- 128 views
- 133 downloads
On Adversarial Robustness of Data-Driven State Estimation Techniques
-
- Author / Creator
- Afrin, Afia
-
The increasing complexity of electric power grids, owing to the integration of Distributed Energy Resources (DER), electric vehicles, energy storage systems, and advanced metering infrastructure, has stimulated a surge in research on machine learning-based state estimation and control. In this thesis, we examine the robustness of machine learning-based Distribution System State Estimation (DSSE) techniques to a class of adversarial attacks, known as evasion attacks. In these attacks, the attacker manipulates real-time measurements of
sensors installed in the distribution grid by adding carefully crafted perturbations to diminish the accuracy of DSSE. We devise a stealthy attack based on the Fast Gradient Sign Method (FGSM), dubbed Sneaky-FGSM, by analyzing
the statistical properties of real-time measurements and adding perturbations accordingly. Using simulation on a standard test distribution system, we show that this attack would remain largely unidentified, and the error introduced in
the DSSE process could propagate to a voltage control scheme that takes the DSSE result as input. Moreover, we present Targeted-FGSM, a powerful targeted evasion attack strategy that is capable of misleading the state estimator in a certain direction to cause specific power quality issues. Upon analyzing
the covert nature of these attacks, we propose the adoption of the feature attribution-based detection strategy to build robust safeguarding mechanism for DSSE techniques. Our results suggest that incorporating machine learning models in DSSE is a double-edged sword and calls for more research in this area to ensure the robustness of these models to adversarial samples. -
- Subjects / Keywords
-
- Graduation date
- Fall 2023
-
- Type of Item
- Thesis
-
- Degree
- Master of Science
-
- License
- This thesis is made available by the University of Alberta Libraries with permission of the copyright owner solely for non-commercial purposes. This thesis, or any portion thereof, may not otherwise be copied or reproduced without the written consent of the copyright owner, except to the extent permitted by Canadian copyright law.