Abstract

With sufficient resources, attackers might be able to intrude into multiple substation-level networks of the supervisory control and data acquisition (SCADA) system and send fabricated commands to the local field devices. In this paper, cyberattacks against the SCADA system in the substations of the power system are modeled by a modified semi-Markov process (SMP). The optimal allocation of offensive and defensive resources is modeled as a Colonel Blotto game, and the probabilities of successful cyberattacks on 24 substations are calculated. With the optimal allocated resources, the mean time-to-compromise (MTTCs) of cyberattacks on each substation are calculated, and the loss of load probabilities (LOLP) and expected energy not supplied (EENS) are estimated with the IEEE reliability test system 79 (RTS79). When more offensive or less defensive resources are allocated to the targets, the probabilities of breaker trips resulted by the cyber attacks are increased, less MTTCs are needed on each substation and the power system becomes less reliable.