Double-layer Detection-Based Distributed Secure State Estimation Under False Data Injection Attacks

When the measurement or intermediate exchange data are tampered by false data injection attacks (FDIAs) in cyber-physical power systems (CPPSs), their authenticity (i.e., credibility) will be destroyed, leading to the failure of distributed state estimation. To address the problem, this paper proposes a novel distributed secure state estimation method using doublelayer detection for FDIAs. First, the first layer uses a \chi ^{2}-based attack detector to check whether the measurement data are tampered and, if so, replaces the contaminated by the predicted data based on the Kalman method to improve data credibility and the accuracy of local state estimation. Then, these credible data (i.e., the checked/replaced data) are interacted with the neighboring subregions, when event-triggered mechanism is satisfied. Second, the second layer is a dynamic watermarking-based active attack detector designed to check whether the intermediate exchange data are tampered with and, if so, to replace the attacked intermediate exchange data by Kalman method. It is also found that when the Signal to Interference plus Noise Ratio (SINR) is greater than 10db, attack detection performance is positively correlated with the watermarking intensity. Third, according to the double-layer detection results, each subregion can be divided into secure set and non-secure set, which are used to reconstruct distributed state estimation model. The corresponding novel distributed secure state estimation method is designed and theoretically proved to be exponential convergence in the mean square. Finally, experimental results demonstrate the feasibility and effectiveness of the proposed double-layer attack detection and distributed secure state estimation method for CPPSs.