Digitalization of the power system eventually led to the implementation of the IEC 61850 standard for communication networks and systems for power utility automation, creating the digital substation. The combination of the substation equipment and its communication network and the ICT system for non-operational aspects together forms an interdependent Cyber-Physical Power System (CPPS). This system is prone to cyber attacks because mitigation strategies were designed for ICT systems and do not account for OT system requirements. As cyber attacks on CPPSs become more frequent and global tensions rise, research into cyber security vulnerabilities of the IEC 61850 Generic Object-Oriented Substation Event (GOOSE) protocol is becoming more pressing, as is the development of mitigation strategies for cyber attacks on this protocol.

This work proposes a Hardware-in-the-Loop (HiL) test setup to execute various GOOSE cyber attacks and thereby simulate a hacker's actions. This setup consists of a simple power system simulated on a Real-Time Digital Simulator (RTDS), a physical Intelligent Electronic Device (IED), and a communication network connecting all. The simulated power system communicates node voltages and breaker currents to the IED via IEC 61850 Sample Values (SV), and the IED responds by sending GOOSE traffic. An additional workstation is connected to the communication network to launch cyber attacks that cause physical impact on the simulated power system.

Secondly, the HiL setup is used to evaluate which alterations to the GOOSE packet will result in a physical impact on the simulated power system. Several attributes in the GOOSE PDU are modified, and together with changes in AllData (for circuit breaker tripping), the circuit breaker in the simulated power system should be tripped. An attempt is also made to block legitimate traffic during a fault, with an attack. Based on these findings, a cyber-physical dataset was constructed containing GOOSE communication network traffic recorded during normal operation, faults, and the examined cyber attacks that yielded physical impact.

Furthermore, an anomaly-based deep packet inspection (DPI) intrusion detection system (IDS) is proposed for the mitigation of cyber attacks. This DPI-IDS uses features from the GOOSE PDU attributes and a long short-term memory (LSTM) model to distinguish GOOSE packets from normal operation, faults, and cyber attacks. The LSTM's hyperparameters were optimized, and the complete DPI model was trained on primarily GOOSE traffic from normal operation and fault conditions. The performance of the DPI-IDS on the collected dataset was evaluated using several metrics. For all attacks in the dataset, the performance is evaluated separately to identify which attacks the DPI-IDS model performs best for.

The goal of the DPI-IDS is to classify legitimate traffic from malicious traffic. Normal operation traffic and traffic during faults should be classified correctly as legitimate traffic. Correct classification of malicious traffic would cause the traffic to be flagged, indicating to an operator to take action. Overall, the results of legitimate traffic identification (normal operation and faults) show that the DPI-IDS performs well on separating these two classes. However, the classification of malicious traffic is more difficult, due to the limited availability of malicious traffic in the training data. This underlines the importance of developing an effective mitigation strategy for cyber attacks on GOOSE communication traffic. ... Read more

Power system operation is increasingly reliant on Information and Communication Technologies (ICTs), which are essential for enhancing the resilience, reliability, and security of the future electricity supply. The advancement of ICTs has tightly integrated power grids with communication networks, giving rise to Cyber-Physical power Systems (CPS). However, this growing digitalization also increases system complexity, heightens vulnerability to cyber attacks, and alters traditional operational patterns. Consequently, this trend underscores the critical need for continued exploration and innovation in CPS to address emerging challenges. In this context, the availability of reliable test cyber-physical systems is crucial. The test CPS models must enable realistic analyses without exposing sensitive information about critical infrastructures, allowing researchers to thoroughly investigate newly introduced vulnerabilities and ensure the reliability and cyber security of CPS. To this end, we are motivated to have the following research focus: the synthetic network generation and vulnerability assessment of cyber-physical power systems... ... Read more

Power grids are undergoing a digital transformation through the integration of information and communication technologies such as the Internet of Things (IoT), big data, and artificial intelligence (AI). These technologies improve the efficiency and intelligence of power grid operations. However, this digitalization also introduces new vulnerabilities, making it critical to enhance cyber resilience to protect the stability and security of power grids against emerging threats. Real-world incidents, such as the Ukrainian power grid cyber attacks in 2015, 2016, and 2022, highlight the serious threat posed by cyber attackers using advanced persistent threats (APTs). Unlike traditional cyber attacks, APTs use more sophisticated techniques, including stealthy tactics, long-term persistence, and exploitation of unknown (zero-day) vulnerabilities. Due to these characteristics, traditional cybersecurity methods are often ineffective against APTs. This thesis focuses on detecting and correlating APTs within cyber-physical power systems.

The thesis begins by examining cybersecurity in power grids, which is essential for developing effective defense strategies. It offers a detailed analysis of the cyber threat landscape, system vulnerabilities, current mitigation techniques, and cyber attack modeling specific to cyber-physical power systems. Based on this foundation, the thesis proposes an advanced kill chain model for cyber-physical power systems that improves on existing frameworks for identifying stages of cyber attacks. The research focuses on APTs in power grids by addressing three core challenges: stealthiness, persistence, and zero-day vulnerabilities.

APT Stealthiness:
APTs are difficult to detect because they use advanced techniques to remain hidden. They often disguise their activity as legitimate traffic, making them hard to spot using traditional security systems like intrusion detection systems (IDS) and firewalls. Their behavior causes only minor anomalies that blend in with normal operations, creating the need for highly sensitive detection systems capable of identifying these subtle signs.

APT Persistence:
APTs are designed to stay undetected for extended periods, sometimes months or years. To detect such long-term threats, it is important to analyze and correlate anomalies over time. However, most current detection systems for cyber-physical power systems focus either on the cyber or physical aspect individually, and they typically detect isolated events rather than recognizing broader patterns or correlations across systems. This makes it difficult to track the lateral movement of an attacker over time. The main scientific challenge is to detect low-frequency, unpredictable, and subtle anomalies that often bypass traditional detection methods.

APT Zero-Day Attacks:
Attackers often use zero-day exploits, which take advantage of unknown vulnerabilities in software, hardware, or communication protocols. Traditional security systems, which rely on known attack patterns, cannot detect these unknown threats. To identify zero-day attacks, detection methods must be based on anomalies rather than known signatures. This requires analyzing deviations from normal system behavior without relying on prior knowledge of specific attack methods.

To address these challenges, the thesis proposes new hybrid deep learning models using graph-based and semi-supervised learning techniques. The main contributions of the research are:

Cyber-Physical Power System Model and Kill Chain Framework:
The thesis provides a thorough analysis of cybersecurity issues in power systems, focusing on evolving threats and vulnerabilities. It presents a cyber-physical power system model that includes a cyber range—a simulation environment that mimics attacks and defenses. It also introduces an advanced cyber-physical power system (ACPPS) kill chain, which identifies APT behaviors specific to power systems. This framework traces the entire attack process, from initial access to cascading failures and blackouts, enabling more effective defenses.

Attack Graph Model:
To detect stealthy APTs, the thesis introduces an attack graph model supported by Software-Defined Networking (SDN) for real-time awareness. It uses a hybrid deep learning model combining Graph Convolutional Long Short-Term Memory (GC-LSTM) and Convolutional Neural Networks (CNN) to classify operational technology (OT) network traffic as normal or anomalous. This model detects subtle traffic anomalies, reducing both false positives and negatives, and pinpoints the exact location of anomalies in near real-time.

APT Spatio-Temporal Correlation:
To address long-term persistence, the thesis proposes a method for correlating APT behavior over time and space using a Cyber-Physical System Interaction Matrix (CPSIM) and an Enhanced Graph-Convolutional LSTM (EGC-LSTM) model. The CPSIM shows how anomalies in the cyber and physical layers are connected, while the EGC-LSTM model predicts future anomalies by analyzing patterns across time and space. This approach improves the ability to detect and anticipate APT movement throughout the system.

Semi-Supervised Intrusion Detection System for Digital Substations:
To identify zero-day attacks, the thesis introduces a semi-supervised intrusion detection system tailored to digital substations. It analyzes both traffic payload and interarrival time, converting these features into vectors that represent OT traffic behavior. The method uses frequency analysis (Fast Fourier Transform) and statistical testing (Kolmogorov-Smirnov test) to improve classification between normal and abnormal traffic. A combination of Self-Organizing Maps (SOM) and Density-Based Spatial Clustering (DBSCAN) is used to classify data, enhancing the ability to detect unknown attacks and improving performance with imbalanced datasets. ... Read more

The increased digitalization of the power grid and transition to cyber-physical power systems raise serious concerns about cyber security and secure operation of the power system. It is now well recognized that information and communication technologies are vulnerable to cyber attacks. Thereby, electrical power grids as critical infrastructures are susceptible to cyber attacks as well. Malicious cyber attacks on power grid infrastructure can detrimentally affect power system operation and stability. In the worst-case, it can trigger cascading failures across the system, leading to a blackout. A coordinated cyber attack across multiple locations can collapse the entire interconnected power grids of nations, or even continents. This is a real modern-day threat, as seen during the cyber attacks on the Ukrainian power grid in 2015, 2016, and 2022. Therefore, power grid resilience and cyber security are now recognized challenges for power system operation and security of electricity supply. The gist of this entire thesis can be summarized as follows.

“Analyze and demonstrate how cyber attacks on power grids may cause and accelerate cascading failures. Based on this analysis, develop suitable proactive defense measures to contain the spread of cascading failures.” Consequently, the core research focus of the thesis with a threefold objective is as follows:

Cyber security of digital substations 

This thesis investigated the impact of cyber threats targeting digital substations. Experiments demonstrate the catastrophic impact of spoofing and replay attacks targeting OT protocols and standards used in digital substations, leading to relay denial-of-service and malfunction. Subsequently, it is experimentally shown how these events may snowball resulting in cascading failures and blackouts. Based on this analysis, this thesis developed mitigation measures based on IEC 62351-6 using HMAC to secure critical control communications in digital substations, adherent to latency requirements of 4ms. The aforementioned studies are conducted using a hardware-in-the-loop cyber-physical experimental framework that closely resembles real-world conditions within a digital substation, including intelligent electronic devices and protection schemes. Thus, the outcomes of this research are of particular importance to both, vendors and utilities.

Dynamical analysis of power system cascading failures caused by cyber attacks

This thesis proposed a data-driven method for dynamical analysis of power system cascading failures caused by cyberattacks. It provides experimental proof on how cyber attacks may accelerate the cascading failure mechanism, in comparison to historically observed blackouts. Using a dynamic power grid model, consisting of multiple, coordinated protection schemes,  the point of no return is defined and analysed in a cascading failure sequence by applying the Hilbert–Huang transform for time-frequency analysis. Numerical results indicate, cyber attacks may accelerate cascading failures at least by a factor of 3x. This is due to the excitation and non-damping of multiple frequency modes greater than 1 Hz in a short time span. This thesis demonstrates semi-analytically how cyber attacks can cause and accelerate power system cascading failures, thereby leading to a quicker point of no return.

Defense against cyber attack induced cascading failures

Cyber-physical power systems are vulnerable to cyber attacks that may lead to cascading failures and power outages. A promising solution to tackle this emerging issue is the concept of preventive/proactive controlled islanding before the cyber event occurs based on early detection of cyber attacks. Hence, this thesis developed a novel physics-informed graph convolution network to perform preventive controlled islanding. By incorporating power system physics into the neural network loss function formulations, the resulting islands were made self-sufficient and voltage and frequency stable. Experimental simulations using a modified version of the IEEE 39-bus test system with coordinated protection schemes prove that the islands formed using the proposed method can contain the spread of cascading failures. This results in minimization of loss of load by up to 90\% and 62% when single and multiple substations are compromised, respectively. Hence, this work paves the way towards automated cyber-resilience for power systems and provides system operators with decision making recommendations to curtail the spread of cascading failures. 

This thesis addressed the increasingly crucial topic of cyber security for power systems. It provides a comprehensive analysis of how cyber attacks may trigger and accelerate cascading failures in power grids, potentially leading to large-scale power outages. Furthermore, this research enhances our understanding of power grid cyber resilience by experimentally demonstrating the vulnerabilities of digital substations, proposing a novel data-driven method for analysing cyber-induced cascading failures, and developing an advanced physics-informed graph convolutional network for preventive controlled islanding. The findings of this thesis are highly relevant to utilities and vendors, as they offer practical insights into the pitfalls associated with power system digitalization and possible adverse consequences. Thereby, the proposed cascading failure analysis technique and preventive islanding defense strategy directly contribute towards enhancing the cyber security of power systems and ensuring better preparedness in the face of the ever-growing cyber threat landscape. Ultimately, this research contributes   to a more cyber secure and resilient power system. ... Read more

The modern power grid is becoming more susceptible to cyber-attacks due to an increase in digitalization, leading to a larger attack surface for malicious actors to attack. Such attacks on critical infrastructure could lead to partial power outages, minor societal disruption, or in the worst-case scenario, a rolling black-out in which the entire country has no access to electricity. Electrical utility companies can decrease the likelihood of a successful cyber-attack on the Cyber Physical Power System (CPPS) – consisting of the physical power grid, and vulnerable Information Technology (IT) and Operational Technology (OT)- by implementing cyber security interventions. Investing in these cyber security mechanisms is not cheap, which is why it is expected to have a certain return on investment. However, it is hard to quantify the effects of prospective cyber security investments. The main research question of this study is: “To what extent can cyber security measures decrease the risk of cyber attacks on CPPS substations?” This research question is answered by means of an implicitly mixed research approach that uses computer-assisted attack tree modelling and Monte Carlo simulation. The model is based on the publicly available technical system information of known suppliers of relevant substation components and other documentation acquired by means of multiple literature studies and document analyses. The change in likelihood and subsequent risk has been studied by extensively modelling the possible attack paths of a digital substation. This has been combined with financial analysis in the form of a societal cost-benefit analysis. As a result, potential cyber security investments can be evaluated on their merits in the form of risk reduction and their required costs as expressed in dollars. The contribution of the performed research to science is the elaboration of existing models to more accurately represent reality, and simultaneously provide the cyber security decision-making process with a tool that provides guiding Key Performance Indicators (KPIs). This study has shown that suggested measures from the quantified model are able to increase the TTCavg needed by malicious actors to reach their intended target, and therefore cause a decrease in likelihood and subsequent risk of the studied scenarios. An important finding of this study emphasizes the need for extensive attack path modelling. This finding was the fact that the application of some well-intended countermeasure (such as remote-attestation), might have no significant effect on the likelihood and risk of a certain scenario at all, but only changes the dominant attack path. While the constructed quantified model, as proposed in this study, is able to provide quantified insights into the effects of proposed cyber security investments, it is merely a simplified tool that should be expanded upon to generate more accurate insights. Besides the aforementioned there have been additional findings from this study. Such as a list of weaknesses in the current state of digital substation cyber security. This list has been created by an extensive document analysis of over 40 sources. Also, an overview of 23 different possible cyber security interventions has been compiled by a systemic literature review of over 16 sources. According to the quantified model, a reduction (between 21.8% and 93%) in the total risk of certain attack scenarios against digital substation by malicious actors can be achieved. The costs for these possible risk reductions range between $28 thousand for a honeypot deception system and $413 thousand for a combination of all the simulated countermeasures. These countermeasures could, in comparison to a base case with no protection, potentially reduce the total risk by an amount between $3.7 billion and $15.9 billion. According to the general societal cost-benefit analyses, the best Retun-on- Investment (ROI)/cost-effectiveness of investment is the investment in a honeypot (scenario 5) which has an ROI of 247,390, and the least cost-effective is the investment in remote attestation (scenario 4), which has an ROI of -2,066. Altogether, this study has shown that there is added value in using a simplified quantified model to aid in decision-making for digital substation cyber security investments aimed at risk reduction. ... Read more

The proliferation of Distributed Energy Resources (DERs) is decentralizing the power system, with more and more capacity installed in the distribution grids. Concurrently, the energy sector is embracing the Internet of Things (IoT) paradigm, resulting in the emergence of the Internet of Energy. However, this transformation introduces new concerns regarding cyber security. As the number of interconnected devices increases, the possible attack surface for malicious actors expands. Recognizing this challenge, researchers are investigating the potential cyber security benefits of applying blockchain in power systems. Blockchain offers some secure-by-design features, such as the immutability of the stored data, that can be leveraged to improve the cyber security of smart grids.
In this work, a blockchain-based application for the monitoring and control of a feeder in the Low-Voltage (LV) distribution grid is designed and tested. A smart contract is created and deployed in a private Ethereum blockchain utilizing the Proof of Authority (PoA) consensus mechanism. The blockchain application enhances the cyber security of the LV distribution system in three ways. First, it detects cyber attacks targeting DERs by comparing the setpoints received by prosumers with smart meter measurements. Second, it prevents cyber attacks by enabling the exchange of measurements and setpoints on-chain and by preventing unreliable prosumers from participating in the voltage regulation market. Third, it mitigates the effects of cyber attacks on the steady-state voltage magnitudes by enforcing a novel voltage regulation mechanism, in which a new metric is proposed to quantify the power-to-voltage relationship while considering the location of the power exchange.
The efficacy of the blockchain application is tested in a co-simulation environment together with a modeled LV distribution network, simulated in DigSILENT PowerFactory. The distribution network model is first used to assess the impact of cyber attacks manipulating the setpoints of Battery Energy Storage Systems (BESSs), which have been identified as the most critical DERs. The simulation results demonstrate that the considered cyber attacks can force the disconnection of inverters by causing violations of the acceptable steady-state voltage magnitudes. One of the scenarios demonstrates that a cyber attack targeting half of the BESSs in a feeder can lead to the collapse of the voltage, causing a local outage. Finally, the results of the co-simulation of the blockchain-based monitoring and control system, achieved by the Open Platform Communications Unified Architecture (OPC UA) communication protocol and by a series of clients managing the data streams, demonstrate its efficacy in detecting cyber attacks and mitigating their impact on the voltage magnitude across the feeder, thus reducing the number of disconnected DERs.
... Read more

A large contribution to the total share of electricity generated in European power grid will come from renewable sources of energy in the near future due to European initiative to become carbon neutral. RES are connected to the grid with PE devices, which if not modelled correctly provide lower level of system stability and security of supply. The existing power grid with mainly synchronous generators will not be suited to operate in the future, when synchronous machines will become less important sources of energy. An increase in dynamic behaviour of the system could cause significant challenges for the existing system, which calls for new monitoring and control strategies. The aim of the project is twofold; firstly, to enhance system stability by deploying WAMS in power system with a massive share of RES to total electricity generation. Secondly, it focuses on developing and proposing a tool which will improve consultancy in future power grids. A tool developed is Next Generation Grid Operations (NextGen GridOps) Knowledge Framework which is conceptually designed by DNV. The effectiveness of WAMS applications on system stability improvements and damping enhancements will be evaluated by studying rotor angle stability as well as effect of WAMS on damping of electromechanical oscillations. The response to a disturbance of the remaining synchronous generators will be studied to evaluate the effect of different types of control schemes (grid-following, grid forming control) on the rotor angle stability. Rotor angle stability will be examined to show whether different control structures and WAMS will show enhancements of the overall stability through time domain simulations. WAMS structure in this project consists of PMUs as well as WADCs. While PMUs are sensors deployed in the system to provide synchrophasor measurement, WADCs are damping controllers deployed with an intent of enhancing damping in the system. This project build upon findings from Horizon 2020 MIGRATE Project. The effectiveness of grid-following control and grid-forming control on stabilizing the grid with massive penetration of PE devices are conducted to set the base case for evaluating the effect of WAMS. Modelling software used in the project is DIgSILENT PowerFactory 2021 SP1 and the PowerFactory Thesis Licence was provided by DIgSILENT GmbH for research and educational purposes. Based on the off-line numerical simulations conducted in IEEE 39 Bus New England test system it was found that WAMS functionality with corresponding PMUs and WADCs can decrease oscillations in the system. It has been verified that grid-following control enables 60% of RES penetration and grid-forming control enables penetration of RES above 80%. There have been two grid-forming controllers used in the system, where DVC is able to receive the stabilizing signal while VSM grid-forming controller has a supporting role. WAMS and corresponding WADCs deployed on DVCs are able to enhance damping of the low-frequency modes with frequencies below 2.0 Hz, which is supported by time domain simulations and by conducting Prony analysis. Eigenvalue analysis results for some cases with WAMS deployed show no additional enhancements, which is a consequence of newly introduced controllers and interactions among them and existing controllers. The practical implications of this Master's Thesis study have been modelled in the NextGen GridOps Framework with an intent to make a step towards real world implementation of the findings developed during the project. Framework modelling focused on implementing client maturity classification of WAMS deployments, contributing towards development of WAMS roadmaps and further deployment of WAMS solutions for grid operators as part of the DNV Next Generation Grid Operations advisory services. Work done and information implemented will be valuable for DNV while solving the complex process of future grid operations and at the same time bringing newly developed knowledge into practice. The framework development part of the project ties in with scientific contribution by allowing newly developed information to be further explored. Effectiveness of WAMS and WADCs on improving selective damping and consequently enhancing system stability has been identified in this project through use of DVCs. It has been proven that VSM control has a better stabilizing effect and would allow even further enhancement of damping critical oscillation modes. Higher damping in the system increases the stability and consequently higher security of energy supply.
... Read more

The TSO of a power system is mainly responsible for ensuring the stability of the grid. Through continuous monitoring and control of the power system, the TSO maintains stability through emergency actions. Until now, the conventional Static State Estimation has been the Energy Management System (EMS) tool for estimating and monitoring the grid state - bus voltages, currents, and powers. However, energy transition, which involves the decommissioning of conventional generation and their replacement by renewables, leads to a more dynamic grid. In such a case, the information provided by the static state estimator is insufficient. This has, hence, led to the development of the Dynamic State Estimator (DSE), to provide insight into the dynamic properties of a power system, such as rotor angle and rotor speed. The DSE typically uses a Wide-Area Monitoring (WAMS) architecture consisting of Phasor Measurement Units (PMU), to dynamically estimate the internal states of the generators under observation. Hence, the DSE provides improved situational awareness to the TSO. However, the existing literature do not elaborate on how their proposed DSE can be implemented in an online fashion to estimate the dynamic states in near real-time. Such an online implementation is of utmost importance as it showcases how a TSO can deploy the DSE in a real world scenario. Hence, this thesis proposes an online DSE algorithm that performs batch-wise estimation of dynamic states in a near real-time setting. By collecting measurements in batches and introducing the pre-processing steps necessary for these PMU measurements, the algorithm forms the premise for the real-world application of DSE. This algorithm is validated using a cyber-physical testbed comprising a Real Time Digital Simulator and a Synchrophasor Application Development Framework. Additionally, its performance is evaluated and a sensitivity study is conducted to find deterministic relationships between the input error introduced and the estimation error. Finally, future improvements are proposed to make the implementation more suitable to real-world application. ... Read more

Power grids rely on Operational Technology (OT) networks, for real-time monitoring and control. These traditionally segregated systems are now being integrated with general-purpose Information and Communication Technologies (ICTs). The coupling of the physical power system and its communications infrastructure forms a complex, interdependent structure referred to as a Cyber-Physical System (CPS). As cyber attacks on critical infrastructures become more frequent, power systems are especially vulnerable, as their OT systems were not designed with cyber security considerations. Hence, identifying and quantifying the risk of cyber attacks on power grids is of utmost importance.
In this dissertation, a method for quantitative risk assessment is proposed. The impact of cyber attacks is examined on a holistic model of a cyber-physical power system and their likelihood is assessed through attack graphs. Firstly, the physical power system is modelled to analyze the impact of cyber attacks on power system operation. The dynamic model of the IEEE 39-bus is used to validate the proposed risk assessment method. Various protection schemes are implemented and coordinated to analyze how cyber attacks can lead to cascading failures and a blackout. The communication networks of digital substations are modelled and integrated with the power system model. They emulate the communication network traffic between the control center and digital substations. The physical and cyber system models are integrated via co-simulation.
Secondly, attack graphs for digital substations are designed and used for cyber attack analysis. The attack graph model is based on the topology of a digital substation, specified by industry and academia. A novel method is proposed for defining the probability distributions of the time-to-compromise for each attack step, which is used in the attack simulations to extract the global time-to-compromise of the targeted asset.
Furthermore, an impact assessment method is proposed, which correlates the impact on both layers of the cyber-physical system. Key performance indicators for the power system operation as well as the operation of its communication system are defined and implemented. The overall risk of a specific cyber attack scenario is assessed based on the impact indices, likelihood of the cyber attack to commence, and a proposed metric regarding power system restoration. The proposed methods are validated by examining various cyber attack scenarios on the developed cyber-physical system model. The examined scenarios are based on real-world cyber attacks. Additionally, a study regarding the effect of different attack sequences is conducted. The impact is assessed on both layers of the cyber-physical power system by running dynamic simulations.
On overall, the CPS simulation results show the effectiveness of the proposed methods to assess risks and identify the most critical systems per cyber attack scenario. The proposed methods correlate the vulnerability assessment of the modelled security infrastructure with the corresponding impact on the cyber-physical system. The risk assessment is validated by a comprehensive analysis of selected study cases, examining the cascading failure chains of the power system. These studies show the importance of examining various attack scenarios in order to identify the weak points and bottlenecks in the integrated cyber-physical power system.
... Read more