TY - GEN
T1 - A Graph Embedding-Based Risk Analysis Case Study of a 2000-bus Cyber-Physical Power System
AU - Sun, Shining
AU - Maehl, Andrew
AU - Huo, Xiang
AU - Haque, Khandaker Akramul
AU - Huang, Hao
AU - Poor, H. Vincent
AU - Goulart, Ana E.
AU - Davis, Katherine
N1 - Publisher Copyright:
© 2025 IEEE.
PY - 2025
Y1 - 2025
N2 - Power systems are increasingly exposed to cyber threats. These threats elevate both operational and security risks and pose significant challenges to the resilience of critical infrastructure. To counter these threats in a generalizable and scalable way, it is important to develop effective methods to predict adversarial actions and conduct quantitative risk assessments. To address this need, this paper presents a comprehensive risk analysis of a 2000-bus cyber-physical power system test case using a Graph Embedding Approach for Cyber-physical Risk Analysis (GEACRA). GEACRA models the cyber-physical system as a graph and uses Node2Vec-based technique to identify high-risk components, access pathways, and the likelihood of each component being affected next. To demonstrate its application, we construct a scenario that models an Advanced Persistent Threat where an adversary gains Supervisory Control and Data Acquisition (SCADA) access through a spear phishing attack and remotely trips circuit breakers of the transformers at a substation to cause the loss of loads and line overloads. Further malicious activities, such as continuous remote tripping of breakers for lines or transformers, can lead to a potential cascading failure with widespread power outages if the intrusion is not mitigated. In the scenarios, GEACRA effectively identifies the cyber and physical nodes most likely to be compromised next, with 100% and 88.9% accuracy among the top 2 and top 18 high-risk nodes, respectively, when compared with the simulation results on affected components. The results highlight GEACRA's capability to improve grid resilience and support proactive mitigation strategies in complex cyber-physical power systems.
AB - Power systems are increasingly exposed to cyber threats. These threats elevate both operational and security risks and pose significant challenges to the resilience of critical infrastructure. To counter these threats in a generalizable and scalable way, it is important to develop effective methods to predict adversarial actions and conduct quantitative risk assessments. To address this need, this paper presents a comprehensive risk analysis of a 2000-bus cyber-physical power system test case using a Graph Embedding Approach for Cyber-physical Risk Analysis (GEACRA). GEACRA models the cyber-physical system as a graph and uses Node2Vec-based technique to identify high-risk components, access pathways, and the likelihood of each component being affected next. To demonstrate its application, we construct a scenario that models an Advanced Persistent Threat where an adversary gains Supervisory Control and Data Acquisition (SCADA) access through a spear phishing attack and remotely trips circuit breakers of the transformers at a substation to cause the loss of loads and line overloads. Further malicious activities, such as continuous remote tripping of breakers for lines or transformers, can lead to a potential cascading failure with widespread power outages if the intrusion is not mitigated. In the scenarios, GEACRA effectively identifies the cyber and physical nodes most likely to be compromised next, with 100% and 88.9% accuracy among the top 2 and top 18 high-risk nodes, respectively, when compared with the simulation results on affected components. The results highlight GEACRA's capability to improve grid resilience and support proactive mitigation strategies in complex cyber-physical power systems.
KW - cyber attack
KW - cyber-physical risk analysis
KW - graph embedding
KW - Node2vec
KW - power grid resilience
UR - https://www.scopus.com/pages/publications/105022081347
UR - https://www.scopus.com/pages/publications/105022081347#tab=citedBy
U2 - 10.1109/SmartGridComm65349.2025.11204632
DO - 10.1109/SmartGridComm65349.2025.11204632
M3 - Conference contribution
AN - SCOPUS:105022081347
T3 - 2025 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids, SmartGridComm 2025 - Proceedings
BT - 2025 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids, SmartGridComm 2025 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2025 IEEE International Conference on Communications, Control, and Computing Technologies for Smart Grids, SmartGridComm 2025
Y2 - 29 September 2025 through 2 October 2025
ER -