Exploiting Vulnerabilities of Load Forecasting Through Adversarial Attacks
For power system operators and utilities, this work highlights a critical cybersecurity vulnerability in load forecasting that can lead to severe operational and economic consequences.
This paper studies the vulnerability of load forecasting algorithms to adversarial attacks, proposing black-box data injection attacks that require minimal adversary knowledge. Results show that injecting malicious temperature data can manipulate load forecasts arbitrarily, causing significant operational damages like load shedding and increased dispatch costs.
Load forecasting plays a critical role in the operation and planning of power systems. By using input features such as historical loads and weather forecasts, system operators and utilities build forecast models to guide decision making in commitment and dispatch. As the forecasting techniques becomes more sophisticated, however, they also become more vulnerable to cybersecurity threats. In this paper, we study the vulnerability of a class of load forecasting algorithms and analyze the potential impact on the power system operations, such as load shedding and increased dispatch costs. Specifically, we propose data injection attack algorithms that require minimal assumptions on the ability of the adversary. The attacker does not need to have knowledge about the load forecasting model or the underlying power system. Surprisingly, our results indicate that standard load forecasting algorithms are quite vulnerable to the designed black-box attacks. By only injecting malicious data in temperature from online weather forecast APIs, an attacker could manipulate load forecasts in arbitrary directions and cause significant and targeted damages to system operations.