Electric power system security: the case for an integrated cyber-physical risk management framework

[en] This paper concerns the security of the electric power transmission grid facing the threat of malicious cyberphysical attackers. We posit that there is no such thing as perfectly effective cyber-security. Rather, any cyber-security measure comes with the possibility that a highly skilled attacker could (eventually find a way to) bypass it. On these grounds, we explicitly represent the exogenous uncertainty regarding the ability of an external adversary to overcome the implemented cyber-security measures. We further formulate a tri-level decision making problem seeking to co-optimize preventive physical and cyber-security measures under the aforementioned uncertainty. Preventive physical security measures refer to the ex-ante procurement of reserve capacity, which translates into ramping restrictions in real-time. Cyber-security measures refer to updating the firewall rules so as to impede an intruder from taking over the cyber infrastructure of the grid and disconnecting power generators and transmission branches. We adopt standard assumptions to formalize the inner optimization problems corresponding to the cyber-physical attacker and power grid operator and focus on uncertainty management at the uppermost level of the problem. Our findings establish that physical- and cyber-security measures are nonexchangeable complements in keeping the power grid operation secure, underscoring the potential benefits of selecting them in an integrated manner.

Disciplines :

Electrical & electronics engineering

Author, co-author :

Karangelos, Efthymios; University College Dublin, Dublin, Ireland > School of Electrical and Electronic Engineering

Wehenkel, Louis ; Université de Liège - ULiège > Département d'électricité, électronique et informatique (Institut Montefiore) > Méthodes stochastiques

Language :

English

Title :

Electric power system security: the case for an integrated cyber-physical risk management framework

Publication date :

September 2025

Journal title :

Sustainable Energy, Grids and Networks

ISSN :

2352-4677

Publisher :

Elsevier

Special issue title :

Bulk Power System Dynamics and Control XI - Grid control, operation and markets to enable a Net-Zero future

Volume :

Pages :

101872

Peer reviewed :

Peer Reviewed verified by ORBi

Additional URL :

https://api.elsevier.com/content/article/PII:S2352467725002541?httpAccept=text/xml

Available on ORBi :

since 05 August 2025

Statistics

Number of views

45 (0 by ULiège)

Number of downloads

71 (0 by ULiège)

More statistics

Scopus citations^®

Scopus citations^®
without self-citations

OpenCitations

OpenAlex citations

Bibliography

Sullivan, J.E., Kamensky, D., How cyber-attacks in Ukraine show the vulnerability of the us power grid. Electr. J. 30:3 (2017), 30–35.
Alvarez-Alvarado, M.S., Apolo-Tinoco, C., Ramirez-Prado, M.J., Alban-Chacón, F.E., Pico, N., Aviles-Cedeno, J., Recalde, A.A., Moncayo-Rea, F., Velasquez, W., Rengifo, J., Cyber-physical power systems: a comprehensive review about technologies drivers, standards, and future perspectives. Comput. Electr. Eng., 116, 2024, 109149.
Karamdel, S., Liang, X., Faried, S.O., Mitolo, M., Optimization models in cyber-physical power systems: a review. IEEE Access 10 (2022), 130469–130486.
He, H., Huang, S., Liu, Y., Zhang, T., A tri-level optimization model for power grid defense with the consideration of post-allocated dgs against coordinated cyber-physical attacks. Int. J. Electr. Power Energy Syst., 130, 2021, 106903.
Lai, K., Illindala, M., Subramaniam, K., A tri-level optimization model to mitigate coordinated attacks on electric power systems in a cyber-physical environment. Appl. Energy 235 (2019), 204–218.
Qin, C., Zhong, C., Sun, B., Jin, X., Zeng, Y., A tri-level optimal defense method against coordinated cyber-physical attacks considering full substation topology. Appl. Energy, 339, 2023, 120961.
Zhang, Z., Huang, S., Chen, Y., Li, B., Mei, S., Cyber-physical coordinated risk mitigation in smart grids based on attack-defense game. IEEE Trans. Power Syst. 37:1 (2022), 530–542.
Zeng, B., Zhao, L., Solving two-stage robust optimization problems using a column-and-constraint generation method. Oper. Res. Lett. 41:5 (2013), 457–461.
Xiang, Y., Wang, L., An improved defender–attacker–defender model for transmission line defense considering offensive resource uncertainties. IEEE Trans. Smart Grid 10:3 (2018), 2534–2546.
Grigg, C., Wong, P., Albrecht, P., Allan, R., Bhavaraju, M., Billinton, R., Chen, Q., Fong, C., Haddad, S., Kuruganty, S., et al. The IEEE reliability test system-1996. A report prepared by the reliability test system task force of the application of probability methods subcommittee. IEEE Trans. Power Syst. 14:3 (1999), 1010–1020.
Coffrin, C., Gordon, D., Scott, P., Nesta, the NICTA energy system test case archive. [Online]. Available https://arxiv.org/abs/1411.0359, 2019.
Yuan, W., Zhao, L., Zeng, B., Optimal power grid protection through a defender–attacker–defender model. Rel. Eng. Syst. Saf. 121 (2014), 83–89.
Kleinert, T., Labbé, M., Plein, F., Schmidt, M., Closing the gap in linear bilevel optimization: a new valid primal-dual inequality. Optim. Lett. 15:4 (2021), 1027–1040.
Sun, K., Zheng, D.-Z., Lu, Q., A simulation study of obdd-based proper splitting strategies for power systems under consideration of transient stability. IEEE Trans. Power Syst. 20 (03 2005), 389–399.
Al-Roomi, A.R., Power Flow Test Systems Repository. [Online]. Available, Halifax, Nova Scotia, Canada https://al-roomi.org/power-flow, 2015.
Bezanson, J., Edelman, A., Karpinski, S., Shah, V., Julia: a fresh approach to numerical computing. SIAM Rev. 59:1 (2017), 65–98, 10.1137/141000671 [Online]. Available.
Dunning, I., Huchette, J., Lubin, M., JuMP: a modeling language for mathematical optimization. SIAM Rev. 59:2 (2017), 295–320, 10.1137/15M1020575 [Online]. Available.
Coffrin, C., Bent, R., Sundar, K., Ng, Y., Lubin, M., PowerModels.Jl: an open-source framework for exploring power formulations. 2018 Power Systems Computation Conference (PSCC), June 2018.
Cplex, IBM ILOG. V12. 1: User's manual for CPLEX. Int. Bus. Mach. Corp., 46(53), 2009, 157.
Li, C., Qiu, M., Reinforcement Learning for Cyber-Physical Systems: With Cybersecurity Case Studies, 2019, Chapman and Hall/CRC.