A defining feature of a smart grid is its ability to incorporate advanced data analytics for real time monitoring and control. However, heavy reliance on networking for data collection inevitably exposes a grid to threats of cyber attacks. In this talk, we consider data falsification attacks on power system state estimation, where an attacker alters certain sensor data to mislead the control center with an incorrect state estimate.
We first present a necessary and sufficient condition under which an undetectable attack exists. We present a data-driven undetectable attack that does not require any system parameter information; by exploiting subspace estimation technique, we show that partial sensor observations can provide sufficient information for designing undetectable attacks. Then, in order to protect a grid from potential attacks, we develop countermeasures based on sensor data authentication. It is shown that if data from a set of sensors satisfying certain graph-covering property are protected, any attack can be detected.