Anomalies in the form of natural faults or malicious attacks can affect the dynamics of power systems. They can be physical or cyber-physical, and can affect the generation side or the load side. Most changes in power system dynamics that are caused by faults and attacks are damped and do not cause any major harm. However, some faults and attacks may make the system unstable. The focus in this thesis is on such destabilizing faults and attacks. In a destabilizing attack against a power system, the adversary hacks into generators or load control mechanisms to insert positive feedback into the power system dynamics. In this thesis, Dynamic Load Altering Attack is introduced as a new class of cyber-physical destabilizing attacks against smart grid demand response programs and its fundamental characteristics are investigated.
It is crucial to detect presence of anomaly in power system and identify the location(s) of the affected generators and/or loads. In this thesis, the focus is on the problem of data-driven anomaly detection in power systems from measurement data provided by Phasor Measurement Units and without knowledge of the power system dynamics. It is shown that a destabilizing anomaly is detectable through a frequency-domain analysis of measurements. As for the location identification problem, an optimization-based approach in frequency domain is proposed to identify the unknown location(s) of the destabilizing faults and attacks in power systems. The proposed approach does not require prior knowledge about the number of affected location(s). It is fast and computationally more efficient than its time-domain counterparts. Importantly, it is well-suited to be implemented in a hierarchical fashion, with applications such as in Wide Area Monitoring Systems. It is also observed in this thesis that destabilizing anomalies can be modeled as a reparameterization of the power system's dynamical model. Therefore, an identification method that uses the unscented Kalman filter to jointly estimate both the system states and parameters of the anomaly is developed. A low-rank modification to the Kalman filter is also proposed that improves computational efficiency while maintaining the identification accuracy.
Finally, a protection and mitigation scheme is designed to protect vulnerable loads against destabilizing anomalies by formulating and solving a non-convex pole-placement optimization problem.
Various case studies are presented in this thesis to assess performance of the proposed detection, identification, and protection approaches in standard IEEE 9 and 39 bus test systems.