Methods of cyber-attack identification for power systems based on bilateral cyber-physical information

Cyber-attacks present great challenges to modern power systems. Well-designed cyber-attacks can mimic normal faults, making it difficult to identify the causes of power system faults. Collaboratively applying bilateral information from both the cyber side and the physical side can help to accurately identify fault causes (e.g., incidental faults or cyber-attacks), which can provide a premise for taking timely countermeasures to avoid the spread of failure. In this paper, to comprehensively express the system state, a data fusion model is first proposed to combine this bilateral information, together with a discretization method based on expert experience. Then, a characteristic sequence extraction method is presented to obtain patterns indicative of different kinds of events. To improve the identification accuracy and efficiency of the pure sequence-matching-based identification method, empirical sequences and original data are integrated to drive a new identification method. Finally, the proposed methods are verified by simulations on a co-simulation platform. The results show that practical requirements can be met in terms of reliability, efficiency and accuracy.