Modeling and assessing load redistribution attacks considering cyber vulnerabilities in power systems

Abstract

Introduction: Load Redistribution (LR) attacks, as a common form of false data injection attack, have emerged as a significant cybersecurity threat to power system operations by manipulating load buses’ measurements at substations. Existing LR attack methods typically assume that any substation can be equally attacked, contributing to the analysis of LR attacks in power systems. However, the diversity of cyber vulnerabilities in substation communication links implies varying costs associated with falsifying load buses’ measurements. Thus, quantitatively evaluating these costs and analyzing the impact of LR attacks on power systems within cost constraints holds practical significance.Methods: In this paper, we employ a Bayesian attack graph model to characterize the intrusion process through cyber vulnerabilities. The costs of falsifying load buses’ measurements at substations are quantitatively evaluated using the mean time-to-compromise model. Subsequently, from the attacker’s perspective, we propose a bi-level optimization model for LR attacks, considering the mean time to compromise in conjunction with limited attack resources and power flow constraints.Results: Simulations conducted on the IEEE 14-bus system illustrate the influence of cyber vulnerabilities on LR attacks within power systems. Furthermore, we verify that the attack scenario of the existing LR attack model aligns with a case of the proposed bi-level LR attack model when there is sufficient attack time to compromise all communication links.Discussion: The findings of this research demonstrate that the impact of cyber vulnerabilities on LR attacks can be quantified by assessing the attack costs. Effective management of LR attacks can be achieved under cost constraints through optimization methods. These insights contribute to enhancing network security strategies for power systems, mitigating potential threats posed by LR attacks in power system operations.