A Survey on Power Grid Cyber Security: From Component-Wise Vulnerability Assessment to System-Wide Impact Analysis

Abstract

The now ubiquitous use of information technology poses a crucial challenge to the cyber security of power grid operations, one that has aroused serious concerns from both industry and academia. The state-of-the-art research either focuses on the vulnerability assessment of particular types of components or concentrates on the prevention and mitigation of cyber attacks from the power grid’s perspective. Complete causal chains connecting component vulnerabilities to cyber attacks causing malicious system-wide effects are unclear, which hinders cyber-attack prevention and the consolidation of affected components. To bridge this research gap, this survey aims to study two issues that need further investigation. On one hand, the causal relationship between power grid component vulnerabilities and resulting cyber attacks has not been thoroughly explored. On the other hand, the evolvement of cyber attacks, from initial attempt to resulting serious consequences has not been resolved. To study these two issues, we first analyze various stakeholders and associated information flows in diverse applications in power grid operation. Second, we summarize the root cause of cyber attacks in the vulnerability of communication protocols. Third, a multi-stage model is proposed to describe the cyber vulnerabilities, which reveals potential attacks and their evolvement on power grid components at each stage, assesses the associated impact on the entire power grid, and elucidates possible countermeasures. With the above efforts, this survey establishes a complete causal chain from component-wise vulnerability to system-wide impact assessment for enhancing cyber security, and potential research directions for enhancing power grid cyber security are identified.