pith. sign in

arxiv: 1907.03139 · v1 · pith:SHJHEW54new · submitted 2019-07-06 · 🧮 math.OC

Distributed Optimal Dynamic State Estimation for Cyber Intrusion Detection in Networked DC Microgrids

Tuyen Vu , Bang Le This is my paper

Pith reviewed 2026-05-25 01:38 UTC · model grok-4.3

classification 🧮 math.OC
keywords distributed state estimationDC microgridsfalse data injectioncyber intrusion detectionresidual analysisnetworked microgridsoptimal estimation
0
0 comments X

The pith

Distributed state estimation detects false data injections in DC microgrids by producing distinguishable residuals while ignoring load disturbances.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper constructs a dynamic model of networked DC microgrids and uses it to design an optimal distributed state estimator. Each local estimator processes its own measurements along with data from neighbors to generate residuals that stay small under normal load variations but grow when false data is injected. The approach therefore lets each microgrid identify compromised neighbors without a central authority. Simulation on a 12 kV three-bus system shows that the residuals reliably flag the presence of manipulated control signals.

Core claim

The optimal distributed state estimation is robust to load disturbances but sensitive to false data injected from neighboring microgrids, enabling detection of compromised agents via residual information.

What carries the argument

The optimal distributed state estimator that computes residuals from local and neighbor data to isolate false injections.

If this is right

  • Compromised neighboring microgrids can be identified locally through residual thresholds.
  • The estimator maintains performance under normal load disturbances without excessive false positives.
  • Detection is validated on a simulated 12 kV three-bus networked DC microgrid.
  • Each microgrid monitors only its received neighbor data for intrusions.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same residual-based logic could be added to existing microgrid controllers as a lightweight security layer.
  • Scaling the method to systems with many interconnected microgrids would require checking whether communication delays affect residual sensitivity.
  • If model mismatch occurs in hardware, the separation between disturbance and attack residuals may shrink.

Load-bearing premise

The dynamic model of the networked microgrids accurately matches real behavior so that residuals can separate false data from ordinary load changes.

What would settle it

A test case in which an actual false-data injection produces no detectable residual increase or a normal load change produces a large residual that triggers a false alarm.

read the original abstract

In this paper, we present a novel distributed state estimation approach in networked DC microgrids to detect the false data injection in the microgrid control network. Each microgrid monitored by a distributed state estimator will detect if there is manipulated data received from their neighboring microgrids for control purposes. A dynamic model supporting the dynamic state estimation will be constructed for the networked microgrids. The optimal distributed state estimation, which is robust to load disturbances but sensitive to false data injected from neighboring microgrids will be presented. To demonstrate the effectiveness of the proposed approach, we simulate a 12kV three-bus networked DC microgrids in MATLAB/Simulink. Residual information corresponding to the false data injected from neighbors validates the efficacy of the proposed approach in detecting compromised agents of neighboring microgrids.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 0 minor

Summary. The paper claims to present a novel distributed state estimation approach for detecting false data injection attacks in networked DC microgrids. Each microgrid employs a distributed estimator to identify manipulated data from neighbors. A dynamic model of the networked microgrids is constructed, an optimal distributed estimator robust to load disturbances but sensitive to neighbor FDI is designed, and the approach is validated through MATLAB/Simulink simulation of a 12kV three-bus system, where residual information detects compromised agents.

Significance. If the estimator design and residual-based detection hold with quantitative support, the work could advance cyber-physical security for microgrids by enabling distributed attack detection that avoids false alarms from normal load variations. The reliance on standard dynamic modeling principles is a positive aspect, though the absence of detailed validation metrics limits the assessed contribution.

major comments (2)
  1. [Abstract] Abstract: The central claim that the optimal distributed state estimation is 'robust to load disturbances but sensitive to false data injected from neighboring microgrids' is stated without any model equations, derivation steps, or analysis showing how the estimator achieves this distinction, which is load-bearing for the detection method.
  2. [Simulation] Simulation description: The abstract references a MATLAB/Simulink simulation of the 12kV three-bus system and residual-based validation but provides no quantitative metrics, error analysis, residual thresholds, or comparison to load disturbances, preventing assessment of whether the residuals reliably detect FDI without excessive false alarms.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the comments. We address the two major comments point-by-point below, clarifying that the abstract is a concise summary while the technical details appear in the body of the manuscript.

read point-by-point responses

  1. Referee: [Abstract] Abstract: The central claim that the optimal distributed state estimation is 'robust to load disturbances but sensitive to false data injected from neighboring microgrids' is stated without any model equations, derivation steps, or analysis showing how the estimator achieves this distinction, which is load-bearing for the detection method.

    Authors: The abstract is intended as a high-level overview and therefore omits equations and derivations by design. The dynamic model of the networked DC microgrids is derived in Section II. The optimal distributed estimator is designed in Section III by solving a min-max optimization problem that yields a gain matrix minimizing the H-infinity norm of the transfer function from load disturbances to the residual while maximizing sensitivity to neighbor FDI (modeled as additive input attacks). The resulting residual statistics and threshold logic are analyzed in the same section to establish the required distinction. revision: no

  2. Referee: [Simulation] Simulation description: The abstract references a MATLAB/Simulink simulation of the 12kV three-bus system and residual-based validation but provides no quantitative metrics, error analysis, residual thresholds, or comparison to load disturbances, preventing assessment of whether the residuals reliably detect FDI without excessive false alarms.

    Authors: Section IV presents simulation results on the 12 kV three-bus system with residual time-series plots under both FDI attacks and load disturbances. To improve clarity and allow quantitative assessment, we will add explicit numerical values for detection rates, false-alarm rates under load variations, the chosen residual thresholds, and a brief error analysis in the revised manuscript. revision: yes

Circularity Check

0 steps flagged

No significant circularity

full rationale

The provided abstract and summary describe a standard construction of a dynamic model for networked DC microgrids followed by an optimal distributed estimator whose robustness properties are asserted and then validated by simulation. No equations, self-citations, fitted parameters renamed as predictions, or uniqueness theorems are supplied that would allow any load-bearing step to reduce to its own inputs by construction. The derivation therefore remains self-contained against external benchmarks.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

Only the abstract is available, providing no explicit details on parameters or assumptions. The approach implicitly relies on standard state estimation assumptions such as model fidelity and distinguishable residuals.

axioms (1)
  • domain assumption Dynamic model of networked DC microgrids accurately captures system behavior under disturbances and attacks.
    Invoked when constructing the model to support state estimation and residual generation.

pith-pipeline@v0.9.0 · 5654 in / 1262 out tokens · 34377 ms · 2026-05-25T01:38:46.236560+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

20 extracted references · 20 canonical work pages

  1. [1]

    ECONOMIC BENEFITS OF INCREASING ELECTRIC GRID RESILIENCE TO Executive Office of the President,

    E. Office and P. August, “ECONOMIC BENEFITS OF INCREASING ELECTRIC GRID RESILIENCE TO Executive Office of the President,” Exec. Off. Pres., Aug. 2013

    work page 2013

  2. [2]

    Microgrid Cybersecurity: Protecting and Building the Grid of the Future

    Microgrid Knowledge, “Microgrid Cybersecurity: Protecting and Building the Grid of the Future.” S&C Electric Company, pp. 1–12, 28- Jan-2019

    work page 2019

  3. [3]

    Resilience Strategies for Power Outages,

    A. Lawson, “Resilience Strategies for Power Outages,” Cent. Clim. Energy Solut., pp. 1–22, Aug. 2018

    work page 2018

  4. [4]

    Attack detection and identification in cyber-physical systems,

    F. Pasqualetti, F. Dorfler, and F. Bullo, “Attack detection and identification in cyber-physical systems,” IEEE Trans. Automat. Contr., 2013

    work page 2013

  5. [5]

    A secure control framework for resource-limited adversaries,

    A. Teixeira, I. Shames, H. Sandberg, and K. H. Johansson, “A secure control framework for resource-limited adversaries,” Automatica, 2015

    work page 2015

  6. [6]

    Survey and new directions for physics-based attack detection in control systems,

    D. I. Urbina et al., “Survey and new directions for physics-based attack detection in control systems,” 2016

    work page 2016

  7. [7]

    Secure control against replay attacks,

    Y. Mo and B. Sinopoli, “Secure control against replay attacks,” in 2009 47th Annual Allerton Conference on Communication, Control, and Computing, Allerton 2009, 2009

    work page 2009

  8. [8]

    Andress and R

    J. Andress and R. Rogers, The Basics of Information Security. 2011

    work page 2011

  9. [9]

    Cyber-physical security of a smart grid infrastructure,

    Y. Mo et al., “Cyber-physical security of a smart grid infrastructure,” Proc. IEEE, 2012

    work page 2012

  10. [10]

    Stealth Attacks and Protection Schemes for State Estimators in Power Systems,

    G. Dan and H. Sandberg, “Stealth Attacks and Protection Schemes for State Estimators in Power Systems,” 2010

    work page 2010

  11. [11]

    False data injection attacks against state estimation in electric power grids,

    Y. Liu, P. Ning, and M. K. Reiter, “False data injection attacks against state estimation in electric power grids,” ACM Trans. Inf. Syst. Secur., 2011

    work page 2011

  12. [12]

    Online Detection of Figure 6. Residual generation. Stealthy False Data Injection Attacks in Power System State Estimation,

    A. Ashok, M. Govindarasu, and V. Ajjarapu, “Online Detection of Figure 6. Residual generation. Stealthy False Data Injection Attacks in Power System State Estimation,” IEEE Trans. Smart Grid, 2018

    work page 2018

  13. [13]

    Distributed Cyber-Attack Detection in the Secondary Control of DC Microgrids,

    A. J. Gallo, M. S. Turan, P. Nahata, F. Boem, T. Parisini, and G. Ferrari- Trecate, “Distributed Cyber-Attack Detection in the Secondary Control of DC Microgrids,” in 2018 European Control Conference, ECC 2018, 2018

    work page 2018

  14. [14]

    Detection of False-Data Injection Attacks in Cyber-Physical DC Microgrids,

    O. A. Beg, T. T. Johnson, and A. Davoudi, “Detection of False-Data Injection Attacks in Cyber-Physical DC Microgrids,” IEEE Trans. Ind. Informatics, 2017

    work page 2017

  15. [15]

    A Stealth Cyber Attack Detection Strategy for DC Microgrids,

    S. Sahoo, S. Mishra, J. C. H. Peng, and T. Dragicevic, “A Stealth Cyber Attack Detection Strategy for DC Microgrids,” IEEE Trans. Power Electron., 2018

    work page 2018

  16. [16]

    Resilient Cooperative Control of DC Microgrids,

    S. Abhinav, H. Modares, F. L. Lewis, and A. Davoudi, “Resilient Cooperative Control of DC Microgrids,” IEEE Trans. Smart Grid, 2019

    work page 2019

  17. [17]

    Cyber attack protection and control of microgrids,

    M. M. Rana, L. Li, and S. W. Su, “Cyber attack protection and control of microgrids,” IEEE/CAA J. Autom. Sin., 2018

    work page 2018

  18. [18]

    A decentralized scalable approach to voltage control of DC islanded microgrids,

    T. Michele, R. Stefano, C. V. Juan, M. G. Josep, and F.-T. Giancarlo, “A decentralized scalable approach to voltage control of DC islanded microgrids,” IEEE Trans. Control Syst. Technol. , 2016

    work page 2016

  19. [19]

    Robust adaptive droop control for DC microgrids,

    T. V. Vu, D. Perkins, F. Diaz, D. Gonsoulin, C. S. Edrington, and T. El- Mezyani, “Robust adaptive droop control for DC microgrids,” Electr. Power Syst. Res., 2017

    work page 2017

  20. [20]

    Optimal filtering and robust fault diagnosis of stochastic systems with unknown disturbances,

    J. Chen and R. J. J. Patton, “Optimal filtering and robust fault diagnosis of stochastic systems with unknown disturbances,” IEE Proc. - Control Theory Appl., 1996

    work page 1996