Summary
Automatic generation control (AGC) stabilizes frequency and scheduled power exchanges among interconnected areas, yet its reliance on communication networks introduces cybervulnerabilities. This work examines coordinated AGC cyber-attacks in the presence of remedial action schemes (RAS) and identifies operating conditions under which an attacker can drive grid frequency beyond safe limits while evading RAS. A feedback-based attack policy is used to manipulate AGC signals and steer system frequency toward unsafe trajectories. Then, a large nested-loop parametric sweep—spanning attacked-area inertia relative to its interconnected neighboring area, AGC capacity versus maximum tie-line transfer, AGC update rate, load damping, and bi-directional power transfers—generates over 1.45 million scenarios. These are classified using a decision tree to establish guidelines to distinguish successful from unsuccessful attacks based on frequency deviations. The resulting vulnerability guidelines are validated on a three-area system using phasor-domain simulations with IEEE 9-bus area models, detailed turbine–governor dynamics, and under/over-frequency load and generation shedding. Results show that specific combinations of AGC capacity, inertia distribution, and pre-attack tie-line loading increase the likelihood of successful attacks, offering operators actionable criteria for identifying vulnerable operating conditions.
Additional informations
| Publication type | Session Materials |
|---|---|
| Reference | D2_10223_2026 |
| Publication year | |
| Publisher | CIGRE |
| Country | United States of America |
| Study committees | |
| File size | 1 MB |
| Price for non member | 30 € |
| Price for member | 30 € |
Authors
AJABNOOR Abdulmannan - Georgia Institute of Technology, United States of America; ZHANG Zhi Jin - The University of British Columbia, Canada; SAEEDIFARD Maryam - Georgia Institute of Technology, United States of America; GROSS Dominic - University of Wisconsin-Madison, United States of America