Detection of Smart Grid Integrity Attacks Using Signal Temporal Logic

TL;DR

This paper introduces a novel software detector for smart grid integrity attacks using Signal Temporal Logic to specify and classify attack scenarios based on time series data from smart meters.

Contribution

It presents a new method leveraging STL for detecting and classifying integrity attacks on smart meters, focusing on parameter mining for attack scenario identification.

Findings

Effective detection of integrity attacks demonstrated

Parameter mining accurately classifies attack scenarios

Applicable to real-world smart grid data

Abstract

Cyber-attacks can have severe impacts on critical infrastructures, from outages to economical loss and physical damage to people and environment. One of the main targets of these attacks is the smart grid. In this paper, we propose a new software detector for integrity attacks targeting smart meter readings. The detector relies upon mining parameters of temporal logic specifications for integrity attack classification. To this end, we use Signal Temporal Logic (STL) for specifying properties over time series. Our approach considers different "attack scenarios" found in last years: given a parametric formula for each "attack scenario" and a set of labeled traces, we aim at finding the parameter valuation that validates each template.