One Breaker is Enough: Hidden Topology Attacks on Power Grids

TL;DR

This paper reveals that a single, well-placed cyber-attack on a power grid's breaker statuses can manipulate topology estimation, potentially destabilizing the grid without needing meter data corruption.

Contribution

It introduces a novel graph-coloring based framework showing that only one breaker change can suffice for a feasible attack, expanding understanding of grid vulnerabilities.

Findings

A single breaker change can enable a successful attack.

The attack framework is effective with limited resource requirements.

Simulations on IEEE test cases demonstrate attack potency.

Abstract

A coordinated cyber-attack on grid meter readings and breaker statuses can lead to incorrect state estimation that can subsequently destabilize the grid. This paper studies cyber-attacks by an adversary that changes breaker statuses on transmission lines to affect the estimation of the grid topology. The adversary, however, is incapable of changing the value of any meter data and can only block recorded measurements on certain lines from being transmitted to the control center. The proposed framework, with limited resource requirements as compared to standard data attacks, thus extends the scope of cyber-attacks to grids secure from meter corruption. We discuss necessary and sufficient conditions for feasible attacks using a novel graph-coloring based analysis and show that an optimal attack requires breaker status change at only ONE transmission line. The potency of our attack regime is demonstrated through simulations on IEEE test cases.