Abstract

Reports about cyber attacks on the Ukraine power grid revealed that one or more malwares were deliberately developed to attack industrial facilities, with power systems as one of the major targets. Once the cyber attackers have access to the power grid control system, an attack could possibly trigger cascading outages and thereby cause a large-scale load loss. Such cybersecurity threats have been considered and studied by the North American Electric Reliability Corporation (NERC) since at least 2012. Thus, the purpose of this paper is to develop a tool, of potential use to government entities, to assess the effects of specific types of cyber attacks that are modeled in the Ukraine attacks. Our previous work has proposed a sequential outage checker based cascading outage analysis (COA) model. In this paper, we apply our COA model to a model of a North American regional interconnection system and perform case studies to simulate analogous system interdictions assuming the cyber attackers gained full control of the system. During the cyber attacks in Ukraine in 2015, attackers opened all breakers using Supervisory Control and Data Acquisition (SCADA) systems in three distribution companies that they previously compromised. This is the most intuitive way for cyber attackers to create power outages once they have access to SCADA. To help assess the effects of such attacks, we further develop the COA model and study the impacts of opening different types of devices of each transmission and distribution company (owner) in the studied North American regional interconnection system.