Survey of Load-Altering Attacks Against Power Grids: Attack Impact, Detection and Mitigation
Sajjad Maleki, Shijie Pan, Subhash Lakshminarayana, Charalambos Konstantinou
TL;DR
LAAs exploit insecure IoT-enabled loads to tamper with demand and destabilize power systems, potentially triggering frequency and voltage instability and market volatility. The paper examines threat models, attack types, and the downstream impacts on T&D operations and energy markets, then surveys model-based, data-driven, and hybrid detection/localization methods followed by preventive, reactive, and hybrid mitigation strategies. Key contributions include a comprehensive taxonomy of LAA threats, analysis of transmission, distribution, and market impacts, and a synthesis of detection and defense approaches with pathways for future research. The findings emphasize the need for layered cybersecurity, robust control design, and regulatory standards to bolster grid resilience against evolving LAA threats in IoT-enabled environments.
Abstract
The growing penetration of IoT devices in power grids despite its benefits, raises cybersecurity concerns. In particular, load-altering attacks (LAAs) targeting high-wattage IoT-controllable load devices pose serious risks to grid stability and disrupt electricity markets. This paper provides a comprehensive review of LAAs, highlighting the threat model, analyzing their impact on transmission and distribution networks, and the electricity market dynamics. We also review the detection and localization schemes for LAAs that employ either model-based or data-driven approaches, with some hybrid methods combining the strengths of both. Additionally, mitigation techniques are examined, focusing on both preventive measures, designed to thwart attack execution, and reactive methods, which aim to optimize responses to ongoing attacks. We look into the application of each study and highlight potential streams for future research.