Cyber-physical risk modeling with imperfect cyber-attackers

We model the risk posed by a malicious cyber-attacker seeking to induce grid insecurity by means of a load redistribution attack, while explicitly acknowledging that such an actor would plausibly base its decision strategy on imperfect information. More specifically, we introduce a novel formulation for the cyber-attacker's decision-making problem and analyze the distribution of decisions taken with randomly inaccurate data on the grid branch admittances or capacities, and the distribution of their respective impact. Our findings indicate that inaccurate admittance values most often lead to suboptimal cyber-attacks that still compromise the grid security, while inaccurate capacity values result in notably less effective attacks. We also find common attacked cyber-assets and common affected physical-assets between all (random) imperfect cyber-attacks, which could be exploited in a preventive and/or corrective sense for effective cyber-physical risk management.

Automated summary

We modeled the decision-making problem of a malicious cyber-attacker and analyzed the distribution of decisions and their respective impact when based on imperfect information. Our findings suggest that inaccurate data on grid branch admittances lead to suboptimal cyber-attacks, while inaccurate capacity values result in less effective attacks. Additionally, we identified common attacked cyber-assets and affected physical-assets, which can be used for effective cyber-physical risk management.