Abstract

While wide-area communication networks facilitate the exchange of measurements and control signals for wide-area damping controllers, they bring in new threats of cyberattacks. This article formulates the dynamic interaction between an intelligent spoof attacker and the wide-area damping control (WADC) center as a zero-sum two-player Markov game. In this Markov game, the attacker intelligently spoofs the communication links sending wide-area control signals to selected generators while the WADC selectively encrypts transmitted control signals with limited cyberresources. The successful spoof of specific communication links leads to the degradation of the WADC performance and even to system instability indicated by the real part of the targeted interarea oscillation mode. The potential performance degradation in the physical layer is uniquely included in the cost function of this game while the other two parts of the cost function are the cybersecurity investments of both the attacker and the WADC (defender). The minimax Q-learning approach is used to obtain the optimal defense and attack strategies. Simulation results show that the strategies for the attacker and the WADC converge within 3000 iterations by using the minimax Q-learning approach. The proposed Markov game provides a cyberphysical framework to make the optimal defense strategy for the WADC.