Professional Documents
Culture Documents
A Comprehensive Review of Cyber-Attacks and Defense Mechanisms For Improving Security in Smart Grid Energy Systems Past, Present and Future 2023
A Comprehensive Review of Cyber-Attacks and Defense Mechanisms For Improving Security in Smart Grid Energy Systems Past, Present and Future 2023
A R T I C L E I N F O A B S T R A C T
Keywords: Due to the advancement in communication networks, metering and smart control systems, as well as the
Security prevalent use of Internet-based structures, new forms of power systems have seen moderate changes with respect
Cyber-attack to several aspects of contradictory Cyber–Physical Power Systems (CPPSs). These structures usually have con
Power systems
nections between power sections and cyber parts. CPPSs confront newly emerging issues including stability,
Smart grids
resiliency, reliability, vulnerability and also security. Studying, analyzing and providing solutions to mitigate or
Defense mechanism
solve these problems highly depend on accurate modeling methods and examining the interaction mechanisms
associated with the cyber-security of Smart Grids (SGs). This paper aims to systematically summarize different
methods and techniques and to review corresponding solution approaches in cyber-security in energy systems. In
the first step, we discuss the interactive features of cyber-security; then, their modeling and mechanisms are
reviewed and summarized in detail. Furthermore, the characteristics and applicability of different cyber-attack
models are technically discussed and analyzed. The cutting-edge cyber security approaches such as blockchain
and quantum computing in SGs and power systems are stated, and recent research directions are highlighted. The
decisive problem-solving approaches and defense mechanisms are presented. Finally, some points regarding the
role of cyber-security in the future of SGs are presented.
* Corresponding author.
* Corresponding author.
E-mail addresses: mgy918@uregina.ca (M. Ghiasi), niknam@sutech.ac.ir (T. Niknam).
https://doi.org/10.1016/j.epsr.2022.108975
Received 19 July 2022; Received in revised form 10 November 2022; Accepted 14 November 2022
Available online 21 November 2022
0378-7796/© 2022 Elsevier B.V. All rights reserved.
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
advances in cyber infrastructures are leading to an intelligence revolu Since new concepts such as the Internet of Energy (IoE), SGs, and
tion in power systems. It is noteworthy that smart and intelligent devices smart equipment connected to the grid such as smart meters are
in SGs are prone to cyber-attacks via wired and wireless Communication expanding, the issues caused by cyber-attacks on these types of in
Channels (CCs), which can have adverse effects on the reliability and frastructures should receive more attention. Using different techniques
stability of energy systems [9,10]. Besides, systems based on Internet of to identify and deal with these attacks is one of the effective ways to
Things (IoT) and wide area protection and Control technologies are now stabilize the SGs and energy systems [27]. Therefore, providing accu
increasingly expanded for intelligent power networks with different rate, up-to-date and efficient overviews and details in recognizing and
DERs [11,12]. dealing with cyber-attacks can be an effective way to researchers and
One of the important parts of energy systems are controllers. engineers in the fields of electrical, control, and telecommunication
Generally, controllers should be able to maintain energy systems sta engineering, as well as information technology (IT) and computer
bility. Existing systems of Supervisory Control and Data Acquisition science.
(SCADA) have been extensively utilized for controlling and monitoring
operational conditions which are dispersed in power transmission and 1.2. Concepts and applications of cyber-security in SGs
distribution grids. In addition to this, Distributed Control Systems (DCS)
have been utilized for small or remote geographical regions, whereas Different solutions aiming to calculate the optimal generation and
Programmable Logic Controllers (PLC) or Remote Terminal Units (RTU) pattern of distribution in SGs and data storing in the energy system are
frequently monitor and control the system data [13,14]. In recent years, presented. Therefore, in this section we aim to provide important parts
new forms of smart controllers and devices have been introduced in of cyber-physical systems involved in SGs and energy systems. In addi
different parts of the power grids. Many studies are presented in order to tion, increasing concerns about environmental issues along with the
develop the performance of the modern power system at different levels. effective production and distribution of power is one of the topics that
These studies focus on various parts of power systems such as forecasting has recently been considered, and one of the effective solutions is the use
algorithms, new types of power electronic devices, smart and Microgrids of DER in smart MG [28]. Many experts confirm that distributed smart
(MGs), reliability [15], resilience, Cyber-Physical Systems (CPSs) MG is a highly efficient approach to plan the global power system [29].
[16–18], integrations of renewable energy generations into power sys In other words, in order to make the power grid automated and intel
tem, Electric Vehicle (EV) connected to power grid [19], dynamic ligent, SG integrates technologies, and digital processes into power
analysis of power system [20], cost assessment, and optimization tech systems which will make it vulnerable to cyber-physical attacks [30].
niques [6,21-25]. Fig. 1 displays various parts of a typical power Fig. 2 illustrates the main constructions of conventional power net
network system from generation to consumption, and its communica works and different parts of SG to show their differences. As can be seen,
tion structure. unlike one-direction energy flow in traditional energy systems, infor
Many parts of the power network use sensors, controllers, meters, mation and energy can flow in two-directions of the two sides of gen
and wireless networks to control and transmit data [26]. Also, in order eration and distribution in smart energy systems. For SG, no rigid system
to make the network smarter, the related equipment transmits infor exists. Electricity production from renewable power plants like solar and
mation from both the generation and the consumption sides over the wind farms or from DG sources can be done on the consumer side. In this
Internet, and the number of devices connected to this network increases topology, electricity can be two-directional way, which is shown in this
daily. In this regard, we aim to comprehensively review various forms of picture with energy storage resources in houses and even electric vehi
cyber-attacks and defense mechanisms related to SGs and energy cles [31].
systems.
Generation Distribution
Transmission Lines
Sub-transmission
Customer
Secondary Customer
RTOs
2
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
High Voltage
(HV)
Distribution
Low Voltage
(LV)
Distribution Factory/
Industry
Office Residence
(a)
Wind Power
Storage with
Interface Solar Power
Solar Home
System
Generation
Residence
Factory
Office
(b)
Fig. 2. Utility grids: (a) conventional grid (b) SG [32].
1.3. Wireless sensor network and internet of things communication platforms called IoT, which has high potential and can
be implemented for a large variety of utilizations in different fields.
Due to the significant advances in wireless communications that Stable communication is a main component of the SG system which
have various applications such as mobile devices, environmental needs devices equipped with the ability of receiving, sensing, process
tracking sensors and drones, it opens up new services by connecting to ing, and transmitting data. The network which is made by that equip
SGs. Wireless Sensor Networks (WSNs) consist of inexpensive stand- ment and linked to the other nodes via the Internet, is IoTs. In the IoTs,
alone devices that are equipped with sensors which can measure each object is identified with its own digital identity, and all are linked
events with locally or globally values, and store them [33]. They can via a complicated grid. IoT includes smart items that have data pro
also manage sensitive data and communicate with each other. Thus, the cessing, self-awareness and interact with the environment. Smart de
convergence of WSN has paved the way for the development of vices can communicate with each other including objects in the system
3
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
[34]. The commonest smart items used in the network, for instance the operation, monitoring of system, and production planning [43–49].
smart meter, can fall into this class. High volume of data (big data), which cannot be handled via traditional
The objects can give the exact information needed for automated processes, becomes another challenge in SGs. Researchers focus on big
support and deciding, giving the smart grid unique capabilities that can data-based challenges in energy systems, optimization and prediction
make the grid smart. One important point is that all this data should be which consider renewable power generations [50,51]. A higher per
processed, managed and stored in real time. Historical data can also be centage of the created data in SG includes secret information of indi
used to decide specific cases. Different studies are carried out in the vidual users. Transmitting this data type is needed to be secured with
smart energy network using data achieved by smart objects in various lawful standards [52,53]. In addition, this data usually consists of
databases, feeders, and posts [35,36]. The resources of information used classified and sensitive information about corporations or power control
will be of different values such as market data, lighting, power system centers of a country. By connecting SG to the Internet network, big data
meters, geographic information and even weather data. Therefore, grid communication and safe operation can be affected by malwares or at
optimization in terms of energy or data security from generation and tackers. As a result security and privacy play important roles in IoT and
transmission to energy distribution requires an efficient, reliable and SGs. An IoT combined into SG is classified as a CPS, so it is more likely to
accurate forecasting design for electrical energy use. For instance, in the be prone to cyberattacks [54]. Proper protections are needed to
paper [37], energy consumption data (in terms of kilowatt per hours) for adequately ensure SG operation, securing data, and preventing any kind
100,000 m in smart consumers at 15-min sampling ranges show that of cyber-physical attack on smart power systems. Fig. 4 displays
ensuring the data quality gathered is a particular challenge for designs to fundamental protection problems of IoT combined into the SG system.
predict and evaluate their performance for SG. Various factors including Based on this figure, protection problems of IoTs can be classified into 4
renewable power generation, power cost in energy markets, and basic kinds including encryption, physical, and software, and network
day-ahead planning of load distribution should be predicted. Such fac threats. In the physical threat section, we can have mechanical and
tors are of importance in SG’s security and sustainability [38,39]. untheorized changes in the system. In the network threat part, we can
New infrastructures that enable the SG to do many duties on the have data traffic interference, eavesdropping on confidential data, and
Internet that older networks cannot do include several network- systems access gain. Also, in the software threat category, we face
connected devices that can exchange information and get commands manipulating, stealing or damaging of data in the system. In addition,
to operate in a particular method. All devices have been linked to their we can have encryption attacks in the system which can have a negative
related grids by extensive Internet connection. Internet-connected de impact in encoding systems.
vices are now an integral part of everyday life, and more and more of Seamless communication is identified as a key characteristic of a SG
these devices are being built and connected to the network. Smart that is essential for its suitable performance, so IoT integration can also
homes, smart cities, or smart transportation [40] are examples of in help with SG communications. There are currently four main models
frastructures built on the Internet, which make extensive use of applied for IoT technologies of communication, including backup data
network-connected smart devices. Each of these networked objects sharing, device-to-cloud, device-to-device, and device-to-gateway pat
include their own built-in computation system that allows them to be terns [55]. Also, for IoT implemented SG systems, three layered
estimated by a specific IP and protocol and to be able to communicate communication systems have been developed including Wide Area
and connect with each other. Sensors, networks and communication Network (WAN), Home Area Network (HAN), and Neighbor Area
protocols as well as the utilization program are the most important parts Network (NAN). HAN includes wireless and wired platforms. An
for cyber-attacks on the IoTs. The IoTs consists of more than 50 billion example for wired platforms is power-line communications. For wireless
devices in 2020 and completely demonstrates the current use of IoTs communications, we have some protocols for WiFi, Bluetooth, and
applications [41]. ZigBee. A Home Gateway (HG) is identified as a main feature of HAN
Fig. 3 shows typical connections in the IoTs architecture. As shown in that gathers data of home appliances. NAN needs a communication
this figure, data collected by sensors sent to various systems that utilize structure to be able to support a radio connection of 1000 m. NAN
different types of software to perform intended tasks. Open source collects the energy meters information in the HAN system and sends that
software such as Apache Spark can be one of the methods used in the information to the WAN [56]. Fig. 5 illustrates the structure of IoT
IoTs. Spark uses its fault-tolerant variables to automatically operate in a implemented layers for SG systems where every layer of IoT refers to a
distributed manner, the Resilient Distributed Dataset (RDD). Since all specific SG infrastructure layer.
computations are done in memory on Spark, the execution of an appli The efficient management of load is one of main advantages of using
cation will be significantly up to 100 times faster than applications like the IoT technology. Practically, system malfunctions that may cause
Hadoop. Programming algorithms in this field have also been developed power shortages will be offset by adjustment of the load by demand. This
in the manner and location of data distribution, parallel complexity or setting will keep the other network components active. Therefore,
fault tolerance in Python of R platform [42]. intelligent control and reduction of load must lead to lessening energy
The high volume of data processing, transmission and storage in an outages in an unexpected load alteration in the network. To perform
SG network raises the complication of information evaluation. There such tasks, an automated system by means of IoT devices is needed that
fore, a Dynamic Energy Management (DEM) system will be needed to can manage and control generation and demand side information at any
process this large data value to optimize power flow, real-time system time. Considering these issues, article [57] provided an approach to
predict the next day’s load and track existing power generation. In this
method, when the intelligent system uses the IoTs to realize that the load
Distributed Computing Other Sources is more toward the generation, it can propose to the user to turn off
using Spark & Destinations
Store several appliances or plan to use unimportant loads to work during
Analyze off-peak hours. Based on this research, Fig. 6 displays smart load con
In HDFS trolling and load shedding structure. To predict in this system, data of
Sensors Ingest Transform Sink (Hadoop common users, information of weather and historic data of the network
File have been applied. Also, the analysis and decisions in this article are
System) done in the cloud infrastructure, while system components communi
Predict/Machine Learning cate via power line connections or WSN technologies.
Fast Data
in Python or R Platform
4
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
5
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
S = [δ1 δ2 δ3 ...δn V1 V2 V3 ...Vn ]T (1) gives prior knowledge and information of the model of the system ob
tained by the enemy and the set of data that is accessible through the
Where V and δ represent voltage magnitudes and bus angles. Based on disclosure of sources. Some of these kinds of attack can be applied on
the reference [59], we can define state estimation as: power electronic devices and DC converters [60,61]. The prior knowl
∑
n edge or information source can consist of data about the model of plant,
minH(x) = qi (bi − gi (X))2 (2) the technique or methodologies utilized in the controller system and
i=1 Anomaly Detectors (ADs) [62–64].
Where, g(X) represents the function of measurement which gives the
weights measurement (b and q); n depicts the measurement maximum 2.2. Denial of service
number. So without having any error, the equation is:
Denial of Service (DoS) has been defined as an imperative malicious
Bi = gi (X) (3)
attack, which is able to obstruct the channel of communication by
With having error, the equation is: transmitting a huge amount of unauthentic packets. This attack acts in a
Cyber-Layer (CL) which can cause serious transmission load; also it can
Bi = gi (X) + ei (4)
consume excessive quantities of network bandwidth which cause in
Where e gives the measurement error. In the event of a cyber-attack with terruptions in the part or whole control, communication or connection
the aim of inserting malicious data into the power system, which can network [65,66]. In network controlling systems, overall, DoS attacks
change the measurement data by threat vector a, the system of con can be injected by manipulating channels, therefore, it can prevent the
trolling can obtain the measuring data as follows: data of measurement and control from reaching destinations [67]. DoS
attacks, also, do not need revelation abilities. Besides, some attack ap
Bi = gi (X) + ei + α (5) proaches like Bernoulli do not use the prior knowledge and data of the
Fig. 7 shows a typical layered security framework for SG systems. system for Cyber-Attack (CyA) [68]. Generally, DoS attack behaviors are
This Figure illustrates a comprehensive security approach at every stage selected by the attackers which have little data regarding the controlling
of the infrastructure, starting from the outer layer (organization) and system [69]. However, DoS attacks can be detected easily. Poor network
continuing through the inner physical layer. As can be seen, from the situations, also, can have an effect on the easiness of attacks and
outer layer to the inner layer, we have business process layer, data layer, detections.
meter or host layer, network layer and physical layer, all of them can be In the SG systems, the transmission channels infrastructures
targets of malicious attacks. An important point here is that the physical including, first, connection between RTU or Phasor Measurement Units
layer has the most technical action while the organizational layer has the (PMU) to the control center [70], and second, connection between
most strategic performance. control center and governor) are considered as the principal disruption
In Fig. 8, we provide a diagram for the most important attacks sources of DoS attacks. DoS attacks are able to block the measurement
affecting SG networks and the cyber-attack procedure. In the following, information which are transferred to the control center, also it can affect
various forms of cyber-attacks, modeling of attack types (according to the upgrading of the commands from the control center or delay the
the sensor and actuator attack classifications), and attack scenarios in SG controlling signals which are transmitted to the actuator destroying the
systems are discussed in detail. performance of the energy system [71]. In addition to this, The various
forms of DoS attacks are usually so powerful that they negatively in
fluence the dynamic operation of the system of Load Frequency Control
2.1. Sensor and actuator attacks in SG system (LFC) when the threat is carried out too soon before the system con
verges [72]. OF the different forms of this attack in SG systems,
In order to have a comprehensive illustration of attacks in a SG energy-limited Pulse Width Modulation (PWM) jamming signal attack
system, two basic elements are required; first we need to know mathe has been more widely used because of the simplicity of performance and
matical models of the SG concept, and then, an attack policy description. avoidance of detection [73]. In general, such attacks use network faults
The adversary attack model is defined utilizing an attack policy that to consume the resources of the system to disable normal operating
6
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
conditions [74]. configuration of the system, utilizing and disclosing sources and earn
From a network hardware perspective, slower speeds of processing real-time information. The next step is to disrupt the resources that
servers and insufficient memory have been usually the major targets of affect the normal operation of the system [85]. FDI attacks have been
DoS Attacks (DoSA). Nevertheless, for higher-performance networks of usually exerted to the metering system and controlling channels of the
communicating capable of parallel processing, DoS synchronous attack SG, that are in the forms of input attack vectors, such as ayi (t) or aui (t)
is usually performed using automated remote clients distributed by at which formulated with attack patterns or data corruption approaches.
tackers. Such attacks, which also have the ability to block high- The data corruption yai (t) or uai (t)which exerted to execute FDIA at
performance communication networks, are often defined as Distrib actuators or sensor channels have been modelled as following equation:
uted Denial of Service (DDoS) attacks. SGs generally have wide area {
network infrastructures for controlling the system comprising process 0 ∈ τa
for t ∕
yai (t) or uai (t) = (6)
λ.F() for t ∈ τa
layer 2- bay layer and 3- station layer [75,76]. Having such distributed
networks in SGs with a large number of computations in the control
Where in this equation, i = 1, 2, .....,m; and j = 1, 2,....., n; alsoτa gives the
system leads to higher possibility of DDoS attacks. The communication
period time of attack, λ represents the attack parameter, and F(.) pro
delays which are led by DDoS will have negative effects on the stability
vides a function which is reliant on time, signals of sensor and actuator.
of frequency. Generally, DDoS attacks which have been executed at
Using references [68,81,86], different forms of FDIAs are presented as
applications or Domain Name System (DNS) servers, do not need high
follows:
knowledge of the system to be easily detected. Also the detection process
is hard as the attacker is hidden [77]. Hence, request packets which are
2.3.1.1. Ramp attack (RamA). RamA, in general, includes the changing
sent by an enemy, motivated by the use of system resources, mimic or
of outputted values which is often displayed with y(t) or control signals
resemble legitimate requests. In this regard, studying DDoS attack and
(CSs) which is displayed byu(t) utilizing a slowly reducing or rising
coordinated defense usually needs background information of interac
function of ramp for time duration of an attack (ta ). At the attack time,
tive features of control devices, physical environment and the commu
yai (t) or uai (t) can be λr .t, in which, λ = λr denote the parameter of ramp
nication networks [25,78,79].
and F(.) equals t.
2.3. Data integrity attacks 2.3.1.2. Pulse attack (PA). PA, in general, includes the amendment of
outputted amounts or CSs utilizing temporarily distanced short pulses
Data Integrity Attacks (DIAs) are performed via manipulating the with several parameter of attack which is often displayed with λp .
control and measurement signals which are sent through the cyber Moreover, F(.) defines the pulse form features.
sections of the SG [80]. In this form of attack, attackers usually carry out
manipulating information or injecting malicious data in sensors, actu 2.3.1.3. Random attack (RandA). RandA, in general, includes the
ators, and channels, in that, the transferred data is within its allowable amendment of outputted amounts or CSs, during the period of attack
limit. In case of violating these conditions, malicious data detection time, via the adding amounts reverted from a uniformly random func
plans will simply detect such kinds of attacks which lead to unan tion which is displayed by rand(a, b). According to reference [87], here
nounced attacks. In this way, for the succession of attack, it has to follow λ = 1 and F(.) equals to rand (a, b), here (a, b) shows the minimum and
the principles of the power system [81]. Therefore, to better understand higher ranges of u(t) or y(t).
this issue, different forms of deception and data integrity attacks on SGs
are presented as follows.
2.3.1.4. Scaling attack (SA). SA, in general, includes the amendment of
outputted amounts or CSs to lower or higher amounts according to the
2.3.1. False data injection attacks (FDIAs)
parameter of scaling λs . The attack at the channels of actuator and sensor
This form of attack is known as a general classification of Integrity
is as follows:
Attack (IA) which can destroy real-time data, such as frequency, in every
SG system. FDI attacks, for signal injection, usually obey predefined yai (t) = λF() = λs yi (t) and uaj (t) = λF() = λs uj (t) (7)
attack patterns. However, in the real-world, resourceful attackers often
utilize approaches which adjust themselves in the attack time [78, Whenever the parameter λs is regulated that:
82-84]. The introductory step should be designed to discover the
7
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
λs yi (t) = ymin or λs uj (t) = umin (8) Attack (PhA) with a RA, approach reliant knowledge has been needed
for the carrying out PhA. RAs need disclosure potentialities to obtain
This attack has been named min attack, here, ymin and umin respec
information of the CCs of the system of control. Besides, it can disrupt
tively represent the lowest amounts of the outputted and CSs. Also ifλs
the channels of data which have been revealed [68,100]. The attacks
has been regulated which:
will be modelled as time-variant delays, with unidentified data about the
λs yi (t) = ymax or λs uj (t) = umax (9) higher range and Rate Of Change (RoC) [99].
In the Byzantine RAs, attackers repeat the registered information
It is named max attack, where ymax and umax define respectively the from the attacked actuators and sensors for a certain period. The attacks
highest amounts of the output and CSs. on sensors have been performed by the cryptography mechanism
cracking or by containing incorrect readings of the sensor via controlling
2.3.1.5. Bias injection attack (BIA). According to the reference [68,88], local surroundings [101,102]. The RA at the channel of sensor is
BIA has been defined as the easiest attack, in that the CSs or sensor of the modelled as following equation [103,104]:
aimed channel have been inserted with a fix signal of bias, also the
vectors of attack is modelled respectively for channels of sensor and ay (t) = − Cx(t) + y(t − τ) (11)
actuator as: In the Eq. (11), 0 < τ < t; besides y(t − τ) represents the data of
ayi (t) = bi and auj (t) = bj (10) sensor collected by monitoring. The 2 phases of RA (replay stage (RS)
and monitoring stage (MS) have been modelled and given as below:
Automatic Generation Control (AGC) is a fair goal of FDI attacks
since it can control frequency of grid which is each power system’s vital MS (0 ≤ t〈t0 ): at the MS, the collected measurements of sensor have
global variable. This attack has been launched in the system of SG by the been saved in J(t).
ways defined below based on references [9,89-92].
ya (t) = 0 and J(t) = Γy .y(t) (12)
• Attacking on Physical Sensors (PhS) using sensor spoofing
• Applying CCs of actuator and sensor data
• Yielding the computational techniques of the control center RS (t0 ≤ t〈2t0 ): at the RS, the gathered data of sensor has been
• Yielding the reasonably separate channels of VPN from the distrib delivered to the controller until the attack finishes.
uted sensors ya (t) = J(t − t0 ) and J(t) = J(t − 1) (13)
• GPS spoofing: this enables penetration to PMU and influences sub
stations’ clock synchronization causing to incorrect phase angle
amounts
The RAs at the channel of actuator are modelled in the similar way as
Nevertheless, the measurement CC has always been the mainly tar in the channel of sensor.
geted disruption source of FDI adversaries, owing to the robust security
of computer applications at the control center and also the low pro 2.3.3. Covert attack (CA)
portionality of distributed PhSs [93,94]. In addition, FDI attacks require CAs are other forms of cyber-attacks which make a strong and hidden
a well knowledge and learning of configuration of system and models of attack framework by the system’s accurate information which utilizes its
attack effect for computing optimum attack sequence [95]. availability to measurement and control of sent signals over the CAs
In case of having comprehension of system structure by attackers, [102,105,106]. The hidden agent has been considered to include sources
however restricted having availability to measure meters owing to their to give availability and injecting data to channels of actuation and
physical maintenance, the attackers can find a solution for the problem measurement. CAs are working via cancelling the effect of attack signals
of optimization for the estimation of the lowest sensors’ or meters’ through computing the system output answer and deducting it from the
number with highest vulnerability [96,97]. Nonetheless, at an imperfect readings of measurement [63,107]. As a result, at the controller side, the
data scenario, topology data is collected by FDI attackers to launch diagnosis system gets the information of measurement without attack
authentic FDI attack via the methods below [98]: data. These actions make the covert attack.
Besides, it can exploit the threshold kept in the logic of decision of
• Via the collecting online and offline information utilizing manual diagnosis systems to decrease alarms of failure owing to the presence of
materials or using deploying meters for accessibility of the data of type lack of certainty and undefined disruptions. Thus, the attack will
the network stay hidden despite the discrepancies of the model occurring from the
• Utilizing the market information associated with the economic attacker’s plant model to the actual procedure [105]. The attack
dispatch problem covertness was explained in 2 various fields including cyber and phys
• Utilizing measurements of load flow: The correlation via the mea ical domains. From a cybernetic viewpoint, CAs usually have less pos
surements of load flow often gives configuration information, while sibility of diagnosis by the diagnostic approaches monitoring the
the specifications of systems such as passive and active loads have communication and dynamics of the system. The CAs in the CPPSs are
been altered. able to change the system behavior to prompt physical impacts with no
identification by the individual observer [108]. The CA needs disruption
2.3.2. Replay attack (RA) and disclosure abilities, and completes dynamics knowledge of plant and
Replay attacks are defined as other forms of data integrity attacks system structure [109]. The CAs on SG system have not been fully
which are performed by initially implementing a disclosure attack for studied in the publications.
collecting data sequences from the compromising sources and thus it
replays the documented data till the end of the period the attack [63,88]. 2.4. Zero dynamics attack (ZDA)
Principally, RAs follow the framework of fraudulent delaying or
repeating the authentic transmitted data [99]. There is no requirement ZDAs can exploit the data of the model of the whole system to
for any earlier knowledge regarding the design of the system for these generate signals of attack which do not make every modification in the
kinds of Attacks, such as the data of modelled estimators and controllers output measure [110]. They use the zeros and linearity properties in the
[80]. function of transfer to produce a mechanism of attack that uncouples
Nonetheless, in the scenario of attack, a predetermined Physical itself from the output of a closed-loop system. There is no need for any
8
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
abilities of disclosure because it can follow a strategy of open-loop In Table 1, some important papers which have studied cyber-
attack. Abilities of disruption on the actuator CCs have been required physical security, threats and resilience strategies are compared. A
for ZDAs, and the complete information regarding system‘s complete view about attacks and defense mechanisms can lead to having
zero-dynamics was needed which is possible to be calculated from resilient SGs against malicious events. In this regard, different research
matrices of output and state equations [111]. Generally the systems of have considered resiliency of SGs along with cyber security, which are
SG are not liable to ZDAs owing to the lack of zero that is a least phase presented in Table 1.
system.
3. Detection and defense mechanisms of cyber-attack in SGs
2.5. Resonance attack (ResA)
Various research dealt with design robust techniques for detecting
In power systems, having a safe and secure operation can also be and/or defense strategies against cyber-attacks, for instance, false data-
ensured with acceptable intervals between the frequency and the RoC of driven or data-injection attack [126], perfect or imperfect false data
Frequency (RoCoF). Another form of attack in the power system titled attack [127], designing a resilient communication network [128], or
‘resonance attack’ is defined as a different attack type that can cause to detection mechanisms using federated learning methods [129]. How
have an unusual frequency and/or RoCoF with changing the load of ever, in this section, we classify and discuss almost all principal ap
power or signals of tie-line based on a resonance resource. Generally, the proaches regarding the detection and defense mechanisms of
resource of resonance is the output function or the output of a system. In cyber-attacks in power systems and SGs.
such cases, power signals or the modified loads have been maintained in
an acceptable period so that it becomes very small to be detected by 3.1. DoS attack
diagnosis approaches [112]. Since the RoCoF divergence can lead to the
frequency divergence, the electric grid has been given with particular DoS adversaries include widespread attacks on the network protocol
RoCoF Protection Delays (PDs) according to the electric network inertia. with network traffic floods and congestion of communication channels,
Such PDs might travel as a result of adverse attacks which can move the thereby carrying out attacks on CPS transmission channels. In state
RoCoF value further beyond their predefined boundaries. Therefore, it estimation problems, the general detection and defense mechanisms
can bring about power systems’ blackouts. against DoSA contain hypothesis testing problem detection method,
improved Kalman filtering method [130,131], and also game theory
2.6. Time-Delay switch attack (TDSA) method [132]. The secured controlling mechanisms of DoSA in CPS
contain methods including systems of triggering, small gain, stochastic
Some hackers can prompt TDSAs in systems of control operation with time-delay, impulsive, and theory of game.
planned setting latency in sensors or control loops to reduce system A resilient and flexible controlling mechanism against a periodic DoS
stability. If significant delays can occur in remote measurement systems attack in SG with communication delay has been presented in the
and time delays are injected into equipment or control signals, SG sys reference [133]. The proposed method has been coordinated with the
tems will unstable or break down. Therefore, this way is one of the diagnosis system to differentiate attacks of DoS from delays of the
methods to destabilize the network used by hackers. network. Their criteria for tolerable DoSA have been obtained using the
Generally, a SG network including a TDSAs can be modelled as a Lyapunov-Krasovskii approach and the switched system mechanism.
combined system by action of switch including ‘Off/Delay-by-τ’, here Also in the reference [134], a resilient communication plan resulting
τrepresents the delay period by random which demonstrated by the from the event-triggered of interconnected SGs which tolerates infor
control signals or measuring condition. As a result, injecting delays of mation losses owing to energy-bound DoS attack has been introduced.
time in different dynamic system modes can make the power grid vol This paper focused on the improvement of the resilient control strategy
atile [113]. lacking the preceding information of extra possibility of DoSAs. In the
reference [73], authors developed a novel switching system type of the
2.7. Man-in-the-Middle attack (MiTMA) multiple-area electric network with the concurrent existence of sto
chastic deception and DoS attacks. According to Lyapunov’s theory of
Another form of attacks in CPSs can be MiTMA. In the MiTMA, an stability, the quadratic exponential system stability has been achieved.
intruder engages himself in a conversation between two devices in order Here, a periodical electricity limit signal has been applied to form the
to eavesdrop or impersonate one of the devices. In this case, it seems that DoSA, and the Deception Attack (DA) signal has been designed as a
the exchange of information works in a normal condition. Therefore, the quantifiable outputs’ nonlinear function. In addition to the concepts of
intruder can carry out an FDI attack. Also, it can compromise the mea resilience control of cyber-attack, some recent papers focused on
surement of values, control, operation, and operation and information enhancing defense strategies toward DoSAs by Cellular Computing
transmission in the power system. According to the type of operation of Network (CCN) forecasts and methods based on machine learning. For
this attack, the methods of identifying and countering MiTMA in a smart instance, in reference [135], DoS attack mitigation in an integrated
network can be difficult. By designing and implementing multi-step dual-zone power supply system with PV resources has been presented by
MiTMA intrusions in a physical cyber power system, hackers can, for the application of a synchro-phasor network (SPN). In this research, the
example, use an artificial network model to cause incidents of relay authors have used a CCN to predict the dropped information of the PMU,
malfunctions, incorrect measurements, and even physical problems in where the expected information of CCN has been utilized to perform a
the SG. Therefore, detection mechanisms can enable stakeholders to SPN. In the paper [71], researchers have proposed a defense strategy by
defend against this type of covert cyber-attacks. This problem can be ‘Deep Auto-Encoder Extreme Learning Machine’ (DAELM). The sug
overcome to a great extent by using online and intelligent network gested optimizer has supplied dropped data via forecasting and stables
monitoring detection tools and multiple warnings by intrusion detection usual system conditions. The expected lost frequency owing to the attack
systems. One of the most common types of man-in-the-middle attacks is has been performed by a historic databank and the information pre
implementing a public Wi-Fi network through a malware-infected dicting approach. Hence, the power control center will send the actuator
router. In this method, any user connected to the public Wi-Fi network signal communicating to the frequency of prediction to maintain the
who sends information packets or receives information packets inad system’s usual performance condition.
vertently sends a copy of the information to a third party. One of the best
and most reliable methods that can be used to identify this attack is
network traffic monitoring and analysis [114].
9
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
Table 1
Important research studied cyber-physical security, threats and resilience strategies in SGs.
Refs. Fields of study Main focus of the research Sub-focus of the research Main results
[115] Power systems assessment against Reliability and resilience Resilience values assessment A review of conceptual strategies of power system
unexpected events resilience
[116] Smart energy systems resilience Disaster modeling Natural disaster New method against unexpected natural disasters
[117] Energy systems resilience Resilience enhancement efforts Analysis in some typical countries Analytical resilience comparisons of smart energy
with various regions systems
[118] Methods used in SGs for multi-energy SGs and energy hubs Advanced operation mechanisms New method for physical resilience of multi energy
improving security system
[119] Methods used in SGs for Resiliency improvement for AC-DC Centralized, decentralized, and Improving physical resilience in AC-DC MGs
improving resiliency and hybrid SGs and MGs hierarchical approaches
[120] Communication, event-based, and Communication stability Networks analysis Improving ICT structures
component resilience
[121] Communication, event-based, and Event-based resilience Security analysis of power New strategy for enhancing security of
component security components communication structure
[122] CPSs Renewable energies in SGs and Reliability, resilience and data Novel framework for improving CPS security
energy systems security
[92] CPSs Cyber-attacks in SGs DoS attacks and control for energy Novel strategy for cyber-attack detection
storage systems
[123, CPSs Risk management and energy Cyber-physical risk modeling in Securing data in CPS
124] market SGs
[17,64, False data injected attacks Signal processing Blockchain, fast Fourier transform, Different strategies for FDIA detection with signal
97,98] Hilbert Huang transform, processing
[125] False data injected attacks Machine and deep learning False data detection Wavelet transform and singular value
methods decomposition based on machine learning in FDIA
detection
3.2. FDIA systems is one of the defense mechanisms against FDIAs. A good
example of this strategy is reference [59] which authors demonstrated
FDIA is another form of cyber-attacks which can work via the ma that when the amount of compromised MMs (k) applies to a specific
licious injection data and information manipulation. Thus, in order to state, a successful FDI vector is done. When k ≥ m − n + 1, we will have
detect FDIAs and for ensuring the power systems’ operational reliability, an effective attack vector which is able to manipulate measurements
the monitoring of the system via State Estimation (SE) approaches and without to be detected. In this equation, m represented the meter
Meter Measurements (MMs) has been typically employed [61,98]. The numbers of measurement, also n gives the amount of condition param
common detection methods used in SG systems include optimizers to eters. When the amount of measurement devices and meters which have
test if the measurements achieved from the parameters of the electric been attacked is below m-n + 1, we can detect an attack. According to
system are at satisfactory intervals or not. Overall, a good detection this situation, in reference [142], it has been shown that protecting an
algorithm for FDIAs has to be able to provide real-time data about the essential measurement set will be needed and enough for detecting
size, time and the location of the attack. Detection structures in the FDIAs.
networking system of control have mainly been named as ADs which are The SE methodologies also might have drawbacks, for instance, the
combined by controller [89]. inefficacy in attack detection which can inject measurement information
In typical and common power systems with AGC, the SE techniques identical to historical information. As a result, a new form of detection
have been executed at almost high time intervals; as a result, it is not technique using the measurement variation dynamics tracking has been
able to contribute to improving the sensor data reliability which is sent presented in paper [142]. In this approach, the distance from the mea
to AGC [136]. Indeed, modern systems of power have high efficiency surement variations to probability distributions has been derived uti
computation mechanisms and data acquisition parts which run SE ap lizing Kullback Leibler Distance (KLD) with the AC model of estimating.
proaches that have decreased performance period. So, it is able to The higher KLD displays the higher measurement deviation of the his
improve the measurement data consistency which transmit to AGC op toric information, such as the wrong data. Given the FDIAs’ sparse na
timizers, after having passed them via SE optimizers [93]. Nevertheless, ture, a diagnosis method according to the sparse optimization has been
the FDIAs on such electric structures include the ability to disturb the SE presented in the reference [143]. The approaches of nuclear norm
procedure, which leads to transmit altered measurements of detector minimization and low rank matrix factorization have been suggested to
and sensor to the power controlling center. This primarily takes divide the nominal and anomalies conditions of the electric system. In
advantage of the tolerance of SE techniques against little measurement order to find the exact place of the main endangered measurement set
errors. [137,138]. Besides, whenever a power network faces a devices utilizing graphical meters, paper [144] suggested a new strat
cyber-attack, the compromised information was put in comparison with egy. In addition to this, some effective research of literature which
a system’s healthy measuring data using systems of monitoring for focused on various detection mechanisms utilized in FDIAs are also
detecting such kinds of attacks. But, if attackers have access to good presented in the following. Reachability mechanisms have been used in
knowledge and information of the system, small signals of practical references [145,146] for identifying the existence of FDIAs that are able
attack are almost unrecognizable and lead to a covert DA. [139]. The to cause various safety conditions’ violation. In the reference [59], the
detailed study of the covertness attributes of FDIAs in Linear Time- undefined vulnerability of current distorted or bad data diagnose
Invariant (LTI) systems of control has been carried out herein [140]. mechanisms for 2 different attacks’ classes (generalized FDIAs and
The countermeasures of FDIAs is also able to be categorized into pro FDIAs) with the attack aims to find an attack by random and aimed
tection and detection-based methods [141]. Protection-based defense attack vectors has been studied. According to the attack algorithms, the
approaches can help to identify and protect the critical sensors; attack form is primarily categorized into generalized FDIA and FDIA. In
detection-based approaches also focus on the detecting FDIAs utilizing FDIAs, the attacker usually inserts bad data into devices like MMs and
estimation methods [142]. The vulnerability of the power system’s ports detectors while it keeps the measurement of residual unchanged. The
and terminals makes the electric grid further vulnerable to IAs. Thus, attacker, in generalized FDIAs, usually uses a typical form of measure
protection of the collection of sensors, detectors and measurement ment error tolerance with SE techniques which helps attack to keep
10
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
stealthy and anonymous to be detected [137]. AGC like replay attacks, noise-injected attacks, and destabilization at
Another notable cyber-attack defense mechanism against SG-ES at tacks have been proposed in paper [163]. The presented technique in
the power control center has been presented in the reference [147]. The this research basically employed the dynamic watermarking approach to
proposed method has used a new adaptive Cumulative Sum (CUSUM) diagnose tampered values; where the generating block overlaps the
optimizer to quickly detect the adversary with no violation of the ac control signal with a small magnitude signal randomly that has a specific
curacy level of diagnosis. The defense framework for a power network probability distribution. Therefore, the honest detectors can show sta
that is usually divided into MG sets has been displayed in research [148]. tistical attributes like the superimposed signal, while over-distorted
In this work, authors presented boundaries and data sharing framework detectors do not show these relevant statistical features. As a result,
of MGs which were completely reconfigured, so that it is not possible to malicious acting can be discovered via specific tests of such statistical
make a synchronized FDIA. Further descriptions of FDIAs diagnosis attributes. In this research, also, the authors stated that the presented
strategies in electric systems have been presented in references [98, framework is able to be used even if the opponents were fully knowl
149-153]. edgeable of the physical and statistical types of the system.
Artificial-based strategies such as Neural Networks (NN) also play an Another approach to detect replay attacks in systems’ controllers of
important role in data security, cyber-attack detection and defense SGs has been proposed in reference [164], where the control law has
mechanisms in SGs [154]. In paper [155], a NN detection-based tech been varied between random and static for improving the detection rate
nique for FDIAs for sensing loop of two-zone system of distribution has in RAs. But, the proposed strategy comprises the efficiency of the
been presented. In the proposed method, the inputted and output con detection in some levels. In reference [101], authors have evaluated the
trol measurement conditions were transmitted to the Levenberger possibility of replay attacks in Gaussian LTI control systems using an
observer for the ES. The NN diagnose unit received the values to detect specific anomaly detector and infinite Linear Quadratic Gaussian (LQG)
and track FDIAs. The ability of the proposed NN for estimating the controllers. In this paper, the authors claimed that the presented strategy
nonlinear behavior of the system was another benefit of this approach. can guarantee the desired level of diagnose possibility with trading off
In reference [156], authors proposed an AGC system with non-linearity LQG efficiency and diagnose delay, by increasing the control attempt or
such as time-delay and governor dead-band which was provided by a by the decreasing of control precision. From a resiliency viewpoint, in
diagnose method utilizing a particle mechanism based on filter and paper [165], authors presented a resilient control approach toward RAs
Sequential Importance Sampling (SIS) approach. We should state that in a SG control system by receding horizon control rule.
particle filters are defined as tools for tracking the dynamic states of a
nonlinear system and are modelled by the Bayesian network. In refer 3.4. CA
ence [157], a Recurrent Neural Network (RNN) approach has been
presented to detect FDIA in an AGC system with non-linearity such as The covert attack diagnose method generally includes the assessment
governor dead band and transportation time delay. Also, in the paper of weak attack points and changing the behavior of power generation
[87], authors proposed a detection method which depends on a strategy after the attackers have discovered the model of the system. It can be
based on physics and Deep Learning Method (DLM). In this work, the said that the basic weak point of covert attack is highly relying on entire
deep learning technique used frequency historical information and knowledge of the system. A good example here, in covert attack, is
tie-line load flow measurements to learn data models and to predict ACE presented in paper [108] where a modulation matrix has been included
amounts via the learnt templates. Besides, in another paper [158], for an in the control variables path to warn the input attitude of the procedure,
optimum interconnected attack such as FDIAs and load operation as a to develop a remedial action. This measure can make an adversary lose
countermeasure, authors proposed a threshold-based detection mecha the entire information of the system and can help the attacks to be
nism. For AGC, a simultaneous detection and mitigation strategy against detected.
FDIA via the concurrent evaluation of condition and input has been The prohibitive actions against some forms of covert attacks consist
suggested in the paper [159]. In this work, authors have used a recursive of raising the difficulty to have access in control loops. Based on the
3-stage filter for the performance of 3 stages which included updating of paper [166], having undesirable accessibility to the control systems can
time, updating of measurement, and undefined input evaluation. be decreased with use of firewalls, which can be applied to the network
One of the variants of FDIAs is bias injection attack. Reference [160] segmentation and with utilizing special architecture. Besides, having
discussed an evaluation of the effect of having BIA over a SG system. The access to the information flow will be decreased with utilizing time
study has focused to find the major effects of attack on the system stamping approaches and encryption algorithms. Another countermea
whenever the frequency of the system is invaded by an attacker and to sure can be using control functions such as switching controllers which
maintain it in a secure and normal balanced amount lacking an alarm. In are almost difficult to be estimated [105].
paper [161], the SE issue in stochastic dynamical linear systems with
BIAs has been analyzed. In this research, to compensate for the effect of 3.5. ResA
the cyber-attack, authors presented criteria for selecting sensors to be
secured. In the proposed method, the utilized estimator was the Kalman ResA is identified as a form of DAs which usually have two pre
filter which the attack detection has been performed with the conditions. The initial prerequisite is the possibility of access to the
chi-squared test. In another research, a set-theoretic diagnose strategy resonance resource, and the next prerequisite is the possibility of
for BIA has been suggested in the paper [136]. In the paper [162], the injecting or modifying the input of the power plant based on the refer
authors have proposed the distributed diagnose strategy and separation ence of resonance. Thus, protecting the inputted data can be the highest
of BIA in SGs which used an internal observer. This paper presented effective counteraction. In references [112,167], efficient countermea
global and local stages for the distributed diagnosis in sets of sensor sures including the tempering and manipulating of reshaped input for
attack according to a judgment matrix. In this research, authors have the resonance effects weakening have been proposed. Also, crypto
also examined the experimental perspectives such as detection delay, graphic algorithms with sequential numbers or time stamps can be uti
bias injection attack detection accuracy, and pre-calculated threshold lized for ensuring the data authenticity.
constraint while applying the detection strategy.
3.6. TDSA
3.3. RA
Another attack titled TDSA which performed in SG will have nega
Reply attacks have also been considered as other forms of cyber- tive effects on the stability of the system and deteriorate implementa
attacks. An online detection framework for some cyber sabotage on tion. Delay injection on the system can be implemented with delaying
11
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
the telecommunication packets or at the size of sensor sampled data used as a good solution for big data processing as well as the imple
points [168]. In addition, another negative effect can be accessibility to mentation of efficient security solutions. One of the important points to
CC for switching on or off. The evaluation of stability in the SG system keep in mind is that big data generation comes from smart grids, and
with TDSA has been effectively given in reference [169]. Authors of the efficient methods for analyzing them are valuable for extracting infor
paper [170] have determined the delay margins in a SG with steady and mation. It should be noted that without extracting useful information
time-variant delays utilizing Linear Matrix Inequality (LMI) approaches from the network, the gathered information has little value. In this re
considering the stability criteria of delay dependency. Also, in this case, gard, paper [179] presented an assessment framework to analyze tran
authors of the reference [169] have suggested a prevention technique sient constancy that used ELM which indicated effective computational
utilizing a time delay estimator where in order to track injected time speed and accuracy.
delays, the controller is reinforced by a delay estimator. Advancement in Also, ML can be applied in SG for different security applications. For
Wide Area Measurement Systems (WAMS) and PMU has developed co instance, authors of the papers [125,180] have proposed the application
ordination stability and control techniques without ignoring time delays of ML and optimization algorithms to develop stability for unplanned
of energy system measures. As a result, it is important to assess the effect islanding in MG, which analyzed big data for prediction, monitoring and
of time delays in energy system analysis which are investigated in ref detecting cyber-attacks incidents which happen before the stabilization
erences [170,171]. stage. Several approaches dealt with the issue of cyber security
improvement and detection mechanisms in SGs. For example, in the
3.7. MiTMA reference [181], authors proposed a multiple-layer perceptron (MLP)
and a diagnostic approach based on classifiers for CyAs in SG systems. In
There are some solutions in the references [172,173] to face MiTMA this research, the MLP classifier has been presented by samples of
where the most important of which are the following: training of area control error (ACE) amounts gathered by compromised
and normal states. The appropriate ACE signals’ characteristics have
• Two-way authentication: In this method, public and private keys been elicited to estimate the difference of compromised and normal
are sent based on an irregular encryption pattern called Hash. In this signals. Then, the classifier efficiency has been assessed utilizing
case, viewing passwords or decoding hashed messages is a problem objective function and an optimal subset. A concise diagram of using ML
that will require a powerful system. techniques is displayed in Fig. 9. However, one of the most important
• Determining the delay period: Normally, the process of performing parts of using ML techniques is in the renewable energy sectors. As can
cryptographic calculations is done by the Hash function and a spe be seen, ML can be classified into supervised and unsupervised learning.
cific period of time is considered for it. For example, if the decoding In supervised learning, large set of labeled data and missing labeled data
process of the sender and receiver takes 25 s, but the sending and can be trained. In unsupervised classification, we have clustering, as
receiving process takes 60 s, it indicates that a third party is sociation rule learning, and dimensionality reduction. Each of which can
eavesdropping. be categorized into different subsections to detect attacks.
• Authentication-based on the Carry-Forward pattern: One of the
most comprehensive methods to deal with man-in-the-middle at 4.2. Signal processing techniques for improving cyber security in SG
tacks is to check the certificates issued by the certificate issuing
authority. Analog or digital Signal Processing (SP) is one of the topics that are
• Identification of unauthorised fake access points: One of the widely used and are still expanding and updating. In general, Digital
common methods used by hackers to implement man-in-the-middle Signal Processing (DSP) is a digital processing method that uses digital
attacks are fake access points or, more precisely, rough access points. signal processors to recognize, detect, encode, decode, optimize, and
Wireless devices automatically connect to access points that have a perform signal processing. The signals that are processed using this
strong signal. Once a fake access point is deployed in a building, method can generally be a sequence of numbers that represent samples
wireless equipment is connected to it and then connected to the of a continuous function or variable in the domains of time, space, or
domain that the hackers manage. In this case, all network traffic is frequency. DSP applications are widely used in sound processing, speech
intercepted or manipulated by hackers. processing, radar frequency processing, sonar processing, as well as
other sensor arrays, or in other areas such as statistical signal processing,
4. New strategies to increase cyber security in SGs system spectral density estimation, digital image processing, telecom
munication signal processing., control systems and seismology and
4.1. Machine learning and deep learning techniques in SG many others [182].
DSPs can be also comprised of linear and non-linear operators. In
In general, Machine Learning (ML) is a term of using a system to order to process the nonlinear signal, we generally need to identify the
learn and predict a process from existing data. ML can be used as an nonlinear system, so this system can be implemented in time, frequency,
effective tool to perform the heavy task of overcoming the large quantity or space-time domains. With the expansion of the use of digital systems,
of data generated in a sensor structure based on sensors and the IoTs. ML the use of digital computing in signal processing has become much more
techniques can also be used as the last piece in an SG system that uses it widespread than analog processing. Therefore, digital processing in
to collect and analyze data and make appropriate decisions. It thus en fields such as error correction and identification in communication and
ables the SG to operate optimally and as intended. ML consists of various data compression gives many advantages to users. One of the important
algorithms and techniques that analyze existing data by an instruction points is that DSP can be used both for static and stored data and for
set to generate decisions or predictions based on data. ML is designed streaming data. Since in the real world signals are analog, in order to
under a rigorous process and results in the programming of explicit analyze a continuous analog signal, this signal must be digitized by an
optimizers with the estimated operation. The functionalities of ML Analog-to-Digital Converter (ADC). Another important topic is the
techniques consist of predictions of power generation and consumption, sampling of these signals, which are usually discretized and quantified
future optimum schedule, adaptive control energy price, fault detection, in two stages. Discretization is a process in which the signal is divided
size, and detection of grid troublemakers during a data flaw [174–178]. into equal time intervals. In each interval, the signal is represented by a
ML techniques are widely used in detection of cyber-attacks today. In the measured amplitude [60]. In quantification, each domain of measure
following, some new valuable research which used machine learning ment is approximated by a value from a limited and small set. For
techniques and focused on the diagnosis strategies in AGC structures are example, rounding real numbers to integers can be mentioned as an
discussed. Machine learning techniques have been widely and recently example of this technique.
12
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
Discrete Wavelet Transform (DWT) and Fourier transform can be on GSP techniques have been presented and their performance has been
mentioned from numerical analysis and distribution analysis methods. evaluated and compared. The presented study confirmed that GSP can
In (DWT, wavelets can be sampled discretely whenever possible. The be a suitable approach for SG data analysis.
main advantage of wavelet transforms over the Fourier transform is its
time resolution. In this conversion, generally both frequency informa 4.3. Blockchain techniques in SG
tion and location information are received from the system. However, in
general and according to the principle of uncertainty, the accuracy of The use of blockchain technology in modern power systems is
time-frequency separation in this case is limited in time-frequency do expanding and this technology requires a coherent structure based on
mains. Using combination of effective methods based on artificial in validation, computing and storing data. In this regard, first we should
telligence and signal processing approaches such as Hilbert Huang know the approaches data validation and storing methods [184].
Transform (HHT), wavelet singular values or wavelet singular entropy, Distributed Ledger Technology (DLT), as a database, is defined to
and Fourier singular values for detecting cyber-attacks can make SGs replicate and share and synchronize data between distributed numerous
more secure and resilient against these types of attacks, which in turn, devices [185]. In DLT, the data is saved in a sequence arrange and it
help to enhance the stability of CPS. Some papers have used signal makes a digital ledger series. Whenever a block which contains a data
processing techniques to deal with cyber-attacks, for instance, refer collection is included into the chain, this data is notable to be modified
ences [17,82,97] the authors have used wavelet singular entropy and again whit any authorities. Therefore, this system will be inherently
HHT to detect FDIA which enhance the security in the DC-MGs. The tamper-proof [186]. In Fig. 10, based on the processing of validating and
proposed method has analyzed the current and voltage signals in con storing data, the DLT is basically categorized into 3 kinds including
trollers and sensors by extracting the signal details. In reference [125], Tempol ledger, blockchain, and directed graph data. High penetration
authors proposed a combination of wavelet singular values and deep and using blockchain in practical applications has been well studied.
machine learning to detect an attack on SG. Blockchain technology is also subdivided into four categories consist of
In terms of topology and configuration, SGs have distributed blockchain one for doing uncomplicated cryptographic currency pur
equipment that is structurally interconnected, which monitoring of this poses, blockchain two for smart contract utility purposes, blockchain
network can be done through the analysis of continuous data stream three for distributed use purposes, and blockchain four for education
signals from various measuring devices located throughout the system. purposes [187].
A good example here is the paper [183], which used Graph Signal It should also be noted that blockchain is a Peer-To-Peer (P2P)
Processing (GSP) to display and analyze power grid measurement data. distributed network database whose security is enabled using several
This paper illustrated that GSP can enable various analyzes for the encryption technologies. Various formats of blockchain technology are
structural data of the power grid and the dynamics of its interconnected suggested to meet various needs and practical applications according to
components. Also, in this study, the effects of different cyber and the mechanism of consensus and network openness including private,
physical tensions in the SGs have been evaluated and investigated both consortium, and public.
in the vertex and frequency domains of the signal diagram. Different
techniques for detecting and locating cyber and physical attacks based
13
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
14
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
15
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
definitely the evolution of a SG mechanism based on blockchain with power grids in terms of efficiency and failure prevention. Knowing the
intrusion diagnose system and DAPPS, particularly for SG uses with different methods of cyber-attacks in the power systems and how to deal
different architectures. For example, a test mechanism for blockchain- with them will make the network more resilient. This article presented a
enabled SGs can be created with regards to various DDoS-attack, rout systematic review of different methods and cutting-edge techniques and
ing-attack and Sybil-attack. We highlight, in the following, the potential possible solution approaches for cyber-security in SGs. We discussed the
research directions for the future of smart power distribution systems. interactive features of cyber–physical power systems, connections, and
New security technologies such as blockchain in smart contracting interactions between power systems and cyber systems. Furthermore,
can be done in a distributed behavior, where the blockchain grid of the different cyber-attacks in SGs and their models and mechanisms have
system of entire transmittance will be created by combining distributed been reviewed and summarized in detail. In addition, the characteristics
blockchain grids. This could potentially address the failure in increasing and applicability of such related models have been technically analyzed.
the level of penetration of DGs and hamper the transmission from Various cyber characteristics of wireless sensor networks, big data
malfunctioning and creating a breaking point. For instance, a system of analysis, IoTs, and technologies like blockchain and quantum computing
power transmittance can be separated into several zones, each of which used in SGs have been comprehensively discussed. Finally, some
is monitored by ICT-enabled IoT devices and control algorithms. In possible applications of using new techniques and their roles in
order to have a cyber-secured RTUs and IEDs controlling system in SG, improving cyber-security in the futuristic SGs were presented. Knowing
the smart blockchain-based meters can be developed with complicated the different methods of cyber-attacks on the SGs and energy systems as
algorithms. It can be used in DG controllers for commanding DG outputs well as applicable, possible and up-to-date defense mechanisms, can
to regulate voltage and power quality. These issues make cyber security effectively give researchers the opportunity to effectively study them,
in SGs unpredictable and dynamic. Considering these issues, we can and to improve various methods to deal with the new forms of cyber-
better understand the growing trend, threats and future technologies in attacks in SGs and energy systems.
SGs.
In this regard, it is necessary to provide suitable solutions and ap
plications in order to identify and deal with them for the smart grid. Declaration of Competing Interest
Considering that this field is expected to be increasingly expanded in the
coming years, providing practical suggestions in the security of the The authors declare that they have no known competing financial
future intelligent network can be a way forward. Therefore, studies and interests or personal relationships that could have appeared to influence
future research process can be explained as follows: the work reported in this paper.
16
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
[15] H. Karimi, T. Niknam, M. Dehghani, M. Ghiasi, M. Ghasemigarpachi, [43] M. Pourbehzadi, T. Niknam, J. Aghaei, A. Kavousi-Fard, A. Dehghan, Stochastic
S. Padmanaban, et al., Automated distribution networks reliability optimization energy management in renewable-based microgrids under correlated
in the presence of dg units considering probability customer interruption: a environment, in: 2020 IEEE International Conference on Environment and
practical case study, IEEE Access 9 (2021) 98490–98505. Electrical Engineering and 2020 IEEE Industrial and Commercial Power Systems
[16] M. Ghiasi, M. Dehghani, T. Niknam, H.R. Baghaee, S. Padmanaban, G. Europe (EEEIC/I&CPS Europe), 2020, pp. 1–6.
B. Gharehpetian, et al., Resiliency/cost-based optimal design of distribution [44] M. Dabbaghjamanesh, A. Kavousi-Fard, Z.Y. Dong, A novel distributed cloud-fog
network to maintain power system stability against physical attacks: a practical based framework for energy management of networked microgrids, IEEE Trans.
study case, IEEE Access 9 (2021) 43862–43875. Power Syst. 35 (2020) 2847–2862.
[17] M. Ghiasi, M. Dehghani, T. Niknam, A. Kavousi-Fard, P. Siano, H.H. Alhelou, [45] M.R. Forozan Nasab, J. Olamaei, Reactive power management in micro grid with
Cyber-attack detection and cyber-security enhancement in smart DC-microgrid considering power generation uncertainty and state estimation, Signal Process.
based on blockchain technology and hilbert huang transform, IEEE Access 9 Renew. Energy 3 (2019) 25–35.
(2021) 29429–29440. [46] E. Fouladi, H.R. Baghaee, M. Bagheri, G.B. Gharehpetian, Power management of
[18] S. Mehrdad, S. Mousavian, G. Madraki, Y. Dvorkin, Cyber-physical resilience of microgrids including PHEVs based on maximum employment of renewable
electrical power systems against malicious attacks: a review, Current Sustain./ energy resources, IEEE Trans. Ind. Appl. 56 (2020) 5299–5307.
Renew. Energy Reports 5 (2018) 14–22. [47] S. Talari, M. Shafie-Khah, N. Mahmoudi, P. Siano, W. Wei, J.P. Catalão, Optimal
[19] S. Mousavian, M. Erol-Kantarci, T. Ortmeyer, Cyber attack protection for a management of demand response aggregators considering customers’ preferences
resilient electric vehicle infrastructure, in: 2015 IEEE Globecom Workshops (GC within distribution networks, IET Gener. Transm. Distrib. 14 (2020) 5571–5579.
Wkshps), 2015, pp. 1–6. [48] G. Kumar, P. Kaliannan, S. Padmanaban, J.B. Holm-Nielsen, F. Blaabjerg,
[20] X. Hu, S. Zhou, T. Chen, M. Ghiasi, Optimal energy management of a DC power Effective management system for solar PV using real-time data with hybrid
traction system in an urban electric railway network with dogleg method, in: energy storage system, Appl. Sci. 10 (2020) 1108.
Energy Sources, Part A: Recovery, Utilization, and Environmental Effects, 2021. [49] P. Singh, B. Khan, O.P. Mahela, H.Haes Alhelou, G. Hayek, Managing energy plus
[21] M. Ghiasi, J. Olamaei, Optimal capacitor placement to minimizing cost and power performance in data centers and battery-based devices using an online non-
loss in Tehran metro power distribution system using ETAP (A case study), clairvoyant speed-bounded multiprocessor scheduling, Appl. Sci. 10 (2020) 2459.
Complexity 21 (2016) 483–493. [50] P.D. Diamantoulakis, V.M. Kapinas, G.K. Karagiannidis, Big data analytics for
[22] M. Ghiasi, Technical and economic evaluation of power quality performance dynamic energy management in smart grids, Big Data Res. 2 (2015) 94–101.
using FACTS devices considering renewable generations, Renew. Energy Focus 29 [51] A. Arjomandi-Nezhad, M. Fotuhi-Firuzabad, M. Moeini-Aghtaie, A. Safdarian,
(2019) 49–62. P. Dehghanian, F. Wang, Modeling and optimizing recovery strategies for power
[23] M. Ghiasi, A detailed study for load flow analysis in distributed power system, Int. distribution system resilience, IEEE Syst. J. (2020) 1–10.
J. Ind. Electron. Control Optim. 1 (2018) 159–160. [52] M. El-Hendawi, Z. Wang, An ensemble method of full wavelet packet transform
[24] A. Ramezani, M. Ghiasi, M. Dehghani, T. Niknam, P. Siano, H.H. Alhelou, and neural network for short term electrical load forecasting, Electr. Power Syst.
Reduction of ripple toothed torque in the internal permanent magnet electric Res. 182 (2020), 106265.
motor by creating optimal combination of holes in the rotor surface considering [53] K. Ginigeme, Z. Wang, Distributed optimal vehicle-to-grid approaches with
harmonic effects, IEEE Access 8 (2020) 215107–215124. consideration of battery degradation cost under real-time pricing, IEEE Access 8
[25] P. Duan, H. Soleimani, A. Ghazanfari, M. Dehghani, Distributed energy (2020) 5225–5235.
management in smart grids based on cloud-fog layer architecture considering [54] R. Eskandarpour, P. Gokhale, A. Khodaei, F.T. Chong, A. Passo, S. Bahramirad,
PHEVs, IEEE Trans. Ind. Appl. (2020), 1-1. Quantum computing for enhancing grid security, IEEE Trans. Power Syst. 35
[26] Mohammad Ghiasi, Taher Niknam, Moslem Dehghani, Hamid Reza Baghaee, (2020) 4135–4137.
Zhanle Wang, Mohammad Mehdi Ghanbarian, et al., Multipurpose FCS model [55] Q. Ou, Y. Zhen, X. Li, Y. Zhang, L. Zeng, Application of internet of things in smart
predictive control of VSC-based microgrids for islanded and grid-connected grid power transmission, in: 2012 Third FTRA International Conference on
operation modes, IEEE Syst. J. (2022) 1–12. Mobile, Ubiquitous, and Intelligent Computing, 2012, pp. 96–100.
[27] M. Ghiasi, Z. Wang, M. Mehrandezh, S. Jalilian, N. Ghadimi, Evolution of smart [56] G. Wibisono, S.G. Permata, A. Awaludin, P. Suhasfan, Development of advanced
grids toward the internet of energy: concept and essential components for deep metering infrastructure based on LoRa WAN in PLN Bali toward Bali Eco smart
decarbonization, IET Smart Grid (2022) 1–15. grid, in: 2017 Saudi Arabia SmartGrid (SASG), 2017, pp. 1–4.
[28] S. Abdollahy, A. Mammoli, F. Cheng, A. Ellis, J. Johnson, Distributed [57] H. Mortaji, S.H. Ow, M. Moghavvemi, H.A.F. Almurib, Load shedding and smart-
compensation of a large intermittent energy resource in a distribution feeder, in: direct load control using internet of things in smart grid demand response
2013 IEEE PES Innovative Smart Grid Technologies Conference (ISGT), 2013, management, IEEE Trans. Ind. Appl. 53 (2017) 5155–5163.
pp. 1–6. [58] A. Anwar and A.N. Mahmood, "Cyber security of smart grid infrastructure," arXiv
[29] S. Sahoo, T. Dragičević, F. Blaabjerg, Cyber security in control of grid-tied power preprint arXiv:1401.3936, 2014.
electronic converters–challenges and vulnerabilities, IEEE J. Emerg. Sel. Top [59] Y. Liu, P. Ning, M.K. Reiter, False data injection attacks against state estimation in
Power Electron. (2019). electric power grids, ACM Trans. Inf. Syst. Secur. (TISSEC) 14 (2011) 13.
[30] L. Sgrafetto, P. Emmerich, M. Klingel, Smart grids and data–exploring emerging [60] M. Dehghani, M. Ghiasi, M. GhasemiGarpachi, T. Niknam, A. Kavousi-Fard,
data-driven solutions for distribution system operators, in: PESS2020; IEEE Power H. Shirazi, Stabilization of DC/DC converter with constant power load using exact
and Energy Student Summit, 2020, pp. 1–6. feedback linearization method based on backstepping sliding mode control and
[31] S. Mousavian, M. Erol-Kantarci, L. Wu, T. Ortmeyer, A risk-based optimization nonlinear disturbance observer, in: 2021 12th Power Electronics, Drive Systems,
model for electric vehicle infrastructure response to cyber attacks, IEEE Trans. and Technologies Conference (PEDSTC), 2021, pp. 1–6.
Smart Grid 9 (2017) 6160–6169. [61] M.R. Habibi, H.R. Baghaee, T. Dragičević, F. Blaabjerg, False data injection cyber-
[32] E. Hossain, I. Khan, F. Un-Noor, S.S. Sikander, M.S.H. Sunny, Application of big attacks mitigation in parallel dc/dc converters based on artificial neural
data and machine learning in smart grid, and associated security concerns: a networks, IEEE Trans. Circuits and Syst. II: Express Briefs (2020).
review, IEEE Access 7 (2019) 13960–13988. [62] H.S. Sánchez, D. Rotondo, T. Escobet, V. Puig, J. Quevedo, Bibliographical review
[33] L. Siyi, H. Aliev, Quality of service assessment routing protocols for performance on cyber attacks from a control oriented perspective, Annu. Rev. Control 48
in a smart building: a case study, Energy Sources, Part A: Recovery, Utilization, (2019) 103–128.
and Environ. Effects 44 (2022) 7217–7236. [63] F. Pasqualetti, F. Dörfler, F. Bullo, Attack detection and identification in cyber-
[34] A. Amato, R. Aversa, B. Di Martino, S. Venticinque, A cyber physical system of physical systems, IEEE Trans. Autom. Control 58 (2013) 2715–2729.
smart micro-grids, in: 2016 19th International Conference on Network-Based [64] M. Dehghani, T. Niknam, M. Ghiasi, P. Siano, H. Haes Alhelou, A. Al-Hinai,
Information Systems (NBiS), 2016, pp. 165–172. Fourier singular values-based false data injection attack detection in AC smart-
[35] A.N. Babadi, S. Nouri, S. Khalaj, Challenges and opportunities of the integration grids, Appl. Sci. 11 (2021) 5706.
of IoT and smart grid in Iran transmission power system, in: 2017 Smart Grid [65] Y. Shen, M. Fei, D. Du, Cyber security study for power systems under denial of
Conference (SGC), 2017, pp. 1–6. service attacks, Trans. Inst. Meas. Control 41 (2019) 1600–1614.
[36] C. Choi, J. Choi, Ontology-based security context reasoning for power IoT-cloud [66] Y. Li, Z. Li, L. Chen, Dynamic state estimation of generators under cyber attacks,
security service, IEEE Access 7 (2019) 110510–110517. IEEE Access 7 (2019) 125253–125267.
[37] J. Shishido, E.U. Solutions, Smart meter data quality insights, ACEEE Summer [67] S. Amin, A.A. Cárdenas, S.S. Sastry, Safe and secure networked control systems
Study on Energy Efficiency in Build. (2012) 277–288. under denial-of-service attacks, in: International Workshop on Hybrid Systems:
[38] S. Aman, Y. Simmhan, V.K. Prasanna, Holistic measures for evaluating prediction Computation and Control, 2009, pp. 31–45.
models in smart grids, IEEE Trans. Knowl. Data Eng. 27 (2014) 475–488. [68] A. Teixeira, I. Shames, H. Sandberg, K.H. Johansson, A secure control framework
[39] S. Aman, M. Frincu, C. Chelmis, M. Noor, Y. Simmhan, V.K. Prasanna, Prediction for resource-limited adversaries, Automatica 51 (2015) 135–148.
models for dynamic demand response: requirements, challenges, and insights, in: [69] A. Cetinkaya, H. Ishii, T. Hayakawa, An overview on denial-of-service attacks in
Proceedings of the IEEE International Conference on Smart Grid Communications control systems: attack models and security analyses, Entropy 21 (2019) 210.
(SmartGridComm), IEEE, 2015, pp. 338–343. [70] S. Mousavian, J. Valenzuela, J. Wang, A probabilistic risk mitigation model for
[40] B. Raouf, S. Mousavian, K. Ghazinour, Interconnected and complex electric power cyber-attacks to PMU networks, IEEE Trans. Power Syst. 30 (2014) 156–165.
and transportation systems: a SWOT analysis. Current Sustainable/Renewable [71] Y. Li, P. Zhang, L. Ma, Denial of service attack and defense method on load
Energy Reports, 2021, pp. 1–15. frequency control system, J. Franklin Inst. 356 (2019) 8625–8645.
[41] H. Song, G. Fink, S. Jeschke, Security and Privacy in Cyber-Physical Systems, [72] H.H. Alhelou, M.E.H. Golshan, N.D. Hatziargyriou, A decentralized functional
Wiley Online Library, 2017. observer based optimal lfc considering unknown inputs, uncertainties, and cyber-
[42] R. Talavera-Llames, R. Pérez-Chacón, A. Troncoso, F. Martínez-Álvarez, Big data attacks, IEEE Trans. Power Syst. 34 (2019) 4408–4417.
time series forecasting based on nearest neighbours distributed computing with
Spark, Knowl. Based Syst. 161 (2018) 12–25.
17
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
[73] J. Liu, Y. Gu, L. Zha, Y. Liu, J. Cao, Event-triggered $ H_\infty $ load frequency [102] R. Fritz, P. Zhang, Modeling and detection of cyber attacks on discrete event
control for multiarea power systems under hybrid cyber attacks, IEEE Trans. Syst. systems, IFAC-PapersOnLine 51 (2018) 285–290.
Man Cybern. Syst. 49 (2019) 1665–1678. [103] Y. Mo, S. Weerakkody, B. Sinopoli, Physical authentication of control systems:
[74] Q. Wang, W. Tai, Y. Tang, H. Zhu, M. Zhang, D. Zhou, Coordinated defense of designing watermarked control inputs to detect counterfeit sensor outputs, IEEE
distributed denial of service attacks against the multi-area load frequency control Control Syst. Mag. 35 (2015) 93–109.
services, Energies 12 (2019) 2493. [104] H.S. Sanchez, D. Rotondo, T. Escobet, V. Puig, J. Saludes, J. Quevedo, Detection
[75] H. Cui, X. Dong, H. Deng, M. Dehghani, K. Alsubhi, H.M.A. Aljahdali, Cyber of replay attacks in cyber-physical systems using a frequency-based signature,
attack detection process in sensor of dc micro-grids under electric vehicle based J. Franklin Inst. 356 (2019) 2798–2824.
on hilbert-huang transform and deep learning, IEEE Sens. J. (2020), 1-1. [105] A. Hoehn, P. Zhang, Detection of covert attacks and zero dynamics attacks in
[76] M. Dehghani, A. Kavousi-Fard, M. Dabaghjamanesh, O. Avatefipour, Deep cyber-physical systems, in: 2016 American Control Conference (ACC), 2016,
learning based method for false data injection attack detection in AC smart pp. 302–307.
islands, IET Gener. Transm. Distrib. (2020). [106] W. Li, L. Xie, Z. Wang, A novel covert agent for stealthy attacks on industrial
[77] G.A. Jaafar, S.M. Abdullah, S. Ismail, Review of recent detection methods for control systems using least squares support vector regression, J. Electric. Comput.
HTTP DDoS attack, J. Comput. Netw. Commun. vol. 2019 (2019). Eng. 2018 (2018).
[78] M. NAYERİPOUR, A.H. RAJAEİ, M.M. GHANBARİAN, M. DEHGHANİ, Fault [107] R.S. Smith, Covert misappropriation of networked control systems: presenting a
detection and classification in transmission lines based on a combination of feedback structure, IEEE Control Syst. Mag. 35 (2015) 82–92.
wavelet singular values and fuzzy logic, Cumhuriyet University Faculty of Sci. Sci. [108] A.O. de Sá, L.F.R. da Costa Carmo, R.C. Machado, Covert attacks in cyber-physical
J. (CSJ) 36 (2015). control systems, IEEE Trans. Ind. Inf. 13 (2017) 1641–1651.
[79] M. Ghiasi, A comparative study on common power flow techniques in the power [109] A.O. de Sá, L.F. da Costa Carmo, R.C. Machado, A controller design for mitigation
distribution system of the Tehran metro, Tehnički glasnik 12 (2018) 244–250. of passive system identification attacks in networked control systems, J. Internet
[80] M.S. Mahmoud, M.M. Hamdan, U.A. Baroudi, Modeling and control of cyber- Serv. Appl. 9 (2018) 1–19.
physical systems subject to cyber attacks: a survey of recent advances and [110] G. Park, C. Lee, H. Shim, Y. Eun, K.H. Johansson, Stealthy adversaries against
challenges, Neurocomputing 338 (2019) 101–115. uncertain cyber-physical systems: threat of robust zero-dynamics attack, IEEE
[81] S. Sridhar, G. Manimaran, Data integrity attacks and their impacts on SCADA Trans. Automat. Contr. 64 (2019) 4907–4919.
control system, in: IEEE PES general meeting, 2010, pp. 1–6. [111] Y. Mao, H. Jafarnejadsani, P. Zhao, E. Akyol, N. Hovakimyan, Detectability of
[82] M. Dehghani, M. Ghiasi, T. Niknam, A. Kavousi-Fard, S. Padmanaban, False data intermittent zero-dynamics attack in networked control systems, in: Proceedings
injection attack detection based on hilbert-huang transform in AC smart islands, of the IEEE 58th Conference on Decision and Control (CDC), IEEE, 2019,
IEEE Access 8 (2020) 179002–179017. pp. 5605–5610.
[83] M. Dehghani, M.H. Khooban, T. Niknam, Fast fault detection and classification [112] Y. Wu, Z. Wei, J. Weng, X. Li, R.H. Deng, Resonance attacks on load frequency
based on a combination of wavelet singular entropy theory and fuzzy logic in control of smart grids, IEEE Trans. Smart Grid 9 (2017) 4490–4502.
distribution lines in the presence of distributed generations, Int. J. Electric. Power [113] A. Abbasspour, A. Sargolzaei, M. Victorio, N. Khoshavi, A neural network-based
Energy Syst. 78 (2016) 455–462. approach for detection of time delay switch attack on networked control systems,
[84] M. Ghiasi, M. Dehghani, T. Niknam, A. Kavousi-Fard, Investigating overall Procedia Comput. Sci. 168 (2020) 279–288.
structure of cyber-attacks on smart-grid control systems to improve cyber [114] H. Huang, P. Wlazlo, Z. Mao, A. Sahu, K. Davis, A. Goulart, et al., Cyberattack
resilience in power system, IEEE Smart Grid Newsletter (2020). defense with cyber-physical alert and control logic in industrial controllers, IEEE
[85] R. Tan, H.H. Nguyen, E.Y. Foo, D.K. Yau, Z. Kalbarczyk, R.K. Iyer, et al., Modeling Trans. Ind. Appl. 58 (2022) 5921–5934.
and mitigating impact of false data injection attacks on automatic generation [115] Y. Wang, C. Chen, J. Wang, R. Baldick, Research on resilience of power systems
control, IEEE Trans. Inf. Forensics Secur. 12 (2017) 1609–1624. under natural disasters—a review, IEEE Trans. Power Syst. 31 (2016) 1604–1613.
[86] S. Sridhar, M. Govindarasu, Model-based attack detection and mitigation for [116] G. Liu, T. Jiang, T.B. Ollis, X. Li, F. Li, K. Tomsovic, Resilient distribution system
automatic generation control, IEEE Trans. Smart Grid 5 (2014) 580–591. leveraging distributed generation and microgrids: a review, IET Energy Syst.
[87] A. Jevtic, F. Zhang, Q. Li, M. Ilic, Physics-and learning-based detection and Integr. (2020).
localization of false data injections in automatic generation control, IFAC- [117] E.W. Prehoda, C. Schelly, J.M. Pearce, US strategic solar photovoltaic-powered
PapersOnLine 51 (2018) 702–707. microgrid deployment for enhanced national security, Renew. Sustain. Energy
[88] A. Teixeira, D. Pérez, H. Sandberg, K.H. Johansson, Attack models and scenarios Rev. 78 (2017) 167–175.
for networked control systems, in: Proceedings of the 1st international conference [118] A. Khodaei, Resiliency-oriented microgrid optimal scheduling, IEEE Trans. Smart
on High Confidence Networked Systems, 2012, pp. 55–64. Grid 5 (2014) 1584–1591.
[89] A. Abbaspour, A. Sargolzaei, P. Forouzannezhad, K.K. Yen, A.I. Sarwat, Resilient [119] M.H. Amirioun, F. Aminifar, H. Lesani, Towards proactive scheduling of
control design for load frequency control system under false data injection microgrids against extreme floods, IEEE Trans. Smart Grid 9 (2017) 3900–3902.
attacks, IEEE Trans. Ind. Electron. 67 (2019) 7951–7962. [120] C. Chen, J. Wang, F. Qiu, D. Zhao, Resilient distribution system by microgrids
[90] N. Bayati, H.R. Baghaee, A. Hajizadeh, M. Soltani, Z. Lin, Mathematical formation after natural disasters, IEEE Trans. Smart Grid 7 (2016) 958–966.
morphology-based local fault detection in DC Microgrid clusters, Electric Power [121] A. Hussain, A.O. Rousis, I. Konstantelos, G. Strbac, J. Jeon, H.-.M. Kim, Impact of
Syst. Res. (2020), 106981. uncertainties on resilient operation of microgrids: a data-driven approach, IEEE
[91] A. Kavousi-Fard, W. Su, T. Jin, A machine-learning-based cyber attack detection Access 7 (2019) 14924–14937.
model for wireless sensor networks in microgrids, IEEE Trans. Ind. Inf. 17 (2021) [122] V. Venkataramanan, A. Hahn, A. Srivastava, CP-SAM: cyber-physical security
650–658. assessment metric for monitoring microgrid resiliency, IEEE Trans Smart Grid 11
[92] A. Afshari, M. Karrari, H.R. Baghaee, G.B. Gharehpetian, Resilient (2020) 1055–1065.
synchronization of voltage/frequency in AC microgrids under deception attacks, [123] E. Karangelos, L. Wehenkel, Cyber–physical risk modeling with imperfect cyber-
IEEE Syst. J. (2020) 1–12. attackers, Electr. Power Syst. Res. 211 (2022), 108437.
[93] R. Tan, H.H. Nguyen, E.Y. Foo, X. Dong, D.K. Yau, Z. Kalbarczyk, et al., Optimal [124] P.K. Jena, S. Ghosh, E. Koley, D.K. Mohanta, I. Kamwa, Design of AC state
false data injection attack against automatic generation control in power grids, in: estimation based cyber-physical attack for disrupting electricity market operation
Proceedings of the ACM/IEEE 7th International Conference on Cyber-Physical under limited sensor information, Electr. Power Syst. Res. 205 (2022), 107732.
Systems (ICCPS), ACM/IEEE, 2016, pp. 1–10. [125] M. Dehghani, T. Niknam, M. Ghiasi, N. Bayati, M. Savaghebi, Cyber-attack
[94] S.D. Roy, S. Debbarma, Detection and mitigation of cyber-attacks on AGC systems detection in DC microgrids based on deep machine learning and wavelet singular
of low inertia power grid, IEEE Syst. J. (2019). values approach, Electronics (Basel) 10 (2021) 1914.
[95] X. Liu, Z. Li, False data attack models, impact analyses and defense strategies in [126] Z. Zhao, Y. Huang, Z. Zhen, Y. Li, Data-driven false data-injection attack design
the electricity grid, Electr. J. 30 (2017) 35–42. and detection in cyber-physical systems, IEEE Trans. Cybern. 51 (2020)
[96] M. Ghiasi, T. Niknam, M. Dehghani, P. Siano, H. Haes Alhelou, A. Al-Hinai, 6179–6187.
Optimal multi-operation energy management in smart microgrids in the presence [127] J. Tian, B. Wang, T. Li, F. Shang, K. Cao, R. Guo, TOTAL: optimal protection
of RESs based on multi-objective improved DE algorithm: cost-emission based strategy against perfect and imperfect false data injection attacks on power grid
optimization, Appl. Sci. 11 (2021) 3661. cyber–physical systems, IEEE Internet Things J. 8 (2020) 1001–1015.
[97] M. Dehghani, M. Ghiasi, T. Niknam, A. Kavousi-Fard, E. Tajik, S. Padmanaban, et [128] L. Sheng, G. Lou, W. Gu, S. Lu, S. Ding, Z. Ye, Optimal communication network
al., Cyber attack detection based on wavelet singular entropy in AC smart islands: design of microgrids considering cyber-attacks and time-delays, IEEE Trans.
false data injection attack, IEEE Access 9 (2021), 1-1. Smart Grid (2022).
[98] M.R. Habibi, H.R. Baghaee, T. Dragiˇcevi, F. Blaabjerg, Detection of false data [129] Y. Li, X. Wei, Y. Li, Z. Dong, M. Shahidehpour, Detection of false data injection
injection cyber-attacks in DC microgrids based on recurrent neural networks, attacks in smart grid: a secure federated deep learning approach, IEEE Trans.
IEEE J. Emerg. Sel. Top Power Electron. (2020). Smart Grid (2022).
[99] D. Ding, Q.L. Han, Y. Xiang, X. Ge, X.M. Zhang, A survey on security control and [130] H. Zhang, Y. Qi, H. Zhou, J. Zhang, J. Sun, Testing and defending methods against
attack detection for industrial cyber-physical systems, Neurocomputing 275 DoS attack in state estimation, Asian J. Control 19 (2017) 1295–1305.
(2018) 1674–1683. [131] C. Yang, J. Zheng, X. Ren, W. Yang, H. Shi, L. Shi, Multi-sensor Kalman filtering
[100] H. Shirazi, M. Ghiasi, M. Dehghani, T. Niknam, M.G. Garpachi, A. Ramezani, with intermittent measurements, IEEE Trans. Autom. Control 63 (2017) 797–804.
Cost-emission control based physical-resilience oriented strategy for optimal [132] Y. Wu, Y. Li, L. Shi, A game-theoretic approach to remote state estimation in
allocation of distributed generation in smart microgrid, in: 2021 7th International presence of a dos attacker, IFAC-PapersOnLine 50 (2017) 2595–2600.
Conference on Control, Instrumentation and Automation (ICCIA), 2021, pp. 1–6. [133] Z. Cheng, D. Yue, S. Hu, X. Xie, C. Huang, Detection-based weighted H∞ LFC for
[101] Y. Mo, B. Sinopoli, Secure control against replay attacks, in: 2009 47th annual multi-area power systems under DoS attacks, IET Control Theory Appl. 13 (2019)
Allerton conference on communication, control, and computing (Allerton), 2009, 1909–1919.
pp. 911–918.
18
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
[134] C. Peng, J. Li, M. Fei, Resilient event-Triggering $ H_ {\infty} $ load frequency [163] H. Karimipour, H. Leung, Relaxation-based anomaly detection in cyber-physical
control for multi-area power systems with energy-limited DoS attacks, IEEE systems using ensemble Kalman filter, IET Cyber Phys. Syst. Theory Appl. 5
Trans. Power Syst. 32 (2016) 4110–4118. (2020) 49–58.
[135] X. Zhong, I. Jayawardene, G.K. Venayagamoorthy, R. Brooks, Denial of service [164] J. Zhao, J. Wang, L. Yin, Detection and control against replay attacks in smart
attack on tie-line bias control in a power system with PV plant, IEEE Trans. grid, in: 2016 12th International Conference on Computational Intelligence and
Emerg. Topics in Computational Intelligence 1 (2017) 375–390. Security (CIS), 2016, pp. 624–627.
[136] E. Kontouras, T. Anthony, L. Dritsas, Set-theoretic detection of data corruption [165] M. Zhu, S. Martinez, On the performance analysis of resilient networked control
attacks on cyber physical power systems, J. Modern Power Syst. Clean Energy 6 systems under replay attacks, IEEE Trans. Autom. Control 59 (2013) 804–808.
(2018) 872–886. [166] K. Stouffer, J. Falco, K. Scarfone, Guide to industrial control systems (ICS)
[137] G. Liang, J. Zhao, F. Luo, S.R. Weller, Z.Y. Dong, A review of false data injection security, NIST Special Publication 800 (2011), 16-16.
attacks against modern power systems, IEEE Trans. Smart Grid 8 (2016) [167] E. Hammad, A.M. Khalil, A. Farraj, D. Kundur, R. Iravani, Tuning out of phase:
1630–1638. resonance attacks, in: Proceedings of the IEEE International Conference on Smart
[138] A.M. Mohan, N. Meskin, H. Mehrjerdi, A comprehensive review of the cyber- Grid Communications (SmartGridComm), IEEE, 2015, pp. 491–496.
attacks and cyber-security on load frequency control of power systems, Energies [168] A. Sargolzaei, K. Yen, M.N. Abdelghani, Delayed inputs attack on load frequency
13 (2020) 3860. control in smart grid, in: ISGT 2014, 2014, pp. 1–5.
[139] C. Kwon, W. Liu, I. Hwang, Security analysis for cyber-physical systems against [169] A. Sargolzaei, K.K. Yen, M.N. Abdelghani, Preventing time-delay switch attack on
stealthy deception attacks, in: 2013 American control conference, 2013, load frequency control in distributed power systems, IEEE Trans. Smart Grid 7
pp. 3344–3349. (2015) 1176–1185.
[140] A. Teixeira, I. Shames, H. Sandberg, K.H. Johansson, Revealing stealthy attacks in [170] L. Jiang, W. Yao, Q. Wu, J. Wen, S. Cheng, Delay-dependent stability for load
control systems, in: 2012 50th Annual Allerton Conference on Communication, frequency control with constant and time-varying delays, IEEE Trans. Power Syst.
Control, and Computing (Allerton), 2012, pp. 1806–1813. 27 (2011) 932–941.
[141] Q. Yang, J. Yang, W. Yu, D. An, N. Zhang, W. Zhao, On false data-injection attacks [171] F. Milano, M. Anghel, Impact of time delays on power system stability, IEEE
against power system state estimation: modeling and countermeasures, IEEE Trans. Circuits Syst. I Regul. Pap. 59 (2011) 889–900.
Trans. Parallel Distrib. Syst. 25 (2013) 717–729. [172] P. Wlazlo, A. Sahu, Z. Mao, H. Huang, A. Goulart, K. Davis, et al., Man-in-the-
[142] R.B. Bobba, K.M. Rogers, Q. Wang, H. Khurana, K. Nahrstedt, T.J. Overbye, middle attacks and defence in a power system cyber-physical testbed, IET Cyber
Detecting false data injection attacks on dc state estimation, in: Preprints of the Phys. Syst. Theory Appl. 6 (2021) 164–177.
First Workshop on Secure Control Systems, CPSWEEK, 2010. [173] A. Sahu, Z. Mao, P. Wlazlo, H. Huang, K. Davis, A. Goulart, et al., Multi-source
[143] L. Liu, M. Esmalifalak, Q. Ding, V.A. Emesih, Z. Han, Detecting false data injection multi-domain data fusion for cyberattack detection in power systems, IEEE Access
attacks on power grid by sparse optimization, IEEE Trans. Smart Grid 5 (2014) 9 (2021) 119118–119138.
612–621. [174] M. Frincu, C. Chelmis, M.U. Noor, V. Prasanna, Accurate and efficient selection of
[144] S. Bi, Y.J. Zhang, Graphical methods for defense against false-data injection the best consumption prediction method in smart grids, in: Proceedings of the
attacks on power system state estimation, IEEE Trans. Smart Grid 5 (2014) IEEE International Conference on Big Data (Big Data), IEEE, 2014, pp. 721–729.
1216–1227. [175] M. Esmalifalak, L. Liu, N. Nguyen, R. Zheng, Z. Han, Detecting stealthy false data
[145] P.M. Esfahani, M. Vrakopoulou, K. Margellos, J. Lygeros, G. Andersson, A robust injection using machine learning in smart grid, IEEE Syst. J. 11 (2014)
policy for automatic generation control cyber attack in two area power network, 1644–1652.
in: Proceedings of the 49th IEEE Conference on Decision and Control (CDC), IEEE, [176] W. Liu, B. Tang, J. Han, X. Lu, N. Hu, Z. He, The structure healthy condition
2010, pp. 5973–5978. monitoring and fault diagnosis methods in wind turbines: a review, Renew.
[146] P.M. Esfahani, M. Vrakopoulou, K. Margellos, J. Lygeros, G. Andersson, Cyber Sustain. Energy Rev. 44 (2015) 466–472.
attack in a two-area power system: impact identification using reachability, in: [177] H. Karimipour, A. Dehghantanha, R.M. Parizi, K.-K.R. Choo, H. Leung, A deep and
Proceedings of the 2010 American control conference, 2010, pp. 962–967. scalable unsupervised machine learning system for cyber-attack detection in
[147] Y. Huang, H. Li, K.A. Campbell, Z. Han, Defending false data injection attack on large-scale smart grids, IEEE Access 7 (2019) 80778–80788.
smart grid network using adaptive CUSUM test, in: 2011 45th Annual Conference [178] H. Karimipour, S. Geris, A. Dehghantanha, H. Leung, Intelligent anomaly
on Information Sciences and Systems, 2011, pp. 1–6. detection for large-scale smart grids, in: Proceedings of the IEEE Canadian
[148] M. Talebi, C. Li, Z. Qu, Enhanced protection against false data injection by Conference of Electrical and Computer Engineering (CCECE), IEEE, 2019, pp. 1–4.
dynamically changing information structure of microgrids, in: Proceedings of the [179] Y. He, G.J. Mendis, J. Wei, Real-time detection of false data injection attacks in
IEEE 7th Sensor Array and Multichannel Signal Processing Workshop (SAM), smart grid: a deep learning-based intelligent mechanism, IEEE Trans. Smart Grid
IEEE, 2012, pp. 393–396. 8 (2017) 2505–2516.
[149] M. Al-Saud, A.M. Eltamaly, M.A. Mohamed, A. Kavousi-Fard, An intelligent data- [180] H. Jiang, Y. Li, Y. Zhang, J.J. Zhang, D.W. Gao, E. Muljadi, et al., Big data-based
driven model to secure intravehicle communications based on machine learning, approach to detect, locate, and enhance the stability of an unplanned microgrid
IEEE Trans. Ind. Electron. 67 (2020) 5112–5119. islanding, J. Energy Eng. 143 (2017), 04017045.
[150] T.-.Y. Zhang, D. Ye, False data injection attacks with complete stealthiness in [181] C. Chen, K. Zhang, K. Yuan, L. Zhu, M. Qian, Novel detection scheme design
cyber–physical systems: a self-generated approach, Automatica 120 (2020), considering cyber attacks on load frequency control, IEEE Trans. Ind. Inf. 14
109117. (2017) 1932–1941.
[151] Y. Zhang, J. Wang, B. Chen, Detecting false data injection attacks in smart grids: a [182] Review of signal processing techniques and machine learning algorithms for
semi-supervised deep learning approach, IEEE Trans. Smart Grid (2020), 1-1. power quality analysis, Adv. Theory Simul. 3 (2020), 2000118.
[152] A.Y. Lu, G.H. Yang, False data injection attacks against state estimation in the [183] M.A. Hasnat, M. Rahnamay-Naeini, A graph signal processing framework for
presence of sensor failures, Inf. Sci. (Ny) 508 (2020) 92–104. detecting and locating cyber and physical stresses in smart grids, IEEE Trans.
[153] M.A. Rahman, H. Mohsenian-Rad, False data injection attacks against nonlinear Smart Grid (2022).
state estimation in smart power grids, in: Proceedings of the IEEE Power & Energy [184] T.H. Woo, Cybersecurity analysis using the blockchain algorithm in nuclear
Society General Meeting, IEEE, 2013, pp. 1–5. power plants to enhance safe operations, Energy Sources Part A Recov. Util.
[154] S. Mousavian, J. Valenzuela, J. Wang, Real-time data reassurance in electrical Environ. Eff. (2020) 1–11.
power systems based on artificial neural networks, Electr. Power Syst. Res. 96 [185] R. Kuhn, D. Yaga, J. Voas, Rethinking distributed ledger technology, Comput.
(2013) 285–295. (Long Beach Calif) 52 (2019) 68–72.
[155] A. Abbaspour, A. Sargolzaei, K. Yen, Detection of false data injection attack on [186] M. Mylrea, S.N.G. Gourisetti, Blockchain: a path to grid modernization and cyber
load frequency control in distributed power systems, in: 2017 North American resiliency, in: 2017 North American Power Symposium (NAPS), 2017, pp. 1–5.
Power Symposium (NAPS), 2017, pp. 1–6. [187] S. Li, Application of blockchain technology in smart city infrastructure, in:
[156] M. Khalaf, A. Youssef, E. El-Saadany, A particle filter-based approach for the Proceedings of the IEEE International Conference on Smart Internet of Things
detection of false data injection attacks on automatic generation control systems, (SmartIoT), IEEE, 2018, pp. 276–2766.
in: Proceedings of the IEEE Electrical Power and Energy Conference (EPEC), IEEE, [188] J. Kang, R. Yu, X. Huang, S. Maharjan, Y. Zhang, E. Hossain, Enabling localized
2018, pp. 1–6. peer-to-peer electricity trading among plug-in hybrid electric vehicles using
[157] A. Ayad, M. Khalaf, E. El-Saadany, Detection of false data injection attacks in consortium blockchains, IEEE Trans. Ind. Inf. 13 (2017) 3154–3164.
automatic generation control systems considering system nonlinearities, in: [189] W. Xu, J. Li, M. Dehghani, M. GhasemiGarpachi, Blockchain-based secure energy
Proceedings of the IEEE Electrical Power and Energy Conference (EPEC), IEEE, policy and management of renewable-based smart microgrids, Sustain. Cities Soc.
2018, pp. 1–6. 72 (2021), 103010.
[158] C. Chen, M. Cui, X. Wang, K. Zhang, S. Yin, An investigation of coordinated attack [190] T. Winter, The Advantages and Challenges of the Blockchain for Smart Grids,
on load frequency control, IEEE Access 6 (2018) 30414–30423. Delft University of Technology, 2018.
[159] M. Khalaf, A. Youssef, E. El-Saadany, Joint detection and mitigation of false data [191] S. Wang, A.F. Taha, J. Wang, Blockchain-assisted crowdsourced energy systems,
injection attacks in AGC systems, IEEE Trans. Smart Grid 10 (2018) 4985–4995. in: 2018 IEEE Power & Energy Society General Meeting (PESGM), 2018, pp. 1–5.
[160] E. Kontouras, A. Tzes, L. Dritsas, Impact analysis of a bias injection cyber-attack [192] A. Ajagekar, F. You, Quantum computing for energy systems optimization:
on a power plant, IFAC-PapersOnLine 50 (2017) 11094–11099. challenges and opportunities, Energy 179 (2019) 76–89.
[161] J. Miloševič, T. Tanaka, H. Sandberg, K.H. Johansson, Analysis and mitigation of [193] R. Eskandarpour, K.J.B. Ghosh, A. Khodaei, A. Paaso, L. Zhang, Quantum-
bias injection attacks against a Kalman filter, IFAC-PapersOnLine 50 (2017) enhanced grid of the future: a primer, IEEE Access 8 (2020) 188993–189002.
8393–8398. [194] M.H. Ullah, R. Eskandarpour, H. Zheng, A. Khodaei, Quantum computing for
[162] X. Luo, X. Wang, M. Zhang, X. Guan, Distributed detection and isolation of bias smart grid applications, IET Gener. Transm. Distrib. (2022).
injection attack in smart energy grid via interval observer, Appl. Energy 256 [195] Z. Jiang, Z. Tang, Y. Qin, C. Kang, P. Zhang, Quantum internet for resilient
(2019), 113703. electric grids, Int. Trans. Electr. Energy Syst. 31 (2021) e12911.
19
M. Ghiasi et al. Electric Power Systems Research 215 (2023) 108975
[196] B. Bartlett, "A distributed simulation framework for quantum networks and [200] Q. Liu, P. Li, W. Zhao, W. Cai, S. Yu, V.C. Leung, A survey on security threats and
channels," arXiv preprint arXiv:1808.07047, 2018. defensive techniques of machine learning: a data driven view, IEEE Access 6
[197] P.-.Y. Kong, A review of quantum key distribution protocols in the perspective of (2018) 12103–12117.
smart grid communication security, IEEE Syst. J. (2020). [201] B. Wang, M. Dabbaghjamanesh, A.K. Fard, S. Mehraeen, Cybersecurity
[198] Z. Tang, P. Zhang, W.O. Krawec, A quantum leap in microgrids security: the enhancement of power trading within the networked microgrids based on
prospects of quantum-secure microgrids, IEEE Electrif. Mag. 9 (2021) 66–73. blockchain and directed acylic graph approach, IEEE Trans. Ind. Appl. (2019).
[199] K. Wang, Y. Wang, X. Hu, Y. Sun, D.-.J. Deng, A. Vinel, et al., Wireless big data
computing in smart grid, IEEE Wirel. Commun. 24 (2017) 58–64.
20