Skip to Main Content
There is an emerging consensus that the nation's electricity grid is vulnerable to cyber attacks. This vulnerability arises from the increasing reliance on using remote measurements, transmitting them over legacy data networks to system operators who make critical decisions based on available data. Data integrity attacks are a class of cyber attacks that involve a compromise of information that is processed by the grid operator. This information can include meter readings of injected power at remote generators, power flows on transmission lines, and relay states. These data integrity attacks have consequences only when the system operator responds to compromised data by re-dispatching generation under normal or contingency protocols. These consequences include (a) financial losses from sub-optimal economic dispatch to service loads, (b) robustness/resiliency losses from placing the grid at operating points that are at greater risk from contingencies, and (c) systemic losses resulting from cascading failures induced by poor operational choices. This paper is focussed on understanding the connections between grid operational procedures and cyber attacks. We first offer an example to illustrate how data integrity attacks can cause economic and physical damage by misleading operators into taking inappropriate decisions. We then focus on unobservable data integrity attacks involving power meter data. These are coordinated attacks where the compromised data is consistent with the physics of power flow, and is therefore passed by any bad data detection algorithm. We develop metrics to assess the economic impact of these attacks under operator re-dispatch decisions using optimal power flow methods. These metrics can be used to prioritize the adoption of appropriate countermeasures including PMU placement, encryption, hardware upgrades, and advanced detection algorithms.