On Adversarial Robustness of Data-Driven State Estimation Techniques

  • Author / Creator
    Afrin, Afia
  • The increasing complexity of electric power grids, owing to the integration of Distributed Energy Resources (DER), electric vehicles, energy storage systems, and advanced metering infrastructure, has stimulated a surge in research on machine learning-based state estimation and control. In this thesis, we examine the robustness of machine learning-based Distribution System State Estimation (DSSE) techniques to a class of adversarial attacks, known as evasion attacks. In these attacks, the attacker manipulates real-time measurements of
    sensors installed in the distribution grid by adding carefully crafted perturbations to diminish the accuracy of DSSE. We devise a stealthy attack based on the Fast Gradient Sign Method (FGSM), dubbed Sneaky-FGSM, by analyzing
    the statistical properties of real-time measurements and adding perturbations accordingly. Using simulation on a standard test distribution system, we show that this attack would remain largely unidentified, and the error introduced in
    the DSSE process could propagate to a voltage control scheme that takes the DSSE result as input. Moreover, we present Targeted-FGSM, a powerful targeted evasion attack strategy that is capable of misleading the state estimator in a certain direction to cause specific power quality issues. Upon analyzing
    the covert nature of these attacks, we propose the adoption of the feature attribution-based detection strategy to build robust safeguarding mechanism for DSSE techniques. Our results suggest that incorporating machine learning models in DSSE is a double-edged sword and calls for more research in this area to ensure the robustness of these models to adversarial samples.

  • Subjects / Keywords
  • Graduation date
    Fall 2023
  • Type of Item
  • Degree
    Master of Science
  • DOI
  • License
    This thesis is made available by the University of Alberta Libraries with permission of the copyright owner solely for non-commercial purposes. This thesis, or any portion thereof, may not otherwise be copied or reproduced without the written consent of the copyright owner, except to the extent permitted by Canadian copyright law.