Power grids are undergoing a fast-paced process of digitalization for enhanced monitoring and control capabilities and grid intelligence. However, the increased integration of digital technologies, such as the next generation of operational technologies (OTs) and digital substations, implies a new risk as information technology (IT)-OT systems are vulnerable to cyberattacks. Furthermore, the combination of heterogeneous, co-existing smart and legacy technologies generates significant vulnerabilities and security challenges. Examples of cybersecurity incidents related to power grids already exist around the world. On December 23, 2015, cyberattacks were conducted on the power grid in Ukraine that resulted in power outages, which affected 225,000 customers. More sophisticated cyberattacks on the Ukrainian power grid followed on December 17, 2016, resulting in a power outage in the distribution network where 200 MW of load was unsupplied. The complexity of cyberattacks on power systems is likely to increase. This chapter provides the state-of-the-art and essential knowledge of threats and cyberattacks on power systems. This chapter reviews major cyberattacks on power grids and industrial control systems. A detailed taxonomy of cyberattacks is provided. Power grid vulnerability to six main types of cyberattacks is discussed, that is, phishing, malware, network-based attacks, man-in-the-middle attacks, host-based attacks, and denial of service. The impact of cyberattacks on grid operation is analyzed in terms of loss of load, cascading effects, and equipment damage. A case study of a cyberattack scenario and simulation results are provided.

This paper studies the problem of fault detection and estimation (FDE) for linear time-invariant (LTI) systems with a particular focus on frequency content information of faults, possibly as multiple disjoint continuum ranges, and under both disturbances and stochastic noise. To ensure the worst-case fault sensitivity in the considered frequency ranges and mitigate the effects of disturbances and noise, an optimization framework incorporating a mixed H_{_}/H₂ performance index is developed to compute the optimal detection filter. Moreover, a thresholding rule is proposed to guarantee both the false alarm rate (FAR) and the fault detection rate (FDR). Next, shifting attention to fault estimation in specific frequency ranges, an exact reformulation of the optimal estimation filter design using the restricted H_∞ performance index is derived, which is inherently non-convex. However, focusing on finite frequency samples and fixed poles, a lower bound is established via a highly tractable quadratic programming (QP) problem. This lower bound together with an alternating optimization (AO) approach to the original estimation problem leads to a suboptimality gap for the overall estimation filter design. The effectiveness of the proposed approaches is validated through applications of a non-minimum phase hydraulic turbine system and a multi-area power system.