A clustering approach for consumer baselining and anomaly detection in transactive control

Abstract

The arrival of smart grid technologies has enabled the implementation of advanced grid control applications aimed at improving overall grid reliability and operational efficiency. The new controls are supported by advanced digital devices and communication networks that often possess inherent vulnerabilities, exposing the grid infrastructure to threat actors. Transactive control is one such smart grid application, wherein active participation of end-use customers in electricity markets is enabled by providing the flexibility to consume energy based on the dynamic price of power. Manipulation of signals exchanged in this control system will diminish the benefits of the application, thereby highlighting the need for control system cybersecurity. In this paper, we present a data-driven approach to building bad-data detection algorithms for transactive control security. Specifically, our solution characterizes end-user market participation using clustering techniques to create a baseline for normal system operation. We then show the application of these clusters to detect malicious behavior during real-time system operation. Our initial results show the promise this approach has towards enhancing the security of transactive control systems.