The CYPRESS project develops methods and tools for assessing and managing cyber-physical risks in transmission systems. Work Package 2 focuses on Cyber-physical risk assessment of transmission systems, and within it, Task 2.3 develops a methodology that consistently addresses cyber-security, reliability, and resilience for both operation planning and real-time operation.
Deliverable D2.3 builds on the modeling foundations described in D2.1 and the co-simulation platform introduced in D2.2. It extends them with risk assessment methods that explicitly connect cyber threats, human decisions, and physical system dynamics.
The report is structured in two main parts. The first part reviews the state of the art in reliability, resilience, vulnerability, and impact assessment of cyber-physical power systems. This review highlights that while many approaches exist, they are often developed in isolation and do not capture cross-domain effects. Several recurring issues emerge: corrective actions and operator behavior are simplified or absent, uncertainty is propagated inconsistently, and high-fidelity models face scalability challenges. Data scarcity and the lack of common benchmarks further limit validation and comparability. These gaps underscore the need for integrated frameworks that bring cyber-security into the same methodological space as power system reliability and resilience.
The second part of the report presents the methodological contributions of Task 2.3. Five complementary frameworks are introduced: (i) a dynamic probabilistic security assessment (DPSA) for cascading risk, (ii) a cyber consequence engine that quantifies vulnerability and detectability of attacks, (iii) a systematic threat modeling framework based on CVE–CWE mappings, (iv) a human reliability layer that adapts the SPAR-H method to conditions of time pressure and cyber ambiguity, and (v) an anomaly detection framework for early-stage IT–OT traffic analysis. These elements are brought together in an illustrative Cyber-informed HRA–OPF framework, which demonstrates how cyber, human, and physical risks can be assessed within a single probabilistic process.
The last part, (“Insights & Perspectives”) distills what we learned from the review and the five approaches and maps it to a practical path to adoption. It translates the work into clear priorities for operations and planning, showing that risk concentrates in a critical few contingencies and attack paths, that outcomes are coupled across the cyber–human–physical layers, and that time and detectability shape the extreme events that matter most.
Overall, D2.3 delivers a coherent blueprint for assessing cyber-physical risks in transmission systems. It moves beyond siloed approaches by combining cybersecurity, human reliability, and system dynamics into a unified methodology, thereby preparing the ground for the recommendations that will be produced in Task 2.4.
