Cyber-Induced Risk Modeling for Microprocessor-Based Relays in Substations

TL;DR

This paper develops a risk modeling framework for microprocessor-based relays in substations to assess systemic vulnerabilities and potential cascading failures due to cyber attacks, using probabilistic analysis and IEEE test systems.

Contribution

It introduces a novel risk quantification method for substation relays considering outage severity and attack scenarios, enhancing cybersecurity risk assessment in power systems.

Findings

Critical relays identified using the proposed risk indices.

Risk assessment validated on IEEE test systems.

Three probabilistic approaches for sensitivity analysis presented.

Abstract

Once critical substations are compromised, attack agents can coordinate among their peers to plot for maximizing disruption using local control devices. For defenders, it is critical to enumerate and identify all digital relays to determine the systemic risks. Any combination of disruptive switching via the compromised relays can result in misoperation or immediate effect to the system. The resulting consequence of these attack's initial events would possibly incur cascading failure to a grid. This paper quantifies the criticality of substation protective relays with the combination of the outage level and its corresponding severity risk index. The proposed hypothesized outages are based on the type of protective relaying, bus configuration of a substation, and commonly implemented relaying schemes, such as bus differential, directional overcurrent, and distance relays, are studied. This preliminary work also provides three approaches of determination in probabilities for sensitivity analysis. The proposed risk indices are evaluated using IEEE test systems.