Timing Attack on PMU Data utilizing Unwrapped Phase Angle and Low-Rank Henkel Matrix Properties

Introduction of PMUs to cyber-physical system pro-vides accurate data acquisition, while posing additional risk of being the victim of cyber attack. Both False Data Injection Attack (FDIA) and GPS-spoofing or timing attack can provide malicious data to the cyber system, though these two attacks require different post-attack contingency plan. Thus accurate detection of timing attack and separating it from conventional FDIA has become a very important research area. In this article, a successful detection of timing attack mechanism is proposed. Firstly, a method to distinguish timing attack and FDIA using unwrapped phase angle data is developed. Secondly, utilizing low rank Henkel matrix property to differentiate timing attack from electrical events is also presented. Finally, an experimental validation of proposed model is performed on IEEE 13 bus system using simulated GPS-spoofing attack. It can be observed that the timing attack can increase the rank 1 approximation error of Henkel matrix of unwrapped angles by 700% for 3 sec delay in GPS time-stamp. The rank 1 approximation error is increased by 500% for 2 sec delay and the increase is insignificant for 1sec delay attack. FDIA doesn't show any significant change in the low rank approximation profile of Henkel matrix.