Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Cyber Resilience of Three-phase Unbalanced Distribution System Restoration under Sparse Adversarial Attack on Load Forecasting

Chen Chao, Zixiao Ma, Ziang Zhang

TL;DR

The paper tackles the vulnerability of distribution-system restoration to adversarial forecasts by developing a sparse gradient-based attack on weather-related inputs and embedding attacked forecasts into a sequential MILP-based restoration plan validated with a three-phase unbalanced OPF. The proposed Sparse Adversarial Attack (SAA), along with baseline PGD and Greedy PGD variants, demonstrates higher efficiency and stealth, revealing system-level failures such as voltage violations and ramping constraints that can trigger secondary blackouts. A restoration-aware validation framework shows how attacked forecasts degrade feasibility under true loads, highlighting actionable resilience strategies like reweighting restoration priorities and employing robust optimization to mitigate cyber-induced uncertainties. The results advance cyber-resilience in restoration planning, providing concrete methods to anticipate and defend against AI-driven forecasting attacks in modern, inverter-dominated grids, where the CLPU effect is modeled by $P_{ ext{CLPU}}(t)=P_{0}\cdot(1+a\cdot e^{-(t-t_{0})/\tau})$.

Abstract

System restoration is critical for power system resilience, nonetheless, its growing reliance on artificial intelligence (AI)-based load forecasting introduces significant cybersecurity risks. Inaccurate forecasts can lead to infeasible planning, voltage and frequency violations, and unsuccessful recovery of de-energized segments, yet the resilience of restoration processes to such attacks remains largely unexplored. This paper addresses this gap by quantifying how adversarially manipulated forecasts impact restoration feasibility and grid security. We develop a gradient-based sparse adversarial attack that strategically perturbs the most influential spatiotemporal inputs, exposing vulnerabilities in forecasting models while maintaining stealth. We further create a restoration-aware validation framework that embeds these compromised forecasts into a sequential restoration model and evaluates operational feasibility using an unbalanced three-phase optimal power flow formulation. Simulation results show that the proposed approach is more efficient and stealthier than baseline attacks. It reveals system-level failures, such as voltage and power ramping violations that prevent the restoration of critical loads. These findings provide actionable insights for designing cybersecurity-aware restoration planning frameworks.

Cyber Resilience of Three-phase Unbalanced Distribution System Restoration under Sparse Adversarial Attack on Load Forecasting

TL;DR

The paper tackles the vulnerability of distribution-system restoration to adversarial forecasts by developing a sparse gradient-based attack on weather-related inputs and embedding attacked forecasts into a sequential MILP-based restoration plan validated with a three-phase unbalanced OPF. The proposed Sparse Adversarial Attack (SAA), along with baseline PGD and Greedy PGD variants, demonstrates higher efficiency and stealth, revealing system-level failures such as voltage violations and ramping constraints that can trigger secondary blackouts. A restoration-aware validation framework shows how attacked forecasts degrade feasibility under true loads, highlighting actionable resilience strategies like reweighting restoration priorities and employing robust optimization to mitigate cyber-induced uncertainties. The results advance cyber-resilience in restoration planning, providing concrete methods to anticipate and defend against AI-driven forecasting attacks in modern, inverter-dominated grids, where the CLPU effect is modeled by .

Abstract

System restoration is critical for power system resilience, nonetheless, its growing reliance on artificial intelligence (AI)-based load forecasting introduces significant cybersecurity risks. Inaccurate forecasts can lead to infeasible planning, voltage and frequency violations, and unsuccessful recovery of de-energized segments, yet the resilience of restoration processes to such attacks remains largely unexplored. This paper addresses this gap by quantifying how adversarially manipulated forecasts impact restoration feasibility and grid security. We develop a gradient-based sparse adversarial attack that strategically perturbs the most influential spatiotemporal inputs, exposing vulnerabilities in forecasting models while maintaining stealth. We further create a restoration-aware validation framework that embeds these compromised forecasts into a sequential restoration model and evaluates operational feasibility using an unbalanced three-phase optimal power flow formulation. Simulation results show that the proposed approach is more efficient and stealthier than baseline attacks. It reveals system-level failures, such as voltage and power ramping violations that prevent the restoration of critical loads. These findings provide actionable insights for designing cybersecurity-aware restoration planning frameworks.

Paper Structure

This paper contains 21 sections, 26 equations, 7 figures, 6 tables, 2 algorithms.

Table of Contents

  1. Introduction
  2. Problem Statement
  3. Role of Load Forecasting in Restoration and Its Vulnerabilities to Cyber Attacks
  4. Formulation of Adversarial Attack on Load Forecasting
  5. Load forecasting formulation
  6. Attacker's Objective on Load forecasting
  7. Attacker's Knowledge
  8. Designing Adversarial Load Forecasting Attacks for Power System Restoration
  9. Baseline Gradient-Based Attacks on Forecasting Models
  10. Greedy PGD Attack on Forecasting Models
  11. Sparse Adversarial Attack for Restoration-Aware Forecast Tampering
  12. Adapting Attacks to Black-box Load Forecasting Models
  13. Power System Restoration under Adversarial Load Forecasting Attacks
  14. Restoration Planning Model Based on Forecasted Loads
  15. Validation Model for the Proposed Adversarial Attack Strategies Using Optimal Power Flow
  16. ...and 6 more sections

Figures (7)

  • Figure 1: Illustration of cyber attacks on load forecasting along with the impact over power system restoration. Weather data obtained from external service or APIs is modified by attackers through querying load forecasting model. These data are then processed and fed into the load forecasting server. System operators make restoration plans based on attacked data, which finally leads to the failure of restoration.
  • Figure 2: Illustration of three adversarial attack methods on load forecasting. They all update adversarial examples based on gradient information, while Greedy PGD and SAA additionally use it to choose attack target: the former selects attack feature $j^*$ based on $I_j$ and the latter picks top-$n$ elements within input matrix. In white box settings, gradient information can be directly obtained whereas under black box scenario, it can be estimated by querying the forecasting model.
  • Figure 3: Vulnerabilities of power system restoration under adversarial attacks on load forecasting. System state is vulnerable due to blackout and IBRs, and incompatibility between the attacked load forecasts and actual loads leads to infeasible restoration plans in the planning stage. When applied to the real system, both will cause stability issues, which may further trigger second blackouts and then restoration failure.
  • Figure 4: Workflow of adversarial attack evaluation. In the planning stage, restoration plans are generated from a MILP-based model using attacked loads. In the validation stage, the proposed OPF checks its feasibility under actual loads. If OPF fails, the attack succeeds; otherwise, it fails.
  • Figure 5: Modified IEEE 123 node test feeder.
  • ...and 2 more figures