Researchers: Ahmad Mohammad Saber , Amr Youssef , Davor Svetinovic , Hatem H. Zeineldin , and Ehab F. El-Saadany
Industrial advancements in information and communications technology facilitated the widespread use of line current differential relays (LCDRs) for protecting critical transmission lines due to their fast, sensitive, selective, and secure performance. Despite their advantages, LCDRs' reliance on vulnerable communication networks to swap current measurements makes them vulnerable to cyberattacks.
In this article, a scheme is proposed to protect LCDRs from direct-false-tripping (DFT), fault-masking (FM), and sympathetic-tripping (ST) cyberattacks, which have not been studied together before for transmission-level LCDRs. The proposed scheme utilizes a deep neural network (DNN), trained offline on features extracted from only the measurements available for LCDRs. The trained DNN model can then be implemented within LCDRs. Unlike the previous solutions, which only differentiate between faults and DFT cyberattacks, the proposed scheme actively differentiates between authentic and manipulated LCDR measurements to detect and mitigate possible cyberattacks. The performance of the proposed scheme is evaluated using the IEEE 39-bus benchmark system. Our results show that the proposed scheme can accurately detect different forms of DFT, ST, and FM cyberattacks while maintaining the LCDR's protective characteristics. The proposed scheme is tested for real-time capability using an OPAL-RT simulator.
This paper contributions is to introduce a novel scheme for detecting cyberattacks on LCDRs, including fault-masking and sympathetic tripping cyberattacks Also the proposed scheme requires no additional measurements than those available for LCDRs through the local measurements. The performance of the proposed scheme has been evaluated under cyberattacks and faults of different parameters; under varying operating conditions and system dynamics; under uncertainty stemming from measurement noise. The proposed scheme was verified in real time using OPAL-RT real-time simulator.
Incorporating domain knowledge can enhance the design of the DNN, as power system protection systems have specific constraints and requirements not found in other applications. By integrating these constraints, such as voltage and current limits, the DNN becomes more resilient to adversarial attacks. Additionally, since cyberattacks often aim to minimize attack time to maintain stealth, keeping the trained DNN model confidential and restricted to power system operators can further reduce the likelihood of successful adversarial attacks
_page-0001.jpg?ext=.jpg){kind=logo}
