en.Wedoany.com Reported - A research team from the University of Seville, Spain, has developed a new framework for detecting and identifying false data injection attacks (FDIA) in photovoltaic (PV) power plants.

FDIA is typically carried out by cybercriminals, malicious insiders, state-sponsored attackers, or professional hackers, aiming to disrupt communication networks, sensors, or control systems. In commercial-scale PV plants, FDIA can manipulate measurement data such as power output, voltage, or irradiance, leading to erroneous control decisions, reduced power generation, increased equipment stress, grid instability, and potential safety risks.
While FDIA has been extensively studied in transmission and distribution networks, its application in commercial-scale PV plants remains underexplored—a gap this study seeks to fill. Corresponding author Catalina Gómez Quiles stated that the framework is not limited to identifying random measurement errors; it can also detect sophisticated attackers capable of manipulating multiple measurements while maintaining physical consistency with the grid, making such attacks harder to detect using conventional techniques.
The new framework employs a two-stage identification tool integrating two estimators: EC-WLSE and EC-SHGME. EC-WLSE first estimates the system state through residual analysis and the largest normalized residual (LNR) test, identifying suspicious measurements, removing those exceeding preset thresholds, and repeating the estimation. EC-SHGME enhances detection by iteratively adjusting measurement weights, identifying subtle attacks that may bypass the first stage, and classifying measurements with continuously decreasing weights as potential false data injection (FDI).
The researchers tested the tool using a benchmark model of a commercial-scale PV plant and various cyberattack scenarios. The test system consists of two medium-voltage feeders, each connected to three 3.8 MVA PV inverters, linked to a 132 kV grid via medium/low-voltage and high/medium-voltage transformers. Attack scenarios include two types: false attacks based on randomly manipulated measurements, and sophisticated attacks leveraging knowledge of the PV plant model. False attacks modify voltage, current, and power measurements within realistic ranges to simulate covert disturbances; sophisticated attacks generate physically consistent false data, attempting to deceive the plant power controller (PPC) and avoid detection.
Simulation results show that EC-WLSE has limited detection capability, only identifying larger active power deviations and failing to detect attacks targeting voltage and reactive power. For multiple attacks, acceptable detection performance is achieved only when a significant portion of measurements is compromised. In contrast, EC-SHGME demonstrates stronger robustness against simultaneous active and reactive power attacks, with detection rates exceeding 95% in most scenarios. However, accurately identifying all compromised measurements remains challenging, especially in scenarios with multiple low-magnitude attacks. Sophisticated attack scenarios show that detection improves as the number of manipulated measurements increases, but pinpointing the attack becomes more difficult.
The proposed method achieves high detection accuracy, with F1 scores exceeding 85% under demanding operating conditions and approaching 100% in many practical scenarios, while being computationally lightweight enough for consideration in real-time applications. Additionally, the framework can reconstruct reliable system states even when measurements are compromised, enabling the PPC to continue operating with trustworthy information, enhancing the plant's resilience to cyber incidents.
The study was published in the journal Electric Power System Research, under the title "A cyber-resilient framework for detection and identification of false data injection attacks in PV plants." Gómez Quiles concluded that the main contribution of this work is demonstrating that, when carefully tailored to the specific characteristics of PV plants, robust state estimation techniques can provide an effective and practical cybersecurity layer for future renewable energy infrastructure without requiring additional sensing equipment or major modifications to existing plant architectures.






