Detecting Cyber Attacks in Power System AGC Using a Drifted Ornstein-Uhlenbeck Process

The Automatic Generation Control (AGC) system, reliant on real-time measurements over communication networks, is susceptible to stealthy false data injection attacks (FDIAs), risking equipment damage and economic losses. We propose a robust FDIA detection method using maximum likelihood estimation (MLE) of a drifted multivariate Ornstein-Uhlenbeck (OU) process. Independent of load observability, in various cyberattack scenarios, the proposed FDIA detection method delivers accurate and rapid detection of sophisticated FDIAs, outperforming traditional unknown input observer (UIO) methods, which miss detections, and Long Short-Term Memory Autoencoder (LSTM-AE) approaches, which suffer from prolonged detection times.