This deliverable presents the outcomes of Task 3.3 of the CYPRESS project, which investigates methods to enhance cyber-physical security in power system operational planning, specifically in the look-ahead (day-ahead) time horizon. The central goal of this task is to develop a mathematically grounded and operationally feasible day-ahead optimization framework that anticipates and mitigates the impact of cyber attacks targeting interconnected power systems operated by multiple Transmission System Operators (TSOs). Given the increasing digitalization of substation control systems and their exposure to cyber vulnerabilities, traditional operational planning methods must be extended to account for cybersecurity constraints, attacker-defender dynamics, maintaining the confidentiality of the operational data, and risk assessment outcomes.
To address this gap, the proposed approach integrates a bi-level attacker-defender formulation into the dayahead cybersecurity-constrained dispatch model. The upper level represents a strategic attacker that selects a subset of power system components to compromise, with the objective of maximizing disruption within a constrained attack budget. The lower level models the system operator’s corrective response by solving a redispatch problem aimed at minimizing financial costs and load losses following the attack. This structure allows for the systematic modeling of worst-case scenarios and provides operators with correction and mitigation plans that remain robust against diverse and targeted cyber threats.
One of the key contributions of this work is the adaptation of this attacker-defender model to multi-TSO environments, where coordination is needed but full data sharing is often impractical due to privacy, regulatory, or operational constraints. In this regards, three coordination mechanisms are developed and analyzed:
- Centralized coordination, where all TSOs jointly optimize the entire system with full knowledge of each other’s topology and parameters.
- Non-coordinated planning, in which each TSO independently optimizes its region without considering inter-area impacts, leading to suboptimal and potentially insecure and inefficient outcomes.
- Decentralized coordination, a novel iterative approach that allows TSOs to optimize locally while exchanging only limited and required information at each iteration, preserving data confidentiality.
To ensure realism, the attacker’s decision-making is guided by cyber risk metrics derived from prior risk assessments. These metrics include vulnerability severity, attack likelihood, and physical consequences, enabling the prioritization of power system components that are both impactful and realistically vulnerable. the underlying optimization problem is reformulated into a tractable form that can be solved efficiently. In this regard, the original bi-level attacker-defender model is transformed into a single-level Mixed-Integer Linear Programming (MILP) problem by applying duality principles and linearization techniques. This enables the use of standard commercial solvers and facilitates integration into existing operational planning tools. In parallel, 5 the decentralized coordination algorithm is designed to achieve convergence across TSOs through limited information exchange, which ensures consistency while preserving the confidentiality of internal grid data. To validate the proposed method, simulation are conducted on two widely used benchmark systems:
- Two interconnected IEEE 39-bus systems, one original and one modified.
- Two interconnected IEEE 118-bus systems, one original and one modified.
A range of attack scenarios is evaluated, incorporating variations in attack likelihood profiles, time-of-day conditions, attack budget combinations, and coordination strategies. The results demonstrate that the decentralized coordination model achieves mitigation plans that are nearly as effective as those resulting under full centralization, while significantly surpassing the non-coordinated model in terms of both cost efficiency and load preservation. Furthermore, it requires only minimal data exchange, making it particularly suitable for realworld multi-TSO environments where confidentiality and limited information sharing are important operational constraints. The structure of the report is organized as follows:
- Section 1 reviews relevant literature and introduces the background, scope, and objectives of Task 3.3.
- Section 2 presents the day-ahead risk-informed attacker-defender cybersecurity-constrained optimal power flow (CSC-OPF) model and details the centralized, non-coordinated, and decentralized coordination schemes for interconnected grids.
- Section 3 describes the solution approach, implemented mathematical optimization, linearization techniques, and resulting formulations.
- Section 4 presents and discusses the simulation results in detail, including comparative performance of coordination strategies under various attack conditions.
- Section 5 concludes the deliverable, summarizes key findings, and suggests future research directions.
In summary, this deliverable introduces a comprehensive and pragmatic methodology for embedding cyber attack considerations and anticipation into day-ahead operational planning and optimal power flow. It bridges the gap between cybersecurity risk analysis and day-ahead cybersecurity enhancement planning by combining attacker-defender modeling, coordinated re-dispatch, and privacy-preserving computation. The outcomes contribute directly to the broader goals of the CYPRESS project by providing an actionable approach to strengthen the resilience and cybersecurity of future power systems.
