Security Games for Risk Minimization in Automatic Generation Control

The power grid is a critical infrastructure that must be protected against potential threats. While modern technologies at the center of the ongoing smart grid evolution increase its operational efficiency, they also make it more susceptible to malicious attacks such as false data injection to electronic monitoring systems. This paper presents a game-theoretic approach to smart grid security by combining quantitative risk management techniques with decision making on protective measures. The consequences of data injection attacks are quantified using a risk assessment process where the well-known conditional value-at-risk (CVaR) measure provides an estimate of the defender's loss due to load shed in simulated scenarios. The calculated risks are then incorporated into a stochastic security game model as input parameters. The decisions on defensive measures are obtained by solving the game using dynamic programming techniques which take into account resource constraints. Thus, the formulated security game provides an analytical framework for choosing the best response strategies against attackers and minimizing potential risks. The theoretical results obtained are demonstrated through numerical examples. Simulation results show that different risk measures lead to different defense strategies, but the CVaR measure prioritizes high-loss tail events.