Cyber-Physical Risk Assessment for False Data Injection Attacks Considering Moving Target Defences

TL;DR

This paper presents a comprehensive framework for assessing the risk of false data injection attacks in power systems, considering both cyber intrusion methods and physical system defenses, including moving target strategies.

Contribution

It introduces a full service risk assessment framework that combines cyber intrusion costs with physical vulnerability analysis, incorporating moving target defenses.

Findings

Simulated on IEEE 14-bus system showing realistic risk levels.

Cyber attack success depends on intrusion method and system defenses.

Physical topology divergence can mitigate attack impact.

Abstract

In this paper, we examine the factors that influence the success of false data injection (FDI) attacks in the context of both cyber and physical styles of reinforcement. Many works consider the FDI attack in the context of the ability to change a measurement in a static system only. However, successful attacks will require first intrusion into a system followed by construction of an attack vector that can bypass bad data detection (BDD). In this way, we develop a full service framework for FDI risk assessment. The framework considers both the costs of system intrusion via a weighted graph assessment in combination with a physical, line overload-based vulnerability assessment. We present our simulations on a IEEE 14-bus system with an overlain RTU network to model the true risk of intrusion. The cyber model considers multiple methods of entry for the FDI attack including meter intrusion, RTU intrusion and combined style attacks. Post-intrusion our physical reinforcement model analyses the required level of topology divergence to protect against a branch overload from an optimised attack vector.