Abstract The transition from traditional to cyber-physical structures has increased the interconnectivity between cyber and physical elements of modern power systems, making them more susceptible to cyber-attacks. Past incidents, such as the Ukrainian power grid attack in 2015, which caused a widespread blackout affecting over 225,000 consumers, highlight the urgency of safeguarding critical infrastructure. More recent attacks, such as the 2023 Rhysida Ransomware incident on China Energy Engineering Corporation, although not causing blackouts, resulted in the exfiltration of substantial data later auctioned for 50 Bitcoin, demonstrating their disruptive potential. This study reviews over 120 recent research articles on cyber-physical power systems (CPPS), encompassing attack taxonomies, real-world case studies, and advanced control structures. The reviewed implementations span IEEE 14-bus, 30-bus, 39-bus, and 118-bus systems, as well as SCADA and AMI datasets, with reported results showing detection accuracies above 96% in most AI-driven models, FDIA detection frameworks achieving up to 0.999 AUC, and localization accuracies exceeding 84%. Emerging approaches such as blockchain and federated learning have demonstrated improvements in privacy and data integrity, while edge computing enhances latency performance, and quantum computing is gaining attention as a promising solution for high-dimensional and optimization-intensive CPPS security challenges. These findings highlight both the significant progress and the persistent gaps in CPPS cybersecurity. Future research must prioritize lightweight AI-driven anomaly detection, privacy-preserving federated learning, latency-aware blockchain protocols, and scalable quantum-assisted models to safeguard power systems against evolving multi-vector threats.
Olasehinde et al. (Thu,) studied this question.