Limits of Residual-Based Detection for Physically Consistent False Data Injection

TL;DR

This paper identifies a fundamental limit of residual-based detection for false data injection attacks in AC power system state estimation by viewing residuals as distances to the measurement manifold ${\mathcal{H}}$. It introduces a physics-guided autoencoder that lifts AC measurements into a space where the measurement function is linear, enabling controlled, manifold-aligned perturbations that preserve physical structure and bypass residual tests. The authors formalize a manifold-induced detectability condition and demonstrate, across multiple IEEE power systems, that perturbations staying near ${\mathcal{H}}$ can evade both chi-squared bad data detectors and learning-based residual detectors, with performance depending on data, perturbation magnitude, and network connectivity. The work highlights the need for defenses beyond measurement-consistency tests and provides a practical diagnostic mechanism to reveal residual-based detection vulnerabilities in real-world AC state estimation settings.

Abstract

False data injection attacks (FDIAs) pose a persistent challenge to AC power system state estimation. In current practice, detection relies primarily on topology-aware residual-based tests that assume malicious measurements can be distinguished from normal operation through physical inconsistency reflected in abnormal residual behavior. This paper shows that this assumption does not always hold: when FDIA scenarios produce manipulated measurements that remain on the measurement manifold induced by AC power flow relations and measurement redundancy, residual-based detectors may fail to distinguish them from nominal data. The resulting detectability limitation is a property of the measurement manifold itself and does not depend on the attacker's detailed knowledge of the physical system model. To make this limitation observable in practice, we present a data-driven constructive mechanism that incorporates the generic functional structure of AC power flow to generate physically consistent, manifold-constrained perturbations, providing a concrete witness of how residual-based detectors can be bypassed. Numerical studies on multiple AC test systems characterize the conditions under which detection becomes challenging and illustrate its failure modes. The results highlight fundamental limits of residual-based detection in AC state estimation and motivate the need for complementary defenses beyond measurement consistency tests.

Figures (10)

• Figure 1: Left: The residual error $r(\mathbf{z})$ in BDD corresponds to the squared distance between the measurement $\mathbf{z}$ and the measurement manifold $\mathcal{H}$. Right: Model-based perturbations modify measurements along the manifold $\mathcal{H}$, resulting in unchanged residual error.
• Figure 2: Low-dimensional projections of original and reconstructed AC measurement manifolds in the IEEE 14-bus system.
• Figure 3: Comparison between real and perturbed measurements in the IEEE 14-bus system. Perturbation vector $\mathbf{c}=(0.1,\cdots,0.1)$.
• Figure 4: Comparison of estimated system states under real and perturbed measurements in the IEEE 14-bus system. Perturbation vector $\mathbf{c}=(0.1,\cdots,0.1)$.
• Figure 5: Empirical bypass rates $\text{succ}_{\text{BDD}}$ and $\text{succ}_{\text{learn}}$ against various significance level $\alpha \in [0.001, 0.1]$. Pertubation vector $\mathbf{c}=(0.1,\cdots,0.1)$.

Theorems & Definitions (5)

• Definition 1: Manifold-Induced Detectability Limit
• Lemma 1: Standard Autoencoder Does Not Ensure Manifold-Aligned Perturbations
• proof
• Theorem 1: Manifold-Aligned Perturbations Under a physics-guided Autoencoder
• proof