Advances in edge computing are powering the development and deployment of Internet of Things (IoT) systems in an effort to provide advanced services and resource efficiency. However, large-scale IoT-based load-altering attacks (LAAs) can have a serious impact on power grid operations such as destabilizing the grid's control loops. Timely detection and identification of any compromised nodes is important to minimize the adverse effects of these attacks on power grid operations. In this work, we present two data-driven algorithms to detect and identify compromised nodes and the attack parameters of the LAAs. The first, based on the Sparse Identification of Nonlinear Dynamics (SINDy) approach, adopts a sparse regression framework to identify attack parameters that best describes the observed dynamics. The second method, based on physics-informed neural networks (PINN), adopts deep neural networks to infer the attack parameters from the measurements. Both methods are presented utilizing edge computing for deployment over decentralized architectures. Extensive simulations performed on IEEE bus systems show that the proposed algorithms outperform existing approaches, such as those based on unscented Kalman filter, especially in systems that exhibit fast dynamics and are effective in detecting and identifying locations of attack in a timely manner.
翻译:边缘计算的进展正在推动Tings(IoT)系统互联网的开发和部署,以努力提供先进的服务和资源效率;然而,基于IoT的大规模负变化攻击(LAAs)可能对电网操作产生严重影响,例如破坏电网控制环圈的稳定;及时发现和查明任何受损的节点,对于最大限度地减少这些攻击对电网操作的不利影响十分重要;在这项工作中,我们提出了两种数据驱动算法,以探测和查明已失密节点和LAA的进攻参数。第一个基于非线性动态的粗略识别(SINDI)方法,采用稀薄的回归框架来确定最能说明所观察到的动态的进攻参数。第二个方法基于物理知情神经网络(PINN),采用深的神经网络来推断这些测量中的攻击参数。两种方法都是利用边际计算来部署分散的建筑。在IEEE公共汽车系统中进行的广泛模拟表明,拟议的算法超越了现有方法,例如根据未定位的进攻性动态过滤器和快速探测的Kalman系统。