Smart Grid Cyber-Physical Situational Awareness of Complex Operational Technology Attacks: A Review

The smart grid (SG), regarded as the complex cyber-physical ecosystem of infrastructures, orchestrates advanced communication, computation, and control technologies to interact with the physical environment. Due to the high rewards that threats to the grid can realize, adversaries can mount complex cyber-attacks such as advanced persistent threats-based and coordinated attacks to cause operational malfunctions and power outages in the worst scenarios: The latter of which was reflected in the Ukrainian power grid attack. Despite widespread research on smart grid security, the impact of targeted attacks on control and power systems is anecdotal. This article reviews the smart grid security from collaborative factors, emphasizing the situational awareness (SA). Specifically, we propose a threat modeling framework and review the nature of cyber-physical attacks to understand their characteristics and impacts on the smart grid’s control and physical systems. We examine the existing threats detection and defense capabilities, such as intrusion detection systems (IDSs), moving target defense (MTD), and co-simulation techniques, along with discussing the impact of attacks through situational awareness and power system metrics. We discuss the human factor aspects for power system operators in analyzing the impacts of cyber-attacks. Finally, we investigate the research challenges with key research gaps to shed light on future research directions.