Preventive-Corrective Cyber-Defense: Attack-Induced Region Minimization and Cybersecurity Margin Maximization

TL;DR

This paper introduces a combined preventive-corrective cyber-defense strategy for power systems that minimizes attack regions and maximizes cybersecurity margins, enhancing protection against false data injection attacks.

Contribution

It proposes a novel two-stage strategy that first minimizes the attack-induced region and then maximizes the cybersecurity margin using resource allocation, with theoretical conditions for unattackable lines.

Findings

Effective reduction of attack regions demonstrated on IEEE 14 bus system.

Trade-off analysis between safety and cost in cybersecurity margin maximization.

Strategy proves to be cost-effective and improves system resilience.

Abstract

False data injection (FDI) cyber-attacks on power systems can be prevented by strategically selecting and protecting a sufficiently large measurement subset, which, however, requires adequate cyber-defense resources for measurement protection. With any given cyber-defense resource, this paper proposes a preventive-corrective cyber-defense strategy, which minimizes the FDI attack-induced region in a preventive manner, followed by maximizing the cybersecurity margin in a corrective manner. First, this paper proposes a preventive cyber-defense strategy that minimizes the volume of the FDI attack-induced region via preventive allocation of any given measurement protection resource. Particularly, a sufficient condition for constructing the FDI unattackable lines is proposed, indicating that the FDI cyber-attack could be locally rather than globally prevented. Then, given a non-empty FDI attack-induced region, this paper proposes a corrective cyber-defense strategy that maximizes the cybersecurity margin, leading to a trade-off between the safest-but-expensive operation point (i.e., Euclidean Chebyshev center) and the cheapest-but-dangerous operation point. Simulation results on a modified IEEE 14 bus system verify the effectiveness and cost-effectiveness of the proposed preventive-corrective cyber-defense strategy.