EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Dynamic cross-layer security risk assessment and mitigation for cyber-physical power systems

Pengchao Yao, Qiang Yang and Wenhai Wang

Reliability Engineering and System Safety, 2025, vol. 261, issue C

Abstract: Cyber-attacks targeting cyber-physical power systems (CPPSs) are increasingly recognized as complex and persistent cyber-to-physical (C2P) security threats, which introduce substantial cross-layer risks to critical power infrastructures. However, existing security frameworks fail to provide a comprehensive approach for risk assessment and mitigation against these ongoing and stealthy cross-layer attacks in CPPSs. This paper presents a cross-layer security risk management method that enables dynamic evaluation of cyber-physical security risks and the formulation of optimal defense strategies to reduce those risks. Specifically, an Extended Hierarchical Bayesian Attack Graph (EHBAG) is introduced to model the C2P attack risk propagation, which can infer the probability of physical-space incidents occurring based on detected attack nodes in the cyber layer. Observation nodes are incorporated into the EHBAG to represent uncertainty in the detected evidence. An attack surface generation algorithm is used to identify the most dangerous set of detected attack nodes within the EHBAG that require immediate attention. Then, a multi-objective security decision-making approach is presented to derive the optimal strategy for defending the highest-value nodes within the attack surface, aiming to reduce the cyber-physical security risks of the system. The proposed approach is implemented and evaluated using a real-world CPPS testbed and the numerical results confirmed its feasibility and effectiveness for risk assessment and mitigation.

Keywords: Cyber-physical power system (CPPS); Cyber-attack; Risk management; Decision-making; Bayesian network (search for similar items in EconPapers)
Date: 2025
References: Add references at CitEc
Citations:

Downloads: (external link)
http://www.sciencedirect.com/science/article/pii/S0951832025002285
Full text for ScienceDirect subscribers only

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:eee:reensy:v:261:y:2025:i:c:s0951832025002285

DOI: 10.1016/j.ress.2025.111027

Access Statistics for this article

Reliability Engineering and System Safety is currently edited by Carlos Guedes Soares

More articles in Reliability Engineering and System Safety from Elsevier
Bibliographic data for series maintained by Catherine Liu ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-05-20
Handle: RePEc:eee:reensy:v:261:y:2025:i:c:s0951832025002285