Mitigating the Impacts of Covert Cyber Attacks in Smart Grids Via Reconstruction of Measurement Data Utilizing Deep Denoising Autoencoders

: As one of the most diversiﬁed cyber-physical systems, the smart grid has become more decumbent to cyber vulnerabilities. An intelligently crafted, covert, data-integrity assault can insert biased values into the measurements collected by a sensor network, to elude the bad data detector in the state estimator, resulting in fallacious control decisions. Thus, such an attack can compromise the secure and reliable operations of smart grids, leading to power network disruptions, economic loss, or a combination of both. To this end, in this paper, we propose a novel idea for the reconstruction of sensor-collected measurement data from power networks, by removing the impacts of the covert data-integrity attack. The proposed reconstruction scheme is based on a latterly developed, unsupervised learning algorithm called a denoising autoencoder, which learns about the robust nonlinear representations from the data to root out the bias added into the sensor measurements by a smart attacker. For a robust, multivariate reconstruction of the attacked measurements from multiple sensors, the denoising autoencoder is used. The proposed scheme was evaluated utilizing standard IEEE 14-bus, 39-bus, 57-bus, and 118-bus systems. Simulation results conﬁrm that the proposed scheme can handle labeled and non-labeled historical measurement data and results in a reasonably good reconstruction of the measurements affected by attacks.


Introduction
Integration of state-of-the-art computing and bi-directional communications technologies with the existing power infrastructure realizes the concept of the smart grid (SG) [1,2].However, increased dependence on communications technologies is intensifying the SG's vulnerability to cyber-attacks.Typically, a supervisory control and data acquisition (SCADA) system is employed to periodically collect data from electric power grids.The SCADA system consists of communications networks and remote terminal units (RTUs) that include sensors and actuators.At the power control center (PCC), the collected data are applied to initiate command and control decisions by the energy management system (EMS).The fitness and health of the collected data are inordinately significant when making precise and correct control decisions.Therefore, conventionally, the consistency of the sensor-collected measurement data is checked by a data detector (BDD) before being utilized in the EMS.However, a recently discovered covert cyber-deception attack (CCDA) [3] is considered competent at deceiving the conventional BDD.Smartly designing the attack vector, a malicious user can compromise the integrity of the SG by injecting biased values into the sensor measurement data to dodge the BDD with a false, yet feasible system state [3].Thus, initiating the CCDA through biased data may end in financial loss, partial disruption in power system operations, or a compound of economic loss and disruptions [4,5].Owing to the harmful impacts of such attacks on the reliable and secure operations of SGs, there is a need to investigate counter attack measures.
Generally, the defense measures reported in the literature can be organized into three layers: protection, detection, and mitigation [6].
Extensive investigations have been reported in the literature on the detection layer of the defense mechanism.Table 1 shows a summary of the research works carried out on the detection and mitigation tiers.In Table 1, it can be seen that less attention has been paid by researchers to the mitigation tier.Particularly, in the context of CCDA attack mitigation through the reconstruction of sensor collected measurement data, there is no existing work to the best of our knowledge.In the context of self-healing [7], which is a significant characteristic of an SG, there is a need to focus on mitigation layer and neutralize or minimize the impacts of a CCDA.To extend our previous work from detection [6,25,26] to mitigation, in this paper, we propose a deep neural network (DNN)-based data reconstruction scheme (Scheme-III) to mitigate the impacts of a CCDA on the SG's measurement dataset.

Motivation
Due to the vast geographical spans of power transmission networks, many sensors are deployed to collect the state data.Machine learning (ML)-based approaches may directly utilize the sensor measurements to mitigate the effects of CCDAs without requiring precise mathematical modeling.Additionally, ML-based mitigation through the reconstruction of the data does not need antecedent information of the power network.Furthermore, the state estimation (SE) measurement features (MF) data from power transmission networks via multiple sensors are multivariate and extremely correlated due to synergy and interaction between interconnected buses.Legacy multivariate-procedure monitoring techniques, such as principal component analysis (PCA) and an autoencoder (AE) with linear activation, assume linear process behavior that may not be suitable for SE-MF data.Moreover, PCA and AE are more sensitive to corruption in the data, and they have not adapted to learning robust representation from data corrupted due to attacks.In this paper, we present an SE-MF data reconstruction scheme based on a recently developed denoising autoencoder (DAE) to address the aforesaid challenges.Recent studies [34][35][36] have shown that a DAE can reconstruct the original signal by learning more robust representations from the attacked data.A comparison between the DAE and PCA is presented in Table 3. Inspired by its efficient application and magnificent characteristics for dealing with corrupted multivariate SE-MF data, we utilize the DAE for the robust reconstruction of attacked measurement samples while learning the nonlinear correlations embedded in an SE-MF dataset.

Denoising Autoencoder Principal Component Analysis
The DAE can learn nonlinear and linear correlations in the multivariate sensor-collected data from the power grid [34,35,37,38] PCA requires linear and Gaussian assumption about the data [34].
The DAE does not need dictionary elements to be orthogonal, making it adaptable to fluctuations in the representation of data.Thus signal reconstruction capability is improved [34,36,39].
PCA reduces the data frame by orthogonally transforming the data into a set of principal components.This limits the performance of PCA in reconstruction of data [34].
By restricting removed variables to be rebuilt from the remaining data, the DAE learns to convolute variables that tend to be correlated.This enhances robustness against noise and local fluctuations in the primary multivariate measurement data [36,39].
Reconstruction of noisy or corrupted nonlinear data is much too lossy as compared to PCA [34,35].

Contributions
In this paper, we consider multivariate SE-MF data affected by a CCDA.To reconstruct data by removing bias added by an attacker, we employ a state-of-the-art anomaly reconstruction method: the denoising autoencoder.The major technical contributions of this paper are summarized as follows.

•
We investigate the impacts of smartly crafted CCDA on SG measurements, and study how such an attack can sidestep a BDD in typical power systems.

•
We introduce the DAE algorithm to capture in a more robust way nonlinear correlations in multivariate SE-MF data corrupted by CCDA attacks while setting out robust signal reconstruction.
To the best of our knowledge, this is the first paper to employ a DAE for reconstruction of corrupted sensor measurements in SE-MF data from SGs.

•
To train the DAE model, commonly used choices for the addition of corruption are the zero-masking DAE (ZDAE) and the additive Gaussian DAE (GDAE) [27].In addition to these schemes, we have introduced another corruption-addition scheme termed estimated DAE (EDAE).A comparison of these schemes shows that the newly introduced EDAE trains the denoising autoencoder model to obtain robust and powerful representations from the raw attacked data and results in a low reconstruction error.

•
We employ IEEE standard 14-bus, 39-bus, 57-bus, and 118-bus test systems to gauge the performance of the proposed approach.Performance evaluations show that the proposed EDAE scheme results in reasonably good reconstruction with little loss of accuracy.

Paper Organization
The rest of this paper is organized as follows.In Section 2, state estimation, conventional bad data detection, and the nature of a CCD attack on an SG network are presented.In Section 3, we explain the fundamentals of the DAE, followed in Section 4 by an explanation of the proposed scheme to reconstruct the sensor measurements corrupted by a CCDA.Simulation results are presented in Section 5. We conclude the paper in Section 6.

Electric Power Network
The power transmission system connects various electrical generators across a vast geographic region with a host of customers.Multiple routes and lines contribute to securing the routing of the power from any generating source to any consumer, considering the economy of the transmission route.For effective monitoring and control of the power infrastructure, a communications network linking the power system components to the PCC is employed.

State Estimation
For the purpose of efficient monitoring, bi-directional RTUs, consisting of sensors and actuators, are employed in the power network.The readings of the sensors are collected at the PCC, which estimates the states (bus voltage angles and magnitudes) of the power system variables by utilizing the sensor measurements.The problem is to estimate the state variables, θ=[x 1 , x 2 , ..., x n ] T , considering the sensor-collected measurements, Z=[m 1 , m 2 , ..., m m ] T , of the power system, where n and m are positive integers, and x i , m j ∈ IR for i = 1, 2, ..., n and j = 1, 2, ..., m.More specifically, the state variables are connected with the measurements in a nonlinear or alternating current (AC) model as follows: where h is a nonlinear relationship between measurement vector Z and state vector, and e = [e 1 , e 2 , ..., e m ] T is a Gaussian measurement noise vector with standard deviation σ.On the assumption that the voltage magnitude at each bus remains close to its rated value, the model in Equation (1) can be described utilizing direct current (DC) model as follows: where H is the Jacobian matrix in DC power flow problems and is approximated as follows [40,41]: H is composed of topology and impedance data only.To find the estimate, θ, of the θ that is the best fit of the measurements, three statistical criteria are utilized in state estimation: maximum likelihood, minimum variance and weighted least squares (WLS) [42].On the assumption that sensor error is normally distributed with a zero mean, the above-mentioned criteria result in an identical voltage phase estimation, as follows: where G = (H T ΩH) −1 H T Ω, and Ω is a diagonal matrix where the elements are reciprocals of the variances in meter errors.

Conventional Bad Data Detection
The sensor-collected measurement data may become corrupted for many reasons, such as sensor faults, communication medium noise, and cyber attacks.Sensor-collected measurements result in an estimate of the state variables that is close to their true values under normal conditions, whereas a CCDA attack may result in shifted state variables, introducing a contrariety between the normal and attacked measurements.Typical power systems employ a residual-based detector to identify corruptions in the sensor measurements [3].The residual, R, is the difference between sensor collected measurements, Z, and the estimated measurements, Ẑ, at the PCC, and is described as follows: Then, L2 − norm Z − H θ is compared with a deliberately selected threshold, τ [11], to detect the presence of bad measurements.Therefore, the hypothesis of not being attacked is accepted if we have where R i is the element of residual vector R. Otherwise, an alarm indicating existence of bad measurements is raised.

Covert Cyber Deception Attack: Basic Principle
From a complete (or even partial) familiarity with the power network topology, a smart attacker can add biased data to meter or sensor-collected measurements Z by forming an attack vector, a = [a 1 , a 2 , ..., a m ] T , to deceive the bad data detector [27].Let Z a = Z + a be the measurements containing the attacked data.In attack vector a, the attacker enjoys the liberty of selecting any non-zero arbitrary element.Thus, the ith non-zero element, a i , of attack vector a, allows that the attacker to alter the ith sensor measurement, Z i , with a forged measurement: Z i + a i .
As discussed above, the conventional bad data detector computes the L 2 −norm of measurement residual R, to determine the presence of attacked or bad measurements.However, if the attacker designs attack vector a, such that a = Hc, where c is a non-zero vector of length n, the measurement vector containing the attacks (Z a ) can circumvent the traditional detection as long as the measurement vector containing the normal measurements can pass.
Let θa denote an estimate of state variables using attacked sensor measurements Z a such that we have θa Now, the L 2 norm of attacked measurements residual R a is

Covert Cyber Deception Attack Model
Broadly speaking, there are two kinds of CCD attack: (1) the load redistribution attack; and (2) the load change attack [43][44][45].With the ultimate objective being to dodge the conventional BDD and pass the operator at the PCC, the attacker may craft the attack aiming at altering one or more measurements.In this paper, our main objective is real-time reconstruction of corrupted sensor measurements.Therefore, our approach is to formulate the most generalized attack, and thereby to come up with robust reconstruction of the attacked measurements.For the construction of the attack, we assumed that the assailant has enough knowledge about the power network topology.
During the CCD attack, the malicious user embeds a forged value in the sensor measurements, altering the real power injection and real power flows to project the desired changed state variables for the system operator.For instance, to change state variable x 2 by adding a corruption of −12%, a (1 × (n − 1)) attack vector c can be formulated by considering the following equation: Utilizing the power flow equations and state vector x a = x + c, the corrupted measurements are calculated as follows:

Reference Model Learning
In this section, we first briefly describe the AE and denoising autoencoder (DAE) algorithm, and then, we explain the proposed data reconstruction scheme.

Autoencoder: Basic Principle
Autoencoders (AEs) are a specific type of fully connected feed-forward neural networks where the inputs are equal to the output, and therefore, the AE is trained in an unsupervised way without any label information.Fundamentally, an AE consists of three elements: an encoder, the code, and a decoder.The encoder compresses the input into a lower-dimensional code or latent-space representation, and then, the decoder reconstructs the output from this representation.Analogous to PCA, the AE aims to encode the input data into an intermediate representation that preserves most of the information in the input data to allow reconstructing it.In this paper, to capture the hidden nonlinear correlations more robustly, and to tackle a CCDA in complex multivariate data, we employ a recently developed algorithm in the field of deep learning, the DAE [39].The DAE is an expansion of the AE and has multiple advantages over the conventional PCA-based dimension-reduction method, as explained in Table 2.

Denoising Autoencoder: Basic Principle
The fundamental concept of the DAE is to reconstruct the primary input from corrupted or attacked input [39].Thus, it can stop an AE from just learning identity mapping between the input and the reconstructed output, can apprehend more informational latent-space patterns, and can gather a strong and robust representation from raw, attacked data.Two primary choices for addition of corruption are additive Gaussian noise (the GDAE) and zero-masking noise (the ZDAE) [34].
Similar to AE, a DAE is composed of three parts: the encoder, code or latent space, and the decoder.Given an input, x, the encoder typically transforms its corrupted or attacked input data, x, instead of original input data x, into a hidden or latent-space representation, h, employing nonlinear mapping as follows: where f (.) is a nonlinear activation function, such as the sigmoid function.W 1 ∈ IR m×n is the weight matrix, and b ∈ IR m is optimized in the encoding with m nodes in latent space.Then, the decoder unfolds the latent space into a reconstructed vector, x, at the output layer, utilizing nonlinear transformation as follows: where g(.) is a nonlinear activation function, such as the sigmoid function.For better learning efficiency, we employed the tied weights as W 1 = W T 2 [39].The reconstruction error can be computed for a given input training set, {x i } m i=1 , as follows: The objective training of the DAE is to find optimal parameters, ψ = {W 1 , b, c} that minimize the reconstruction error, as given below: It is obvious from Equation ( 13) that the reconstruction error is the difference between the reconstructed output and the actual meter measurements instead of the attacked measurements.In other words, the DAE is trained to produce output closer to the original input x, even when employing the attacked input, x.

Proposed CCDA Mitigation-Data Reconstruction Scheme
Recovering the original sensor measurements from the attacked signals is required for a self-healing SG.In this section, we propose a scheme utilizing a DAE for the reconstruction of measurements corrupted due to a CCDA in an SG communications network.Figure 2 illustrates the reference model's learning process.The bulk power-generated at the power producing plants is transported to consumers via the power transmission and distribution networks.The RTUs collect measurement data X 0 from the power network and transmit the collected data over wireless media.A smart attacker can compromise the integrity of the data by adding biased values to the collected data.At the power control center, the proposed DAE-based reconstruction scheme attempts to reconstruct the attacked data, X0 , by removing any bias added by the attacker.A healthy DAE model reconstructs the data well enough to be employed in the EMS for initiating command and control decisions.The proposed reconstruction scheme is explained in the following subsection.Figure 3 shows the flowchart of the proposed scheme.

Proposed Corruption Addition Scheme: EDAE
As mentioned above, there are two common choices of adding corruption to the DAE model for training: the ZDAE and GDAE [34].In the ZDAE scheme, some features of each sample are set to zero randomly with probability v. Practically speaking, zero-masking can be viewed as the nonexistence of sensor measurements (due to attack or noise).In addition to the above-mentioned choices, in this paper, we introduce another corruption addition scheme EDAE, in which the noise is generated based on Gaussian distribution with mean and variance obtained from analysis of the SE-MF data.The corruption addition procedure following the EDAE is explained as follows.
To train the DAE model, we insert noise or corruption to the SE-MF training data X = {x 1 , x 2 , ..., x m }, where m is the number of measurement samples, and x i ∈ X, where i ∈ {1, 2, ..., m}.The x i is a sample consisting of n features, x i = { f i1 , f i2 , ..., f in }.The corruption or noise data δ follows a normal distribution N (µ, ν), where µ is a vector of mean values µ = {µ 1 , µ 2 , ..., µ n }, which is calculated as Finally, the training data are obtained as X 0 = X + δ, and used for training the DAE model.

DAE Model Training
Let x 0 ∈ X 0 be the historical SE-MF input data, where X 0 ∈ IR m×n .To train the DAE model to minimize any loss in the reconstruction process, we insert normal (attack-free) data, y 0 ∈ Y 0 , as labels, where Y 0 ∈ IR m×n , in which m is the number of measurement samples, and n is the number of measurement features in a sample.
Before employing the input data to train the learning model (i.e., the DAE), data normalization is required as a pre-processing step; otherwise, the data are not reconstructed well enough.Data normalization means converting all variables in the data within a particular range.Normalization is essential for steady convergence of weights and biases.There are several types of normalization, such as min-max normalization, decimal scaling, and the standard deviation method [46,47].Choosing a suitable normalization method depends on the application and the algorithm in which the normalized data will be used.The min-max normalization approach is a simple normalization technique and is usually more efficient.To linearly scale each feature to the range 0 ∼ 1, in this paper, we employ a min-max normalization function as follows [46] where fi is the normalized, or scaled, value of feature i, and f min and f max are the minimum and maximum values, respectively, of feature i in the dataset.Normalization of training and testing data according to the same scale helps in a good reconstruction.After normalization, the data are inserted to train the DAE model.Equations ( 1)-( 3) are applied to the input data to find the optimal parameters defined by ψ, and to acquire the hidden representation h and the rebuilt output by minimizing the reconstruction error as follows: min x0 − y 0 f or X 0 , Y 0 .

DAE Model Testing
During the testing phase, online data are inserted to the trained DAE model.The test samples are also rescaled according to the minimum and maximum values of the training data, ensuring both datasets are in a similar range.A trained DAE model attempts to reconstruct the test data identical to the normal data.Each feature in the reconstructed data is denormalized using the inverse transformation, as follows: A well-trained, healthy DAE will generate the reconstructed data as close to the original input as possible and the reconstructed data can be employed in the EMS with high enough level of confidence to initiate control decisions.

Experimental Results
In this section, we gauge the performance of the proposed reconstruction scheme for CCDA-corrupted data.

Power System Data and Attack Data Generation
We utilized various power system test cases, from standard IEEE 14-, 39-, 57-, and 118-bus systems, to endorse the performance of the proposed mitigation scheme.To set up the configuration of these standard IEEE test systems, and explicitly the Jacobian matrix, we applied the Matpower 6.0 toolbox [48].To generate the measurements, Z, operating points of the test systems provided in Matpower case files were employed.We used the DC power flow analysis to approximate the state vectors employed in the AC power flow model.The state variable vector θ, for a B-bus system, consists of (B − 1) bus voltage phase angles, and measurement vector Z comprises of active power flows in the lines and active power injections into the buses.To carry out a fair comparison with a real-world power system, we adopted stochastic loads with uniform load distributions identical to those in [24], i.e., ranging from 0.9 × Q 0 to 1.1 × Q 0 , where Q 0 is the base load.The features employed in these simulations were the active power flows in the branches and active power injections into the buses.
As mentioned above, the CCDA can be modeled to deceive the BDD with the ultimate objective being to falsify single or multiple system states.We assumed that the attacker has complete knowledge of the topology of the power network, and the attack is initiated following the model described in [6].The attack formulation is explained in Section 2. In the simulations, we considered various attack scenarios, described as follows.
Scenario 1: The attacker is stationary and has access to specific RTUs or meters only.Thus, the attacker can initiate a fixed attack, i.e., fixed or the same features in the measurement samples are corrupted with the attack.

Scenario 2:
The attacker is moving and can randomly access different RTUs or meters.Initiating such an attack, the attacker randomly adds biased values into the features or meter measurements.This sort of attack is stronger than a fixed attack, and arduous for the recovery of the original data through reconstruction.For the above-mentioned fixed-and random-attack scenarios, the measurement data attacks were on 40% of the features and 20% of the features.

Parameter Tuning for the DAE Structure
We employed multiple power system test cases to validate the performance of the proposed SG data-reconstruction scheme.Power variable states and measurement features for standard IEEE systems increase as the size of the power system increases.Therefore, for each power system test case, the DAE structure has a different number of input nodes.The DAE reconstructs the output so it is identical to original input; therefore, the number of input and output nodes in a DAE structure is the same.We used 50% of the historical SE-MF data for training the DAE model and 50% for testing it.For each standard IEEE test bus system employed in this work, tuning parameters were chosen based on optimal reconstructed data.The simulation parameters for the DAE structure in various test bus cases are shown in Table 5.If familiar with the topology of the power system network, an attacker can adopt various strategies to dilute SG measurements.Keeping in mind an expanded attack choice for of the attacker, we employed different corruption addition schemes: the GDAE, ZDAE, and EDAE.In the following subsection, we present the simulation results for various standard IEEE test bus systems.

Simulation Results
The accuracy of the reconstructed measurements is significantly important for making correct decisions at the PCC.Therefore, the reconstruction error and error average sum (EAS) were considered performance measuring metrics for the proposed data reconstruction schemes.We simulated the system for standard IEEE 14-, 39-, 57-, and 118-bus systems, as mentioned above.However, we present simulation results only from the standard IEEE 14-and 39-bus systems due to space limitations.

Reconstruction Errors for Fixed-and Random-Attack Dataset
As mentioned in Tables 4 and 5, the IEEE 14-bus system has 53 measurement features, and it is challenging to present reconstruction of all the features in the dataset due to space limitations.Therefore, to show the performance of the proposed cyber-attack-mitigation scheme, the seven best and the seven worst reconstructed features are presented for the proposed EDAE and the existing ZDAE and GDAE schemes.The fixed and random attacks targeted either 20% or 40% features in the dataset.Furthermore, fixed-and random-attack scenarios were also considered in the simulations.The seven best-reconstructed features for the measurement data, in which a fixed attack was initiated on 20% of the features, are shown in Table 6 for the EDAE model.Actual values of the features and the reconstructed values (along with the reconstruction error) are shown.The error ratio is also presented in the table.A reduced error ratio is essential for attack mitigation in the SG measurement data.We see that features have been reconstructed well, because the reconstruction error and the error ratio are very small.The seven worst-reconstructed features are depicted in Table 7 for the EDAE scheme when 20% of the features were targeted in a fixed attack.We see that the reconstruction error and the error ratio are low for the reconstructed features, except for features with values closer to zero.Tables 8 and 9, respectively, show the seven best-and worst-reconstructed features with the EDAE scheme for the data in which 40% of the features were subjected to a fixed attack.Similarly, Tables 10-13 show the reconstruction of the data affected from a fixed attack on 20% of the features and 40% of the features, for the ZDAE schemes.In addition, Tables 14-17 show GDAE scheme's reconstructed data that were subjected to fixed attack.Similarly, from random attacks, the seven best-, and worst-reconstructed features are shown in Tables 18-29 for the earlier-mentioned DAE schemes.We see that features have been reconstructed well, because the reconstruction error and the error ratio are small for the EDAE scheme, compared to the other schemes.Discussion: In Tables 6-29, it is observed that all features have been reconstructed well with the EDAE scheme, compared to other schemes.However, the error ratio is high for the features with values closer to zero.These results were obtained by using the mean squared error (MSE) objective function.It would be interesting future work to reduce the error ratio by investigating more objective functions.Discussion: It is observed that the proposed EDAE scheme has the lowest reconstruction error, compared to the other schemes.The ZDAE outperforms the GDAE, which has the highest reconstruction error.Discussion: The results of the training and validation cost show that the proposed EDAE scheme results in much less reconstruction error, compared to the ZDAE and GDAE schemes for all test bus cases.It is also observed in the figures that the reconstruction performance of ZDAE is better as compared to the one achieved by the GDAE scheme.

Training and Validation Costs
From the overall results, we also observe that, during the reconstruction process, the EDAE scheme performs better than other schemes.The reconstruction error, EAS, and training and validation costs are the lowest in the case of the proposed EDAE-based reconstruction scheme.

Conclusions
In this paper, we propose a DAE-based scheme to reconstruct the measurements affected by a covert cyber-deception attack while removing the added biased values.We considered different corruption-addition schemes, such as zero-masking (the ZDAE), additive Gaussian noise (the GDAE), and an estimated corruption-addition (termed the EDEA), under diverse attack scenarios.The performance of the proposed scheme was evaluated by employing standard IEEE 14-bus, 39-bus, 57-bus, and 118-bus systems.Active power injections into the buses and active power flow measurements in the branches are the main features of the dataset.The test results show that the proposed EDAE-based reconstruction scheme results in a reasonably low reconstruction error from CCDAs on SG measurement features.Furthermore, the proposed EDAE-based reconstruction scheme results in a low error ratio, compared to the other schemes.However, the features with values closer to zero are reconstructed with a high error ratio.The results were obtained using an MSE objective function.In the future, to further reduce the error ratio for features with small values, we intend to investigate more objective functions in order to increase the reconstruction accuracy.

-
Attacked samples are dropped -Attacked samples are reconstructed -Reconstruct without detection -Wait for normal samples to be received -Requires detection and reconstruction time -Requires reconstruction time

Figure 2 .
Figure 2. SG Data reconstruction options against CCDA attacks.

Figure 3 .
Figure 3.A flowchart of the proposed scheme for reconstruction of data affected by CCDA.

Figures 12 -
the reconstruction error on the training data as a function of the number of epochs for 20% and 40% fixed-and random-attack datasets.These results are shown for standard IEEE 14-and 39-bus systems.The training and validation cost is measured in megawatts (MW).Discussion: The results of the training and validation cost show that the proposed EDAE scheme results in much less reconstruction error, compared to the ZDAE and GDAE schemes for all test bus cases.It is also observed in the figures that the reconstruction performance of ZDAE is better as compared to the one achieved by the GDAE scheme.From the overall results, we also observe that, during the reconstruction process, the EDAE scheme performs better than other schemes.The reconstruction error, EAS, and training and validation costs are the lowest in the case of the proposed EDAE-based reconstruction scheme.

Table 1 .
A summary of research works on the detection and mitigation tier of defense mechanism in SGs.

Table 2 .
Possible options for mitigating attacks.

Table 3 .
Advantages of the denoising autoencoder over principal component analysis.

Table 4 .
Dimension growth with increasing sizes of power systems.

Table 5 .
Simulation parameters for DAE model.

Table 6 .
Seven best-reconstructed features (20% fixed-attack on 20% of the features in a standard IEEE 14-bus system) with the EDAE scheme.

Table 7 .
Seven worst-reconstructed features( fixed attack on 20% of the features in a standard IEEE 14-bus system) with the EDAE scheme.

Table 9 .
Seven worst-reconstructed features (fixed attack on 40% of the features in a standard IEEE 14-bus system) with the EDAE scheme.

Table 10 .
Seven best-reconstructed features (fixed attack on 20% of the features in a standard IEEE 14-bus system) with the ZDAE scheme.

Table 11 .
Seven worst-reconstructed features (fixed attack on 20% of the features in a standard IEEE 14-bus system) with the ZDAE scheme.

Table 13 .
Seven worst-reconstructed features (fixed attack on 40% of the features in a standard IEEE 14-bus system) with the ZDAE scheme.

Table 15 .
Seven worst-reconstructed features (fixed attack on 20% of the features in a standard IEEE 14-bus system) with the GDAE scheme.

Table 19 .
Seven worst-reconstructed features (random attack on 20% of the features in a standard IEEE 14-bus system) with the EDAE scheme.

Table 21 .
Seven worst-reconstructed features (random attack on 40% of the features in a standard IEEE 14-bus system) with the EDAE scheme.

Table 22 .
Seven best-reconstructed features (random attack on 20% of the features in a standard IEEE 14-bus system) with the ZDAE scheme.

Table 23 .
Seven worst-reconstructed features (random attack on 20% of the features in a standard IEEE 14-bus system) with the ZDAE scheme.

Table 24 .
Seven best-reconstructed features (random attack on 40% of the features in a standard IEEE 14-bus system) with the ZDAE scheme.

Table 25 .
Seven worst-reconstructed features (random attack on 40% of the features in a standard IEEE 14-bus system) with the ZDAE scheme.

Table 26 .
Seven best-reconstructed features (random attack on 20% of the features in a standard IEEE 14-bus system) with the GDAE scheme.

Table 27 .
Seven worst-reconstructed features (random attack on 20% of the features in a standard IEEE 14-bus system) with the GDAE scheme.

Table 29 .
Seven worst-reconstructed features (random attack on 40% of the features in a standard IEEE 14-bus system) with the GDAE scheme.Next, to show the reconstruction performance in the overall dataset, we present average error sum (EAS) as another performance gauge.The average error sum is given as follows:1is the number of features and e i is the reconstruction error for the ith feature.The EAS is measured in megawatts (MW).show the EAS for the various DAE schemes for the 20% and 40% fixed-attacked features from the standard IEEE 14-, and 39-bus systems.