Can attackers with limited information exploit historical data to mount successful false data injection attacks on power systems?

This paper studies physical consequences of unobservable false data injection (FDI) attacks designed only with information inside a subnetwork of the power system. The goal of this attack is to overload a chosen target line without being detected via measurements. To overcome the limited information, a multiple linear regression model is developed to learn the relationship between the external network and the attack subnetwork from historical data. The worst possible consequences of such FDI attacks are evaluated by solving a bi-level optimization problem wherein the first level models the limited attack resources, while the second level formulates the system response to such attacks via dc optimal power flow (OPF). The attack model with limited information is reflected in the dc OPF formulation that only takes into account the system information for the attack subnetwork. The vulnerability of this attack model is illustrated on the IEEE 24-bus reliability test system and the IEEE 118-bus systems.