Cyber-physical risk modeling with imperfect cyber-attackers
This work addresses cyber-physical risk management for power grids, but it is incremental as it builds on existing models by incorporating imperfect information.
The paper tackles the problem of modeling cyber-physical risk from imperfect cyber-attackers targeting grid security via load redistribution attacks, finding that inaccurate admittance values often lead to suboptimal but still compromising attacks, while inaccurate capacity values result in notably less effective attacks.
We model the risk posed by a malicious cyber-attacker seeking to induce grid insecurity by means of a load redistribution attack, while explicitly acknowledging that such an actor would plausibly base its decision strategy on imperfect information. More specifically, we introduce a novel formulation for the cyber-attacker's decision-making problem and analyze the distribution of decisions taken with randomly inaccurate data on the grid branch admittances or capacities, and the distribution of their respective impact. Our findings indicate that inaccurate admittance values most often lead to suboptimal cyber-attacks that still compromise the grid security, while inaccurate capacity values result in notably less effective attacks. We also find common attacked cyber-assets and common affected physical-assets between all (random) imperfect cyber-attacks, which could be exploited in a preventive and/or corrective sense for effective cyber-physical risk management.