A Novel Cyberattack-Resilient Frequency Control Method For Interconnected Power Systems Using SMO-based Attack Estimation

This article has been accepted for publication in IEEE Transactions on Power Systems.
This is the author's version which has not been fully edited and
content may change prior to final publication. Citation information: DOI 10.1109/TPWRS.2023.3340744 1
A Novel Cyberattack-Resilient Frequency Control

Method for Interconnected Power Systems Using
SMO-based Attack Estimation
Andrew D. Syrmakesis, Hassan Haes Alhelou, Senior Member, IEEE, and Nikos D. Hatziargyriou, Life Fellow, IEEE
Abstract—Cyberattacks pose a significant threat to modern power signals over remote communication channels. The communication
systems due to the interaction of their physical components with of the physical system with its cyber layer is achieved through
information and communication technologies. A critical power system industrial network protocols, such as Distributed Network Protocol
application that is directly affected by such malicious activities
is the Load Frequency Control (LFC) system. The goal of the version 3.0 (DNP3) [6], a Inter-Control Center Communication
LFC is to maintain the power balance of the grid by sensing Protocol (ICCP) [7], etc. However, the vulnerabilities of these
frequency deviations and regulating the output of the generators. protocols [8], [9], expose the LFC to numerous cybersecurity
In this paper, an innovative False Data Injection Attack (FDIA) dangers, making it an ideal target for adversaries.
estimation method is proposed for LFC along with an efficient
cyberattack-resilient control design. The presented attack mitigation
Besides the common ICT cyberattacks, Cyber-Physical Systems
technique employs novel sliding mode techniques combined with (CPSs) also suffer from False Data Injection Attacks (FDIAs)
an unknown input observer to estimate the launched FDIAs. Then, [10]. LFC is highly sensitive to this cyber threat, as a typical
the estimated attack vector is used in the control loop to eliminate paradigm of CPS,. FDIAs can stealthily modify the data that are
the cyberattack impact on LFC. The introduced method can tackle exchanged across the communication links of LFC, leading the
FDIAs that target both measurements and control signals and is
resilient against external system disturbances. For the experiments,
physical system to deregulation and causing financial losses to the
several real-world features of power systems are considered, such as system operator. Therefore, it is very important to build defense
nonlinearities, network delays, diverse types of tie-lines and multiple methods that can mitigate the impact of FDIAs on LFC. To this
topologies of interconnected power regions, along with Hardware-in- end, attack estimation (AE) is a helpful method that provides full
the-Loop simulations for real-time assessment. The results verify the information about the FDIAs when they are launched and is the
effectiveness and the feasibility of the proposed method, its scalability
over various power systems and its superiority in comparison with
cornerstone of designing an attack-resilient control (ARC) scheme
other techniques. for LFC.
The criticality of the LFC has led to the proposal of several
Index Terms—Load frequency control, false data injection, attack
estimation, attack-resilient control. research works that estimate and mitigate FDIAs against LFC
using model-based, observer-based or data-driven methodologies.
Model-based methods take advantage of the system knowledge
I. I NTRODUCTION to minimize the impact of malicious activities. For instance,
real-time load forecasts are utilized in [7] to approximate the
T HE growing demand for electrical energy at worldwide
scale emphasizes the necessity for more reliable, secure and
environmentally friendly power systems. Currently, this is mainly
control signals of LFC. These approximated signals replace the
actual control inputs in the event of a cyberattack. However,
assisted by the Information and Communication Technologies the feasibility of this method needs more attention since it has
(ICT), which enable the effective monitoring and control of power not taken the LFC nonlinearities and Renewable Energy Sources
systems [1], [2], converting them into Smart Grids (SGs). Never- (RES) generation disturbances into consideration. Observer-based
theless, the integration of such physical systems with cyberspace techniques leverage the error dynamics produced by the designed
technologies makes them vulnerable to a wide range of digital observers to estimate and mitigate cyberattacks. For example,
risks. This is exemplified by a series of successful cyberattacks a robust adaptive observer that determines the magnitude of
against power systems that have been reported recently, such as FDIAs against LFC is developed in [11]. Moreover, a switching
the 2015 blackout in Ukraine [3], the Venezuelan power outage impulsive observer and a switching state observer are combined
in 2020 [4] and the ransomware attack against a German wind in [12] to compute the unknown FDIA vector and form an
farm operator [5] in 2022. Therefore, cybersecurity is a highly attack compensation controller. Nevertheless, these methods are
significant concern for the design of modern power systems. limited to cyberattacks against control signals and cannot handle
One of the most critical control center applications is the Load measurement attacks. Finally, data-driven approaches such as
Frequency Control (LFC) system, which is responsible for pre- [13] and [14] deploy different long short-term memory network
serving the power equilibrium of an electrical system. LFC senses architectures to neutralize cyberattacks against LFC. Despite their
power imbalances through frequency measurements and properly effectiveness, the training procedure of such neural networks is
regulates the setpoints of the generators under control. This typically expensive and computationally demanding.
power system automation collects sensor data and sends command The presented literature review identifies some serious technical
challenges and research gaps related to the design of attack-
A.D. Syrmakesis and N. D. Hatziargyriou are with the School of Electrical and resilient frequency control methods. These gaps are addressed
Computer Engineering, National Technical University of Athens, 15773 Athens, in this paper through a novel combination of a Sliding Mode
Greece (e-mail: asirmakesis@power.ece.ntua.gr; nh@power.ece.ntua.gr).
H.H. Alhelou is with the Department of Electrical and Computer Systems Engi- Observer (SMO) and an Unknown Input Observer (UIO). The
neering, Monash University, Australia (e-mail: hassan.haesalhelou@monash.edu). main idea is to virtually separate the LFC system into subsystem-I,
Authorized licensed use limited to: University of North Florida. Downloaded on December 12,2023 at 17:46:26 UTC from IEEE Xplore. Restrictions apply.
© 2023 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.See https://www.ieee.org/publications/rights/index.html for more information.
This article has been accepted for publication in IEEE Transactions on Power Systems. This is the author's version which has not been fully edited and
which captures the effects from control signal attacks while being performance of the area generators is represented by an equivalent
immune to measurement attacks, and subsystem-II, which carries unit model. The typical SFR model of the ith (i = 1, 2, · · · , N )
the effects from measurement attacks while being resilient to LFC power area is illustrated in Fig. 1. This model is extensively
control signal attacks. Then, an SMO and a UIO are designed for used in the literature and by industries, such as ENTSO-E, to
subsystem-I and subsystem-II, respectively. In this methodology, analyze frequency response and design LFC systems. Therefore,
system disturbances cannot be completely decoupled from cyber- it is considered suitable for the proposed approach [15].
attacks but their impact is reduced by incorporating a predefined The differential-algebraic equations that describe the LFC sys-
H∞ disturbance attenuation level into the observers. The estima- tem dynamics of each area i can be obtained from Fig. 1.
tion errors generated by these observers provide the necessary The dynamic swing equation based on the active power balance
set of equations to approximate the attack signals. Consequently, between generation and demand is expressed as:
the produced estimations are used as supplementary inputs to the 1
control loop of the actual system in order to eliminate the effects ∆f˙i = (∆Pgi − Di ∆fi − ∆Ptiei − ∆PLi + ∆PRESi ) (1)
2Hi
of the cyberattacks, forming an attack-resilient LFC. The main
contributions of this paper include: where the frequency deviation is denoted as ∆fi , the damping
• The proposal of the first research work that employs sliding
(load frequency relief) and inertia constants are represented by
mode techniques to estimate and mitigate FDIAs against Di and Hi , respectively, and the deviation of the tie-line power
LFC. interchange, load disturbance, and RES generation variation are
• The design of an accurate attack estimation method based on
denoted as ∆Ptiei , ∆PLi and ∆PRESi , respectively.
a novel combination of an SMO and a UIO. The governor-turbine dynamics are modeled as:
• The development of an innovative, fast and effective attack- 1
∆P˙gi = (∆Xi − ∆Pgi ) (2)
resilent control for LFC based on the designed attack esti- Tti
mation method.
• The proposal of a methodology that can successfully address
1 ∆fi
∆Ẋi = (∆Pci − ∆Xi − ) (3)
FDIAs against both measurements and control signals and is Tgi Ri
robust against external system disturbances. where ∆Pgi and ∆Xi denote the deviations in turbine power
• The development of a defense scheme that is applicable to output and governor valve position, respectively; Tti and Tgi
real-world power systems with nonlinearities, diverse types represent the turbine and governor time constants, respectively;
of interconnection links and varying time state and output Ri is the droop characteristic and ∆Pci , which is the control
delays. This is also verified through Hardware-in-the-Loop signal, denotes the deviation in the speed changer position of the
simulations. governor.
• The design of a defense methodology that is scalable over In a power system composed of N areas, the total tie-line power
power systems with growing complexity. deviation of the ith area is determined by:
The rest of this paper is organized as follows: Section II focuses
on the dynamical modeling of the LFC system. The proposed ∆Ptiei = ∆Paci + ∆Pdci (4)
attack estimation method along with the suggested attack-resilient where ∆Paci denotes the AC tie-line power deviation and ∆Pdci
control are mathematically formulated in Section III. Section IV stands for the high-voltage direct current (HVDC) tie-line power
demonstrates the experimental results that verify the effectiveness deviation. When the AC tie-line does not have a thyristor-
of the proposed methodology and its robustness against various controlled phase shifter (TCPS), ∆Paci can be calculated as
types of uncertainties. Section V concludes. follows:
N
2π X
∆Paci = Tij (∆fi − ∆fj ) (5)
II. P OWER S YSTEM M ODEL s
j=1,j̸=j
The main goal of the frequency control system is to regulate the
where Tij is the tie-line synchronizing coefficient between areas i
generation of a power system in order to preserve its frequency
and j, j = 1, 2, · · · , N , j ̸= i. When the AC tie-line is equipped
within an acceptable range and to maintain the power flows
with a TCPS, the value of ∆Paci can be obtained from the
between neighboring areas at their scheduled levels. This is
following equation [16]:
achieved by adjusting the setpoints of the generators according
to the remotely collected field measurements, forming a typical N
2π X
networked control system. The necessary mathematical foundation ∆Paci = Tij (∆fi − ∆fj ) +
s
that describes the standard dynamics of this system is briefly j=1,j̸=j
presented in this Section. N

X Ksij
A convenient way to study the LFC is by using the system + Tij (∆fi − ∆fj ) (6)
1 + sTsij
frequency response (SFR) model of the considered power system. j=1,j̸=j
The SFR analysis of LFC describes mathematically the frequency where Tsij and Ksij are the time and gain constants of TCPS
response of a power system to power imbalances. It considers links between areas i and j, respectively. When areas i and j are
every component that contributes to the dynamic frequency re- connected with a HVDC link, the value of ∆Pdci is calculated
sponse, including generating units, governor-turbine systems, and based on the difference between the ∆fi and the rest of the ∆fj ,
controllers. Each of these components is formulated based on its as shown below:
physical characteristics and its behavior under different conditions. N
The transmission system performance and the intermachine oscil- 1 X
∆Pdci = Kij (∆fi − ∆fj ) (7)
lations are disregarded in LFC analysis while the overall dynamic 1 + sTdci
j=1,j̸=j
where Tdci and Kij represent the HVDC time and gain constants E
of between areas i and j, respectively. If areas i and j are not Load RES
- +
coupled with an HVDC link, then Kij = 0. ∆PLi ∆PRESi
The fluctuations in the active power of each area i caused by
RES, consist of the generation deviations due to photovoltaics 1
Ri
Primary
∆Pdi
control
∆PiP V and generation variations attributed to wind farms ∆PiW . Control +
+ center Governor & Turbine Generator
Formally, this is expressed by: +
-
∆PRESi = ∆PiW + ∆PiP V . (8)

E ∆Pci ∆Pgi
+
1
Di +2Hi s
∆fi
+
-
∆Ptiei
The variations due to solar energy generation follow the next
model: p
∆PiP V = 0.6 ∆Psolar , (9) ∆Ptiei E ∆Ptiei
Other
areas
Transmission lines
where ∆Psolar reflects the solar power deviation from its initial E
Remote Physical Disturbance
value. The wind turbine output power adopts the following model: measurement connections Attack point
1
∆PiW = ρW AT ∆VW 3
CP (λW , βW ), (10) Fig. 1: Block diagram of LFC for the ith control area.
2 i
where ρW is the air density, AT denotes the rotor swept area,

∆VWi represents the wind speed deviation from its nominal value The values of Pgrc , Pgdb and τd used in the present study, are
for area i, CP reflects the rotor blade parameter, λW is the optimal provided in the Appendix A.
tip speed ratio and βW is the pitch angle of the blade. The detailed The local state vector used in the state-space representation of
models of the RES developed in this work and their parameter the ith area, i.e. xi ∈ RO , where O is the dynamic order in the
values are available in [17]. ith area, is defined as:
The governor setpoints, ∆Pci , of the generators that are not
T
part of the LFC have a fixed value. The generators that are driven
R
∆xi = ∆fi ∆Pgi ∆Xgi ACEi ∆Paci ∆Pdci .
by the LFC adjust their setpoints according to the output of the (16)
controller. The ACE is used as input to the controller of the LFC. From (1) – (16), the differential-algebraic expression of the total
For each control area i, ACEi is given by: N -area power system in its compact form is:
ACEi = βi ∆fi + ∆Ptiei (11) (
ẋ(t) = Ax(t) + F ϕ(x, t) + Bu(t) + Ed(t)
(17)
where the frequency bias is represented by βi . Therefore, the y(t) = Cx(t)
setpoint of a generator that contributes to LFC, driven by an
integral controller, is modeled as: T
where x(t) = x1 x2 · · · xN ∈ RO·N is the global state vector
Z T
∆Pci = −KIi ACEi dt (12) (O · N = n), u(t) = ∆P c1 ∆P c2 · · · ∆P cm ∈ Rm is the
T
input vector, d(t) = ∆P d1 ∆P d2 · · · ∆P dr ∈ Rr is the
where KIi is the integral gain. disturbance vector (modeled as unknown input), y(t) ∈ Rp is the
This study considers the standard nonlinearities of LFC which output vector and ϕ(x, t) models LFC nonlinearities. The matrices
are modeled based on [18], [19]. More specifically: A ∈ Rn×n , F ∈ Rn×ι , B ∈ Rn×m , E ∈ Rn×r and C ∈ Rp×n
• Generation Rate Constraints (GRC): the rate of change of the are known.
mechanical machine output is constrained by a fixed value,
denoted as Pgrc . This yields that: III. P ROPOSED ATTACK E STIMATION M ETHOD &
∆P˙gi < Pgrc . (13) ATTACK -R ESILIENT C ONTROL
• Governor Dead-Band (GDB): the governor of the machine A. System Modelling under FDIAs
exhibits no reaction to minor fluctuations in the active power. The development of a cyberattack-resilient frequency controller
Mathematically: requires a compact algebraic-differential model that takes cyber
( threats into account. To this end, the original state-space represen-
0, ∆PLi < |Pgdb |
∆Xi (∆PLi ) = (14) tation (17) of the LFC is re-modeled considering FDIAs against
∆Xi (∆PLi ) ∆PLi > |Pgdb | the measurements and control signals, as follows:
where Pgdb represents the threshold power change at which (
ẋ(t) = Ax(t) + F ϕ(x, t) + B u(t) + ac (t) + Ed(t)
the governor begins to respond. (18)
• Transportation Time Delay (TTD): signals exchanged re- y(t) = Cx(t) + Dam (t)
motely with the control center experience delays due to
communication and mechanical system responses, as: where ac (t) ∈ Rm represents the vector of attacks against control
Z signals, am (t) ∈ Rq is the vector of attacks against measurements
∆Pci (t) = −KIi ACEi (t − τd )dt, (15) and D ∈ Rp×q . Without loss of generality, it is assumed that the
FDIAs against the control signals target every input channel, hence
where τd is the aggregated communication and mechanical u(t) and ac (t) share the same matrix B. Moreover, p − m ≥ q
delay. and B and D have full column rank.

B. Observer Design Preliminaries ζ2 n+q−m A4 0
where ζ̄2 = ∈ R , Ā4 = ∈
am 0 0
The introduced attack estimation and attack-resilient control
A3 F
methods are based on a pair of specially designed observers. The R(n+q−m)×(n+q−m) , Ā3 = ∈ R(n+q−m)×m , F̄2 = 2 ∈
0 0
existence of these observers requires the solid verification of a
E 0
2
series of mathematical conditions [20]. The results from these R(n+q−m)×ι , Ē2 = ∈ R(n+q−m)×r , Ē = ∈
0 Iq
assumptions are briefly analyzed to shed more insight into the R (n+q−m)×q

and C̄4 = C4 D2 ∈ R
(p−m)×(n+q−m)
.
observer design process. In a similar way, system (19) can be expressed as:
Assumption 1. rk(B) = rk(CB), where rk(·) is the rank of the (
ζ̇1 = A1 ζ1 + Ā2 ζ̄2 + F1 ϕ(T −1 ζ, t) + B1 (u + ac ) + E1 d
considered matrix.
ω1 = C1 ζ1 ,
Assumption 1 is required to virtually split system (18) into (22)
subsystem-I and subsystem-II [21]; subsystem-I is susceptible to
where Ā2 = A2

0 .
the FDIAs against control signals but free from measurement
FDIAs and subsystem-II is prone to FDIAs against measurements Assumption 2. The nonlinear term of system (18) is a Lipschitz
but free from control signal FDIAs. This partition facilitates the continuous function about x, with a Lipschitz constant of Lϕ .
observer design process, as it separates the original system into Formally:
simpler, equivalent subsystems that use less terms and are dedi-
∥ϕ(x, t) − ϕ(x̂, t)∥ ≤ Lϕ ∥x − x̂∥ ∀ x, x̂ ∈ Rn . (23)
cated to a particular type of cyberattacks, either measurement or
control signal. Formally, Assumption 1 is the necessary condition Assumption 3. The control signal FDIA vector ac and the distur-
for the existence of the following state and output transformations: bance vector d are bounded by the known, positive constants ρ and
ξ, respectively, as ∥ac ∥ ≤ ρ and ∥d∥ ≤ ξ. Furthermore, the first
ζ T ω S
ζ = 1 = T x = 1 x and ω = 1 = Sy = 1 y, derivative of measurement FDIA ȧm exists and ȧm ∈ L2 [0, ∞).
ζ2 T2 ω2 S2
Assumptions 2 and 3 are necessary to prove that the error
respectively, where T ∈ Rn×n , S ∈ Rp×p , T1 ∈ Rm×n , S1 ∈ dynamics of the proposed observers are asymptotically stable.
Rm×p , ζ1 ∈ Rm and ω1 ∈ Rm . After applying the above Particularly, the boundedness of different terms, e.g. nonlinearities
transformation technique to (18), it is acquired: cyberattacks, etc., provides the system designer with useful in-
(
ẋ = Ax + F ϕ(x, t) + B u + ac + Ed equalities which lead to the proof that the derivative of the selected
mult. by T
======⇒ Lyapunov function is negative, as shown in the next Section.
y = Cx + Dam mult. by S
( C. Observer Design Process

T ẋ = T Ax + T F ϕ(x, t) + Bu + Bac + Ed x=T −1 ζ
⇒ ======⇒ The purpose of the observers is to produce an estimation of the
Sy = SCx + SDam y=S −1 ω
state of the system that they are designed for. Mathematically, the
( observer of a system exists if the error between the actual state
ζ̇ = T AT −1 ζ + T F ϕ(T −1 ζ, t) + T Bu + T Bac + T Ed vector and the estimated state vector, namely the estimation error,
⇒
ω = SCT −1 ζ + SDam converges to zero. The goal of this work is to design observers
in such a way so that each estimation error is sensitive only
and the new system matrices are: to a single attack vector. Therefore, when the estimation error

A1 A2

B1

E1 converges to zero it will be easy to determine the corresponding
−1
T AT = , TB = , TE = , attack vector.
A3 A4 0 E2
The SMO in (24) is designed for subsystem (22) to estimate ζ1
C1 0 F 0
SCT −1 = , T F = 1 and SD = , and ω1 as ζ̂1 and ω̂1 , respectively:
0 C4 F2 D2
∈ Rm×m , A4 ∈ R(n−m)×(n−m) , B1 ∈ ˙

where A1
m×m m×r
 ζ̂1 = A1 ζ̂1 + Ā2 ζ̄ˆ2 + F1 ϕ(T −1 ζ̂, t) + B1 (u + v) +
, E1 ∈ R , F1 ∈ Rm×ι , C1 ∈ Rm×m , C4 ∈

R 
+ (A1 − As1 )C1−1 (ω1 − ω̂1 ) +


R(p−m)×(n−m) and D2 ∈ R(p−m)×q . C1 and B1 are invertible. (24)
The newly transformed system can be separated into the next 
 + 21 k̂1 F1 F1T P1 C1−1 (ω1 − ω̂1 )


two virtual subsystems: 
ω̂1 = C1 ζ̂1 ,
(
ζ̇1 = A1 ζ1 + A2 ζ2 + F1 ϕ(T −1 ζ, t) + B1 (u + ac ) + E1 d where As1 ∈ Rm×m is a Hurwiz matrix to be calculated,
ω1 = C1 ζ1 P1 ∈ Rm×m is the definite symmetric Lyapunov matrix of As1
and ζ̂ := col(C1−1 S1 y, In−m 0 ζ̄ˆ2 ). The estimated ζ̄2 , denoted

(19)
as ζ̄ˆ2 , will be determined by observer (26). Regarding k̂1 , the
(
ζ̇2 = A3 ζ1 + A4 ζ2 + F2 ϕ(T −1 ζ, t) + E2 d
(20) ˙
ω2 = C4 ζ2 + D2 am . following adaptation law k̂1 = lk1 ∥F1T P1 (C1−1 ω1 − ζ̂1 )∥2 is satis-
fied, where lk1 represents a positive scalar. For the discontinuous
By considering measurement attacks am as auxiliary states, the output error injection term v, we have:
augmented form of subsystem (20) is obtained as:

B1T P1 (C1−1 ω1 −ζ̂1 )
ζ̄˙2 = Ā3 ζ1 + Ā4 ζ̄2 + F̄2 ϕ(T −1 ζ, t) + Ē2 d + Ē ȧm if C1−1 ω1 − ζ̂1 ̸= 0
( (ρ + η)
v= ∥B1T P1 (C1−1 ω1 −ζ̂1 )∥ (25)
(21) 0
ω2 = C̄4 ζ̄2 otherwise,

e
where η is a positive scalar to be calculated. Let r = He = H 1 be the controlled estimation error
For subsystem (21), the UIO in (26) is constructed to estimate ē2
ζ2 and ω2 as ζ̂2 and ω̂2 , respectively: H1 0
where H is a predefined weight matrix in the form of ,
 0 H2


 ḣ = F0 h + M0 F̄2 ϕ(T −1 ζ̂, t) + L0 ω2 + M0 Ā3 C1−1 ω1 + with H1 ∈ R m×m
and H2 ∈ R (n+q−m)×(n+q−m)
. The next
+ 12 k̂2 M0 F̄2 H0 (ω2 − ω̂2 ) theorem establishes the necessary conditions for the existence



of the proposed observers with the prescribed H∞ performance


 ζ̄ˆ2 = h + N0 ω2 √
∥r∥L2 ≤ µ∥d∥L2 .
ω̂ = C̄ ζ̄ˆ .


2 4 2 Theorem III.1. Consider system (18), Assumptions 1 - 3 and
(26)
a positive scalar µ. If matrices L0 , F0 , M0 , and N0 satisfy
where h ∈ Rn+q−m is the middle variable, N0 ∈
conditions (30)-(32) and there are matrices P1 = P1T > 0,
R(n+q−m)×(p−m) , H0 ∈ Rι×(p−m) , M0 ∈ R(n+q−m)×(n+q−m) ,
P2 = P2T > 0 and H0 such that:
L0 ∈ R(n+q−m)×(p−m) and F0 ∈ R(n+q−m)×(n+q−m) are matri-
˙
ces to be computed. Regarding k̂2 , the k̂2 = lk2 ∥H0 (ω2 − ω̂2 )∥2 H0 C̄4 = F̄2 M0T P2 , (34)
adaptation law is satisfied, where lk2 denotes a positive scalar.
Π1 + H1T H1
 
After designing the proposed observers (24) and (26), the P1 Ā2 P1 E1
estimation errors and their dynamics can be obtained. Let e1 = Λ :=  ĀT2 P1 Π2 + H2T H2 Π2 M0 Ē2  < 0, (35)
ζ1 − ζ̂1 and e2 = ζ̄2 − ζ̄ˆ2 be the estimation errors generated E1T P1 Ē2T M0T P2 −µIr
by the observers (24) and (26), respectively. The error dynamics T
are modeled as first order differential equations between the where Π1 = As1 P1 +P1 As1 and Π2 = P2 F0 +F0T P2 +2In+q−m ,
estimation errors. By differentiating (26), it follows that: then the estimation error dynamics are asymptotically stable with
˙ the prescribed H∞ tracking performance.
ζ̄ˆ2 = ḣ + N0 ω̇2 =
= F0 ζ̄ˆ2 + (L0 C̄4 + N0 C̄4 Ā4 − F0 N0 C̄4 )ζ̄2 + Proof. The considered Lyapunov function is:
+ M0 F̄2 ϕ(T −1 ζ̂, t) + N0 C̄4 F̄2 ϕ(T −1 ζ, t) + V = V1 + V2 + V3 + V4 ,

+ (M0 + N0 C̄4 )Ā3 ζ1 + N0 C̄4 Ē2 d + e2k e2k
1 where V1 = eT1 P1 e1 , V2 = ēT2 P2 ē2 , V3 = 1
2lk1 , V4 = 2lk2
2
, ek1 =
+ N0 C̄4 Ē ȧm + k̂2 M0 F̄2 H0 C̄4 (ω2 − ω̂2 ). (27)
2 k1 − k̂1 and ek2 = k2 − k̂2 . k1 and k2 are two positive constants
Then, the error dynamics after the occurrence of cyberattacks are: that can be computed using (38).
For the time derivative of V1 , we have:
ė1 =As1 e1 + Ā2 ē2 + F1 ϕ(T −1 ζ, t) − ϕ(T −1 ζ̂, t) +

T
1 V̇1 = eT1 (As1 P1 + P1 As1 )e1 + 2eT1 P1 Ā2 ē2 + 2eT1 P1 E1 d +
+ B1 (ac − v) + E1 d − k̂1 F1 F1T P1 e1 (28)
2 + 2eT1 P1 F1 ϕ(T −1 ζ, t) − ϕ(T −1 ζ̂, t) +

ē˙ 2 =(Ā4 + F0 N0 C̄4 − L0 C̄4 − N0 C̄4 Ā4 )ζ̄2 − F0 ζ̄ˆ2 + + 2eT1 P1 B1 (ac − v) − k̂1 ∥F1T P1 e1 ∥2 .
−1
+ (In+q−m − N0 C̄4 )F̄2 ϕ(T ζ, t) −
From Assumption 2 and ζ̂ := col(C1−1 S1 y, In−m 0 ζ̄ˆ2 ), it

−1
− M0 F̄2 ϕ(T ζ̂, t) + (In+q−m − N0 C̄4 )Ē2 d +
1 is inferred that:
+ (In+q−m − N0 C̄4 )Ē ȧm − k̂2 M0 F̄2 H0 C̄4 ē2 . (29)
2 ∥ϕ(T −1 ζ, t) − ϕ(T −1 ζ̂, t)∥ ≤ Lϕ ∥T −1 ∥∥ē2 ∥.
To further simplify the error dynamics (29), we need to find
1
matrices M0 , N0 , F0 , and L0 such that: Based on [22], the inequality 2X T Y ≤ T T
α X X + αY Y holds
true for any scalar α > 0, thus:
M0 = In+q−m − N0 C̄4 (30)
T
F0 = M0 Ā4 + (F0 N0 − L0 )C̄4 (31) V̇1 ≤ eT1 (As1 P1 + P1 As1 )e1 + 2eT1 P1 Ā2 ē2 + 2eT1 P1 E1 d +
M0 Ē = 0. (32) 1 T
+ e P1 F1 F1T P1 e1 + 2eT1 P1 B1 (ac − v) +
α1 1
Then, (29) becomes: T
+ α1 ϕ(T −1 ζ, t) − ϕ(T −1 ζ̂, t) ϕ(T −1 ζ, t) −
ē˙ 2 = F0 ē2 + M0 F̄2 ϕ(T −1 ζ, t) − ϕ(T −1 ζ̂, t) + M0 Ē2 d −

− ϕ(T −1 ζ̂, t) − k̂1 ∥F1T P1 e1 ∥2

1
− k̂2 M0 F̄2 H0 C̄4 ē2 . (33) T 1
2 ≤ eT1 (As1 P1 + P1 As1 + P1 F1 F1T P1 )e1 +
α1
The structure of the resulting error dynamics indicates that the + 2eT1 P1 Ā2 ē2 + 2eT1 P1 E1 d + α1 Lϕ2 ∥T −1 ∥2 ∥ē2 ∥2 +
goal of the observer design process has been achieved: e1 is
susceptible only to control signal attacks and ē2 is susceptible + 2eT1 P1 B1 (ac − v) − k̂1 ∥F1T P1 e1 ∥2 .
only to measurement attacks. However, (28) and (29) are still
not completely decoupled from external system disturbances. To Using (25), it is easily proven that:
tackle this, a prescribed H∞ disturbance attenuation level is ∥B1T P1 e1 ∥2
integrated into the proposed observers. Formally, this newly intro- eT1 P1 B1 (ac − v) = eT1 P1 B1 ac − (ρ + η)
∥B1T P1 e1 ∥
duced feature guarantees that the estimation errors are bounded
by system disturbances. ≤ −η∥B1T P1 e1 ∥ < 0.
Therefore: Then, under zero initial conditions, we have:

Z ∞
T 1 T
V̇1 ≤ eT1 (As1 P1 + P1 As1 )e1 + e P1 F1 F1T P1 e1 + (∥r∥2 − µ∥d∥2 ) dt =
α1 1
Z0 ∞ Z ∞
+ α1 Lϕ2 ∥T −1 ∥2 ∥ē2 ∥2 + 2eT1 P1 Ā2 ē2 + 2eT1 P1 E1 d −
= (∥r∥2 − µ∥d∥2 + V̇ ) dt − V̇ dt =
− k̂1 ∥F1T P1 e1 ∥2 . Z0 ∞ 0
1 = (∥r∥2 − µ∥d∥2 + V̇ ) dt − V (∞) + V (0)

Selecting α1 = Lϕ2 ∥T −1 ∥2
, it follows that: 0
Z T
T
V̇1 ≤ eT1 (As1 P1 + P1 As1 )e1 + 2eT1 P1 Ā2 ē2 + 2eT1 P1 E1 d + ≤ V0 dt < 0
0
+ (Lϕ2 ∥T −1 ∥2 − k̂1 )∥F1T P1 e1 ∥2 + ∥ē2 ∥2 . (36) which implies that:
Z T T
√
Z
From (34), the time derivative of V2 is determined as follows:
(rT r) dt ≤ µ (dT d) dt ⇒ ∥r∥L2 ≤ µ∥d∥L2 .
0 0
V̇2 = ēT2 (P2 F0 + F0T P2 )ē2 + 2ēT2 P2 M0 Ē2 d −
This completes the proof.
− k̂2 ēT2 P2 M0 F̄2 H0 C̄4 ē2 +
If matrices L0 , F0 , M0 , and N0 satisfy the conditions that
+ 2ēT2 P2 M0 F̄2 ϕ(T −1 ζ, t) − ϕ(T −1 ζ̂, t)

Theorem III.1 founds, then the design of the proposed observers
1 T (24) and (26) is feasible. Finally, Theorem III.2 provides a way of
≤ ēT2 (P2 F0 + F0T P2 )ē2 + ē P2 M0 F̄2 F̄2T M0T P2 ē2 +
α2 2 selecting the value of η in order to drive e1 and ē2 to the sliding
+ α2 Lϕ2 ∥T −1 ∥2 ∥ē2 ∥2 In+q−m + 2ēT2 P2 M0 Ē2 d − surface:
− k̂2 ∥F̄2T M0T P2 ē2 ∥2 . S = {(e1 , ē2 )|e1 = 0} (41)
1 in finite time while simultaneously preserving their sliding move-

If α2 = Lϕ2 ∥T −1 ∥2
, then:
ment.
V̇2 ≤ ēT2 (P2 F0 + F0T P2 )ē2 + 2ēT2 P2 M0 Ē2 d + ∥ē2 ∥2 + Theorem III.2. Consider system (18), Assumptions 1-3 and the
observers (24) and (26). The error dynamics (28) and (29) can be
+ (Lϕ2 ∥T −1 ∥2 − k̂2 )∥F̄2T M0T P2 ē2 ∥2 . (37)
driven to the sliding surface (41) in finite time when the following
By defining: inequality:
k1 = k2 = Lϕ2 ∥T −1 ∥2 , (38) η ≥ ∥B1−T ∥(∥Ā2 ∥ϵ + Lϕ ∥F1 ∥∥T −1 ∥ϵ + ∥E1 ∥ξ) + η1 , (42)
the derivatives of V3 and V4 with respect to time are, respectively: where ∥e∥ < ϵ and η1 > 0 is a scalar, holds true and the LMI
feasibility problem (35) has at least one solution.
˙
2ek1 ėk1 k̇1 − k̂1 −lk1 ∥F1T P1 e1 ∥2
V̇3 = = ek1 = ek1 = Proof. By differentiating the Lyapunov candidate function V1 =
2lk1 lk1 lk1 eT1 P1 e1 , we have:
= −ek1 ∥F1T P1 e1 ∥2 and (39) T
˙ V̇1 = eT1 (As1 P1 + P1 As1 )e1 + 2eT1 P1 Ā2 ē2 + 2eT1 P1 E1 d +

2ek2 ėk2 k̇2 − k̂2 −lk2 ∥H0 (ω2 − ω̂2 )∥2
+ 2eT1 P1 F1 ϕ(T −1 ζ, t) − ϕ(T −1 ζ̂, t) +

V̇4 = = ek2 = ek2 =
2lk2 lk2 lk2
= −ek2 ∥F̄2T M0T P2 ē2 ∥2 . (40) + 2eT1 P1 B1 (ac − v) − k̂1 ∥F1T P1 e1 ∥2
T
≤ eT1 (As1 P1 + P1 As1 )e1 + 2eT1 P1 Ā2 ē2 + 2eT1 P1 E1 d +
From (36), (37)-(40), the time derivative of V can be obtained
+ 2eT1 P1 F1 ϕ(T −1 ζ, t) − ϕ(T −1 ζ̂, t) +

as:
T + 2eT1 P1 B1 (ac − v). (43)
e Π1 P1 Ā2 e1
V̇ = V̇1 + V̇2 + V̇3 + V̇4 ≤ 1 + Since As1 is a Hurwiz matrix by definition, it can be easily
ē2 ĀT2 P1 Π2 ē2 T
concluded that As1 P1 + P1 As1 < 0. Therefore, combining (25),
+ 2eT1 P1 E1 d + 2ēT2 P2 M0 Ē2 d.
the Cauchy-Schwartz inequality and the existence of B1−1 , (43)
becomes:
For the case where d = 0, if (34) is feasibly solvable,
Π1 P1 Ā2
then < 0 and thus, V̇ < 0. This indicates V̇1 ≤ 2∥P1 e1 ∥ ∥Ā2 ∥∥ē2 ∥ + Lϕ ∥F1 ∥∥T −1 ∥∥ē2 ∥ +
ĀT2 P1 Π2
+ ∥E1 ∥ξ − 2η∥B1T P1 e1 ∥

that limt→∞ e(t) = 0 and therefore, the error dynamics are
asymptotically stable. ≤ 2∥B1T P1 e1 ∥ ∥B1−1 ∥(∥Ā2 ∥ϵ + Lϕ ∥F1 ∥∥T −1 ∥ϵ +
When d ̸= 0, to make the proposed observers robust against + ∥E1 ∥ξ) − η1

disturbances d in L2 sense, we define:
This yields that:
V0 = V̇ + rT r − µdT d. p 1
V̇1 ≤ −2η1 ∥B1T P1 e1 ∥ ≤ −2η1 ∥B1 ∥ λmin (P1 )V12
The satisfaction of (34), infers that:
Therefore, the reachability condition is met [23], which implies
 T  
e1 e1 that an optimal sliding motion is established and maintained within
V0 ≤ ē2  Λ ē2  < 0 a finite amount of time.
d d This completes the proof.
D. Estimation of FDIAs A similar idea is also adopted for the measurement attacks. The
The measurement attack vector am can be easily estimated difference is that the âm must be initially filtered by the D matrix
using the proposed UIO (26). Observer (26) can produce an to fit in the mathematical model. Therefore, the measurements
estimation ζ̄ˆ2 of the augmented state vector ζ̄2 with the prescribed vector is reconstructed as:
performance. According to Section III-B, ζ̄2 is a superset of am , y(t) = Cx(t) + Dam (t) − Dâm (t) ⇒
and thus:
⇒ y(t) = Cx(t) + D am (t) − âm (t) . (49)
âm ≈ 0 Iq ζ̄ˆ2 .

(44)
Taking all the above into consideration, the original LFC system
The estimation of the control signal attack vector ac will be
representation (18) that is integrated with the proposed attack-
achieved through the error dynamics (28) of e1 . According to
resilient control scheme can be expressed as:
Theorem III.2, when e1 and ē2 are driven to the sliding surface
S , it is true that e1 = 0. Thus:
(
ẋ(t) = Ax(t) + F ϕ(x, t) + B u(t) + ac (t) − âc (t) + Ed(t)
Ā2 ē2 + F1 ϕ(T −1 ζ, t) − ϕ(T −1 ζ̂, t) + B1 (ac − veq ) + E1 d = 0,

y(t) = Cx(t) + D am (t) − âm (t) .
(45)
The basic concepts of the introduced AE and ARC methods
where veq is the equivalent output error injection signal during
are briefly summarized in Algorithm 1 that follows. Algorithm
the sliding motion [24], which expresses the average behavior v.
1 provides the operational flow of the suggested methodology to
The veq term can be accurately approximated by [25], [26]:
make the present work more comprehensible.
B1T P1 (C1−1 ω1 − ζ̂1 )
veq ≈ (ρ + η) , Algorithm 1 Summary of the proposed FDIA defense strategy
∥B1T P1 (C1−1 ω1 − ζ̂1 )∥ + δ
Require: • rk(B) = rk(CB),
• ∥ϕ(x, t) − ϕ(x̂, t)∥ ≤ Lϕ ∥x − x̂∥ ∀x, x̂ ∈ R ,
n
where δ > 0 is a small scalar added to the denominator of (25) to
• ∥ac ∥ ≤ ρ, ∥d∥ ≤ ξ and am is differentiable.
tackle the chattering effect. Since B1−1 exists, Eq. (45) becomes: Ensure: A, F, B, E, C and D are known.
1: Find proper T and S;
ac − veq = −B1−1 Ā2 ē2 + F1 (ϕ(T −1 ζ, t) − ϕ(T −1 ζ̂, t)) + E1 d .

2: Construct the designed SMO and UIO;
3: t ← 0; ▷ AE & ARC mechanisms are enabled
(46) 4: while t ≥ 0 do
From the L2 norm of (46), we obtain: 5: Apply the T and S to the original system;
6: Compute ω(t) = Sy(t);
7: Provide ω(t) and u(t) to the attack estimator module;
∥ac − veq ∥L2 =
8: Calculate ζ̂1 (t) and ζ̄ˆ2 (t) through the SMO and UIO, respectively;
= ∥B1−1 Ā2 ē2 + F1 ϕ(T −1 ζ, t) − ϕ(T −1 ζ̂, t) + E1 d ∥L2 Compute âm ≈ 0 Iq ζ̄ˆ2 ;

9:

B1T P (C −1 ω −ζ̂ )
1 1 1 1
10: Compute âc ≈ (ρ + η) T P (C −1 ω −ζ̂ )∥+δ
;
≤ σmax (B1−1 Ā2 ) + σmax (B1−1 F1 )Lϕ ∥T −1 ∥ ∥ē2 ∥L2 +
∥B1 1 1 1 1
11: (t) − âc (t);
Provide the new LFC control input signal as u(t) + ac
+ σmax (B1−1 E1 )∥d∥L2 , 12:
13:
Correct y(t) as y(t) = Cx(t) + D am (t) − âm (t) ;
t ← t + 1; ▷ Next time step
14: end while ▷ AE & ARC mechanisms are disabled
where σmax (·) is the maximum singular value of the con-
sidered matrix. Theorem (III.1) implies that ∥e∥L2 ≤
√
σmax (H −1 ) µ∥d∥L2 and thus, we have:
IV. R ESULTS AND D ISCUSSION
∥ac − veq ∥L2 ≤ This Section includes the experimental results of the proposed
√
≤ µ σmax (B1−1 Ā2 ) + defense strategy and the conclusions drawn from them. Firstly, a
detailed description of the implemented case studies is presented.
+ σmax (B1−1 F1 )Lϕ ∥T −1 ∥ σmax (H −1 ) +

Then, the performance evaluation of the AE and ARC schemes is
+ σmax (B1−1 E1 ) ∥d∥L2 ⇒ demonstrated and their robustness against various system parame-
ters is inspected. Finally, the suggested approach is benchmarked
∥ac − veq ∥L2 √ against existing methods to highlight its superior performance.
⇒ sup = β1 + µβ2 ,
∥d∥L2 ̸=0 ∥d∥L2 The simulations were conducted utilizing the Simulink/Matlab
platform on a desktop computer, equipped with a 64-bit Intel Core
where β1 = σmax (B1−1 E1 ) and β2 = σmax (B1−1 Ā2 ) +
−1 −1 −1 √ i7 CPU of 2.7 GHz.
σmax (B1 F1 )Lϕ ∥T ∥ σmax (H ). Therefore, if β1 + µβ2 is
close to zero, attacks against control signals can be approximated
as: A. Case Study Analysis
B1T P1 (C1−1 ω1 − ζ̂1 ) The performance of the proposed AE and ARC schemes is
âc ≈ (ρ + η) . (47)
∥B1T P1 (C1−1 ω1 − ζ̂1 )∥ + δ evaluated on several case studies that include various topologies,
different types of FDIAs and multiple disturbances. The scalability
E. Attack-Resilient Control of this methodology is evidenced by the growing complexity of
these case studies. Scalability is the effective performance of
With the attack estimations provided by Eq. (44) and (47), it is
a proposed methodology to various power systems, regardless
straightforward to design an attack compensation control strategy
of their size. The topology, i.e. number of areas and types of
by examining system (18). Regarding attacks against the control
interconnections, of each simulation scenario is depicted in Fig.
signals, the âc is added as a supplementary control input to the
2. The power system parameter values of each area can be
original system in order to compensate for the ac . Thus, the new
found in the Appendix A. To ensure the proper operation of the
controlled system input, denoted as ci , has the following form:
implemented LFC systems, Fig. 3 portrays the frequency and tie-
ci (t) = u(t) + ac (t) − âc (t). (48) line power flow responses for case study 1 under 1% p.u. step load
·10−2
Power Power 6
Area 1 Area 2
4
∆Pd (p.u.)
(a) Case study 1 2
Power Power 0
Area 1 Area 4
Case study 1
−2 Case study 2
Case study 3
0 10 20 30 40
Power Power Time (s)
Area 2 Area 3
Fig. 4: Simulated disturbances for each case study.
AC tie-line without TCPS
AC tie-line with TCPS
etc., but without any load disturbance. Every case study includes
HVDC tie-line
solar and wind generation disturbances and measurement time
(b) Case studies 2, 3 delays, varying between 1 to 2 seconds. For a better insight on
the simulated scenarios, the waveforms of the aggregated external
Fig. 2: Topologies of the case studies disturbances, caused by both load and RES variations, are plotted
in Fig. 4.
·10−2
0 B. Performance Assessment of the Attack Estimation Method
∆f (Hz)
The effectiveness of the presented attack estimation method is

−5 studied in this subsection. For this purpose, the aforementioned
Case study 1
Case study 2 mechanism is applied to the case studies 1 and 2 defined in IV-A
Case study 3
and the results are portrayed in Fig. 5 and 6. The blue lines of Fig.
0 10 20 30 40 5 represent the actual FDIAs launched against each case study
Time (s) while the red lines depict the corresponding attack estimations
·10−2 generated by the proposed AE scheme. The upper graph of Fig.
0 5a demonstrates the performance of the control signal attack
∆Ptie (p.u.)
estimator of case study 1 and the lower graph of 5a illustrates the

−1 performance of the measurement attack estimator of case study
1. Fig. 5b contains the same information but for case study 2.
−2
Case study 1
Case study 2
For a better insight into the performance of the proposed AE
Case study 3
technique, the resulting attack estimation errors are plotted in Fig.
0 10 20 30 40 6. These errors are defined as the difference between the actual
Time (s) and the approximated attack signals and annotated as eca = ac −âc ,
when referred to control signal attacks, and ema = am − âm , when
Fig. 3: Frequency & tie-line power flow responses to the distur- referred to measurement attacks.
bances of each case study. Fig. 5 reveals that the actual and the estimated FDIAs are
almost identical, which validates the effectiveness of the presented
method. This is further verified by eca and em a in Fig. 6; the
disturbance at t = 5 sec in area 1 and variations due to RES, for differences between the actual and the approximated attack signals
case study 2 under 5% p.u. step load disturbance at t = 5 sec in are always close to zero, despite some negligible spikes. Fig. 5 and
area 1 and RES variations, and for case study 3 under fluctuations 6 also indicate that the suggested AE strategy is resilient against
only due to RES generation. the scheduled load disturbances that happen at t = 5 sec, the RES
An in-depth analysis of these case studies follows: i) Case disturbances that occur throughout the whole simulation and the
study 1: 2-area power system, connected via an AC tie-line. The varying time delays. Moreover, the upper graph of Fig. 5a shows
simulated load disturbance is modeled as 1% p.u. step function that the ac estimator module of case study 1 is unaffected by the
in area 1 at t = 5 sec. Regarding the FDIAs, a 0.01 p.u. sine am attack at t = 35 sec. The same applies to the rest of the
attack is launched against the control signal of area 2 at t = 25 simulations, confirming that each estimator module is sensitive
sec and a 10% p.u. step attack is launched against the frequency only to the attack that is designed for. Finally, the presented AE
measurement of area 1 at t = 35 sec; ii) Case study 2: 4-area methodology performs successfully to power systems of various
power system, interconnected via AC (either equipped with TCPS sizes, proving its scalability.
or not) and HVDC tie-lines. In this case, a 5% p.u. step load
disturbance occurs in area 1 at t = 5 sec. The simulated FDIAs
include a [-0.1, 0.1] p.u. random attack against the control signal C. Performance Assessment of the Attack-Resilient Control
of area 2 at t = 25 sec and a 1% p.u. ramp attack against The performance of the proposed ARC method is evaluated on
the frequency measurement of area 3 at t = 35 sec. iii) Case all the case studies defined in IV-A. To this end, the frequency
Study 3: Identical to case study 2 in terms of topology, events, response of the implemented LFC systems is analyzed under two
·10−2 0.1 eca of case study 1
1 Actual ac
eca of case study 2
em
a of case study 1
(p.u.)
Estimated ac 0.05 em
a of case study 2
ac (p.u.) 0 0
ec,m
a
−0.05
−1 −0.1
0 20 40 0 20 40
Time (s) Time (s)
0.1 Actual am Fig. 6: Attack Estimation Errors
Estimated am
am (p.u.)
0.05 Sine ac &

step am
0.05 with ARC
∆f (Hz)
Sine ac
without ARC
0 0 Step am
without ARC
0 20 40 −0.05
Time (s)
−0.1
(a) Case study 1 0 20 40
0.1 Actual ac
Time (s)
Estimated ac
ac (p.u.)
(a) Case study 1

Random ac &
0 ramp am
with ARC
∆f (Hz)
0 Random ac
without ARC
−0.1 Ramp am
without ARC
0 20 40 −0.1
Time (s)
0.15 Actual am 0 20 40
Estimated am
Time (s)
am (p.u.)
0.1
(b) Case study 2
0.05 Random ac &
ramp am
with ARC
∆f (Hz)
0 0 Random ac
without ARC
0 20 40 Ramp am
without ARC
Time (s) −0.1
(b) Case study 2
0 20 40
Fig. 5: Performance of the attack estimation method
Time (s)
(c) Case study 3
conditions: i) LFC operates with the suggested ARC mechanism,
Fig. 7: Performance of the attack-resilient control
and ii) LFC uses other, existing control methods and with the
suggested ARC being disabled. For these experiments, only a
single attack between ac and am is simulated when the ARC that the introduced control scheme can effectively mitigate the
is inactive, to better demonstrate the cyberattacks effects against impact of FDIAs, allowing the LFC system to continue operating
frequency. Particularly, Fig. 7a portrays the results of case study based on its primary specifications. Moreover, these experiments
1, where the black line illustrates the behavior of ∆f1 when the validate the scalability of the proposed ARC mechanism, as it was
suggested ARC is enabled, the red line refers to ∆f1 response successfully applied to several case studies of varying complexity.
under ac without using the suggested ARC and the blue line
displays the ∆f1 response under am with the proposed ARC being
disabled. The same information is provided in Fig. 7b and 7c but D. Hardware-in-the-loop Simulation
for case studies 2 and 3, respectively. To evaluate the performance of the presented defense strategy
Based on the findings presented in Fig. 7, without the proposed in more realistic power systems, a hardware-in-the-loop (HIL)
ARC method, the frequency responses start to deviate significantly testbed has been implemented. HIL is a real-time simulation
from their nominal values at t = 25 sec, when the ac are launched, technique that enables a highly detailed and accurate design of
and at t = 35 sec, when am are launched. On the contrary, power systems. In HIL testing, the behavior of the physical system
when the proposed ARC method is active, the frequency responses is replicated by a dedicated hardware, which can also interact with
deviate only in the event of the scheduled load disturbance at t = 5 external components, such as software applications and embedded
sec and remain unaffected by the launched cyberattacks. Further- systems. These external components encapsulate the algorithms
more, the designed system can effectively absorb the fluctuations proposed for optimizing the performance of the designed power
caused by RES generation, as Fig. 7c indicates. This implies system. The architecture of the developed HIL testbed is demon-
·10−2
5 Sine ac &
step am
with ARC
FDIAs Step ac
without ARC
∆f (Hz)
Sine am
without ARC
0
load
disturbances
−5
0 50 100 150
Time (s)
Fig. 9: RTDS simulation results.
·10−2
Fig. 8: Implemented HIL testbed. 0 Nominal
+10%
+20%
∆f (Hz)
+30%
−1 -10%
-20%
strated in Fig. 8 and described in what follows. The standard -30%
IEEE 39-bus system [27], [28], divided into three power areas, −2
is implemented in an RTDS infrastructure [29] to simulate the
physical system. The frequency control of the IEEE 39-bus system 0 10 20 30
is performed outside of RTDS as a standalone Python application, Time (s)
which can utilize the proposed ARC on demand. The RTDS and ·10−3
the Python application communicate remotely through the DNP3 0 Nominal
+10%
protocol. The events in the HIL simulation include a step load ∆Ptie (p.u.)
+30%
−2 +50%
disturbance of 1% p.u. at t = 50 sec in area 1, a step FDIA of -10%
−4 -30%
1% p.u. against the control signal of area 3 at t = 100 sec and -50%
a sine FDIA of 10% p.u. amplitude against the measurement of −6

area 1 at t = 120 sec. −8
Fig. 9 illustrates the frequency response of the power system 0 10 20 30
implemented in RTDS for the different simulation scenarios. More Time (s)
specifically, the red line corresponds to the scenario where the
Fig. 10: Sensitivity analysis on power system parameters.
system faces the control signal FDIA and the load disturbance
without using the proposed ARC strategy; the blue line charac-
terizes the situation in which the measurement FDIA and the
load disturbance take place with the introduced ARC scheme proposed defense strategy to these parameters is essential for
being disabled; lastly, the black line represents the case where the validation of its feasibility. The results of this experimental
the load disturbance occurs and both measurement and control analysis are briefly discussed in what follows.
signal FDIAs are launched, while the presented ARC method is The sensitivity analysis is conducted by consecutively applying
in operation. The results demonstrate that the frequency response the presented methodology to case study 1, without loss of
of the system without any cyber defense measure experiences generality, using different parameter values in each iteration. The
significant variations after the launch of FDIAs at 100 sec and implemented scenarios are the following:
120 sec. However, the FDIAs against the system that utilizes
the proposed ARC scheme have no impact on its frequency • the increase/decrease of the turbine and governor time con-
response. Therefore, it is confirmed that the introduced cyber stants of areas 1 and 2 (Tt1 , Tg1 , Tg2 , Tt2 respectively) by
defense method is still effective for power systems closer to the 10%, 20% and 30%, and
real-world. It is also worth mentioning that the minor fluctuations • the increase/decrease of the initial tie-line synchronizing
in the frequency response throughout the entire HIL simulation coefficient between areas 1 and 2 (T12 ) by 10%, 30% and
are an expected phenomenon in realistic conditions. 50%.
Fig. 10 illustrates the results of the present sensitivity analysis

E. Sensitivity Analysis on Power System Parameters which prove that the proposed ARC method remains effective
The SFR analysis of real-world electrical grids requires the even when significant miscalculations of the system parameters
accurate computation of several power system parameters, such occur. Specifically, the frequency and tie-line power flow re-
as turbine and governor time constants, tie-line synchronizing sponses demonstrate minimal deviations compared to their stan-
coefficients, load frequency relief, regional inertia constants, etc. dard behavior, when the original system parameters are used.
However, this is a challenging task due to the necessary model Furthermore, the FDIAs against control signals and measurements
linearizations, system approximations or other simplifications that are still effectively mitigated. Based on these results, it can be
must be taken into account. Besides, it is difficult to collect and concluded that the suggested attack-resilient strategy is robust
update data regularly. Therefore, exploring the sensitivity of the against possible inaccuracies in system parameters.
0.1 Noiseless âc

0
Original
Low
Noisy âc
Medium
ac (p.u.)
High
∆f (Hz)
0
−0.1
−0.1
0 20 40
−0.2
Time (s)
0 20 40
0.15 Noiseless âm
Noisy âm Time (s)
am (p.u.)
0.1
(a) ARC disabled.
0.05 ·10−2
Original
Low
0 0 Medium
High
0 20 40
∆f (Hz)
−2
Time (s)
−4
Fig. 11: Performance of AE in the presence of noise.
−6
F. Performance Analysis in Noisy Environments 0 10 20 30 40

In practical frequency control scenarios, measurements are Time (s)
often subject to noise caused by deficiencies in devices and
(b) ARC enabled.
communication links. To validate the feasibility of the proposed
defense technique in realistic conditions, it is also important to Fig. 12: Impact of RES penetration.
test its effectiveness in the presence of noise. For this purpose, a
noisy setting of case study 2 is implemented. The proposed attack
estimation method is deployed in this scenario and compared with frequency deviations. A shortfall in the system inertia could
its performance in the original, noiseless case study 2, similar to heavily affect the designed cyber defense systems which in turn,
[4]. To model the noisy setting, the noiseless measurement vector would expose the power grid into various digital threats. The
y of case study 2 is redesigned as: results of Section IV-C indicate that the performance of the
proposed ARC defense method is independent of the magnitude
yns = y + ens of the external disturbances. However, it is equally important to
where yns denotes the noisy measurement vector and ens repre- explore its functionality, in terms of frequency stability and cyber
sents the measurement noise. ens follows the normal distribution resilience, within a RES-dominated power system during FDIAs.
with a mean value of µns and a standard deviation of δns . The For this reason, this study investigates the performance of the
values of µns and δns for the noisy environment are 0 and 1%, introduced ARC scheme in a power system that faces reduction
respectively, and for the original case study 2 are 0 and 0%, in its available rotating inertia due to high RES penetration
respectively. At this point, it should be noted that presenting the without utilizing any remedial mechanisms, such as fast frequency
results of the noise performance analysis for the proposed ARC response and virtual inertia.
is deemed redundant; if the proposed AE method is effective, For this experiment, a simulation scenario of normal RES
the same is true for the ARC strategy as well, according to both penetration is conducted along with three sub-scenarios of inertia
theoretical and numerical evidence. The results are depicted in Fig. shortfall (i.e. low, medium, and high). The considered power
11: the orange line refers to the generated attack estimation when system and the simulated events are adopted by case study 2 of
applied to the noiseless case study 2 while the green, dotted line Section IV-A, excluding the control signal attack. The results of
corresponds to the same variable for the noisy case study 2. The this study are illustrated in Fig. 12. More specifically, Fig. 12a
upper graph Fig. 11 shows the launched control signal FDIA and demonstrates that the frequency response of the power system
the lower graph portrays the launched measurement FDIA. In the that does not utilize the proposed ARC mechanism and relies
presence of noise, the corresponding approximation demonstrates only on the typical integral LFC, configured based on [19], is
similar behavior, despite some minor fluctuations (approximately heavily affected by FDIAs. In contrast, Fig. 12b yields that, when
0.1%) from the original attack waveform. Since the impact of these the introduced ARC is enabled, the FDIAs against the frequency
deviations is minimal and the overall performance of the defense control of the investigated power system are successfully miti-
mechanism is not downgraded, it is implied that the introduced gated. While this is a well-established knowledge from previous
methodology is robust against noisy measurements. experiments, the interesting remark here is that the systems that
employ conventional controllers become unstable within a time
period that is inversely proportional to the amount of the inertia
G. Sensitivity Analysis in RES-dominated Environments shortfall. On the other hand, the systems equipped with the
This study examines how the presence of RESs influences proposed ARC method remain resilient to FDIAs, regardless of
the resilience and security of the presented ARC strategy. In RES penetration percentage. These results confirm the superiority
power systems, a large inertia decrease that results from a high of the proposed ARC strategy against other types of controllers,
amount of RES penetration, can potentially lead to significant even when the system experiences significant shortfalls in the
available rotating inertia. TABLE I: Quality comparative analysis

Methods
[7] [12] [14] [30] [13] Proposed
H. Comparative Study Features
To assess the value of the proposed methodology, it is important Estimation × ✓ × ✓ ✓ ✓
to compare it with other similar works from the literature. For Global mitigation × × × × × ✓
Decoupling × ✓ × ✓ ✓ ✓
this reason, a comparative analysis is conducted between the
Nonlinearities × × ✓ × × ✓
presented methodology and several state-of-the-art methods, based
Diverse tie-lines × × × × × ✓
on a set of selected quality features. The results of this study are
RES × × × × × ✓
demonstrated in Table I; ”✓” annotation declares that the specified
Parameter uncertainties × × × × × ✓
attack mitigation method for LFC meets the corresponding feature Time delays × × × × ✓ ✓
and ”×” symbol implies that it does not. The considered set of Scalability × × × × ✓ ✓
quality features includes:
i) Estimation: it is the property of a method to provide full
information about the launched cyberattacks; ii) Global miti- systems and its robustness against various system uncertainties. As
gation: it is the attribute of a methodology to mitigate both future work, the cybersecurity of the observers will be investigated
measurement and control signal attacks; iii) Decoupling: it is the to determine the resilience of the observer-based methods against
robustness of a method against external system disturbances; iv) cyberattacks.
Nonlinearities: it determines if a defense mechanism takes the
nonlinearities of LFC into account or not; v) Diverse tie-lines: it is
the applicability of a method to power systems with different types A PPENDIX A
of tie-lines; vi) RES: it declares whether the specified technique The power system parameter values selected for present simu-
considers RES disturbances or not; vii) Parameter uncertainties: lation analysis are [31]:
it is the sensitivity of an approach to power system parameter Di = 0.0083 (p.u./Hz), 2Hi = 0.1667 (p.u. s), Tgi = 0.08 (s),
uncertainties; viii) Time delays: it is the robustness of a defensive Tti = 0.3 (s), Ri = 2.4 (Hz/p.u.) , Tij = Tji = 0.026 (p.u./Hz),
strategy against network time delays; ix) Scalability: it is the βi = 0.425 (p.u./Hz), Tdci = 0.2, Kij = 1 (p.u./Hz), Tsij = 0.1,
applicability of an attack mitigation scheme to power systems of Ksij = 1.
various sizes. For the simulations, the LFC nonlinearities of each area i have
Table I demonstrates the superiority of the proposed AE and the following values:
ARC methodologies upon several existing works. Particularly, Pgdb = 1‰ p.u., Pgrc = 10% p.u./min, τd = 1 s.
the introduced method can effectively approximate the magnitude
of the launched FDIA signals, unlike [7] and [14]. Similar is
the case about the resilience of the selected techniques against R EFERENCES
external system disturbances, such as load variation and generation [1] U.S. Department of Energy, Grid Modernization and the Smart Grid. [On-
from RES. Moreover, the suggested methodology can effectively line].
[2] A. D. Syrmakesis, C. Alcaraz, and N. D. Hatziargyriou, “Classifying
eliminate both measurement and control signal attacks; this is resilience approaches for protecting smart grids against cyber threats,”
a critical feature that none of the benchmarked methods has. International Journal of Information Security, pp. 1–22, 2022.
Regarding the LFC nonlinearities, very few research works [14] [3] E-ISAC and SANS, “Analysis of the cyber attack on the Ukrainian power
grid,” Electricity Information Sharing and Analysis Center (E-ISAC), vol.
take them into consideration, apart from the proposed strategy. 388, 2016.
Finally, the feasibility of the existing methodologies to real- [4] M. Liu, C. Zhao, Z. Zhang, and R. Deng, “Explicit Analysis on Effectiveness
world electrical systems is not properly examined, contrary to and Hiddenness of Moving Target Defense in AC Power Systems,” IEEE
Transactions on Power Systems, pp. 1–1, 2022.
the introduced method. For example, none of the works under
[5] German wind farm operator confirms cybersecurity incident, [Online].
comparison evaluates its cyberdefense strategy in power systems [6] A. Ameli, A. Hooshyar, E. F. El-Saadany, and A. M. Youssef, “Attack
that use RES or diverse types of interconnecting lines (HVDC, Detection and Identification for Automatic Generation Control Systems,”
TCPS equiped). Likewise, the sensitivity against power systems IEEE Transactions on Power Systems, vol. 33, no. 5, pp. 4760–4774, 2018.
[7] S. Sridhar and M. Govindarasu, “Model-based attack detection and mitigation
parameters is not explored in any of the selected approaches. for automatic generation control,” IEEE Transactions on Smart Grid, vol. 5,
Additionally, the time delays due to network limitations along no. 2, pp. 580–591, 2014.
with the scalability over a wide range of power systems are only [8] S. East, J. Butts, M. Papa, and S. Shenoi, “A Taxonomy of Attacks on
the DNP3 Protocol,” in International Conference on Critical Infrastructure
investigated in [13] and in the presented technique. Protection. Springer, 2009, pp. 67–81.
[9] M. J. Rice, C. A. Bonebrake, G. K. Dayley, and L. J. Becker, “Secure
V. C ONCLUSION ICCP Final Report,” 6 2017. [Online]. Available: https://www.osti.gov/
biblio/1436849
In this work, an innovative attack-resilient, power system fre- [10] I. Zografopoulos, J. Ospina, X. Liu, and C. Konstantinou, “Cyber-Physical
quency control strategy was proposed based on a novel FDIA Energy Systems Security: Threat Modeling, Risk Assessment, Resources,
estimation method. The dynamical model of the frequency control Metrics, and Case Studies,” IEEE Access, vol. 9, pp. 29 775–29 818, 2021.
[11] J. Ye and X. Yu, “Detection and Estimation of False Data Injection Attacks
was initially introduced and then, the mathematical foundation of for Load Frequency Control Systems,” Journal of Modern Power Systems
the presented cyber defense strategy was established. The effec- and Clean Energy, vol. 10, no. 4, pp. 861–870, 2022.
tiveness of the proposed methodology in the real-time estimation [12] X. Chen, S. Hu, Y. Li, D. Yue, C. Dou, and L. Ding, “Co-Estimation of
State and FDI Attacks and Attack Compensation Control for Multi-Area Load
and mitigation of FDIAs against practical LFC systems was ex- Frequency Control Systems Under FDI and DoS Attacks,” IEEE Transactions
perimentally verified by multiple scenarios, including Hardware- on Smart Grid, vol. 13, no. 3, pp. 2357–2368, 2022.
in-the-Loop simulations. The experiments also designated the [13] C. Chen, Y. Chen, J. Zhao, K. Zhang, M. Ni, and B. Ren, “Data-Driven Re-
silient Automatic Generation Control Against False Data Injection Attacks,”
capability of the proposed defense method to handle both measure- IEEE Transactions on Industrial Informatics, vol. 17, no. 12, pp. 8092–8101,
ments and control signal attacks, its scalability over various power 2021.
[14] A. Ayad, M. Khalaf, M. Salama, and E. F. El-Saadany, “Mitigation of Hassan Haes Alhelou (Senior Member, IEEE) is with
false data injection attacks on automatic generation control considering the Department of Electrical and Computer Systems En-
nonlinearities,” Electric Power Systems Research, vol. 209, p. 107958, gineering, Monash University, Clayton, VIC 3800, Aus-
2022. [Online]. Available: https://www.sciencedirect.com/science/article/pii/ tralia. Previously, he was with the School of Electrical
S0378779622001882 and Electronic Engineering, University College Dublin
[15] F. Caliskan and I. Genc, “A Robust Fault Detection and Isolation Method (UCD), in Ireland between 2020-21, and with Sultan
in Load Frequency Control Loops,” IEEE Transactions on Power Systems, Qaboos University (SQU) in Oman. He completed his
vol. 23, no. 4, pp. 1756–1767, 2008. B.Sc. from Tishreen University in 2011 with First-Rank
[16] T. N. Pham, H. Trinh, and L. V. Hien, “Load Frequency Control of Power honors, and his M.Sc. and Ph.D. from Isfahan University
Systems With Electric Vehicles and Diverse Transmission Links Using of Technology, Iran all with honors. He was included in
Distributed Functional Observers,” IEEE Transactions on Smart Grid, vol. 7, the 2018 & 2019 Publons and Web of Science (WoS) list
no. 1, pp. 238–252, 2016. of the top 1% of best reviewers and researchers in the field of engineering and
[17] M. Khudhair, M. Ragab, K. M. AboRas, and N. H. Abbasy, “Robust control cross-fields all over the world. He has been listed in 2% Top Scientists Worldwide
of frequency variations for a multi-area power system in smart grid using by Stanford University in 2022 and 2023. He was the recipient of the Outstanding
a newly wild horse optimized combination of PIDD2 and PD controllers,” Reviewer Award from many journals, e.g., Energy Conversion and Management
Sustainability, vol. 14, no. 13, p. 8223, 2022. (ECM), ISA Transactions, and Applied Energy. He was the recipient of the Best
[18] H. Haes Alhelou, M. E. H. Golshan, and N. D. Hatziargyriou, “A Decentral- Young Researcher in the Arab Student Forum Creative among 61 researchers from
ized Functional Observer Based Optimal LFC Considering Unknown Inputs, 16 countries at Alexandria University, Egypt, 2011. He also received the Excellent
Uncertainties, and Cyber-Attacks,” IEEE Transactions on Power Systems, Paper Award 2021/2022 from IEEE CSEE Journal of Power and Energy Systems
vol. 34, no. 6, pp. 4408–4417, 2020. (SCI IF: 3.938; Q1). He has published more than 200 research papers in high-
[19] H. Haes Alhelou, M. E. Hamedani Golshan, and M. Hajiakbari Fini, quality peer-reviewed journals and international conferences. His research papers
“Wind driven optimization algorithm application to load frequency control received more than 5000 citations with an H-index of 39 and an i-index of 100.
in interconnected power systems considering GRC and GDB nonlinearities,” He authored/edited 15 books published in reputed publishers such as Springer,
Electric Power Components and Systems, vol. 46, no. 11-12, pp. 1223–1238, IET, Wiley, Elsevier, and Taylor & Francis. He serves as an editor in a number
2018. of prestigious journals such as IEEE Systems Journal, Computers and Electrical
[20] A. D. Syrmakesis, H. H. Alhelou, and N. D. Hatziargyriou, “Novel SMO- Engineering (CAEE-Elsevier), IET Journal of Engineering, and Smart Cities. He
Based Detection and Isolation of False Data Injection Attacks against has also performed more than 800 reviews for prestigious journals, including
Frequency Control Systems,” IEEE Transactions on Power Systems, pp. 1– IEEE Transactions on Power Systems, IEEE Transactions on Smart Grid, and
13, 2023. IEEE Transactions on Industrial Informatics. He has participated in more than
[21] J. Zhang, A. K. Swain, and S. K. Nguang, Robust observer-based fault 15 international industrial projects over the globe. His major research interests
diagnosis for nonlinear systems using MATLAB®. Springer, 2016. are Future energy systems, Power systems, Power System Security, Power system
[22] X.-G. Yan and C. Edwards, “Nonlinear robust fault reconstruction and dynamics and control, Power System Cybersecurity, Dynamic state estimation,
estimation using a sliding mode observer,” Automatica, vol. 43, no. 9, Frequency control, Smart grids and Microgrids, Demand response, and Load
pp. 1605–1614, 2007. [Online]. Available: https://www.sciencedirect.com/ shedding.
science/article/pii/S0005109807001719
[23] V. I. Utkin, Sliding modes in control and optimization. Springer Science &
Business Media, 2013.
[24] C. P. Tan and C. Edwards, “Sliding mode observers for robust fault
detection & reconstruction,” IFAC Proceedings Volumes, vol. 35, no. 1,
pp. 347–352, 2002, 15th IFAC World Congress. [Online]. Available:
https://www.sciencedirect.com/science/article/pii/S1474667015392107
[25] ——, “Sliding mode observers for robust detection and reconstruction of
actuator and sensor faults,” International Journal of Robust and Nonlinear
Control: IFAC-Affiliated Journal, vol. 13, no. 5, pp. 443–463, 2003.
[26] C. Edwards and S. Spurgeon, Sliding mode control: theory and applications.
Crc Press, 1998.
[27] T. Athay, R. Podmore, and S. Virmani, “A Practical Method for the Direct
Analysis of Transient Stability,” IEEE Transactions on Power Apparatus and
Systems, vol. PAS-98, no. 2, pp. 573–584, 1979.
[28] A. Pai, Energy function analysis for power system stability. Springer Science
& Business Media, 1989. Nikos D. Hatziargyriou (Life Fellow, IEEE) is with
[29] “RTDS Technology Inc.” https://www.rtds.com/, accessed: 2023-09-26. the National Technical University of Athens (NTUA),
[30] A. Abbaspour, A. Sargolzaei, P. Forouzannezhad, K. K. Yen, and A. I. Sarwat, since 1984, Professor in Power Systems, since 1995,
“Resilient Control Design for Load Frequency Control System Under False and Professor Emeritus, since 2022. He is Part-time
Data Injection Attacks,” IEEE Transactions on Industrial Electronics, vol. 67, Professor at the University of Vaasa, Finland. He has
no. 9, pp. 7951–7962, 2020. over 10 years of industrial experience as Chairman and
[31] A. D. Syrmakesis, H. H. Alhelou, and N. D. Hatziargyriou, “A Novel Cyber the CEO of the Hellenic Distribution Network Operator
Resilience Method for Frequency Control in Power Systems considering (HEDNO) and as Executive Vice-Chair and Deputy CEO
Nonlinearities and Practical Challenges,” IEEE Transactions on Industry of the Public Power Corporation (PPC), responsible for
Applications, pp. 1–13, 2023. the Transmission and Distribution Divisions. He has
participated in more than 60 R&D projects funded by
the EU Commission, electric utilities and industry for fundamental research and
practical applications. He has authored or coauthored more than 300 journal
publications and 600 conference proceedings papers. He was the Chair and Vice-
Chair of ETIP-SNET. He is past EiC of the IEEE Transactions on Power Systems
and currently EiC-at-Large for IEEE PES Transactions. He is included in the 2016,
2017 and 2019 Thomson Reuters lists of top 1% most cited researchers. He is the
2020 Globe Energy Prize laureate, recipient of the 2017 IEEE/PES Prabha S.
Andrew D. Syrmakesis received the Diploma degree Kundur Power System Dynamics and Control Award and recipient of the 2023
in Electrical and Computer Engineering from the Na- IEEE Herman Halperin Electric Transmission and Distribution Award.
tional Technical University of Athens (NTUA) in 2017.
Currently, he is pursuing the Ph.D. degree from the
Electric Power Division of NTUA. He also works as a
Research Assistant for the Institute of Communications
and Computer Systems (ICCS). His research interests
include Cybersecurity, Smart Grids, Control Theory and
Machine Learning. He is a member of the Technical
Chamber of Greece since 2020.

A Novel Cyberattack-Resilient Frequency Control Method For Interconnected Power Systems Using SMO-based Attack Estimation

Uploaded by

Copyright:

Available Formats

A Novel Cyberattack-Resilient Frequency Control Method For Interconnected Power Systems Using SMO-based Attack Estimation

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

A Novel Cyberattack-Resilient Frequency Control Method For Interconnected Power Systems Using SMO-based Attack Estimation

Uploaded by

Copyright:

Available Formats

This article has been accepted for publication in IEEE Transactions on Power Systems.

A Novel Cyberattack-Resilient Frequency Control

presented in this Section. N

∆PRESi = ∆PiW + ∆PiP V . (8)

where ρW is the air density, AT denotes the rotor swept area,

( C. Observer Design Process

+ M0 F̄2 ϕ(T −1 ζ̂, t) + N0 C̄4 F̄2 ϕ(T −1 ζ, t) + V = V1 + V2 + V3 + V4 ,

Therefore: Then, under zero initial conditions, we have:

1 = (∥r∥2 − µ∥d∥2 + V̇ ) dt − V (∞) + V (0)

1 in finite time while simultaneously preserving their sliding move-

˙ V̇1 = eT1 (As1 P1 + P1 As1 )e1 + 2eT1 P1 Ā2 ē2 + 2eT1 P1 E1 d +

The effectiveness of the presented attack estimation method is

estimator of case study 1 and the lower graph of 5a illustrates the

·10−2 0.1 eca of case study 1

0.05 Sine ac &

(a) Case study 1

a sine FDIA of 10% p.u. amplitude against the measurement of −6

Fig. 10 illustrates the results of the present sensitivity analysis

0.1 Noiseless âc

F. Performance Analysis in Noisy Environments 0 10 20 30 40

available rotating inertia. TABLE I: Quality comparative analysis

You might also like