Risk of Cyber-Physical Attack via Load With Emulated Inertia Control

The intrinsic electromechanical coupling of power and frequency across a power system creates the possibility of indirect cyber-physical attacks, where the attack's impact occurs at locations far removed from the intrusion point. The work here explores this vulnerability, demonstrating mechanisms by which an attacker could cause system-wide unstable oscillations and trips of generators, by an attack altering only local control characteristics of customer loads. This extends previous work on malicious control in generator governor control loops in three ways. First, the fidelity and size of the study system is improved, with each generator represented via detailed models in a non-linear dynamic simulation. Second, we study an increasingly plausible attack, in which loads (prior to attack) are enlisted to enhance system stability through the exercise of emulated inertia control. Finally, the work demonstrates methodologies which an attacker might employ to choose the generator(s) targeted to experience large oscillations (and tripping through protective relay action) and the locations, where compromised control systems would have greatest impact. Nonlinear simulation results indicate that malicious control destabilizes the power system, with targeted generators experiencing large magnitude oscillations, and probable tripping of rate of change of frequency protective relays. These results are demonstrated as robust over variations in parameters, topology, and loading.