Electric Grid Power Flow Model Camouflage Against Topology Leaking Attacks

The power flow model for DC power grids has been used theoretically to launch false data injection attacks (FDIAs) against state estimation. We recognize FDIAs are just one possible attack using the power flow model and that the grid topology information within the model implies its discovery may also facilitate topology-based attacks. We show attackers can derive the power flow model, and thus the topology also. Indeed, with incomplete data, attackers can accurately reconstruct regions of the model, or topology, all that is necessary to launch an attack. We also illustrate how to cause such attackers to derive instead a convincing fake model by camouflaging the real model. Consequently, no sensitive information will leak, so attacks based on this fake model will be ineffective, rather alerting grid administrators to the attacker's efforts. Using five test cases included in the MATLAB power flow analysis tool MATPOWER, ranging from 9 to 300 buses, an average 67.0% of the topology may be derived with a 69.1% model accuracy. Lastly, we find reconstructions of small portions of the model sufficient for performing FDIAs with 75% success, and that camouflage prevents 93% of them in all but the 9-bus case.