1. DoS (Denial of Service), DDoS (Distributed Denial of Service), and time delay attacks (targeting availability) [4, 5].

In wartime, these cyber attacks are often combined with physical attacks on critical infrastructure facilities [12]. Developing algorithms for calculating attack parameters remains a crucial task for understanding the resilience limits of the facility and for investigating cyber incidents.

The findings of this work will contribute to more accurately fulfilling the guidelines of document [13] regarding the identification of adversary tactics, techniques, and procedures used to circumvent controls, along with other cybersecurity objectives. 2. Cyber attack models in AGC systems Paper [1] examines a two-area power system and its dynamic model equations, demonstrating system behavior under abnormal conditions and analyzing the types of attacks that can disrupt the power system.

In paper [4], a dynamic model of a single-area load-frequency control (LFC) system is presented, focusing on the principles of sustainable operation. The study addresses time-delay attacks and DoS (Denial of Service) attacks, providing equations for the main system components under DoS attack conditions.

Paper [5] expands on DoS attacks by exploring data integrity attacks as well. It proposes a multiarea scheme with a control center, presenting detailed LFC equations and describing the main types of attacks.

Paper [6] discusses power grid control strategies, with particular emphasis on time-delay threats and replay attacks. The authors derive stability bounds for systems subjected to these attacks.

In paper [7], a different class of cyber attacks is explored: robust stealth covert attacks. The study includes a simulation example and uses a mathematical approach to calculate attack parameters for adversaries.

Paper [8] addresses cyber-physical reliability using game theory, incorporating probability factors into the calculations.

Paper [9] focuses on technical aspects of cyber attacks, reviewing examples, countermeasures, and a taxonomy of attack types. A section is dedicated to the use of machine learning algorithms for attack detection.

In paper [11], a detailed taxonomy of IT (Information Technology), OT (Operational Technology), and AMI (Advanced Metering Infrastructure) attacks is provided, along with an overview of papers that propose approaches to counter these attacks.

Paper [12] examines DoS and DDoS models, emphasizing that these attacks may have different impacts when combined with physical attacks by adversaries during wartime.

Simulation models of cascading effects in power grids under cyber attack are discussed in paper [14].

Paper [15] investigates various attack strategies, mathematical models, and methods for assessing system vulnerabilities.

The authors of paper [16] delve into the interconnected AGC systems and existing frequency deviations, advancing the study in this area.

Existing research reveals a gap in deterministic mathematical approaches, based on control theory methods, for not only identifying stability bounds but also uncovering unknown attack parameters. The current work aims to address this gap by developing relevant algorithm.

Paper [13] provides guidelines and compliance directions for reporting cyber incidents in critical infrastructure. This document offers guidance that could be reinforced by mathematical analyses and studies, particularly in the field of restoring attack parameters. The findings of the current study could provide the necessary numerical data for addressing these challenges.

3. Cyber threats to the AGC system Let us examine the structural features of the AGC (Automatic Gain Control) system that make it susceptible to attacks. The AGC system operates within a communications infrastructure, facilitating data transmission between control centers and control zones. Sensor measurement data is sent to the control center, where an error signal is generated and then transmitted back to the control area. The local controller subsequently calculates the power control signal.

Real-time data collection can be achieved through remote terminal units (RTUs) or intelligent electronic devices (IEDs) positioned at critical locations (such as power stations and substations) within the control zone.

The SCADA (Supervisory Control and Data Acquisition) system collects and aggregates this data and relays it to the control center via communication channels using various protocols, such as DNP3 (Distributed Network Protocol), IEC 61850, and IEC 60870-5-104. Similarly, signals from the control center are transmitted back to the control zone. A general diagram of a single-area power zone under DDoS attack conditions is presented in [15], with specific points highlighted where other types of attacks (particularly FDI attacks) could be applied (Fig. 1).

Let us compile a list of common attacks on the AGC system, linking specific attack types to technique classes from the MITRE ATT&CK® Matrix for ICS, as shown in Table 1. In Table 1, CIA refers to confidentiality, integrity, and availability, respectively.

ed (CIA) IA CIA IA

A CIA CI network and services

time delays

Destroying infrastructure, intercepting control under biometrical

features, controlling the locks and other physical objects

software, hardware versions, open interfaces

Partial knowledge about software, hardware versions, open interfaces

mode features and anomaly ranges knowledge

knowledge about protocol timelines

knowledge about protocol timelines

protocols knowledge, access to transmitted data

— —

the data using social engineering, geolocation detection commands, system services IT, AMI, OT OT, IT, AMI OT, AMI OT OT, AMI OT, IT, AMI

IA CIA

Full knowledge of object architecture, and partial knowledge of system vulnerabilities

4. AGC mathematical models

In this section, we present generalized mathematical models in state space, building on previous works [5,6]. The primary vectors under consideration include malicious intrusion into the system state via control parameters and measurement parameters (see Fig. 1). We then focus on the FDI (False Data Injection) class of attacks and develop an algorithm to identify attack parameters under certain assumptions. Additionally, we discuss the adversary's potential extended knowledge of the system. 1.1.

Initial undisturbed system model

We consider an initial undisturbed system with control, which is described by equations system in state space:

( ) = ( ) + ( ) + , ( 1 ) where is system state; is control; F is source function (energy supply from/to neighboring zones); k is a parameter of control influence intensity.

We have to notice, that in the general description, state vector ( ) can contain the components of frequency deviation Δ , regulator, turbine, and tie-line power deviations as it was proposed in [6]. But we consider the scalar values.

If the control depends on measurements:

( ) = − ( ), where measurements depend on the state: ( ) = ( ).

Thus, equation ( 1 ) takes the form ( ) = − − ( ) ( ) + ,

= .

( ) ≡ ( ) − ∗( ); ( ) =

( ) + ( ) ( ); ( ) = ( ) −

∗( ) + ( ) . ( ) = ( ) + { ( ) − [ ∗( ) + ( )]}[ ∗( ) + ( )], ( ) = ( ) + ( ) + { ( ) − [ ∗( ) + ( )]} ( ), ( ) =

{ ( ) − [ ∗( )]} ∗( ). where = .

( ) = ( − ) ( ) + , = . ( 2 ) ( 3 ) ( 4 ) ( 5 ) ( 6 ) ( 7 ) ( 8 )

has to be negatively defined or at least, non-positively defined.

This depends on eigenvalues of this matrix that can be defined from equationdet( − − ) = 0. Suppose that −

is negatively defined for a sufficiently large . Then the necessary condition that this property becomes invalid at some ,i.e.,the largest eigenvalue changes its sign ( ) = det(

− ) = 0.

Attack on system measurements and instability conditions determining

Let ( ) be the distortion introduced to the measurements by an attacker. The measurements are where

becomes a standard fitting problem.

Otherwise, it is necessary to determine ( ) simultaneously with ( ) when ( ) is known.

The problem can be simplified if we know etalon values ∗, ∗, which allow us to eliminate : ( ) = 0; ( ) = 0.

( ) = ( ) + ( ), = + { ( ) − ∗( )}.

Assuming the effect of disturbances is small, successive approximations can be considered for equation ( 6 ). For the zero approximation, we set

( ) =

( ) + ( ) + { ( ) − ∗( )} ( ), we can find ( ) by numerically solving the linear equation.

Given a set of measurements:

(0) = 0, ∗( ) = ∗( ), which characterizes normal process flow (solution of equation ( 2 ) or ( 4 ) when ( ) ≡ 0), we assume the adversary aims to maximize damage, causing ∗( ) becomes unstable. The control problem for critical infrastructure systems is to prevent such scenarios through control measures and by comparing ( ) and ∗( ).

To detect intrusions caused by additional adversarial distortions, an additional criterion can be added to the measurement system to identify deviations from the normal process flow (e.g., electricity supply): ( ) = ( ( ) − ∗( )) = ( ( ) − ∗( )) ⟶

( ) − ∗( ) the system. We can use where

Let ℰ

be threshold such that signals abnormal system behavior. For discrete measurements:

Next, let us determine ( ) that leads to system instability. Such a problem can arise in cyber incident investigation, especially when trying to uncover adversarial actions aimed at destabilizing ( )( ) ≈

; ( ) ≈ ( ) − ∗( ) + ( ) .

In the next approximation, we substitute ( )( ) in the last term of ( 7 ).

As Table 1 shows, some attacks require knowledge of system functioning and parameters. Using the principles of parametric identification outlined above, and having access to measurement data, an adversary can infer unknown parameters (e.g., , , or from ( 1 )). Thus, intercepting measurement information may enable more dangerous attacks, such as covert attacks. 1.3.

Attack on system state and parameter identification

Let us consider a typical attack on the system state that involves false data injection (FDI) by manipulating system control parameters. ( 9 ) ( 10 ) In FDI attacks, a scaling parameter is used to alter control [5], allowing the adversary to influence ( ) = ( ) +

( ) + ( ) + , ( ) = − ( ), ( ) = ( ). ( ) = − ( ) + ( ) + ,

≡ . ( ) =

( ) + , ≡ − − .

det

= 0 , ( ) = A ( ) + B( ) ( ) + ;

(0) = ,

we can obtain the critical value of that leads to system instability.

To illustrate the process of restoring attack parameters of the cyber incident, let us consider the generalized case of the system ( 11 ): system requlation.

( 11 ) ( 12 ) ( 13 ) ( 14 ) ( 15 ) ( 16 ) ( 17 ) ( 18 ) (19) (20) where represents the system state, is the control function, is the source function, and describes the intensity of adversary’s intrusion. The dependency on is assumed to be known.

Suppose the adversary’s goal is defined by the criterion under conditions ( 13 ), where ( ), ( ) are given functions, ( ) represents the process state boundaries, and ( ) is the desired control target of the adversary. We assume that ( ) and ( ) are known: ( ) = [ ( ) ( ) − ( ) + ( )( ( ) − ( )) ]

( ), equation ( 1 ) can be reformulated as: ( ) =

( ) + ( ) ( ), (0) = , where =

− (0) and ideally Then, expression ( 15 ) is transformed to ( ) + ( ) + ( ) ( ) −

( ) = 0. = [ ( ) ( )

+ ( )( ( )) ] .

The objective is to determine the feedback between ( ) and ( ) that the attacker introduces into the system to achieve the goal ( 15 ). This enables: 1) predicting the magnitude of adversary actions to train anomaly detection systems, and 2) recovering details of adversary actions from known incident characteristics ( ( ),

( )).

Introducing Lagrange multiplier, we have: =

{2 ( ) ( ) ( ) + 2 ( ) ( ) ( ) + ( )[ ( ) − ( ) − ( ) ( )]} = = {[2 ( ) ( ) − ( ) − ( ) ] ( ) + [2 ( ) ( ) − ( ) ( )] ( )} + + ( )

( ).

From the condition = 0, we select ( ) so that:

5. Computer simulation results

Using the presented models, we generated dynamics graphs of FDI attacks. For the simulations, we developed a Python software package. 1.4.

Stability violation features

In Fig. 2, we illustrate the normal situation for the AGC. Here, we consider a one-component state x, representing frequency deviation Δf, and constant values of ξ, which could generally timedependent. For a two-component state, see the example in Fig. 3.

To identify the parameter ξ that meets a certain criterion J (see Fig.4), the proposed algorithm can be applied. In certain cases, some J samples may not contribute to the rapid convergence of the algorithm. However, in a significant number of cases, the proposed algorithm proves to be numerically efficient.

Fig. 5 shows that with small values of attack parameter, malicious influence may be subtle, making these attacks difficult for anomaly detection systems to detect. Such attacks typically target the software components of cyber-physical systems, aiming to insert false data into monitoring systems.

Attacks with larger values of scaling attack parameter can be detected effectively by monitoring systems due to noticeable changes in state pattern. For such attacks, cyber defenders should not only detect but also react quickly to mitigate potential damage. High values of the scaling parameter can pose risks to hardware components by threatening system stability. As shown in Figs. 7-9, with certain values of , system state becomes unstable. The threshold value = 9.4 (corresponding to the Fig. 8) can be calculated with necessary accuracy from ( 12 ). In the case of measurement intrusion, the stability boundary is determined by ( 10 ).

Illustration of malicious activity at a specific time