Anomaly detection in electric network database of smart grid: Graph matching approach

•Deals with the security of Energy Management System database.•Discusses cyber security issues of smart grid database.•A graph comparison-based approach for identifying anomalies.•Problem is formulated as a Quadratic Assignment Problem (QAP).•Problem is solved using Graduated Assignment algorithm.•Validated using benchmark test systems and compared against existing techniques.

Recent studies have shown that the operational modules of an Energy Management System (EMS) are vulnerable to the anomalies that exist in an electric topological and configuration database (DB). In this paper, we focus on the security of EMS modules by detecting anomalies in an electric network DB. Firstly, we explain how an EMS's Optimal Power Flow (OPF) module can be exploited by accidental or deliberate changes in a power system model. As a defense mechanism, for the first time, we propose a graph comparison-based approach for identifying anomalies in an electric network DB. In this study, we formulate the problem as a Quadratic Assignment Problem (QAP) and use the Graduated Assignment algorithm to perform graph matching. To evaluate the effectiveness of the proposed method, we consider different test scenarios considering the IEEE benchmark 24-bus, 30-bus and 118-bus test systems. The results obtained from this analysis show that the proposed method successfully captures DB anomalies at very high detection rates with a smaller time complexity than those obtained from studies published in relevant literature.