Preprint Article Version 1 Preserved in Portico This version is not peer-reviewed

Modeling and Detection of Future Cyber-Enabled DSM Data Attacks

Version 1 : Received: 16 July 2020 / Approved: 19 July 2020 / Online: 19 July 2020 (11:14:01 CEST)

A peer-reviewed article of this Preprint also exists.

Hatalis, K.; Zhao, C.; Venkitasubramaniam, P.; Snyder, L.; Kishore, S.; Blum, R.S. Modeling and Detection of Future Cyber-Enabled DSM Data Attacks. Energies 2020, 13, 4331. Hatalis, K.; Zhao, C.; Venkitasubramaniam, P.; Snyder, L.; Kishore, S.; Blum, R.S. Modeling and Detection of Future Cyber-Enabled DSM Data Attacks. Energies 2020, 13, 4331.


Demand-Side Management (DSM) is an essential tool to ensure power system reliability and stability. In future smart grids, certain portions of a customer’s load usage could be under the automatic control of a cyber-enabled DSM program, which selectively schedules loads as a function of electricity prices to improve power balance and grid stability. In this scenario, the security of DSM cyberinfrastructure will be critical as advanced metering infrastructure and communication systems are susceptible to cyber-attacks. Such attacks, in the form of false data injections, can manipulate customer load profiles and cause metering chaos and energy losses in the grid. The feedback mechanism between load management on the consumer side and dynamic price schemes employed by independent system operators can further exacerbate attacks. To study how this feedback mechanism may worsen attacks in future cyber-enabled DSM programs, we propose a novel mathematical framework for (i) modeling the nonlinear relationship between load management and real-time pricing, (ii) simulating residential load data and prices, (iii) creating cyber-attacks, and (iv) detecting said attacks. In this framework, we first develop time-series forecasts to model load demand and use them as inputs to an elasticity model for the price-demand relationship in the DSM loop. This work then investigates the behavior of such a feedback loop under intentional cyber-attacks. We simulate and examine load-price data under different DSM-participation levels with three types of random additive attacks: ramp, sudden, and point attacks. We conduct two investigations for the detection of DSM attacks. The first studies a supervised learning approach, with various classification models, and the second studies the performance of parametric and nonparametric change point detectors. Results conclude that higher amounts of DSM participation can exacerbate ramp and sudden attacks leading to better detection of such attacks, especially with supervised learning classifiers. We also find that nonparametric detection outperforms parametric for smaller user pools, and random point attacks are the hardest to detect with any method.


Demand Side Management; Demand Response; Cyber-Physical Systems; Dynamic Pricing; Load Forecasting; Attack Detection


Engineering, Electrical and Electronic Engineering

Comments (0)

We encourage comments and feedback from a broad range of readers. See criteria for comments and our Diversity statement.

Leave a public comment
Send a private comment to the author(s)
* All users must log in before leaving a comment
Views 0
Downloads 0
Comments 0
Metrics 0

Notify me about updates to this article or when a peer-reviewed version is published.
We use cookies on our website to ensure you get the best experience.
Read more about our cookies here.