A Cyber-Physical Anomaly Detection for Wide-Area Protection Using Machine Learning

Wide-area protection scheme (WAPS) provides system-wide by detecting and mitigating small large-scale disturbances that are difficult to resolve using local schemes. As this is evolving from a substation-based distributed remedial action (DRAS) the control center-based centralized RAS (CRAS), it presents severe challenges their cybersecurity because of its heavy reliance on an insecure grid communication, compromise would lead system failure. This article architecture methodology for developing cyber-physical anomaly detection (CPADS) utilizes synchrophasor measurements properties network packets detect data integrity communication failure attacks measurement signals in CRAS. The proposed machine leaning-based applies rules-based approach select relevant input features, variational mode decomposition (VMD) decision tree (DT) algorithms develop multiple classification models, performs final event identification logic. We have evaluated CPADS IEEE 39 bus several performance measures (accuracy, recall, precision, F-measure) testbed environment. Our experimental results reveal algorithm (VMD-DT) outperforms existing learning classifiers during noisy noise-free while incurring acceptable processing overhead.