Hybrid detection of intermittent cyber-attacks in networked power systems

Efstathios Kontouras, Anthony Tzes, Leonidas Dritsas

Research output: Contribution to journalArticlepeer-review


This article addresses the concept of a compound attack detection mechanism, that links estimation-based and set-theoretic methods, and is mainly focused on the disclosure of intermittent data corruption cyber-attacks. The detection mechanism is developed as a security enhancing tool for the load-frequency control loop of a networked power system that consists of several interconnected control areas. The dynamics of the power network are derived in observable form in the discrete-time domain, considering that an adversary corrupts the frequency measurements of certain control areas by means of a bias injection cyber-attack. Simulations indicate that an estimation-based detector is unable to discern an intermittent attack, especially when the latter one occurs at the same time as changes in the power load. The detector can be improved by exploiting the safe operation constraints imposed on the state variables of the system. It is shown that the disclosure of intermittent data corruption cyber-attacks in the presence of unknown power load changes is guaranteed only when the estimation-based detector is combined with its set-theoretic counterpart. To this end, a robust invariant set for the networked power system is computed and an alarm is triggered whenever the state vector exits this set. Simulations indicate that the above detectors can operate jointly in terms of a hybrid scheme, which enhances their detection capabilities.

Original languageEnglish (US)
Article number4625
Issue number24
StatePublished - Dec 5 2019


  • Cyber-attacks
  • Load-frequency control
  • Power systems
  • Set-theoretic methods
  • State estimation

ASJC Scopus subject areas

  • Renewable Energy, Sustainability and the Environment
  • Energy Engineering and Power Technology
  • Energy (miscellaneous)
  • Control and Optimization
  • Electrical and Electronic Engineering


Dive into the research topics of 'Hybrid detection of intermittent cyber-attacks in networked power systems'. Together they form a unique fingerprint.

Cite this