A clustering-based framework for searching vulnerabilities in the operation dynamics of Cyber-Physical Energy Systems

Being highly digitalized and interconnected through smart sensors in an advanced communication network, Cyber-Physical Energy Systems (CPESs) enhance the dynamic control under different operational conditions, but bring up concerns on cybersecurity failures due to deliberate cyber-attacks. In this study, we propose a clustering-based framework for searching the minimum combination of the most vulnerable communication channels (between sensors and the control center) that are susceptible to the operation dynamics of CPESs. We first adopt a mixed-integer linear programming (MILP) approach to select the extreme operational condition period clusters, taking into account the multiple sources of uncertainty influencing the system dynamic behavior. For each cluster, we inject undetectable false data vectors into different sets of communication channels, and test their effects on system functionalities by resorting to the Conditional Value-at-Risk (CVaR) measure. The minimum combination of vulnerabilities is identified, when its False Data Injection Attacks (FDIAs) start to deviate the system functionality from the normal range. We illustrate the proposed framework by application to a renewable energy system susceptible to primary renewable resources availability. Specifically, the IEEE 30-bus test system is taken as case study and considered under FDIA scenarios in weather-related extreme operation transients, when accidents can aggravate damages.