A Review of Overcurrent Protection in Smart Grids Under Cyber‐Physical Threats With a Cyber‐Physical Evaluation Framework

ABSTRACT The transition toward cyber‐physical smart grids has improved operational flexibility and enabled the wide integration of distributed generation, while also introducing new cyber‐induced vulnerabilities. Increasing reliance on communication networks, particularly within protection schemes, creates additional risks of coordinated cyber‐physical attacks that may compromise relay decisions and system stability. This paper provides a focused technical assessment of these risks and introduces an evaluation framework to analyse overcurrent protection under cyber interference. The approach employs an attack‐tree structure to characterise cyber‐physical paths and their propagation to the protection layer. Communication‐side disturbances are modelled using OMNeT, while ETAP is used to represent the physical network and relay coordination environment, allowing co‐simulation of cyber events and electrical responses. By examining the interaction between the cyber and physical domains, the framework shows how specific attack configurations affect fault detection, relay timing, and coordination margins. The results highlight key system weaknesses, identify conditions that could cause misoperations, and point to areas where additional resilience measures are required. This work introduces a step‐by‐step evaluation process using the IEEE 9‐bus network under different cyberattack scenarios, including blocking relay commands, changing relay configurations, and injecting false data. The results present the effects of these attacks on the power protection system's sensitivity and selectivity.