The deep integration of cyber-physical systems in modern power grids, while enhancing operational efficiency, introduces critical vulnerabilities to stealthy deceptive attacks. By exploiting system knowledge, attackers can manipulate sensor measurements to bypass traditional chi-square detection mechanisms, leading to incorrect state estimation and potentially severe physical consequences.While existing research has made progress in either attack detection or mitigation, a significant gap remains in developing integrated frameworks that seamlessly combine real-time, adaptive attack prediction with theoretically-grounded active mitigation. To address this challenge, this paper proposes a novel prediction-based attack detection and mitigation scheme where the term prediction-based specifically refers to the capability of forecasting the evolution of the attack vector itself before it fully impacts system dynamics.The core of our methodology establishes a power state model incorporating physical dynamics and attack vectors, followed by a two-stage framework: first, an adaptive Kalman filter is designed to predict the attack vector in real-time by dynamically estimating its magnitude and dynamics; second, based on these prediction results, a robust attack-mitigation controller with gains synthesized via Linear Matrix Inequalities (LMIs) is triggered to proactively eliminate the attack’s impact. This constitutes our main contribution: a tightly integrated prediction-mitigation framework is established, which initiates forecasting upon detection of the earliest statistical anomalies induced by an attack and proactively neutralizes its impending impact. This approach reduces response latency within the attack window by transitioning from conventional consequence-based detection to early anomaly-triggered prediction, thereby enabling mitigation ahead of the attack’s peak physical disruption. Theoretical proofs based on LMIs ensure the convergence and stability of the overall system. Extensive simulations on IEEE 6-bus, 30-bus, and 118-bus systems demonstrate the framework’s superiority, showing faster recovery times and lower overshoot compared to recent state-of-the-art methods, thus validating its effectiveness in enhancing cyber-physical power system security through proactive defense.
Zhai et al. (Thu,) studied this question.