Abstract
This paper investigates the detection and isolation of false data injection (FDI) attacks in large-scale smart grids. Attackers can devise sophisticated false data injection strategies by tampering with data at the communication layer, potentially bypassing conventional detection mechanisms based on Kalman filters, thereby posing significant threats to grid security. To mitigate such risks, this paper proposes a detection and isolation framework based on adaptive residual observers. The study specifically addresses the distinctive characteristics of FDIAs, with in-depth analysis of generator power output dynamics, biased load conditions, and historical load profiles. An innovative algorithm within the adaptive residual observer framework is introduced to identify anomalous regions within the grid that may be compromised by stealth attacks. The algorithm employs robust analytical redundancy relationships to correlate residual signals with dynamically adjusted thresholds. Through continuous residual monitoring, the observer can detect deviations indicative of potential attacks. The isolation of affected regions is achieved through a consistency verification process supported by a novel logic judgment matrix, which compares observed behavioral patterns against expected operational norms. To validate the effectiveness of the proposed framework, simulation studies are conducted using the IEEE 18-generator 37-bus smart grid model, with performance comparisons to existing methods.