Detecting Hidden Attackers in Photovoltaic Systems Using Machine Learning

TL;DR

This paper presents a machine learning-based intrusion detection system capable of identifying cyber-physical attacks on photovoltaic systems in smart grids, even when attackers manipulate local measurements but not aggregated data.

Contribution

It introduces a novel ML approach for detecting hidden attacks on PV systems that manipulate measurements, demonstrating high effectiveness with real-world data.

Findings

ML techniques detect attacks quickly and accurately.

The IDS performs well across different control modes.

Aggregated measurements are crucial for detection effectiveness.

Abstract

In modern smart grids, the proliferation of communication-enabled distributed energy resource (DER) systems has increased the surface of possible cyber-physical attacks. Attacks originating from the distributed edge devices of DER system, such as photovoltaic (PV) system, is often difficult to detect. An attacker may change the control configurations or various setpoints of the PV inverters to destabilize the power grid, damage devices, or for the purpose of economic gain. A more powerful attacker may even manipulate the PV system metering data transmitted for remote monitoring, so that (s)he can remain hidden. In this paper, we consider a case where PV systems operating in different control modes can be simultaneously attacked and the attacker has the ability to manipulate individual PV bus measurements to avoid detection. We show that even in such a scenario, with just the aggregated measurements (that the attacker cannot manipulate), machine learning (ML) techniques are able to detect the attack in a fast and accurate manner. We use a standard radial distribution network, together with real smart home electricity consumption data and solar power data in our experimental setup. We test the performance of several ML algorithms to detect attacks on the PV system. Our detailed evaluations show that the proposed intrusion detection system (IDS) is highly effective and efficient in detecting attacks on PV inverter control modes.