Electric power system security: the case for an integrated cyber-physical risk management framework

Abstract

This paper concerns the security of the electric power transmission grid facing the threat of malicious cyber-physical attackers. We posit that there is no such thing as perfectly effective cyber-security. Rather, any cyber-security measure comes with the possibility that a highly skilled attacker could (eventually find a way to) bypass it. On these grounds, we formulate a tri-level decision making problem seeking to co-optimize preventive physical and cyber-security measures under uncertainty on the ability of an exogenous cyber-physical attacker to overcome the latter. Preventive physical security measures refer to the ex-ante procurement of reserve capacity, which translates into ramping restrictions in real-time. Cyber-security measures refer to updating the firewall rules so as to impede an intruder from taking over the cyber infrastructure of the grid and disconnecting power generators and transmission branches. We adopt standard assumptions to formalize the inner optimization problems corresponding to the cyber-physical attacker and power grid operator and focus on uncertainty management at the uppermost level of the problem. Our findings establish that physical- and cyber-security measures are non-exchangeable complements in keeping the power grid operation secure.

0

Turn this paper into a full lesson

ArcXiv compiles a staged curriculum from this paper: 8-12 lessons across beginner → advanced, synthesised section guides, visuals, flashcards, a quiz, exercises, and on-demand deep dives per section. Grounded in the abstract, never invented.

Discussion (0)

Sign in to join the discussion.

Loading comments…