A Risk-Based Optimization Model for Electric Vehicle Infrastructure Response to Cyber Attacks

Security of the smart grid is at risk when the vulnerabilities of the electric vehicle (EV) infrastructure is not addressed properly. As vehicles are becoming smarter and connected, their risk of being compromised is increasing. On various occasions and venues, hacking into smart or autonomous vehicles have been shown to be possible. For most of the time, a compromised vehicle poses a threat to the driver and other vehicles. On the other hand, when the vehicle is electric, the attack may spread to the power grid infrastructure starting from the EV supply equipment (EVSE) all the way up to the utility systems. Traditional isolation-based protection schemes do not work well in smart grid since electricity services have availability constraints and few of the components have physical backups. In this paper, we propose a mixed integer linear programming model that jointly optimizes security risk and equipment availability in the interdependent power and EV infrastructure. We adopt an epidemic attack model to mimic malware propagation. We assume malware spreads during EV charging when an EV is charged from an infected EVSE and then travels and recharges at another EVSE. In addition, it spreads through the communication network of EVSEs. The proposed response model aims to isolate a subset of compromised and likely compromised EVSEs. The response model minimizes the risk of attack propagation while providing a satisfactory level of equipment availability to supply demand. Our analysis shows the theoretical and practical bounds for the proposed response model in smart grid in the face of attacks to the EV infrastructure.