A dynamic game model for assessing risk of coordinated physical-cyber attacks in an AC/DC hybrid transmission system

The widely used intelligent measuring equipment not only makes the operation of AC/DC hybrid transmission system more safe and reliable, but also inevitably brings new problems and challenges such as the threats and hidden dangers of cyber attacks. Given this, how to effectively and comprehensively assess the inherent vulnerabilities of AC/DC hybrid transmission systems under the coordinated physical-cyber attacks is of critical significance. In this paper, a three-stage physical-cyber attack and defense risk assessment framework based on dynamic game theory is proposed. In the framework, the dynamic game process between attacker and defender is carried out for the power grid risk, which is expressed as the product of the attacker’s success probability in attacking the substation and the load loss caused by the attack. Regarding the probability of a successful attack, it depends on the number of funds invested by both attacker and defender sides considering the marginal effect, while the corresponding load loss caused depends on the cyber attack vector and the optimal load shedding scheme. For the solution of the proposed three-stage dynamic game framework, it is converted into a bi-level mathematical programming problem, in which the upper-level problem is solved by using the backward induction method to get the subgame perfect Nash equilibrium, and the lower-level problem is solved by using an improved particle swarm optimization algorithm to get the optimal amount of load shedding. Finally, the case study is performed on a modified IEEE 14-node AC/DC hybrid transmission test system, and the inherent weaknesses of the power grid are identified based on the risk assessment results, verifying the effectiveness of the proposed framework and method.

1 Introduction

With the continuous evolution and in-depth integration of the physical power grid composed of practical equipment and the advanced information communication system (ICS), a powerful cyber physical power system (CPPS) has been gradually formed. In particular, with the deep interaction between the physical power grid and ICS, the high dependence of the power grid on the measurement data will cause great damage to the power system security and stability under cyber attacks that compromise the availability, integrity, and confidentiality of power grid data (Xu et al., 2021). Compared with physical attacks, some cyber attacks, such as the false data injection (FDI) and distributed denial of service (DDoS) attacks, are highly stealthy, easy to implement, and difficult to defend promptly. It is known that the blackout occurred in Ukraine on 23 December 2015 was the first event in the world that was considered as a malicious cyber attack on the power supply system (Liang et al., 2016). In the blackout, a malware called “Black Energy” attacked 60 substations roughly, resulting in power outage of 1.4 million people in western Ukraine for 3–6 h. Thereafter, more and more cyber attacks have occurred in power systems around the world, and have caused certain system losses and social impact, such as the ransomware attack on the Israeli national grid in 2016 and the satellite DoS attack on a German wind farm in 2022. As a result, it is foreseeable that as more and more intelligent devices are put into the modern AC/DC hybrid transmission system, especially with the increasing proportion of large-scale grid-connected clean energy and energy storage system, once the power grid suffers from the coordinated physical-cyber attacks, it will cause inestimable and severe economic and social losses, affecting people’s normal life.

So far, a lot of research has been conducted on the risk analysis of CPPS in the case of cyber attacks. Regarding the interactions between cyber attackers and power grid defenders, a bi-level optimization problem has been constructed to perform vulnerability analysis (Yuan et al., 2011; Khanna et al., 2017), in which the upper level problem mainly described the behavior of the attacker, while the lower level problem mainly achieved the power grid protection based on security-constrained economic dispatch. In (Che et al., 2018), a cyber-secured corrective dispatch scheme was proposed to protect the power grid from potential data attacks. In (Chung et al., 2018), a coordinated cyber-physical attack scheme was proposed to cause more serious consequences, and a target selection criterion was designed to achieve higher attack success rate. The bi-level optimization model built in the above studies mainly focuses on the behavior of attackers and defenders, ignoring the impact of resource deployment on attack and defense, which can help attackers gain access to key equipment through related vulnerabilities to achieve the purpose of attack or help defenders detect attack behavior through related defense facilities to ensure the security of the power grid. In order to better describe the resource allocation between attackers and defenders, many studies have used game frameworks to model the strategic choices of attacks and defenses, that is, the choice of various resource allocation schemes (Ranjbar et al., 2019; Dai and Shi, 2020; Gao and Shi, 2020; Hasan et al., 2020; Shan and Zhuang, 2020; Zhang et al., 2021). In addition, different game models have been used to explain a variety of attack and defense scenarios according to the research target and cyber attack methods. In Xiang et al. (2018), a system adequacy evaluation framework incorporating cyber attacks and physical failures was proposed to quantify the influence of cyber attacks on the power supply adequacy, and the static and Markov games were applied to model the interactions between defenders and attackers. In Wang et al. (2017), a Bayesian honeypot game strategy was introduced to investigate the DDoS attack in the advanced metering infrastructure network, and the interactions between the defenders and the attackers were analyzed elaborately. In Liu and Wang (2021), a FlipIt game model was established to investigate the interactions between the defender, the attacker and insider, and three types of insiders and their corresponding impacts on the supervisory control and data acquisition system were modeled and analyzed. In Lakshminarayana et al. (2021), a zero-sum non-cooperative game model was proposed to find the optimal placement of distributed flexible AC transmission system as defense resource, so as to realize a moving target defense strategy against the coordinated physical-cyber attack. In order to study the interactions between defenders and attackers more comprehensively, two game models, namely a Stackelberg game and a hybrid satisfaction equilibrium-Nash equilibrium game, were applied to study the impacts of data injection attacks on the smart grid with multiple adversaries taken into account (Sanjab and Saad, 2016). In Wei et al. (2016), a stochastic game-theoretic approach was proposed to find the optimal strategy of defender to protect the power grid against coordinated physical-cyber attack. Although these game models mentioned above explained the interaction of the resource allocation between attackers and defenders in detail, the risks of power system, usually quantified as the product of the attack success probability and the corresponding consequences, still needs to be studied in-depth. The classic three-stage defender-attacker-defender dynamic game models with complete information were proposed to assess the operation risks of transmission lines (Gao and Shi, 2020) and feeder automation system (Dai and Shi, 2020) under various physical-cyber attack scenarios. In Zhang et al. (2021), a zero-sum multi-level Markovian Stackelberg game was proposed to model the sequential attack and defense actions on both cyber layer and physical layer, aiming to mitigate the risks of power system. Moreover, some studies also conducted risk analysis on CPPS system based on game theory by considering the information asymmetry between attackers and defenders (Gao et al., 2019; Wang et al., 2019; Shao and Li, 2021; Tian et al., 2021). In the aforementioned existing studies, almost all the studies are conducted for the AC transmission systems, and few studies investigate and discuss the impact of cyber attacks on the AC/DC hybrid transmission systems. In Amir et al. (2019), the impacts of the cyber-attacks on the HVDC system and the effects on the dynamic voltage stability were investigated to implement the cyber-physical vulnerability and security evaluation of AC/DC hybrid power grid. In Qiu et al. (2021), a HVDC ancillary control strategy based on a hybrid data-driven technology was proposed to effectively improve the controllability of the HVDC intertie under the FDI attacks. Although the existing work on the impact of cyber attacks on power grid operation and stability has achieved fruitful research results using models and methods with varying degrees of detail, the resource allocation of defenders and attackers is relatively abstract, lacking some practical significance, and the attack and defense strategies adopted are difficult to reflect the actual operating conditions of the power grid studied. Meanwhile, most of the existing work takes the implementation conditions of the cyber attacks as the main factor affecting the success probability of cyber attacks, such as whether the false data can pass the bad data detection in the FDI attacks, lacking the modeling of the specific process of cyber attacks, which obviously will affect the success probability of attackers. In addition, most of the existing research work mainly focuses on the AC transmission systems, but the operation risk of the AC/DC hybrid transmission system under the coordinated physical-cyber attacks is rarely discussed. More intensive and specific research work needs to be further carried out to model the resource allocation of attackers and defenders, and the cyber attack process and the corresponding risk assessment of AC/DC hybrid system need to be explored and exploited in more detail.

In this paper, a three-stage dynamic game risk assessment framework for an AC/DC hybrid transmission system under the coordinated physical-cyber attacks is proposed, and then this three-stage dynamic game framework is converted into a bi-level mathematical optimization problem, which is solved by using the backward induction (BI) method and an improved particle swarm optimization (IPSO) algorithm. The main contributions of this paper are summarized in the following three-fold.

1) A three-stage physical-cyber attack and defense risk assessment framework based on dynamic game theory is proposed, aiming to effectively identify the inherent vulnerability of the AC/DC hybrid transmission system under the coordinated physical-cyber attacks.

2) The process of substation suffering from the cyber and physical attacks is elaborately modeled to implement the quantification of the actual success probability of the FDI attack on the substation, which lays the foundation for the risk assessment of the system.

3) A FDI attack model, targeting the AC/DC hybrid transmission system, is carefully constructed based on AC state estimation to bypass the bad data detector and effectively realize more stealthy cyber attacks. In addition, an IPSO algorithm is applied to solve the proposed FDI attack model with highly non-linear characteristics.

The structure of the paper is organized as follows. In Section 2, a three-stage physical-cyber attack and defense risk assessment framework based on dynamic game theory is discussed. The corresponding solution methodology based on the BI and an IPSO algorithms is given in Section 3. The case study based on a modified IEEE 14-node test system is performed in Section 4. Finally, Section 5 concludes this paper and discusses possible future work.

2 Problem formulation

In this paper, a dynamic game framework is proposed to conduct the risk assessment of coordinated physical-cyber attacks in an AC/DC hybrid transmission system. In this dynamic game framework, two players are involved, namely an attacker and a defender. The attacker is assumed to be an attack team that consists of hackers, mainly performing data monitoring and cyber attacks against substations, and the FDI attacks are used as the main means of cyber attacks. The defender is also assumed to be a defensive team that consists of utility managers, substation inspectors, and cyber security technicians. The defensive team aims at reducing the success probability of cyber attacks on the transmission system by improving inspection efforts and identifying network vulnerabilities, and on the other hand, the defensive team will also conduct optimal load shedding strategy after being attacked. Based on game theory, and according to the action sequence of game participants, this paper proposes a three-stage physical-cyber attack and defense risk assessment framework for an AC/DC hybrid transmission system. The corresponding dynamic game equilibrium solution can not only obtain the optimal attack and defense strategies, but also identify the inherent weaknesses of the power grid according to the risk assessment results.

Figure 1 illustrates the game process of the three-stage physical-cyber attack and defense. In stage 1, the defender allocates limited defense funds to protect the cyber security and physical security of the substation. In stage 2, the attacker allocates limited attack funds to conduct cyber attacks on the substation, and gains the right to tamper with power grid data by performing FDI attacks. In stage 3, the defender adopts the optimal load shedding scheme for the AC/DC hybrid transmission system to minimize the power grid risk.

FIGURE 1

FIGURE 1. Illustration of three-stage physical-cyber attack and defense in an AC/DC hybrid transmission system.

The following basic assumptions are listed in modeling the proposed three-stage dynamic game framework.

1) The topology and all parameters of the power system are accessible to the attacker.

2) The defense strategies employed by the defender, namely the allocation of cyber defense and physical defense funds, are exposed to the attacker.

3) The attacker knows the optimal load shedding scheme that the defender will take if the attacks succeed.

4) The defender will consider the strategies of attackers before allocating defense funds.

Accordingly, the “defender-attacker-defender” three-stage game model established in this paper is a dynamic game with perfect information.

In order to further quantitatively evaluate the power grid risk under the coordinated physical-cyber attacks, a power grid attack risk index (GARI) is defined as follows, also representing the payoffs to the attacker and defender.

$\begin{array}{c}\underset{\mathit{d}\in \mathit{S}\mathit{D}}{\mathbf{min}}\underset{\mathit{a}\in \mathit{S}\mathit{A}\left(\mathit{d}\right)}{\mathbf{max}}\underset{\mathit{l}\in \mathit{S}\mathit{L}\left(\mathit{d},\mathit{a}\right)}{\mathbf{min}}\mathit{G}\mathit{A}\mathit{R}\mathit{I}\left(\mathit{d},\mathit{a},\mathit{l}\right)\end{array}(1)$

In this paper, the proposed GARI is computed as the product of the vulnerability of the substation under coordinated physical-cyber attacks and the corresponding consequences caused, which is expressed as

$\begin{array}{c}\mathit{G}\mathit{A}\mathit{R}\mathit{I}\left(\mathit{d},\mathit{a},\mathit{l}\right)=\mathit{V}\left(\mathit{d},\mathit{a}\right)\cdot \mathit{C}\left(\mathit{l}\right)\end{array}(2)$

2.1 Stage 1: Deployment of defense funds

Regarding the cyber side, the defender can reduce the success probability of cyber attacks against substations by upgrading software, performing routine security checks, and purchasing data monitoring equipment. Especially in view of the fact that each substation improves its own communication network by applying for funds from the utility, and that there is an upper limit on these funds, a discrete allocation scheme of funds is designed in this paper to represent the deployment of defense funds, which is modeled as follows:

$\begin{array}{c}\left\{\begin{array}{c}{\mathit{S}}_{\mathit{C}\mathit{y}\mathit{d}}=\left\{\mathit{C}\mathit{y}{\mathit{d}}_{\mathit{i}}\right\}\\ {\displaystyle \sum }_{\mathit{i}\in \mathit{B}}{\mathit{C}\mathit{y}\mathit{d}}_{\mathit{i}}\le {\mathit{F}}_{\mathit{C}\mathit{y}\mathit{d}}\end{array}\right.,\mathit{C}\mathit{y}{\mathit{d}}_{\mathit{i}}\in \left\{\mathbf{0},\mathit{C}\mathit{y}\mathit{d}{\mathit{L}}_{\mathbf{1}},\mathit{C}\mathit{y}\mathit{d}{\mathit{L}}_{\mathbf{2}}\right\},\mathit{C}\mathit{y}{\mathit{d}}_{\mathit{i}}\ge \mathbf{0}\end{array}(3)$

Regarding the physical side, the defender needs to prevent attacker from bribing substation staff and investigate the illegally installed monitoring devices around the substation to be attacked. Similarly, a discrete allocation scheme of defense funds is given as follows:

$\begin{array}{c}\left\{\begin{array}{c}{\mathit{S}}_{\mathit{P}\mathit{h}\mathit{d}}=\left\{\mathit{P}\mathit{h}{\mathit{d}}_{\mathit{i}}\right\}\\ {\displaystyle \sum }_{\mathit{i}\in \mathit{B}}\mathit{P}\mathit{h}{\mathit{d}}_{\mathit{i}}\le {\mathit{F}}_{\mathit{P}\mathit{h}\mathit{d}}\end{array}\right.,\mathit{P}\mathit{h}{\mathit{d}}_{\mathit{i}}\in \left\{\mathbf{0},\mathit{P}\mathit{h}\mathit{d}{\mathit{L}}_{\mathbf{1}},\mathit{P}\mathit{h}\mathit{d}{\mathit{L}}_{\mathbf{2}}\right\},\mathit{P}\mathit{h}{\mathit{d}}_{\mathit{i}}\ge \mathbf{0}\end{array}(4)$

The set of defense fund deployment strategies for the defender can be determined after considering the allocation of funds for both cyber defense and physical security, which is given as follows:

$\begin{array}{c}\mathit{S}\mathit{D}=\left\{\mathit{d}|\mathit{d}=\left({\mathit{S}}_{\mathit{C}\mathit{y}\mathit{d}},{\mathit{S}}_{\mathit{P}\mathit{h}\mathit{d}}\right)\right\}\end{array}(5)$

2.2 Stage 2: Deployment of attack funds

As mentioned above, the main form of cyber attacks launched by attackers on the cyber side is the FDI attacks. In order to meet the conditions under which the FDI attacks can be performed, the attack team must hire a certain number of hackers to infiltrate the cyber network and falsify data. In this paper, it is assumed that the attack team pays different hacking service fees according to the skill level of the hired hackers. In view of this, a discrete hacking service fee scheme is designed to model the deployment of attack funds on cyber side, which is expressed as

$\begin{array}{c}\left\{\begin{array}{c}{\mathit{S}}_{\mathit{C}\mathit{y}\mathit{a}}=\left\{\mathit{C}\mathit{y}{\mathit{a}}_{\mathit{i}}\right\}\\ {\displaystyle \sum }_{\mathit{i}\in \mathit{A}}\mathit{C}\mathit{y}{\mathit{a}}_{\mathit{i}}\le {\mathit{F}}_{\mathit{C}\mathit{y}\mathit{a}}\end{array}\right.,\mathit{C}\mathit{y}{\mathit{a}}_{\mathit{i}}\in \left\{\mathit{C}\mathit{y}\mathit{a}{\mathit{L}}_{\mathbf{1}},\mathit{C}\mathit{y}\mathit{a}{\mathit{L}}_{\mathbf{2}}\right\},\mathit{C}\mathit{y}{\mathit{a}}_{\mathit{i}}>\mathbf{0}\end{array}(6)$

To improve the success probability of performing FDI attacks against the AC/DC hybrid transmission system, it is essential to obtain some corresponding information of power grid, such as network topology and power flow data. More importantly, once the attack team obtains the SSH port number and password of measuring equipment in the target substations, it will be very easy to execute a stealthy FDI attack. Therefore, the attack team will spend certain funds to obtain power grid information by bribing substation staff and illegally installing some monitoring devices. Similarly, a discrete monitoring fee scheme is designed to model the deployment of attack funds on the physical side, which is expressed as

$\begin{array}{c}\left\{\begin{array}{c}{\mathit{S}}_{\mathit{P}\mathit{h}\mathit{a}}=\left\{\mathit{P}\mathit{h}{\mathit{a}}_{\mathit{i}}\right\}\\ {\displaystyle \sum }_{\mathit{i}\in \mathit{A}}\mathit{P}\mathit{h}{\mathit{a}}_{\mathit{i}}\le {\mathit{F}}_{\mathit{P}\mathit{h}\mathit{a}}\end{array}\right.,\mathit{P}\mathit{h}{\mathit{a}}_{\mathit{i}}\in \left\{\mathit{P}\mathit{h}\mathit{a}{\mathit{L}}_{\mathbf{1}},\mathit{P}\mathit{h}\mathit{a}{\mathit{L}}_{\mathbf{2}}\right\},\mathit{P}\mathit{h}{\mathit{a}}_{\mathit{i}}>\mathbf{0}\end{array}(7)$

The set of attack fund deployment strategies for the attacker can be determined after considering the allocation of funds for both cyber attacks and physical monitoring, which is given as follows:

$\begin{array}{c}\mathit{S}\mathit{A}=\left\{\mathit{a}|\mathit{a}=\left({\mathit{S}}_{\mathit{C}\mathit{y}\mathit{a}},{\mathit{S}}_{\mathit{P}\mathit{h}\mathit{a}}\right)\right\}\end{array}(8)$

Once two players, the defender and the attacker, have deployed funds in sequential order, the probability of a successful cyber attack can be determined. Regarding the attack on the cyber side, the probability of an attacker successfully attacking the $i^{th}$ substation consists of the following two items:

$\begin{array}{c}{\mathit{p}}_{\mathit{C}\mathit{y},\mathit{i}}={\mathit{p}}_{\mathit{B}\mathit{A}\mathit{G},\mathit{i}}\cdot {\mathit{p}}_{\mathit{c}\mathit{o}\mathit{n},\mathit{i}}\end{array}(9)$

In this paper, the probability ${\mathit{p}}_{\mathit{B}\mathit{A}\mathit{G},\mathit{i}}$ can be calculated by using a Bayesian attack graph model as shown in Figure 2, which can clearly indicate the path of the cyber attack.

FIGURE 2

FIGURE 2. Bayesian attack graph model of substation under cyber attack.

In Figure 2, the hackers exploit the vulnerabilities < SSH1, 2>, <log2,3>, and <DB 3,4>, respectively, and get the control right of the substation, namely the right of User (4) in accordance with the <1,2>, <2,3>, and <3,4 > connectivity paths. The corresponding details of each vulnerability are shown in Table 1, and the value of each vulnerability can be calculated quantitatively based on the common vulnerability scoring system (CVSS) (National institute of standards and technology, 2022), which is a method used to provide qualitative measure of severity. In addition, the CVSS also provides a lot of information about each vulnerability, such as impact, attack vector, weakness, or other relevant technical information. The given information can help determine the number from 0 to 10 as the CVSS score, and the larger the number, the higher the severity of the vulnerability.

TABLE 1

TABLE 1. Information on the vulnerabilities exploited during the attack.

The final success probability of an attacker falsifying the data of the $i^{th}$ substation can be obtained from the attack path given in Figure 2, which is modeled as

$\begin{array}{c}{\mathit{p}}_{\mathit{B}\mathit{A}\mathit{G},\mathit{i}}=\mathit{p}\left(\mathbf{S}\mathbf{S}\mathbf{H}\right)\cdot \mathit{p}\left(\mathbf{Log}\right)\cdot \mathit{p}\left(\mathbf{D}\mathbf{B}\right)\end{array}(10)$

In this paper, the CVSS score is divided by 10 to implement the normalization as the success probability of a cyber attack, so the $\mathit{p}\left(\mathbf{S}\mathbf{S}\mathbf{H}\right)$, $\mathit{p}\left(\mathbf{Log}\right)$, and $\mathit{p}\left(\mathbf{D}\mathbf{B}\right)$ are defined as 8%, 55% and 78%, respectively.

For the connectivity probability ${\mathit{p}}_{\mathit{c}\mathit{o}\mathit{n},\mathit{i}}$, for simplicity, it can be expressed as follows, in which it is assumed that the marginal effect of the funds invested by both the attacker and defender is taken into account:

$\begin{array}{c}{\mathit{p}}_{\mathit{c}\mathit{o}\mathit{n},\mathit{i}}=\mathbf{0.9}{\mathit{e}}^{-\frac{\mathit{C}\mathit{y}{\mathit{d}}_{\mathit{i}}}{\mathit{\mu }+\mathit{C}\mathit{y}{\mathit{a}}_{\mathit{i}}}}+\mathbf{0.1}\end{array}(11)$

It should be noted that the value of $\mathit{\mu }$ is related to the number of measurement devices installed in the substation.

Regarding the attack on the physical side, the attacker can not only obtain the basic information of the power grid by monitoring data or bribing staff, but also obtain SSH port information and password of substation. Therefore, we propose the following expression to model the probability of obtaining SSH port and password by non-network intrusion means ${\mathit{p}}_{\mathit{P}\mathit{h},\mathit{i}}$ with the marginal effect taken into account:

$\begin{array}{c}{\mathit{p}}_{\mathit{P}\mathit{h},\mathit{i}}=\frac{\mathit{P}\mathit{h}{\mathit{a}}_{\mathit{i}}}{\mathit{\lambda }+\mathit{P}\mathit{h}{\mathit{a}}_{\mathit{i}}}\cdot \frac{\mathit{\lambda }}{\mathit{\lambda }+\mathit{P}\mathit{h}{\mathit{d}}_{\mathit{i}}}\end{array}(12)$

It should be noted that the value of $\mathit{\lambda }$ is related to the strength of the substation security forces.

To sum up, the actual success probability of the FDI attack on the $i^{th}$ substation can be expressed as

$\begin{array}{c}{\mathit{p}}_{\mathit{i}}=\frac{2\arctan \left({\mathit{p}}_{\mathit{C}\mathit{y},\mathit{i}}+{\mathit{p}}_{\mathit{P}\mathit{h},\mathit{i}}\cdot \mathit{p}\left(\mathit{D}\mathit{B}\right)\cdot {\mathit{p}}_{\mathit{c}\mathit{o}\mathit{n},\mathit{i}}\right)}{\mathit{\pi }}\end{array}(13)$

More specifically, the success probability of the attacker’s FDI attack on the AC/DC hybrid transmission system is the cumulative product of the success probability of the attack on all target substations, which can also be referred to the vulnerability of the power grid under cyber attacks $\mathit{V}\left(\mathit{d},\mathit{a}\right)$ given as follow:

$\begin{array}{c}\mathit{V}\left(\mathit{d},\mathit{a}\right)=\prod _{\mathit{i}\in \mathit{A}}{\mathit{p}}_{\mathit{i}}\end{array}(14)$

2.3 Stage 3: Defender’s action

In the Stage 1 and Stage 2, once the deployment strategies of defense and attack funds are determined, the vulnerability of the substation attacked $\mathit{V}\left(\mathit{d},\mathit{a}\right)$ given in (Eq. 2) becomes a constant term, and the aforementioned GARI can be rewritten as

$\begin{array}{c}\mathit{G}\mathit{A}\mathit{R}\mathit{I}\left({\mathit{d}}^{\prime },{\mathit{a}}^{\prime },\mathit{l}\right)=\mathit{V}\left({\mathit{d}}^{\prime },{\mathit{a}}^{\prime }\right)\cdot \mathit{C}\left(\mathit{l}\right)\end{array}(15)$

In this situation, the defender only needs to take some actions in response to the consequence $\mathit{C}\left(\mathit{l}\right)$ in Stage 3. In this paper, the following max-min optimization problem is proposed to model the consequence $\mathit{C}\left(\mathit{l}\right)$:

$\begin{array}{c}\mathit{C}\left(\mathit{l}\right)=\underset{\mathit{A}\mathit{T}\mathit{K}}{\mathbf{max}}\underset{\mathit{DEF}}{\mathbf{min}}{\displaystyle \sum }_{\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{L}}\in \mathit{DEF}}\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{L}},\mathit{l}=\left(\mathit{A}\mathit{T}\mathit{K},\mathit{DEF}\right)\end{array}(16)$

Since the target of FDI attacks in this paper is the AC/DC hybrid transmission system, the attacker constructs the attack vectors based on AC state estimation to bypass the bad data detector in EMS system. Inspired by the existing FDI attack modeling for AC state estimation (Rahman and Mohsenian-Rad, 2013; Liu and Li, 2016), the corresponding FDI attack vector set $\mathit{A}\mathit{T}\mathit{K}$ is indicated as

$\begin{array}{c}\mathit{A}\mathit{T}\mathit{K}=\left(\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A}},\mathit{\Delta }{\mathit{Q}}_{\mathit{d}\mathit{A}},\mathit{\Delta }{\mathit{V}}_{\mathit{m}\mathit{A}},\mathit{\Delta }{\mathit{\theta }}_{\mathit{A}}\right)\end{array}(17)$

It should be noted that since the measurement devices in substation cannot measure the phase angle, so the actual attack vector does not contain $\mathit{\Delta }{\mathit{\theta }}_{\mathit{A}}$, which is listed here only to indicate the integrity of the constraint variables. Moreover, the number of attacked substations corresponding to the FDI attack vector cannot exceed ${\mathit{n}\mathit{A}\mathit{T}\mathit{K}}_{\mathit{max}}$ to ensure the invisibility of FDI attacks.

To ensure that the FDI attack based on AC state estimation can bypass the bad data detector, the attacker must obey the following rules:

1) The voltage magnitude of the generator node cannot be modified;

2) Only the voltage magnitude and phase angle of the zero-load node can be modified;

3) The voltage magnitude and phase angle of the node adjacent to non-attacked nodes (called edge nodes) cannot be modified;

4) The variation of all tampered data should be within a certain range;

5) The data of DC transmission lines cannot be tampered with.

Based on these rules described above, the FDI attack constraints are indicated as follows:

$\begin{array}{c}\left\{\begin{array}{c}\begin{array}{cc}-\mathit{\tau }{\mathit{P}}_{\mathit{d},\mathit{i}}\le \mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A},\mathit{i}}\le \mathit{\tau }{\mathit{P}}_{\mathit{d},\mathit{i}}& \left(\mathit{i}\in \mathit{A}\right)\end{array}\\ \begin{array}{cc}-\mathit{\tau }{\mathit{Q}}_{\mathit{d},\mathit{i}}\le \mathit{\Delta }{\mathit{Q}}_{\mathit{d}\mathit{A},\mathit{i}}\le \mathit{\tau }{\mathit{Q}}_{\mathit{d},\mathit{i}}& \left(\mathit{i}\in \mathit{A}\right)\end{array}\\ \begin{array}{cc}-\mathit{\tau }{\mathit{V}}_{\mathit{m},\mathit{i}}\le \mathit{\Delta }{\mathit{V}}_{\mathit{m}\mathit{A},\mathit{i}}\le \mathit{\tau }{\mathit{V}}_{\mathit{m},\mathit{i}}& \left(\mathit{i}\in \mathit{A}\right)\end{array}\\ \begin{array}{cc}-\mathit{\tau }{\mathit{\theta }}_{\mathit{i}}\le \mathit{\Delta }{\mathit{\theta }}_{\mathit{A},\mathit{i}}\le \mathit{\tau }{\mathit{\theta }}_{\mathit{i}}& \left(\mathit{i}\in \mathit{A}\right)\end{array}\\ \begin{array}{ll}\mathit{\Delta }{\mathit{V}}_{\mathit{m}\mathit{A},\mathit{k}}=\mathbf{0}& \left(\mathit{k}\in {\mathit{A}}_{\mathit{g}}\right)\end{array}\\ \begin{array}{cc}\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A},\mathit{k}}=\mathbf{0}& \left(\mathit{k}\in {\mathit{A}}_{\mathbf{0}}\right)\end{array}\\ \begin{array}{cc}\mathit{\Delta }{\mathit{Q}}_{\mathit{d}\mathit{A},\mathit{k}}=\mathbf{0}& \left(\mathit{k}\in {\mathit{A}}_{\mathbf{0}}\right)\end{array}\\ \begin{array}{cc}\mathit{\Delta }{\mathit{V}}_{\mathit{m}\mathit{A},\mathit{k}}=\mathbf{0}& \left(\mathit{k}\in {\mathit{A}}_{\mathit{e}}\right)\end{array}\\ \begin{array}{cc}\mathit{\Delta }{\mathit{\theta }}_{\mathit{A},\mathit{k}}=\mathbf{0}& \left(\mathit{k}\in {\mathit{A}}_{\mathit{e}}\right)\end{array}\\ \mathit{P}\mathit{a}\mathit{r}\mathit{t}\mathit{L}\mathit{F}\left({\mathit{P}}_{\mathit{d}}+\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A}},{\mathit{Q}}_{\mathit{d}}+\mathit{\Delta }{\mathit{Q}}_{\mathit{d}\mathit{A}},{\mathit{V}}_{\mathit{m}}+\mathit{\Delta }{\mathit{V}}_{\mathit{m}\mathit{A}},\mathit{\theta }+\mathit{\Delta }{\mathit{\theta }}_{\mathit{A}},{\mathit{P}}_{\mathit{g}\mathit{A}},{\mathit{Q}}_{\mathit{g}\mathit{A}}\right)=\mathbf{0}\end{array}\right.\end{array}(18)$

The corresponding $\mathit{P}\mathit{a}\mathit{r}\mathit{t}\mathit{L}\mathit{F}$ constraints are specified as

$\begin{array}{c}\left\{\begin{array}{c}\begin{array}{cc}{\mathit{P}}_{\mathit{i}}={\mathit{V}}_{\mathit{m},\mathit{i}}{\displaystyle \sum }_{\mathit{j}=\mathbf{1}}^{\mathit{n}\mathit{A}}{\mathit{V}}_{\mathit{m},\mathit{j}}\left[{\mathit{g}}_{\mathit{i}\mathit{j}}\mathit{cos}\left({\mathit{\theta }}_{\mathit{i}}-{\mathit{\theta }}_{\mathit{j}}\right)+{\mathit{b}}_{\mathit{i}\mathit{j}}\mathit{sin}\left({\mathit{\theta }}_{\mathit{i}}-{\mathit{\theta }}_{\mathit{j}}\right)\right]& \left(\mathit{i},\mathit{j}\in \mathit{A}\right)\end{array}\\ \begin{array}{cc}{\mathit{Q}}_{\mathit{i}}=-{\mathit{V}}_{\mathit{m},\mathit{i}}{\displaystyle \sum }_{\mathit{j}=\mathbf{1}}^{\mathit{n}\mathit{A}}{\mathit{V}}_{\mathit{m},\mathit{j}}\left[{\mathit{b}}_{\mathit{i}\mathit{j}}\mathit{cos}\left({\mathit{\theta }}_{\mathit{i}}-{\mathit{\theta }}_{\mathit{j}}\right)-{\mathit{g}}_{\mathit{i}\mathit{j}}\mathit{sin}\left({\mathit{\theta }}_{\mathit{i}}-{\mathit{\theta }}_{\mathit{j}}\right)\right]& \left(\mathit{i},\mathit{j}\in \mathit{A}\right)\end{array}\\ \begin{array}{cc}{\mathit{P}}_{\mathit{i}}={\mathit{P}}_{\mathit{g},\mathit{i}}-{\mathit{P}}_{\mathit{d},\mathit{i}}-\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A},\mathit{i}}+{\mathit{P}}_{\mathit{l}\mathit{e}\mathit{q},\mathit{i}}& \left(\mathit{i}\in \mathit{A}\right)\end{array}\\ \begin{array}{cc}{\mathit{Q}}_{\mathit{i}}={\mathit{Q}}_{\mathit{g},\mathit{i}}-{\mathit{Q}}_{\mathit{d},\mathit{i}}-\mathit{\Delta }{\mathit{Q}}_{\mathit{d}\mathit{A},\mathit{i}}+{\mathit{Q}}_{\mathit{l}\mathit{e}\mathit{q},\mathit{i}}& \left(\mathit{i}\in \mathit{A}\right)\end{array}\\ \begin{array}{cc}{\mathit{P}}_{\mathit{l}\mathit{e}\mathit{q},\mathit{i}}=\mathbf{0}& \left(\mathit{i}\notin {\mathit{A}}_{\mathit{e}}\right)\end{array}\\ \begin{array}{cc}{\mathit{Q}}_{\mathit{l}\mathit{e}\mathit{q},\mathit{i}}=\mathbf{0}& \left(\mathit{i}\notin {\mathit{A}}_{\mathit{e}}\right)\end{array}\end{array}\right.\end{array}(19)$

Similar to the FDI attack vector, the optimal load shedding vector set $\mathit{DEF}$ for the AC/DC hybrid transmission system can be indicated as

$\begin{array}{c}\mathit{DEF}=\left(\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{L}},\mathit{\Delta }{\mathit{Q}}_{\mathit{d}\mathit{L}}\right)\end{array}(20)$

Subject to the following constraints:

$\begin{array}{c}\left\{\begin{array}{c}\begin{array}{cc}\mathbf{0}\le \mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{L},\mathit{i}}\le {\mathit{P}}_{\mathit{d},\mathit{i}}& \left(\mathit{i}\in \mathit{B}\right)\end{array}\\ \begin{array}{cc}\left|\mathit{\Delta }{\mathit{Q}}_{\mathit{d}\mathit{L},\mathit{i}}\right|\le \left|{\mathit{Q}}_{\mathit{d},\mathit{i}}\right|,\mathit{\Delta }{\mathit{Q}}_{\mathit{d}\mathit{L},\mathit{i}}\cdot {\mathit{Q}}_{\mathit{d},\mathit{i}}\ge \mathbf{0}& \left(\mathit{i}\in \mathit{B}\right)\end{array}\\ \begin{array}{cc}{\mathit{V}}_{\mathit{m}\mathbf{min},\mathit{i}}\le {\mathit{V}}_{\mathit{m},\mathit{i}}\le {\mathit{V}}_{\mathit{m}\mathbf{max},\mathit{i}}& \left(\mathit{i}\in \mathit{B}\right)\end{array}\\ \begin{array}{cc}{\mathit{\theta }}_{\mathbf{min},\mathit{i}}\le {\mathit{\theta }}_{\mathit{i}}\le {\mathit{\theta }}_{\mathbf{max},\mathit{i}}& \left(\mathit{i}\in \mathit{B}\right)\end{array}\\ \begin{array}{cc}{\mathit{S}}_{\mathit{l},\mathit{i}\mathit{j}}\le {\mathit{S}}_{\mathit{l}\mathbf{max},\mathit{i}\mathit{j}}& \left(\mathit{i},\mathit{j}\in \mathit{B}\right)\end{array}\\ \begin{array}{cc}{\mathit{P}}_{\mathit{g}\mathbf{min},\mathit{i}}\le {\mathit{P}}_{\mathit{g},\mathit{i}}\le {\mathit{P}}_{\mathit{g}\mathbf{max},\mathit{i}}& \left(\mathit{i}\in \mathit{B}\right)\end{array}\\ \begin{array}{cc}{\mathit{Q}}_{\mathit{g}\mathbf{min},\mathit{i}}\le {\mathit{Q}}_{\mathit{g},\mathit{i}}\le {\mathit{Q}}_{\mathit{g}\mathbf{max},\mathit{i}}& \left(\mathit{i}\in \mathit{B}\right)\end{array}\\ \mathit{L}\mathit{F}\left({\mathit{P}}_{\mathit{d}}+\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A}}-\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{L}},{\mathit{Q}}_{\mathit{d}}+\mathit{\Delta }{\mathit{Q}}_{\mathit{d}\mathit{A}}-\mathit{\Delta }{\mathit{Q}}_{\mathit{d}\mathit{L}},{\mathit{V}}_{\mathit{m}},\mathit{\theta },{\mathit{P}}_{\mathit{g}},{\mathit{Q}}_{\mathit{g}}\right)=\mathbf{0}\end{array}\right.\end{array}(21)$

The corresponding $\mathit{L}\mathit{F}$ constraints are specified as

$\begin{array}{c}\left\{\begin{array}{c}\begin{array}{cc}{\mathit{P}}_{\mathit{i}}={\mathit{V}}_{\mathit{m},\mathit{i}}{\displaystyle \sum }_{\mathit{j}=\mathbf{1}}^{\mathit{n}\mathit{B}}{\mathit{V}}_{\mathit{m},\mathit{j}}\left[{\mathit{g}}_{\mathit{i}\mathit{j}}\mathit{cos}\left({\mathit{\theta }}_{\mathit{i}}-{\mathit{\theta }}_{\mathit{j}}\right)+{\mathit{b}}_{\mathit{i}\mathit{j}}\mathit{sin}\left({\mathit{\theta }}_{\mathit{i}}-{\mathit{\theta }}_{\mathit{j}}\right)\right]& \left(\mathit{i},\mathit{j}\in \mathit{B}\right)\end{array}\\ \begin{array}{cc}{\mathit{Q}}_{\mathit{i}}=-{\mathit{V}}_{\mathit{m},\mathit{i}}{\displaystyle \sum }_{\mathit{j}=\mathbf{1}}^{\mathit{n}}{\mathit{V}}_{\mathit{m},\mathit{j}}\left[{\mathit{b}}_{\mathit{i}\mathit{j}}\mathit{cos}\left({\mathit{\theta }}_{\mathit{i}}-{\mathit{\theta }}_{\mathit{j}}\right)-{\mathit{g}}_{\mathit{i}\mathit{j}}\mathit{sin}\left({\mathit{\theta }}_{\mathit{i}}-{\mathit{\theta }}_{\mathit{j}}\right)\right]& \left(\mathit{i},\mathit{j}\in \mathit{B}\right)\end{array}\\ \begin{array}{cc}{\mathit{P}}_{\mathit{i}}={\mathit{P}}_{\mathit{g},\mathit{i}}-{\mathit{P}}_{\mathit{d},\mathit{i}}-\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A},\mathit{i}}& \left(\mathit{i}\in \mathit{A}\right)\end{array}\\ \begin{array}{cc}{\mathit{Q}}_{\mathit{i}}={\mathit{Q}}_{\mathit{g},\mathit{i}}-{\mathit{Q}}_{\mathit{d},\mathit{i}}-\mathit{\Delta }{\mathit{Q}}_{\mathit{d}\mathit{A},\mathit{i}}& \left(\mathit{i}\in \mathit{A}\right)\end{array}\\ \begin{array}{cc}{\mathit{P}}_{\mathit{i}}={\mathit{P}}_{\mathit{g},\mathit{i}}-{\mathit{P}}_{\mathit{d},\mathit{i}}& \left(\mathit{i}\notin \mathit{A}\right)\end{array}\\ \begin{array}{cc}{\mathit{Q}}_{\mathit{i}}={\mathit{Q}}_{\mathit{g},\mathit{i}}-{\mathit{Q}}_{\mathit{d},\mathit{i}}& \left(\mathit{i}\notin \mathit{A}\right)\end{array}\end{array}\right.\end{array}(22)$

In this paper, the line commutated converter (LCC) model as shown in Figure 3 is applied to formulate the HVDC transmission line, which is given as follows (Kundur and Malik, 2022):

$\begin{array}{c}\left\{\begin{array}{c}\begin{array}{cc}{\mathit{U}}_{\mathit{d}}^{\prime }=\frac{\mathbf{3}\sqrt{\mathbf{2}}}{\mathit{\pi }}{\mathit{n}}^{\prime }{\mathit{U}}^{\prime }\mathit{cos}\mathit{\alpha }-\frac{\mathbf{3}}{\mathit{\pi }}{{\mathit{X}}_{\mathit{C}}^{\prime }\mathit{I}}_{\mathit{d}}& \left(\mathrm{R}\mathrm{e}\mathrm{c}\mathrm{t}\mathrm{i}\mathrm{f}\mathrm{i}\mathrm{e}\mathrm{r}\right)\\ {\mathit{U}}_{\mathit{d}}^{″}=\frac{\mathbf{3}\sqrt{\mathbf{2}}}{\mathit{\pi }}{\mathit{n}}^{″}{\mathit{U}}^{″}\mathit{cos}\mathit{\gamma }-\frac{\mathbf{3}}{\mathit{\pi }}{\mathit{X}}_{\mathit{C}}^{″}{\mathit{I}}_{\mathit{d}}& \left(\mathrm{I}\mathrm{n}\mathrm{v}\mathrm{e}\mathrm{r}\mathrm{t}\mathrm{e}\mathrm{r}\right)\end{array}\\ \begin{array}{cc}\mathbf{cos}{\mathit{\phi }}^{\prime }=\frac{{\mathit{U}}_{\mathit{d}}^{\prime }}{\frac{\mathbf{3}\sqrt{\mathbf{2}}}{\mathit{\pi }}{\mathit{n}}^{\prime }{\mathit{U}}^{\prime }}& \left({\mathit{\phi }}^{\prime }\in \mathrm{I}\mathrm{Q}\mathrm{u}\mathrm{a}\mathrm{d}\mathrm{r}\mathrm{a}\mathrm{n}\mathrm{t}\right)\end{array}\\ \begin{array}{cc}\left|\mathbf{cos}{\mathit{\phi }}^{″}\right|=\frac{{\mathit{U}}_{\mathit{d}}^{″}}{\frac{\mathbf{3}\sqrt{\mathbf{2}}}{\mathit{\pi }}{\mathit{n}}^{″}{\mathit{U}}^{″}}& \left({\mathit{\phi }}^{″}\in \mathrm{I}\mathrm{I}\mathrm{Q}\mathrm{u}\mathrm{a}\mathrm{d}\mathrm{r}\mathrm{a}\mathrm{n}\mathrm{t}\right)\end{array}\\ \begin{array}{cc}{\mathit{P}}_{\mathit{d}}^{\prime }={\mathit{U}}_{\mathit{d}}^{\prime }{\mathit{I}}_{\mathit{d}}& \left(>\mathbf{0}\right),\begin{array}{cc}{\mathit{Q}}_{\mathit{d}}^{\prime }={\mathit{P}}_{\mathit{d}}^{\prime }\mathbf{tan}{\mathit{\phi }}^{\prime }& \left(>\mathbf{0}\right)\end{array}\end{array}\\ \\ \begin{array}{cc}{\mathit{P}}_{\mathit{d}}^{″}={-\mathit{U}}_{\mathit{d}}^{″}{\mathit{I}}_{\mathit{d}}& \left(<\mathbf{0}\right)\end{array}\begin{array}{cc}{\mathit{Q}}_{\mathit{d}}^{″}=\left|{\mathit{P}}_{\mathit{d}}^{″}\mathbf{tan}{\mathit{\phi }}^{″}\right|& \left(>\mathbf{0}\right)\end{array}\\ \\ {\mathit{\theta }}_{\mathit{I}}^{\prime }={\mathit{\theta }}_{\mathit{U}}^{\prime }-{\mathit{\phi }}^{\prime },{\mathit{\theta }}_{\mathit{I}}^{″}={\mathit{\theta }}_{\mathit{U}}^{″}-{\mathit{\phi }}^{″}\\ \\ {\mathit{I}}^{\prime }=\frac{\sqrt{\mathbf{6}}}{\mathit{\pi }}{\mathit{n}}^{\prime }{\mathit{I}}_{\mathit{d}},{\mathit{I}}^{″}=\frac{\sqrt{\mathbf{6}}}{\mathit{\pi }}{\mathit{n}}^{″}{\mathit{I}}_{\mathit{d}},{\mathit{R}}_{\mathit{d}}{\mathit{I}}_{\mathit{d}}={\mathit{U}}_{\mathit{d}}^{\prime }-{\mathit{U}}_{\mathit{d}}^{″}\\ \\ \end{array}\right.\end{array}(23)$

FIGURE 3

FIGURE 3. Schematic diagram of LCC-HVDC transmission model.

By solving the optimization problem shown in (Eq. 16) under the FDI attack vector constraints as given in (Eqs 18, 19) and the load shedding vector constraints as given in (Eqs 21–23), the optimal solutions, namely the optimal FDI attack vector set ${\mathit{A}\mathit{T}\mathit{K}}^{*}$ and the optimal load shedding vector set ${\mathit{DEF}}^{*}$ can be obtained. Once the system loss $\mathit{C}\left(\mathit{l}\right)$ is determined, the GARI shown in (Eq. 15) can be used to assess the risks of the AC/DC hybrid transmission system under FDI cyber attacks.

3 Solution method

According to the modeling analysis of each stage in the aforementioned three-stage dynamic game framework, the framework can be converted into a bi-level mathematical programming problem for solution. In this paper, firstly, an IPSO algorithm is constructed to solve the lower-level programming problem, aiming to obtain the optimal FDI attack and the optimal load shedding vectors. Secondly, the payoffs of the different attack and defense fund deployment strategies can be calculated once the system loss is determined based on the solution of the lower-level programming problem. For the solution of the upper-level programming problem, the sub-game perfect Nash equilibrium is solved by using the BI method (Aliprantis, 1999), and it is also helpful to calculate the deployment of funds under the certain fund constraints. Finally, the risk assessment analysis is carried out in accordance with the Nash equilibrium obtained under various fund constraints.

3.1 Solution for the lower-level programming problem

It should be noted that the FDI attack against the AC state estimation system proposed in this paper is essentially a reconstruction form of partial power flow. According to the rules of generating FDI attack vectors described in Section 2.3, the tampered data and other data in the attack area still meet the power flow constraints, and only some inequality constraints such as voltage magnitude and line capacity are violated in the attack area. From the perspective of power grid dispatcher (the defender), it can be considered that the load changes cause some grid measurement data to exceed the limits. Therefore, the tampered data can bypass the bad data detector and affect the system state estimation.

As the tampered power grid data still meets the power flow constraints, the potential attack selections can be searched through the numerical relationship between power system unknowns and equations. If the number of unknowns in the set of all attacked target substations exceeds the number of equations, the set is considered to be suitable for FDI attacks, that is, a potential attack selection. On the one hand, since the active power, reactive power, voltage magnitude, and phase angle of each attacked target substation node need to be calculated, the number of unknowns ${\mathit{N}}_{\mathit{x}}$ can be expressed as

$\begin{array}{c}{\mathit{N}}_{\mathit{x}}=\mathbf{4}\mathit{N}\left(\mathit{A}\right)\end{array}(24)$

Moreover, based on the (Eq. 18) and (Eq. 19), as well as the relationship between active power and reactive power of load, the number of the equations ${\mathit{N}}_{\mathit{e}\mathit{q}}$ can be expressed as

$\begin{array}{c}{\mathit{N}}_{\mathit{e}\mathit{q}}=\mathbf{3}\mathit{N}\left(\mathit{A}\right)+\mathit{N}\left({\mathit{A}}_{\mathit{g}}\right)+\mathit{N}\left({\mathit{A}}_{\mathbf{0}}\right)+\mathit{N}\left({\mathit{A}}_{\mathit{e}}\right)\end{array}(25)$

In this paper, a depth-first search strategy (DFS) is leveraged to search for the potential attack selections, and if the number of all attacked target substation sets meets ${\mathit{N}}_{\mathit{x}}>{\mathit{N}}_{\mathit{e}\mathit{q}}$, it should be added to the potential attack selection set $\mathit{A}\mathit{P}=\left\{{\mathit{A}}_{\mathbf{1}},...,{\mathit{A}}_{\mathit{i}},...,{\mathit{A}}_{\mathit{o}}\right\}$.

The FDI attack vectors can be constructed based on a given potential attack selection. According to (Eq. 19) and the relationship between active power and reactive power of load, it can be seen that once the active power of each attacked target substation is determined, the other three unknowns can be calculated based on the active power data, and the attack vectors can be represented by the following active power injection vectors:

$\begin{array}{c}\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A}}\sim \mathit{A}\mathit{T}\mathit{K}\end{array}(26)$

For a determined ${\mathit{A}\mathit{T}\mathit{K}}^{*}$, the max-min optimization problem described in (Eq. 16) can be converted into the following single-level non-linear optimization problem.

$\begin{array}{c}\mathit{C}\left(\mathit{l}\right)=\underset{\mathit{DEF}}{\mathbf{min}}{\displaystyle \sum }_{\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{L}}\in \mathit{DEF},\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A}}^{\ast }\in {\mathit{A}\mathit{T}\mathit{K}}^{\ast }}\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{L}}\left(\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A}}^{\ast }\right)\end{array}(27)$

Subject to Eqs 21–23.

In order to solve the aforementioned problem effectively, an open-source non-linear optimization solver IPOPT (Wächter and Biegler, 2006) is employed to obtain the optimal load shedding strategy of the AC/DC hybrid transmission system. The corresponding solution $\mathit{DEF}$ represents the optimal load shedding vector set corresponding to ${\mathit{A}\mathit{T}\mathit{K}}^{*}$.

Regarding the solution of the optimal attack vector, an IPSO is applied owing to the non-convex nonlinear characteristics of the optimization problem. It is known that the basic PSO algorithm is quite suitable for dealing with non-convex nonlinear optimization problems because of its simple implementation process and no need for gradient information (Nickabadi et al., 2011). In the PSO algorithm applied in this paper, the particles are designed as the part of the active power injection vectors $\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A}}$. It should be noted that the number of independent variables in this vector is ${\mathit{N}}_{\mathit{x}}-{\mathit{N}}_{\mathit{e}\mathit{q}}$, which corresponds to $\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A}}$ one by one, so the positions of particles can be constructed as

$\begin{array}{c}{\mathit{X}}_{\mathit{i}}=\left(\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A},\mathbf{1}},\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A},\mathbf{2}},\cdots ,\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A},\mathit{m}}\right),\mathit{m}={\mathit{N}}_{\mathit{x}}-{\mathit{N}}_{\mathit{e}\mathit{q}}\end{array}(28)$

As mentioned above, the load shedding amount of each substation mainly depends on the attack vector, line capacity, node voltage, and generator output under a malicious FDI attack scenario. By analyzing the FDI attack vector, the following characteristics can be found, that is, the node with the highest amount of load shedding generally has the largest or the second largest value of the active power attack vector, which can be used to generate some specific attack vectors as initial particles to assist the PSO algorithm to find the optimal solution and accelerate the convergence speed. Considering these characteristics of the FDI vectors, an IPSO algorithm with an initial particle generation technology proposed in this paper is applied to accelerate the convergence speed of the basic PSO algorithm. Moreover, these specific attack vectors can be called auxiliary attack vectors ($\mathit{A}\mathit{V}\mathit{V}\mathrm{s}$). For attack selection ${\mathit{A}}_{\mathit{i}}$, the set of $\mathit{A}\mathit{V}\mathit{V}\mathrm{s}$ can be calculated as

$\begin{array}{c}\mathit{S}\left(\mathit{A}\mathit{V}\mathit{V}\right)=\mathbf{arg}\left\{\mathbf{max}\left(\mathit{C}\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A},\mathit{k}}+{\left({\displaystyle \sum }_{\mathit{i}\ne \mathit{k}}\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A},\mathit{i}}^{\mathbf{2}}\right)}^{\frac{\mathbf{1}}{\mathbf{2}}}\right),\mathit{k}\in {\mathit{A}}_{\mathit{j}}\right\},\mathit{C}=\mathbf{c}\mathbf{o}\mathbf{n}\mathbf{s}\mathbf{t}\gg \mathbf{0}\end{array}(29)$

Subject to (Eq. 18) and the relationship between active power and reactive power of load.

Here, the $\mathit{A}\mathit{V}\mathit{V}$ can be transformed into the positions of particles, and the initial particle placed in these positions are called auxiliary search particle ($\mathit{A}\mathit{S}\mathit{P}$). With the help of $\mathit{A}\mathit{S}\mathit{P}$, the pseudocode of the IPSO algorithm for solving $\mathit{A}\mathit{T}\mathit{K}$ and $\mathit{DEF}$ is described in Table 2.

TABLE 2

TABLE 2. Procedure of the proposed IPSO algorithm.

3.2 Solution for the upper-level programming problem

According to the load shedding results obtained by solving the lower-level programming problem mentioned above, the corresponding consequences caused by the coordinated physical-cyber attacks can be determined. Since the number of the attack and defense strategies under certain fund constraints is limited, it is easy to calculate all the payoffs between the attacker and the defender according to (Eq. 2), (Eqs 9–14). In this paper, once the payoffs are determined, the solution of the upper-level programming problem, namely the subgame perfect Nash equilibrium, can be obtained by using the BI method.

Considering that the proposed three-stage dynamic game framework is a zero-sum game problem, the payoff of the attacker can be expressed as

$\begin{array}{c}\begin{array}{c}{\mathit{u}}_{\mathit{a}}\left({\mathit{d}}_{\mathit{i}},{\mathit{a}}_{\mathit{i}\mathit{j}}\right)=\mathit{G}\mathit{A}\mathit{R}\mathit{I}\left({\mathit{d}}_{\mathit{i}},{\mathit{a}}_{\mathit{i}\mathit{j}},\mathit{l}\right)={\mathit{P}\mathit{A}\mathit{Y}\mathit{O}\mathit{F}\mathit{F}}_{\mathit{i}\mathit{j}}\ge \mathbf{0},\\ {\mathit{d}}_{\mathit{i}}\in \mathit{S}\mathit{D},{\mathit{a}}_{\mathit{i}\mathit{j}}\in \mathit{S}\mathit{A}\left({\mathit{d}}_{\mathit{i}}\right),\mathbf{1}\le \mathit{i}\le \mathit{h},\mathbf{1}\le \mathit{j}\le \mathit{q}\end{array}\end{array}(30)$

The payoff function of the defender can be expressed as

$\begin{array}{c}{\mathit{u}}_{\mathit{d}}\left({\mathit{d}}_{\mathit{i}},{\mathit{a}}_{\mathit{i}\mathit{j}}\right)=-{\mathit{u}}_{\mathit{a}}\left({\mathit{d}}_{\mathit{i}},{\mathit{a}}_{\mathit{i}\mathit{j}}\right)=-{\mathit{P}\mathit{A}\mathit{Y}\mathit{O}\mathit{F}\mathit{F}}_{\mathit{i}\mathit{j}}\end{array}(31)$

Then the subgame perfect Nash equilibrium can be written as

$\begin{array}{c}{\mathit{u}}_{\mathit{d}}\left({\mathit{d}}^{*},{\mathit{a}}^{*}\right)\ge {\mathit{u}}_{\mathit{d}}\left({\mathit{d}}_{\mathit{i}},{\mathit{a}}_{\mathit{i}\mathit{j}}\right),\forall \left({\mathit{d}}_{\mathit{i}},{\mathit{a}}_{\mathit{i}\mathit{j}}\right)\in \mathit{\Omega }\end{array}(32)$

where

$\begin{array}{c}\mathit{\Omega }=\left\{\left({\mathit{d}}_{\mathit{i}},{\mathit{a}}_{\mathit{i}\mathit{j}}\right)\left|{\mathit{a}}_{\mathit{i}\mathit{j}}\in {\mathit{a}}^{*}\left({\mathit{d}}_{\mathit{i}}\right)\right.\right\},{\mathit{a}}^{*}\left({\mathit{d}}_{\mathit{i}}\right)=\mathbf{arg}\left\{\underset{{\mathit{a}}_{\mathit{i}\mathit{j}}\in \mathit{S}\mathit{A}\left({\mathit{d}}_{\mathit{i}}\right)}{\mathbf{max}}{\mathit{u}}_{\mathit{a}}\left({\mathit{d}}_{\mathit{i}},{\mathit{a}}_{\mathit{i}\mathit{j}}\right)\right\}\end{array}(33)$

Strategy $\left({\mathit{d}}^{*},{\mathit{a}}^{*}\right)$ denotes the subgame perfect Nash equilibrium.

In order to obtain the subgame perfect Nash equilibrium, the BI method is employed in this paper, which can be divided into the following two steps. In the first step, the attacker’s strategy under different defense strategy options is determined, which can be formulated as

$\begin{array}{c}{\mathit{a}}^{*}\left({\mathit{d}}_{\mathit{i}}\right)=\mathbf{arg}\left\{\underset{{\mathit{a}}_{\mathit{i}\mathit{j}}\in \mathit{S}\mathit{A}\left({\mathit{d}}_{\mathit{i}}\right)}{\mathbf{max}}{\mathit{u}}_{\mathit{a}}\left({\mathit{d}}_{\mathit{i}},{\mathit{a}}_{\mathit{i}\mathit{j}}\right)\right\}\end{array}(34)$

In the second step, the defender predicts the attack strategies, so the second step can be formulated as

$\begin{array}{c}{\mathit{d}}^{*}=\mathbf{arg}\left\{\underset{{\mathit{d}}_{\mathit{i}}\in \mathit{S}\mathit{D}}{\mathbf{max}}{\mathit{u}}_{\mathit{d}}\left({\mathit{d}}_{\mathit{i}},{\mathit{a}}_{\mathit{i}\mathit{j}}\right)\right\},{\mathit{a}}_{\mathit{i}\mathit{j}}\in {\mathit{a}}^{*}\left({\mathit{d}}_{\mathit{i}}\right)\end{array}(35)$

The solution process of the BI method for the subgame perfect Nash equilibrium can be illustrated in Figure 4.

FIGURE 4

FIGURE 4. Solution process of the BI method.

In Figure 4, the attacker first selects the corresponding optimal attack strategy (marked by the dark red branch) based on each possible defense strategy. Once the attack strategy is determined, the payoff corresponding to the defense strategy is also determined. For example, the payoff of ${\mathit{d}}_{\mathit{i}}$ is ${\mathit{P}\mathit{A}\mathit{Y}\mathit{O}\mathit{F}\mathit{F}}_{\mathit{i}\mathit{j}}$ as the optimal attack strategy is ${\mathit{a}}_{\mathit{i}\mathit{j}}$. Then, the defender selects the optimal defense strategy ${\mathit{d}}_{\mathit{i}}$ (marked by the dark blue branch) according to the payoffs of the defense strategies. After the optimal defense and attack strategies are determined, the subgame perfect Nash equilibrium can be obtained.

Once the subgame perfect Nash equilibrium is obtained, it can be used to assess the power grid risk under the FDI attack with certain fund constraints.

3.3 Power grid risk assessment

According to the Nash equilibrium solved in the previous section, the probabilities of different strategies selected by the attacker and defender can be obtained. Therefore, the mixed attack and defense strategies can be expressed as

$\begin{array}{c}{\mathit{d}}^{*}=\left\{\left({\mathit{d}}_{\mathit{i}},{\mathit{p}}_{\mathit{d}}^{\mathit{i}}\right)\right\},{\mathit{a}}^{*}=\left\{\left({\mathit{a}}_{\mathit{i}\mathit{j}},{\mathit{p}}_{\mathit{a}}^{\mathit{j}}\bullet {\mathit{p}}_{\mathit{d}}^{\mathit{i}}\right)\right\},{\mathit{d}}_{\mathit{i}}={\left({\mathit{S}}_{\mathit{C}\mathit{y}\mathit{d}},{\mathit{S}}_{\mathit{P}\mathit{h}\mathit{d}}\right)}^{\mathit{i}},{\mathit{a}}_{\mathit{i}\mathit{j}}={\left({\mathit{S}}_{\mathit{C}\mathit{y}\mathit{a}},{\mathit{S}}_{\mathit{P}\mathit{h}\mathit{a}}\right)}^{\mathit{i}\mathit{j}}\end{array}(36)$

Based on the aforementioned probabilities and strategies, the expectations of fund deployment with a certain amount of fund constraints ${\mathit{F}}_{\mathit{m}}=\left({\mathit{F}}_{\mathit{C}\mathit{y}\mathit{d}},{\mathit{F}}_{\mathit{P}\mathit{h}\mathit{d}},{\mathit{F}}_{\mathit{C}\mathit{y}\mathit{a}},{\mathit{F}}_{\mathit{P}\mathit{h}\mathit{a}}\right)$ can be calculated as

$\begin{array}{c}\left\{\begin{array}{c}{\mathit{E}}_{\mathit{C}\mathit{y}\mathit{d}}\left({\mathit{d}}^{*}\right)=\sum {{\mathit{p}}_{\mathit{d}}^{\mathit{i}}\bullet \mathit{S}}_{\mathit{C}\mathit{y}\mathit{d}}^{\mathit{i}}\\ {\mathit{E}}_{\mathit{P}\mathit{h}\mathit{d}}\left({\mathit{d}}^{*}\right)=\sum {{\mathit{p}}_{\mathit{d}}^{\mathit{i}}\bullet \mathit{S}}_{\mathit{P}\mathit{h}\mathit{d}}^{\mathit{i}}\\ {\mathit{E}}_{\mathit{C}\mathit{y}\mathit{a}}\left({\mathit{a}}^{*}\right)=\sum {{\mathit{p}}_{\mathit{d}}^{\mathit{i}}\bullet {\mathit{p}}_{\mathit{a}}^{\mathit{j}}\bullet \mathit{S}}_{\mathit{C}\mathit{y}\mathit{a}}^{\mathit{j}}\\ {\mathit{E}}_{\mathit{P}\mathit{h}\mathit{a}}\left({\mathit{a}}^{*}\right)=\sum {{\mathit{p}}_{\mathit{d}}^{\mathit{i}}\bullet {\mathit{p}}_{\mathit{a}}^{\mathit{j}}\bullet \mathit{S}}_{\mathit{P}\mathit{h}\mathit{d}}^{\mathit{j}}\end{array}\right.\end{array}(37)$

Obviously, once the amount of funds changes, the expectation of fund deployment will also change. Therefore, the subgame perfect Nash equilibrium for various funds ${\mathit{F}}_{\mathit{m}}$ should be solved to obtain the deployment of funds under different fund constraints. Finally, the overall expectations of fund deployment on the cyber side and the physical side, that is the power grid risk under the coordinated physical-cyber attacks, can be calculated as

$\begin{array}{c}\left\{\begin{array}{l}{\mathit{R}\mathit{i}\mathit{s}\mathit{k}}_{\mathit{C}\mathit{y}}=\frac{\mathbf{1}}{\mathit{N}}{\displaystyle \sum }_{\mathit{m}=\mathbf{1}}^{\mathit{N}}\left({\mathit{E}}_{\mathit{C}\mathit{y}\mathit{d}}\left({\mathit{d}}^{*}\right)+{\mathit{E}}_{\mathit{C}\mathit{y}\mathit{a}}\left({\mathit{a}}^{\ast }\right)\right)|{\mathit{F}}_{\mathit{m}}\\ {\mathit{R}\mathit{i}\mathit{s}\mathit{k}}_{\mathit{P}\mathit{h}}=\frac{\mathbf{1}}{\mathit{N}}{\displaystyle \sum }_{\mathit{m}=\mathbf{1}}^{\mathit{N}}\left({\mathit{E}}_{\mathit{P}\mathit{h}\mathit{d}}\left({\mathit{d}}^{*}\right)+{\mathit{E}}_{\mathit{P}\mathit{h}\mathit{a}}\left({\mathit{a}}^{\ast }\right)\right)|{\mathit{F}}_{\mathit{m}}\end{array}\right.\end{array}(38)$

Figure 5 illustrates the whole flow chart of the solutions for the upper-level and lower-level programming problems.

FIGURE 5

FIGURE 5. Flow chart of the converted bi-level programing model solution.

4 Case study

In this paper, the case studies are performed on a modified IEEE 14-node AC/DC hybrid transmission test system as shown in Figure 6 to verify the validity and effectiveness of the proposed model and algorithm. In the original IEEE 14-node system, the original AC transmission line between node 1 and node 5 is replaced by a ±500 kV HVDC transmission line to form an AC/DC hybrid transmission test system (Lotfjou et al., 2009). The corresponding system data including the parameters of the DC transmission line can be found in supplementary material. All simulations are performed under the Matlab™ environment, and the hardware configuration is as follows: CPU: Intel i7-10875H 8-Core, GPU: RTX 2060, RAM: 16 GB (8 GB × 2 GB) DDR4 3,200 MHz.

FIGURE 6

FIGURE 6. The modified IEEE14-node AC/DC hybrid transmission test system.

In this paper, the integer value of 1.25 times the rated apparent power of each line is taken as the upper bound of the capacity of the line. Meanwhile, ${\mathit{n}\mathit{A}\mathit{T}\mathit{K}}_{\mathit{max}}$ is limited to 7, and the maximum change percentage of data tampering under FDI attack is set to $\mathit{\tau }=0.5$. In the following sections, the load shedding analysis, DC line impact analysis, and system security risk analysis are elaborately conducted under the coordinated physical-cyber attacks.

4.1 Load shedding analysis under false data injection attack

According to the derivation of the potential attack selections discussed in Section 3.1, a total of 772 potential attack selections can be found under the given FDI attack constraints. However, after calculating the corresponding consequences, 770 potential attack selections will only cause the changes in power flow, and the remaining two potential attack selections will lead to the load shedding. Therefore, these two attack selections are specifically utilized for load shedding analysis under FDI attack. As shown in Figure 6, there are two attack selections, namely Attack Selection I and Attack Selection II, in which the Attack Selection I contains five target substations: 6, 9, 12, 13, and 14, and the Attack Selection II contains seven target substations: 6, 9, 10, 11, 12, 13, and 14. By solving the lower programming problem described in Section 3.1, the optimal attack vector set $\mathit{A}\mathit{T}\mathit{K}$ and the optimal load shedding vector set $\mathit{DEF}$ corresponding to the two attack selections mentioned above are shown in Table 3 and Table 4, respectively.

TABLE 3

TABLE 3. Optimal $\mathit{A}\mathit{T}\mathit{K}$ and $\mathit{DEF}$ corresponding to the attack selection I.

TABLE 4

TABLE 4. Optimal $\mathit{A}\mathit{T}\mathit{K}$ and $\mathit{DEF}$ corresponding to the attack selection II.

From Tables 3, 4, it can be observed that under the coordinated physical-cyber attack, the total load shedding amount occurred in the Attack Selection I is 3.9511 MW, and that in the Attack Selection II is 6.8962 MW. In addition, the largest load shedding occurs at Substation 13 in the two attack selections.

In order to further validate the effectiveness of the proposed initial particle generation technology and the stability of the IPSO algorithm, the corresponding simulation analysis is carried out based on the $\mathit{A}\mathit{S}\mathit{P}$. Figure 7 shows the comparison results of the total load shedding amount of the IPSO algorithm with $\mathit{A}\mathit{S}\mathit{P}$, the basic PSO algorithm without $\mathit{A}\mathit{S}\mathit{P}$ and the Grey Wolf Optimizer (GWO) algorithm under 50 independent trials. The population size and the number of iterations of all these algorithms are set to 30 and 20. According to the simulation results shown in Table 5, the standard deviation of the IPSO algorithm applied to the Attack Selection II is $5.8695\times 10^{-4}$, which is much lower than that of the basic PSO algorithm and the GWO algorithm, which means that the proposed IPSO algorithm with $\mathit{A}\mathit{S}\mathit{P}$ has good stability. All algorithms are accelerated by parallel computing technology with the help of the Parallel Computing Toolbox provided by MATLAB™, and the running time is shown in Table 5. Figure 8 demonstrates the corresponding convergence curves of the three algorithms mentioned above, and it can be seen that the IPSO algorithm with $\mathit{A}\mathit{S}\mathit{P}$ shows a good acceleration effect.

FIGURE 7

FIGURE 7. Comparison results of the total load shedding amount of three algorithms under 50 independent trials.

TABLE 5

TABLE 5. Simulation results of three algorithms under 50 independent trials.

FIGURE 8

FIGURE 8. Convergence curves of three algorithms.

4.2 DC transmission line impact analysis

In order to explore and exploit the impact of DC transmission line on system risk under the coordinated physical-cyber attacks, the corresponding comparative analysis is conducted between an AC transmission system and the AC/DC hybrid transmission system as shown in Figure 6 under FDI attacks. Regarding the AC transmission system, an AC transmission line consisting of three segments is introduced between node 1 and node 5, and the corresponding line parameters are given in Table 6. Table 7 shows the system load shedding results for the two test systems mentioned above under different attack selections. Moreover, the detailed results of the AC transmission system are provided in Supplementary Material.

TABLE 6

TABLE 6. Parameters of the AC transmission line (p.u.).

TABLE 7

TABLE 7. System load shedding results.

It can be seen from Table 7 that when the attacker performs Attack Selection I, the total load shedding amount for the AC transmission system is 3.2388 MW, while that for the AC/DC hybrid transmission system is 3.9511 MW; when the attacker performs Attack Selection II, the total load shedding amount for the AC transmission system is 6.2373 MW, while that for the AC/DC hybrid transmission system is 6.8962 MW. It can also be found that when there is only a DC transmission line between node 1 and node 5, the total load shedding amount of the system caused by FDI attacks increases by 21.99% and 10.56%, respectively, compared with that when there is only an AC transmission line. Table 8 shows the operating conditions of the DC transmission line before and after the FDI attacks.

TABLE 8

TABLE 8. Operating conditions of the DC transmission line before and after FDI attacks.

It can be found from Table 8 that only the ignition angle changes relatively after the attacker makes the Attack Selection II, and the other measurement data of the DC transmission line are basically not affected by the coordinated physical-cyber attacks. Since the data of DC transmission lines are considered to be untampered, the impact of the corresponding coordinated physical-cyber attack on the measurement data of the DC transmission lines is not significant. Thus, if the attacker could not directly tamper with the data of DC transmission lines, it is difficult to cause the DC blocking.

To sum up, it can be concluded that even if the DC transmission lines can be prevented from cyber attacks, the FDI attacks can still pose threat to the AC/DC hybrid transmission system, so it is necessary to conduct the security risk assessment.

4.3 System security risk analysis

Based on the risk assessment framework described in Section 2, the comprehensive system security risk is conducted in this section. In (Eq. 11), the inherent risk value $\mathit{\mu }$ of substation communication network is set to $3K, $6K, $4K, $8K, $7K, $6K, $5K, $2K, $7K, $5K, $5K, $5K, $6K, and $5K in the order of substation numbers. Considering that the deployment strength of substation security forces is usually similar, the inherent risk value $\mathit{\lambda }$ of substation security forces in (Eq. 12) is set to $100K. For the defender, $\mathit{C}\mathit{y}\mathit{d}{\mathit{L}}_{\mathbf{1}}$ is set to $10K, $\mathit{C}\mathit{y}\mathit{d}{\mathit{L}}_{\mathbf{2}}$ is set to $20K, $\mathit{P}\mathit{h}\mathit{d}{\mathit{L}}_{\mathbf{1}}$ is set to $50K, and $\mathit{P}\mathit{h}\mathit{d}{\mathit{L}}_{\mathbf{2}}$ is set to $100K. For the attacker, $\mathit{C}\mathit{y}\mathit{a}{\mathit{L}}_{\mathbf{1}}$ is set to $10K, $\mathit{C}\mathit{y}\mathit{a}{\mathit{L}}_{\mathbf{2}}$ is set to $20K, $\mathit{P}\mathit{h}\mathit{a}{\mathit{L}}_{\mathbf{1}}$ is set to $50K, and $\mathit{P}\mathit{h}\mathit{a}{\mathit{L}}_{\mathbf{2}}$ is set to $100K. According to the maximum amount of funds, the range of ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{d}}$ should be from $70K to $100K, the range of ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{d}}$ should be from $250K to $400K, the range of ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{a}}$ should be from $70K to $100K, and the range of ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{a}}$ should be from $350K to $500K.

Based on the above parameter settings, the corresponding system security risk analysis is carried out, and the following simulation cases are analyzed and discussed elaborately.

1) Case 1: The relatively low budget of defense and attack funds, that is, ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{d}}$, ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{d}}$, ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{a}}$, and ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{a}}$ take relatively low values;

2) Case 2: The relatively high budget of defense and attack funds, that is, ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{d}}$, ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{d}}$, ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{a}}$, and ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{a}}$ take relatively high values;

3) Case 3: The budget of defense and attack funds is within a certain range, that is, ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{d}}$, ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{d}}$, ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{a}}$, and ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{a}}$ take the specified range.

In case 1, ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{d}}$, ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{d}}$, ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{a}}$, and ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{a}}$ are set to $70K, $250K, $70K, and $350K, respectively. In this case, the total number of defense strategies is 104538, and the total number of attack strategies is 101. The corresponding subgame perfect Nash equilibrium pertinent to the fund allocation of the attacker and the defender is shown in Table 9.

TABLE 9

TABLE 9. Subgame perfect Nash equilibrium under specific fund constraints.

From Table 9, it can be found that the attacker will choose the attack strategies performed at Attack Selection I. The active power loss expectation of the test system under the current funding limitations is $1.5919\times 10^{-5}$ MW. From the analysis of attack and defense funds on the cyber side, the total expectations of both sides of the attack and defense deployment funds for the substation 9 are tied for the highest, all of which are $40K. Accordingly, this substation is considered to be the most risky substation on the cyber side, and more attention should be paid to its communication network vulnerabilities. Similarly, on the physical side, it is also found that the substation 9 has the highest expectation for the total amount of funds deployed by the attacker and the defender, which is $150K. This means that the risk of this substation is also the highest, so special attention should be paid to its guard force. To sum up, under these fund constraints, the substations 9 is identified as the critical substation of the test system in this case. Moreover, it can be observed that the attacker tends to deploy more funds on the substation with stronger defense on cyber side to increase the success probability of a coordinated physical-cyber attack.

In case 2, ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{d}}$, ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{d}}$, ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{a}}$, and ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{a}}$ are set to $80K, $300K, $90K, and $400K, respectively. In this case, the total number of defense strategies is 127,449, and the total number of attack strategies is 197. The corresponding subgame perfect Nash equilibrium pertinent to the fund allocation of the attacker and the defender is shown in Table 10.

TABLE 10

TABLE 10. Subgame perfect Nash equilibrium under specific fund constraints.

From Table 10, it can be found that the active power loss expectation of the test system under the current funding limitations is $1.9777\times 10^{-5}$ MW. From the analysis of attack and defense funds on the cyber side, the total expectations of both sides of the attack and defense deployment funds for substations 9, 12, and 14 are tied for the highest, all of which are $40K. Accordingly, these three substations are considered to be the most risky substations on the cyber side, and more attention should be paid to their communication network vulnerabilities. Similarly, on the physical side, it is also found that the three substations have the highest expectations for the total amount of funds deployed by the attacker and the defender, which is $150K. This means that the risks of these three substations are also the highest, so special attention should be paid to their guard forces. To sum up, under these fund constraints, substations 9, 12, and 14 are identified as the critical substations of the test system in this case. Moreover, it can be observed that the attacker tends to deploy more funds on the substation with weaker defense on physical side to increase the probability of a successful coordinated physical-cyber attack.

In case 3, ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{d}}$, ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{d}}$, ${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{a}}$, and ${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{a}}$ take the specified range as mentioned above. After obtaining all the subgame perfect Nash equilibriums of the defense and attack budget within a certain range, and according to (Eq. 38), the overall expectations of the fund deployment of the attacker and the defender can be calculated as shown in Table 11.

TABLE 11

TABLE 11. Overall expectations of the fund deployment of attacker and defender.

From Table 11, it can be seen that the overall expectation of the fund deployment on the cyber side pertinent to the substation 12 is the highest, which means that the cyber side of the substation 12 is the most critical, and it is necessary to strictly investigate the vulnerabilities in the communication network. Meanwhile, the overall expectation of the fund deployment on the physical side pertinent to the substation 12 is the highest, which means that the physical side of the substation 12 is also the most critical, and it is necessary to strictly control the personnel entering and leaving the station, as well as to check the illegal monitoring equipment regularly. To sum up, the substation 12 is identified as the critical substation in the test system.

Figure 9 illustrates the impact of changes in attack and defense funds on the risk expectations of the test system. It can be found that from the attacker’s perspective, the more funds invested in the attack, the higher the risk of the test system caused by the attack. In particular, the more funds invested on the cyber side, the more effective the attack. Similarly, from the defender’s perspective, the more funds invested in the defense, the lower the risk of the test system, and the more funds invested on the cyber side, the better the defense effect, which provides a significant reference for power grid dispatcher to deploy the optimal defense funds.

FIGURE 9

FIGURE 9. The impact of changes in attack and defense funds on the risk expectations of the test system.

5 Conclusion

This paper investigates the inherent vulnerability of AC/DC hybrid transmission system under the physical-cyber coordinated attacks, and a three-stage physical-cyber attack and defense risk assessment framework based on dynamic game theory is proposed. In the proposed framework, the corresponding deployment of defense funds in stage 1, the deployment of attack funds in stage 2 including how to quantify the success probability of the FDI attack on the substation, and the action of the defender including how to model the FDI attack strategy based on AC state estimation, are analyzed elaborately and carefully. Finally, the dynamic game risk assessment framework is converted into a bi-level programming problem, and the classic BI associated with an IPSO algorithm is applied for the solution of the problem. The simulation results performed on a modified IEEE 14-node AC/DC hybrid transmission test system demonstrate that under the coordinated physical-cyber attacks, the optimal $\mathit{A}\mathit{T}\mathit{K}$ and $\mathit{DEF}$ can be obtained, leading to different load shedding amount in different attack selections. In addition, the FDI attacks pose a greater threat to the AC/DC hybrid transmission system compared with the AC transmission system, and the inherent weakness of the AC/DC hybrid transmission system can be effectively identified through conducting the risk assessment with different budgets of defense and attack funds.

In the near future, the impact of high proportion of grid-connected clean energy on the system risk will be further investigated under the coordinated physical-cyber attacks.

Data availability statement

The datasets presented in this study can be found in online repositories. The names of the repository/repositories and accession number(s) can be found in the article/Supplementary Material.

Author contributions

XL performed the model analysis and algorithm experiment, as well as wrote the manuscript. LS contributed to the model framework and revised the manuscript.

Conflict of interest

The authors declare that the research was conducted in the absence of any commercial or financial relationships that could be construed as a potential conflict of interest.

Publisher’s note

All claims expressed in this article are solely those of the authors and do not necessarily represent those of their affiliated organizations, or those of the publisher, the editors and the reviewers. Any product that may be evaluated in this article, or claim that may be made by its manufacturer, is not guaranteed or endorsed by the publisher.

Supplementary material

The Supplementary Material for this article can be found online at: https://www.frontiersin.org/articles/10.3389/fenrg.2022.1082442/full#supplementary-material

References

Aliprantis, C. D. (1999). On the backward induction method. Econ. Lett. 64 (2), 125–131. doi:10.1016/S0165-1765(99)00068-3

CrossRef Full Text | Google Scholar

Amir, G., Mohammad, M., Anurag, K. S., and Ali, M. S. (2019). “Cyber-physical vulnerability and security analysis of power grid with HVDC line (S. 1-6),” in 2019 North American Power Symposium (NAPS). doi:10.1109/NAPS46351.2019.9000209

CrossRef Full Text | Google Scholar

Che, L., Liu, X., and Li, Z. (2018). Mitigating false data attacks induced overloads using a corrective dispatch scheme. IEEE Trans. Smart Grid 10 (3), 3081–3091. doi:10.1109/TSG.2018.2817515

CrossRef Full Text | Google Scholar

Chung, H. M., Li, W. T., Yuen, C., Chung, W. H., Zhang, Y., and Wen, C. K. (2018). Local cyber-physical attack for masking line outage and topology attack in smart grid. IEEE Trans. Smart Grid 10 (4), 4577–4588. doi:10.1109/TSG.2018.2865316

CrossRef Full Text | Google Scholar

Dai, Q., and Shi, L. (2020). “A game-theoretic analysis of cyber attack-mitigation in centralized feeder automation system,” in 2020 IEEE Power Energy Society General Meeting (PESGM). doi:10.1109/PESGM41954.2020.9281583

CrossRef Full Text | Google Scholar

Gao, B., and Shi, L. (2020). Modeling an attack-mitigation dynamic game-theoretic scheme for security vulnerability analysis in a cyber-physical power system. IEEE Access 8, 30322–30331. doi:10.1109/ACCESS.2020.2973030

CrossRef Full Text | Google Scholar

Gao, B., Shi, L., and Ni, Y. (2019). “A dynamic defense-attack game scheme with incomplete information for vulnerability analysis in a cyber-physical power infrastructure,” in 8th Renewable Power Generation Conference. doi:10.1049/cp.2019.0285

CrossRef Full Text | Google Scholar

Hasan, S., Dubey, A., Karsai, G., and Koutsoukos, X. (2020). A game-theoretic approach for power systems defense against dynamic cyber-attacks. Int. J. Electr. Power & Energy Syst. 115, 105432. doi:10.1016/j.ijepes.2019.105432

CrossRef Full Text | Google Scholar

Khanna, K., Panigrahi, B. K., and Joshi, A. (2017). Bi-level modelling of false data injection attacks on security constrained optimal power flow. IET Generation, Transm. Distribution 11 (14), 3586–3593. doi:10.1049/iet-gtd.2017.0226

CrossRef Full Text | Google Scholar

Kundur, P. S., and Malik, O. P. (2022). Power system stability and control. McGraw-Hill Education. https://www.accessengineeringlibrary.com/content/book/9781260473544.

Google Scholar

Lakshminarayana, S., Belmega, E. V., and Poor, H. V. (2021). Moving-target defense against cyber-physical attacks in power grids via game theory. IEEE Trans. Smart Grid 12 (6), 5244–5257. doi:10.1109/TSG.2021.3095083

CrossRef Full Text | Google Scholar

Liang, G., Weller, S. R., Zhao, J., Luo, F., and Dong, Z. Y. (2016). The 2015 Ukraine blackout: Implications for false data injection attacks. IEEE Trans. Power Syst. 32 (4), 3317–3318. doi:10.1109/TPWRS.2016.2631891

CrossRef Full Text | Google Scholar

Liu, X., and Li, Z. (2016). False data attacks against AC state estimation with incomplete network information. IEEE Trans. Smart Grid 8 (5), 2239–2248. doi:10.1109/TSG.2016.2521178

CrossRef Full Text | Google Scholar

Liu, Z., and Wang, L. (2021). FlipIt game model-based defense strategy against cyberattacks on SCADA systems considering insider assistance. IEEE Trans. Inf. Forensics Secur. 16, 14. doi:10.1109/TIFS.2021.3065504

CrossRef Full Text | Google Scholar

Lotfjou, A., Shahidehpour, M., Fu, Y., and Li, Z. (2009). Security-constrained unit commitment with AC/DC transmission systems. IEEE Trans. Power Syst. 25 (1), 531–542. doi:10.1109/TPWRS.2009.2036486

CrossRef Full Text | Google Scholar

National institute of standards and technology (2022). Nvd - vulnerabilities. https://nvd.nist.gov/vuln (Accessed October 1, 2022).

Google Scholar

Nickabadi, A., Ebadzadeh, M. M., and Safabakhsh, R. (2011). A novel particle swarm optimization algorithm with adaptive inertia weight. Appl. Soft Comput. 11 (4), 3658–3670. doi:10.1016/j.asoc.2011.01.037

CrossRef Full Text | Google Scholar

Qiu, W., Sun, K., Yao, W., Wang, W., Tang, Q., and Liu, Y. (2021). Hybrid data-driven based HVdc ancillary control for multiple frequency data attacks. IEEE Trans. Industrial Inf. 17 (12), 8035–8045. doi:10.1109/TII.2021.3063270

CrossRef Full Text | Google Scholar

Rahman, M. A., and Mohsenian-Rad, H. (2013). “False data injection attacks against nonlinear state estimation in smart power grids,” in 2013 IEEE Power & Energy Society General Meeting. doi:10.1109/PESMG.2013.6672638

CrossRef Full Text | Google Scholar

Ranjbar, M. H., Kheradmandi, M., and Pirayesh, A. (2019). Assigning operating reserves in power systems under imminent intelligent attack threat. IEEE Trans. Power Syst. 34 (4), 2768–2777. doi:10.1109/TPWRS.2019.2897595

CrossRef Full Text | Google Scholar

Sanjab, A., and Saad, W. (2016). Data injection attacks on smart grids with multiple adversaries: A game-theoretic perspective. IEEE Trans. Smart Grid 7 (4), 2038–2049. doi:10.1109/TSG.2016.2550218

CrossRef Full Text | Google Scholar

Shan, X. G., and Zhuang, J. (2020). A game-theoretic approach to modeling attacks and defenses of smart grids at three levels. Reliab. Eng. Syst. Saf. 195, 106683. doi:10.1016/j.ress.2019.106683

CrossRef Full Text | Google Scholar

Shao, C. W., and Li, Y. F. (2021). Optimal defense resources allocation for power system based on bounded rationality game theory analysis. IEEE Trans. Power Syst. 36 (5), 4223–4234. doi:10.1109/TPWRS.2021.3060009

CrossRef Full Text | Google Scholar

Tian, M., Dong, Z., and Wang, X. (2021). Analysis of false data injection attacks in power systems: A dynamic bayesian game-theoretic approach. ISA Trans. 115, 108–123. doi:10.1016/j.isatra.2021.01.011

PubMed Abstract | CrossRef Full Text | Google Scholar

Wächter, A., and Biegler, L. T. (2006). On the implementation of an interior-point filter line-search algorithm for large-scale nonlinear programming. Math. Program. 106 (1), 25–57. doi:10.1007/s10107-004-0559-y

CrossRef Full Text | Google Scholar

Wang, K., Du, M., Maharjan, S., and Sun, Y. (2017). Strategic honeypot game model for distributed denial of service attacks in the smart grid. IEEE Trans. Smart Grid 8 (5), 2474–2482. doi:10.1109/TSG.2017.2670144

CrossRef Full Text | Google Scholar

Wang, Q., Tai, W., Tang, Y., Ni, M., and You, S. (2019). A two-layer game theoretical attack-defense model for a false data injection attack against power systems. Int. J. Electr. Power & Energy Syst. 104, 169–177. doi:10.1016/j.ijepes.2018.07.007

CrossRef Full Text | Google Scholar

Wei, L., Sarwat, A. I., and Saad, W. (2016). Stochastic games for power grid protection against coordinated cyber-physical attacks. IEEE Trans. Smart Grid 9 (2), 684–694. doi:10.1109/TSG.2016.2561266

CrossRef Full Text | Google Scholar

Xiang, Y., Wang, L., and Zhang, Y. (2018). Adequacy evaluation of electric power grids considering substation cyber vulnerabilities. Int. J. Electr. Power & Energy Syst. 96, 368–379. doi:10.1016/j.ijepes.2017.10.004

CrossRef Full Text | Google Scholar

Xu, L., Guo, Q., Sheng, Y., Muyeen, S. M., and Sun, H. (2021). On the resilience of modern power systems: A comprehensive review from the cyber-physical perspective. Renew. Sustain. Energy Rev. 152, 111642. doi:10.1016/j.rser.2021.111642

CrossRef Full Text | Google Scholar

Yuan, Y., Li, Z., and Ren, K. (2011). Modeling load redistribution attacks in power systems. IEEE Trans. Smart Grid 2 (2), 382–390. doi:10.1109/TSG.2011.2123925

CrossRef Full Text | Google Scholar

Zhang, Z., Huang, S., Chen, Y., Li, B., and Mei, S. (2021). Cyber-physical coordinated risk mitigation in smart grids based on attack-defense game. IEEE Trans. Power Syst. 37 (1), 530–542. doi:10.1109/TPWRS.2021.3091616

CrossRef Full Text | Google Scholar

Nomenclature

$\mathit{d},\mathit{a},\mathit{l}$ Defense strategy, attack strategy, and system dispatching strategy

$\mathit{S}\mathit{D}$ Set of defense strategies in Stage 1

$\mathit{S}\mathit{A}\left(\mathit{d}\right)$ Set of attack strategies in Stage 2, which is impacted by defense strategy $\mathit{d}$

$\mathit{S}\mathit{L}\left(\mathit{d},\mathit{a}\right)$ Set of defender’s actions in Stage 3, which is dependent on the strategy of both defender and attacker

$\mathit{V}\left(\mathit{d},\mathit{a}\right)$ Vulnerability of the substation under coordinated physical-cyber attacks

$\mathit{C}\left(\mathit{l}\right)$ Consequences caused by coordinated physical-cyber attacks

${\mathit{S}}_{\mathit{C}\mathit{y}\mathit{d}}$ Allocation of funds for cyber defense security

$\mathit{C}\mathit{y}{\mathit{d}}_{\mathit{i}}$ Cyber security funds requested by the $i^{th}$ substation

$\mathit{B}$ Set of all substations

${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{d}}$ Upper limit of defense funds deployed on the cyber side

$\mathit{C}\mathit{y}\mathit{d}{\mathit{L}}_{\mathbf{1}}$ Maintenance fund for communication network

$\mathit{C}\mathit{y}\mathit{d}{\mathit{L}}_{\mathbf{2}}$ Funds to upgrade the cyber equipment

${\mathit{S}}_{\mathit{P}\mathit{h}\mathit{d}}$ Allocation of funds for physical security

$\mathit{P}\mathit{h}{\mathit{d}}_{\mathit{i}}$ Physical security funds requested by the $i^{th}$ substation

${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{d}}$ Upper limit of defense funds deployed on the physical side

$\mathit{P}\mathit{h}\mathit{d}{\mathit{L}}_{\mathbf{1}}$ Funds to hire security guards

$\mathit{P}\mathit{h}\mathit{d}{\mathit{L}}_{\mathbf{2}}$ Funds to hire a professional security team for the physical security of the $i^{th}$ substation

${\mathit{S}}_{\mathit{C}\mathit{y}\mathit{a}}$ Allocation of funds for cyber attacks

$\mathit{C}\mathit{y}{\mathit{a}}_{\mathit{i}}$ Funds required to hire hackers for attacking the $i^{th}$ target substation

$\mathit{A}$ Set of all target substations

${\mathit{F}}_{\mathit{C}\mathit{y}\mathit{a}}$ Maximum amount of funds spent by the attack team to hire hackers

$\mathit{C}\mathit{y}\mathit{a}{\mathit{L}}_{\mathbf{1}}$ Hacking service fees for hiring hackers with general skill level

$\mathit{C}\mathit{y}\mathit{a}{\mathit{L}}_{\mathbf{2}}$ Hacking service fees for hiring hackers with high skill level

${\mathit{S}}_{\mathit{P}\mathit{h}\mathit{a}}$ Allocation of funds for physical monitoring

$\mathit{P}\mathit{h}{\mathit{a}}_{\mathit{i}}$ Funds required to monitor the $i^{th}$ target substation

${\mathit{F}}_{\mathit{P}\mathit{h}\mathit{a}}$ Maximum amount of funds spent by the attack team for bribery and monitoring

$\mathit{P}\mathit{h}\mathit{a}{\mathit{L}}_{\mathbf{1}}$ Funds spent on general monitoring

$\mathit{P}\mathit{h}\mathit{a}{\mathit{L}}_{\mathbf{2}}$ Funds spent on high intensity monitoring

${\mathit{p}}_{\mathit{C}\mathit{y},\mathit{i}}$ Probability of an attacker successfully attacking the $i^{th}$ substation

${\mathit{p}}_{\mathit{B}\mathit{A}\mathit{G},\mathit{i}}$ Probability that the attacker uses the intelligent device to tamper with data in the $i^{th}$ substation

${\mathit{p}}_{\mathit{c}\mathit{o}\mathit{n},\mathit{i}}$ Connectivity probability for the attacker to achieve an attack when the defender deploys cyber defense funds

${\mathit{p}}_{\mathit{P}\mathit{h},\mathit{i}}$ Probability of obtaining SSH port and password by non-network intrusion

$\mathit{p}\left(\mathbf{S}\mathbf{S}\mathbf{H}\right)$ Probability of an attacker getting the right SSH port number

$\mathit{p}\left(\mathbf{Log}\right)$ Success probability of an attacker cracking the password

$\mathit{p}\left(\mathbf{D}\mathbf{B}\right)$ Probability of an attacker obtaining the right to falsify the data

$\mathit{\mu }$ Inherent risk of substation communication network

$\mathit{\lambda }$ Inherent risk of substation security forces

${\mathit{d}}^{\prime }$ Determined defense strategies in the Stage 1

${\mathit{a}}^{\prime }$ Determined attack strategies in the Stage 2

$\mathit{A}\mathit{T}\mathit{K}$ Set of attack vectors

$\mathit{DEF}$ Set of load shedding vectors

$\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{L}}$ Amount of load shedding

$\mathit{\Delta }{\mathit{P}}_{\mathit{d}\mathit{A}}$ Active power attack vector

$\mathit{\Delta }{\mathit{Q}}_{\mathit{d}\mathit{A}}$ Reactive power attack vector

$\mathit{\Delta }{\mathit{V}}_{\mathit{m}\mathit{A}}$ Voltage magnitude attack vector

$\mathit{\Delta }{\mathit{\theta }}_{\mathit{A}}$ Voltage phase angle attack vector

${\mathit{n}\mathit{A}\mathit{T}\mathit{K}}_{\mathit{max}}$ Maximum number of attacked substations

$\mathit{\tau }$ Maximum percentage of data tampering changes

${\mathit{P}}_{\mathit{d},\mathit{i}}$ Active load of the $i^{th}$ substation before the coordinated physical-cyber attack

${\mathit{Q}}_{\mathit{d},\mathit{i}}$ Reactive load of the $i^{th}$ substation before the coordinated physical-cyber attack

${\mathit{V}}_{\mathit{m},\mathit{i}}$ Voltage magnitude of the $i^{th}$ substation before the coordinated physical-cyber attack

${\mathit{\theta }}_{\mathit{i}}$ Voltage phase angle of the $i^{th}$ substation before the coordinated physical-cyber attack

$\mathit{A}$ Set of target substations (nodes) attacked

${\mathit{A}}_{\mathit{g}}$ Set of generator nodes attacked

${\mathit{A}}_{\mathbf{0}}$ Set of zero-load nodes attacked

${\mathit{A}}_{\mathit{e}}$ Set of edge nodes attacked

${\mathit{P}}_{\mathit{g}\mathit{A}}$ Active powers of the generators connecting to target substations attacked

${\mathit{Q}}_{\mathit{g}\mathit{A}}$ Reactive powers of the generators connecting to target substations attacked

$\mathit{P}\mathit{a}\mathit{r}\mathit{t}\mathit{L}\mathit{F}$ Power flow constraints of the attacked part of the power grid

$\mathit{n}\mathit{A}$ Number of the attacked nodes

${\mathit{P}}_{\mathit{i}}$ Active powers injected at the $i^{th}$ node

${\mathit{Q}}_{\mathit{i}}$ Reactive powers injected at the $i^{th}$ node

${\mathit{g}}_{\mathit{i}\mathit{j}}$ Conductance between the $i^{th}$ node and the $j^{th}$ node

${\mathit{b}}_{\mathit{i}\mathit{j}}$ Susceptance between the $i^{th}$ node and the $j^{th}$ node

${\mathit{P}}_{\mathit{g},\mathit{i}}$ Total active power output of the generators connecting to the $i^{th}$ substation

${\mathit{Q}}_{\mathit{g},\mathit{i}}$ Total reactive power output of the generators connecting to the $i^{th}$ substation

${\mathit{P}}_{\mathit{l}\mathit{e}\mathit{q}}$, ${\mathit{Q}}_{\mathit{l}\mathit{e}\mathit{q}}$ Two equivalent injected power vectors, namely the power flow on the line connected to the attacked node and the non-attacked node

${\mathit{V}}_{\mathit{m}\mathbf{min},\mathit{i}}$ Lower bound of the voltage magnitude of the $i^{th}$ substation

${\mathit{V}}_{\mathit{m}\mathbf{max},\mathit{i}}$ Upper bound of the voltage magnitude of the $i^{th}$ substation

${\mathit{\theta }}_{\mathbf{min},\mathit{i}}$ Lower bound of the voltage phase angle of the $i^{th}$ substation

${\mathit{\theta }}_{\mathbf{max},\mathit{i}}$ Upper bound of the voltage phase angle of the $i^{th}$ substation

${\mathit{S}}_{\mathit{l},\mathit{i}\mathit{j}}$ Apparent power of the line connecting to the $i^{th}$ substation and the $j^{th}$ substation

${\mathit{S}}_{\mathit{l}\mathbf{max},\mathit{i}\mathit{j}}$ Upper bound of the apparent power of the line connecting to the $i^{th}$ substation and the $j^{th}$ substation

${\mathit{P}}_{\mathit{g}\mathit{min},\mathit{i}}$ Lower bound of the total active power output of the generators connecting to the $i^{th}$ substation

${\mathit{P}}_{\mathit{g}\mathit{max},\mathit{i}}$ Upper bound of the total active power output of the generators connecting to the $i^{th}$ substation

${\mathit{Q}}_{\mathit{g}\mathit{min},\mathit{i}}$ Lower bound of the total reactive power output of the generators connecting to the $i^{th}$ substation

${\mathit{Q}}_{\mathit{g}\mathit{max},\mathit{i}}$ Upper bound of the total reactive power output of the generators connecting to the $i^{th}$ substation

$\mathit{L}\mathit{F}$ AC/DC power flow constraints

$\mathit{n}\mathit{B}$ Number of the substations in the AC/DC hybrid transmission power system

${\mathit{U}}_{\mathit{d}}^{\prime }$ DC voltages of the rectifier

${\mathit{U}}_{\mathit{d}}^{\prime \prime }$ DC voltages of the inverter

${\mathit{n}}^{\prime },{\mathit{n}}^{\prime \prime }$ Equivalent tap ratios

${\mathit{X}}_{\mathit{C}}^{\prime },{\mathit{X}}_{\mathit{C}}^{\prime \prime }$ Equivalent reactance

$\mathit{\alpha }$ Ignition angle

$\mathit{\gamma }$ Extinction angle

${\mathit{R}}_{\mathit{d}}$ Equivalent resistance of the DC line

${\mathit{I}}_{\mathit{d}}$ Current on the DC line

${\mathit{P}}_{\mathit{d}}^{\prime }$ Active power from the rectifier to the inverter

${\mathit{P}}_{\mathit{d}}^{\prime \prime }$ Active power from the power grid to the inverter

${\mathit{Q}}_{\mathit{d}}^{\prime }$ Reactive power consumed by the rectifier

${\mathit{Q}}_{\mathit{d}}^{\prime \prime }$ Reactive power consumed by the inverter

${\mathit{U}}^{\prime }\angle {\mathit{\theta }}_{\mathit{U}}^{\prime }$ AC phase-to-phase voltage of the rectifier

${\mathit{U}}^{\prime \prime }\angle {\mathit{\theta }}_{\mathit{U}}^{\prime }$ AC phase-to-phase voltage of the inverter

${\mathit{I}}^{\prime }\angle {\mathit{\theta }}_{\mathit{I}}^{\prime }$ AC current of the rectifier

${\mathit{I}}^{\prime \prime }\angle {\mathit{\theta }}_{\mathit{I}}^{\prime \prime }$ AC current of the inverter

${\mathit{N}}_{\mathit{x}}$ Number of unknowns

${\mathit{N}}_{\mathit{e}\mathit{q}}$ Number of equations

$\mathit{N}\left(•\right)$ Number of elements in the set $•$

$\mathit{o}$ Number of the potential attack selections

$\mathit{A}\mathit{P}$ Potential attack selection set

$\mathit{m}$ Value of ${\mathit{N}}_{\mathit{x}}-{\mathit{N}}_{\mathit{e}\mathit{q}}$

${\mathit{X}}_{\mathit{i}}$ Position of the $i^{th}$ particle

$\mathit{A}\mathit{V}\mathit{V}$ Auxiliary attack vector

$\mathit{A}\mathit{S}\mathit{P}$ Auxiliary search particle

$\mathit{M}$ Number of iterations

$\mathit{N}$ Population size

${\mathit{d}}_{\mathit{i}}$ The $i^{th}$ defense strategy based on (5)

${\mathit{a}}_{\mathit{i}\mathit{j}}$ The $j^{th}$ attack strategy based on (8) which is impacted by ${\mathit{d}}_{\mathit{i}}$ in Stage 1

${\mathit{P}\mathit{A}\mathit{Y}\mathit{O}\mathit{F}\mathit{F}}_{\mathit{i}\mathit{j}}$ Value of the payoff when the defender selects the $i^{th}$ defense strategy in Stage 1 and the attacker selects the $j^{th}$ attack strategy in Stage 2

$\mathit{S}\mathit{A}\left({\mathit{d}}_{\mathit{i}}\right)$ Set of attack fund deployment strategies affected by the defense fund deployment strategy ${\mathit{d}}_{\mathit{i}}$

$\mathit{h}$ Number of defense strategies

$\mathit{q}$ Number of attack strategies

${\mathit{a}}^{*}\left({\mathit{d}}_{\mathit{i}}\right)$ Optimal attack strategies based on the defense strategies decided in Stage 1

$\left({\mathit{d}}^{*},{\mathit{a}}^{*}\right)$ Subgame perfect Nash equilibrium

${\mathit{p}}_{\mathit{d}}^{\mathit{i}}$ Probability of using defense strategy ${\mathit{d}}_{\mathit{i}}$

${\mathit{p}}_{\mathit{a}}^{\mathit{j}}$ Probability of using attack strategy ${\mathit{a}}_{\mathit{i}\mathit{j}}$ when the defender decides to use the defense strategy ${\mathit{d}}_{\mathit{i}}$ in the Stage 1

${\mathit{F}}_{\mathit{m}}$ Fund constraints

${\mathit{E}}_{\mathit{C}\mathit{y}\mathit{d}}\left({\mathit{d}}^{*}\right)$ Expectation of the defense funds on the cyber side

${\mathit{E}}_{\mathit{P}\mathit{h}\mathit{d}}\left({\mathit{d}}^{*}\right)$ Expectation of the defense funds on the physical side

${\mathit{E}}_{\mathit{C}\mathit{y}\mathit{a}}\left({\mathit{a}}^{*}\right)$ Expectation of the attack funds on the cyber side

${\mathit{E}}_{\mathit{P}\mathit{h}\mathit{a}}\left({\mathit{a}}^{*}\right)$ Expectation of the attack funds on the physical side

${\mathit{R}\mathit{i}\mathit{s}\mathit{k}}_{\mathit{C}\mathit{y}}$ Expectation of funds invested by the attacker and defender on the cyber side

${\mathit{R}\mathit{i}\mathit{s}\mathit{k}}_{\mathit{P}\mathit{h}}$ Expectation of funds invested by the attacker and defender on the physical side