Electricity Grid Cyber-Physical Security Risk Assessment Using Simulation of Attack Stages and Physical Impact

Abstract

Typical security risk assessment of cyber-physical systems measures the relative risk of individual components in the system with data from a domain expert. Such data may not come directly from the cyber-physical systems, but instead may come from the domain expert's knowledge. A challenging task is to assess the risk of a system-level cyber-attack (e.g., on an entire region with many substations), given the potential physical implications. This paper introduces a novel risk assessment tool that combines simulation of cyber-attack models and simulation of the potential physical impact in the power grid. The simulation involves probabilistic models of both the attack planning stage as well as the attack execution stage. The probabilities vary with estimated cyber-physical attacks and defensive postures. The proposed method provides insight into the risk of physical operational disruption caused by propagating cyber-attacks and provides strategies for their mitigation.