A Comprehensive Review of the Cyber-Attacks and Cyber-Security on Load Frequency Control of Power Systems

: Power systems are complex systems that have great importance to socio-economic development due to the fact that the entire world relies on the electric network power supply for day-to-day life. Therefore, for the stable operation of power systems, several protection and control techniques are necessary. The power system controllers should have the ability to maintain power system stability. Three important quantities that should be effectively controlled to maintain the stability of power systems are frequency, rotor angle, and voltage. The voltage control in power systems maintains the voltage and reactive power within the required limits and the power factor control enhances the efﬁciency of power distribution systems by improving load power factors. Among various controls, the frequency control is the most time-consuming control mechanism of power systems due to the involvement of mechanical parts. As the control algorithms of frequency stabilization deliver control signals in the timescale of seconds, load frequency control (LFC) systems cannot handle complicated data validation algorithms, making them more vulnerable to disturbances and cyber-attacks. In addition, the LFC system has extended digital layers with open communication networks and is designed to operate with less human intervention. Moreover, the frequency ﬂuctuation due to load change or cyber-attack in one area affects all other interconnected areas, and thus threatens the stability of the entire network. Due to these circumstances, research activities are still carried out in the ﬁeld of frequency control and cyber-security. In this paper, a comprehensive review of the cyber-security of the LFC mechanism in the power system is presented. The highlights of the paper include the identiﬁcation of attack points of different conﬁgurations of the LFC system, discussion of the attack strategies, formulation of various attack models, and a brief review of the existing detection and defense mechanisms against cyber-attacks on LFC.


Introduction
The field of power systems is continuously enhancing through the integration of modern generation schemes, the latest control techniques, advancement in data transmission through open communication networks, and development of security measures of communication network through smart systems. However, it is observed that the integration of new technologies also presents new challenges to power systems. For instance, the incorporation of renewable energy sources (RES) in electricity generation acts as a good choice of solution for pollution and environmental issues, but the operation of power systems with RES produce unsatisfactory frequency stability performance due to their intermittent output power [1]. However, RES have been accepted as a major energy source in some countries due to the expansion of RES technologies, usage of smart inverters [2], and smart devices or actuators [10]. Primary control or governor control, secondary control scheme with the help of traditional supervisory control and data acquisition (SCADA), secondary control scheme in smart grid/microgrid control using phasor measurement units (PMU), etc. have been developed for the LFC in the generation side of the power system [10].
The governor control (local control) system does not rely on the SCADA telemetry system, as the rotor speed measurements of the single generator are locally sensed [10]. In this case, the valve position of the prime mover is adjusted according to the sensed speed to reflect the corresponding change in the output power of the generator. However, the control module/controller of this scheme do have a communication link with the control center of the plant as it defines the governor controller operating setpoint using this link. The attack surface of local control loops is limited due to the local sensing of measurements without using the SCADA network. Therefore, attacks like DoS, replay, integrity, timing, etc. are not applicable to this control loop. However, the malware can still compromise system cyber-security measures and enter substation LAN through entry points like USB keys. The malware then corrupts the control module settings and disrupts normal operation. The Modbus protocol is used by the controllers of modern digital governor control for the communication with control center computers via Ethernet [10].
Different from governor control, the secondary control of LFC scheme allows the frequency control of multiple generators that are operated in parallel, sharing large electrical loads. Traditionally, LFC of an area or interconnected areas involving multiple generators is done with the help of energy control centers that make use of on-line computers and remote data acquisition systems like SCADA. In modern electric grid and smart grid, PMU is used for real-time monitoring and control.
The typical LFC loop is given in Figure 1. In conventional power systems, hydro, thermal, and nuclear power plants are the integral power generation components. However, due to the alarming environmental issues, RES started being a vital component in power systems [17]. Therefore, the LFC system with RES is also briefly addressed in this section. A well-designed power system with LFC adjusts perfectly against the load variations and system disturbances while producing high-quality electric power and maintaining frequency within the tolerance limit [17]. An increase in the load demand (∆P L in Figure 1) creates a decrease in the generator unit frequency ( f ) from the nominal value, and the frequency stabilization is implemented through the speed control of generation unit turbines. If the load demand is more than the nominal one, the demand-generation imbalance takes place and the kinetic energy (KE) stored in the rotating mass delivers energy to minimize frequency deviation for a very short time [9]. The inertial response contributed by the rotor KE cannot fix the frequency deviation completely. Therefore, subsequently, the governor and secondary control techniques are activated.
The LFC scheme primarily starts with governor control, which is the control of the generation unit using speed regulation or droop characteristics (R). Droop characteristics represent the slope of the governor steady-speed characteristics curve [8]. From the control point of view, it can be viewed as a proportional controller that ends up with a steady-state frequency deviation. The AGC provides a reset action and adjusts the generation automatically to re-establish the system frequency to the nominal value for the continuous load changes [23]. The secondary control system resets the frequency deviation at steady state to zero value [8]. The AGC scheme is generally applied to the wide area or interconnected power systems.

Single-Area LFC Scheme
The aim of the single-area LFC system is only restricted to the stabilization of operating frequency to the nominal value as the interconnected system adjustment is not needed [24]. In single-area LFC system, the increase in the load demand (∆P L ) creates a decrease in the generator frequency ( f ) and vice versa. The inertial response contributed by the rotating mass cannot bring the generator frequency to the nominal value, and therefore the governor and the secondary controls are implemented as in Figure 2. The block diagram of a single-area LFC system with the specification of cyber-attack points is shown in Figure 2. The cyber and physical layers of LFC are appealing target points for adversaries and the attack points include transmission channels of communication network, computational algorithms at the control center, and physical sensors/actuators [25][26][27][28]. Generally, it is assumed that all the generation units in the single-area produce coherent responses to the system load changes. Thus, all the generating units of the single-area is equivalently represented by a single generating unit [8].
The general dynamics equation for a linear single-area power system is given as below and Table 1 lists the parameters of the LFC system model. The generator-load dynamic relation between the mismatch power deviation (∆P m (t) − ∆P L (t)) and frequency deviation [14] is expressed as and the turbine dynamics is expressed as: The governor dynamics can be expressed as The state space model can be derived from these basic differential equations for the design of suitable controllers and analysis of cyber-attacks over the LFC scheme. A state space model of LFC system with state variables such as frequency deviation, voltage angle, generator mechanical output, and governor output is given in [14], where the voltage angle is represented as ∆θ(t) = ∆ω(t) and ∆ω(t) is the angular frequency deviation in (rad/s). Some models also incorporate time delays that occur in the communication channels during the transmission of sensor measurements and control signals [14]. For the study of cyber-attacks over the LFC scheme, the basic model is altered to incorporate the attack features. The sensor and actuator channels are the main target channels for the adversaries of the LFC system. In the case of single-area LFC system, the adversarial activities are implemented either through the manipulation of system frequency, the actual output power of generators, and governor control signal or the authorized sources are denied access to these signals.

Multi-Area LFC Scheme
In the multi-area LFC system, the generators of each area have to control local load and tie-line power variations from interconnected areas to attain load balances at local and global levels [11]. Here, the frequency control is achieved through the addition of the ACE signal to the feedback loop, which not only accounts for the changes in frequency and exchange of power, but also considers the energy and time error due to the fluctuations in schedule and device [24]. In the interconnected power system, the PMU of electric power grid/RTU of traditional SCADA system sends the sensor measurements such as power system frequency, tie-line power flows, system time deviation, and generator power signals to the control center [24]. AGC relies on the frequency and tie-line power measurements and any manipulation of these measurements due to attacks or load disturbance can have a direct impact on the stability and economic operation [10,29]. Therefore, during the AGC operation, the control center allocates ACEs to respective local controllers and controls frequency deviation and net interchange power of generator sets of each area based on the collected data [23,24].
The general block diagram of the multi-area LFC system (having same area ratings or power capacities) with attack points is given in Figure 3. In the multi-area LFC system, any load change (∆P Li ) in one of the control areas can create frequency deviations in the generator units of the corresponding control area (∆ f i ) and in the interconnected area (∆ f j ). The increase in load change (∆P Li ) results in the reduction of generator frequencies ( f i and f j ) and vice versa. Consequently, these frequency variations can result in the deviation of tie-line power value (∆P i tie ) from the scheduled interchange power value. The general dynamics equation for a linear multi-area power system is given below [30]. The generator-load dynamic relation between the mismatch power deviation (∆P mi (t) − ∆P Li (t)) and frequency deviation of the ith area are expressed as [14] ∆ḟ The turbine dynamics is expressed as and the governor dynamics can be expressed as The tie-line power flow exchange between area i and other areas [31] is given as where T ij is the synchronization coefficient. The ACE for area i is expressed as the summation of tie-line power flow and frequency deviation multiplied by the bias factor as follows.
The ACE i (t) represents the measured deviations of system frequency and tie-line power export from the nominal values. Here, the area ratings are assumed to be the same and thus the area capacity factor is considered to be one [32,33]. If the area ratings are different, then ACE is given as [32,33]: and where a ij represents the area capacity factor and P r i , P r j represent the power capacities of areas i and j, respectively. Using the frequency and tie-line power flow measurements [25] received from PMU, ACE values for each area is calculated at the control center and transmitted as input control signal to the local controller. ACEs act as the input mechanical power setpoints to the generators of each area and the local controller adjusts power values to keep ACE to the zero value [24,25,34]. The state space models for the analysis and study of cyber-attacks are derived for multi-area systems from the above dynamic equations. A multi-area power system model with uncertainty, generator rate constraint (GRC), and the time delay is provided in [30]. The multi-area power system state space model with proportional integral (PI) controller is provided in [35]. More details regarding the extraction of discrete-time models of control areas, tie-line model, and network model are provided in [36]. The physical and cyber-level modeling of the LFC system is described in [37].
Even though the interconnected structure improves the system performance, it increases the cyber-attack vulnerability through the tie-line input point. For the multi-area systems, the attacker mainly concentrates on the falsification of ACE values through the manipulation of frequency or tie-line power [38]. The attack in one LFC area can be powerful enough to create blackout of the entire power grid [11]. The attack over actuator or sensor channel of the multi-area LFC system can result in the inaccessibility or manipulation of signals like system frequency ( f i (t)), tie-line power (P i tie (t)), actuator generator output power (P mi (t)), and ACE values (ACE i (t)) of each control area.

Two-Area LFC Scheme
The two-area LFC system is widely used to study the effect of cyber-attacks in multi-area LFC systems due to simplicity and it illustrates the increase of attack points. The mathematical model of the two-area LFC system is formed from the fundamental equations mentioned earlier. The influence of load changes in the generator frequencies and power flows can be analyzed from Figure 4 and it is described as follows [39].

•
An increase in the load demand (∆P Lj ) in area j can result in the reduction of generator frequencies ( f i and f j ) and an increase in the power flow to area j.
• If the load demand (∆P Li ) has increased in area i, then it would result in the reduction of generator frequencies ( f i and f j ) and power flow to area j. The attack points of the two-area LFC system with different area ratings are given in Figure 4 and it is observed that the number of transmission channels is higher compared to the single-area LFC system. Therefore, the impact of attack and deterioration of system performance intensifies in the two-area LFC system as the number of interconnected areas increases. Similar is the case with three-area and four-area power systems. The modeling, controlling, and impact analysis of cyber-attacks of three-area and four-area LFC systems are investigated in [11,19,30,[40][41][42][43][44][45][46][47][48].

LFC Scheme with RES
RES-based power generation mechanisms create an eco-friendly and sustainable source of electrical energy [49,50]. The intermittent nature of RES and its high penetration not only affect the power quality and system reliability [51], but also make the frequency deviations faster due to decrease in system inertia [52]. The reduction in the rotational inertia of the power system is due to the inverter/converter connected resources [52][53][54], which results in a faster rate of change of frequency (RoCoF) and less stable frequency dynamics [53]. Moreover, in the case of interconnected LFC systems, large RES penetration causes tie-line overloading, and consequently the ACE determination and frequency stabilization deteriorate [31]. Due to faster RoCoF, the effect of cyber-attack in LFC systems will be intense for RES integrated power systems [55].
The schematic diagram of the RES integrated single-area LFC system with attack points is given in Figure 5. Here, all the generating units of the RES integrated single-area LFC system are equivalently represented by a single generating unit under the assumption that the generating units of same area swing together and produce coherent responses to the system load changes [8]. Further, the LFC system considered in Figure 5 is as an islanded microgrid (MG) where the load, wind power, and solar power variations are considered as disturbance variations and the primary and secondary controls are achieved through the speed control of governor-turbine units that produce output mechanical powers ∆P m and ∆P h . Therefore, in this case, the power system frequency control is established through governor-turbine units for variations in load disturbances and intermittent wind and solar powers. In addition, the influence of load changes in the generator frequency remains similar to single-area LFC system as explained in Section 2.1; however, the fluctuation in the generator frequency would be higher in this case compared to the LFC system without RES integration, due to the additional fluctuation induced by RES penetration. The general dynamic model of an isolated RES (wind turbine, PV [54], and hydropower plant) integrated LFC system [54,[56][57][58][59][60][61] is described as follows.
The generator-load dynamic relation between the mismatch power deviation (∆P m (t) − ∆P L (t)) and frequency deviation [54] is expressed as The turbine and governor dynamics can be expressed as in Equations (2) and (3), respectively. The wind turbine and PV dynamics can be described as The hydro turbine-hydraulic governor dynamics according to the transfer function provided in [62] can be given as where the governor-dynamics ∆Ṗ g (t) is derived similar to Equation (3). However, in the case of multi-area LFC systems, the RES power dynamics fluctuation and tie-line power deviation can contribute to power imbalance and frequency deviation [31]. Therefore, for interconnected LFC systems, the control error calculation is performed in addition to the general dynamics mentioned above. In the control center, the ACE signal is generated for respective control areas by considering the RES power fluctuation and it can be provided as [31] where ∆P RES (t) is the total power fluctuation due to the renewable sources of the LFC system. The integration of renewable power plants adds an additional fluctuation source [31].
Therefore, the intensity of frequency stability deterioration can be more in the case of RES integrated LFC systems compared to the conventional LFC systems when any sort of attack is introduced in its cyber or physical layer. As in the case of conventional LFC systems, the attack over communication channels can cause inaccessibility or manipulation of signals like frequency, tie-line power, the actual generator output, and ACE values of each area.

Types of Attacks in LFC System
The main types of attacks on the LFC system are DoS attacks (affecting the data availability) and Data integrity attacks (affecting the system integrity through the manipulation of transmission data). In this review, we try to model the cyber-attacks of LFC system based on the three dimensional attack space proposed in [20]. The axis dimensions of the attack space include "Model knowledge", "Disruption resources", and "Disclosure resources".
The prior knowledge about the system model aids the attacker in the construction of complex and "hard to detect" attacks that can cause severe consequences. In the attack space, the resources that enable the attacker to gather sensitive information (data sequence of calculated control signals from the control center and measurement signals of sensors from RTU/PMU in the case of LFC system) are called disclosure resources and it results in disclosure attacks. The physical dynamics of the control system are not affected by these attacks. Instead, it can gather information for more complex attacks like replay attacks. Further, the resources which disrupt the system operation through violation of data integrity and availability properties are called disruption resources [20]. In the LFC system, communication channels are the main disclosure and disruption resources. The cyber-attacks on the LFC system can happen through threats at the cyber layer and physical layer. The generic sensor and actuator attack models of the LFC system are discussed in the coming subsection.

Sensor and Actuator Attack Model of LFC System
In order to comprehensively describe the attack in an LFC system, two elements are needed: a mathematical model of the LFC system and the description of the attack policy [16,63,64]. The adversary model or attack model is formulated using the attack policy, which describes the prior knowledge of the system model acquired by the adversary and information set accessed through the disclosure of resources. The prior knowledge resource can include information regarding the plant model, the algorithm used in the controller, and anomaly detectors [64].
A general continuous time-domain model for LFC system under sensor attack can be described as follows, where x(t) ∈ R n , u(t) ∈ R q , andỹ(t) ∈ R m are the state variable, control input, and output signal, respectively. Further, w(t) ∈ R n and v(t) ∈ R m represent the process and measurement noise vectors. Let the adversarial input applied at the sensor channels under attack be denoted as a y (t) ∈ R m and the adversarial input vector can be modeled as where Γ y represents the binary incidence matrix mapping the data corruption to respective signal transmission channels and y a (t) denotes the data corruption applied to each sensor channel. The measurement data of the LFC system include grid frequency, tie-line power, and the actual output power of the generator.
A general continuous time-domain model for LFC system under actuator attack can be described as follows, The attack input vector corrupting the actuator channel can be modeled as where Γ u represents the binary incidence matrix, which maps the data corruption applied to the respective actuator channels, and u a (t) represents the data corruption. The actuator channels of the LFC system carries ACE values issued by the control center. The main attacks affecting LFC systems along with the attack procedure are provided in Figure 6. Various types of attacks, attack scenarios and modeling of attack types (based on sensor and actuator attack categories) of LFC system are discussed below.

DoS Attack
DoS is one of the most malicious attacks, which can jam the communication channel by sending huge quantities of inauthentic packets. This is a cyber layer attack that causes heavy transmission burden and consumes excessive amounts of network bandwidth causing interruptions in the network [14,65]. In networked control systems, DoS attacks are injected by tampering transmission channels, thus preventing the control and measurement data from reaching their destination [66]. DoS attacks do not require disclosure capabilities. Moreover, there are attack scenarios (using Bernoulli attack policy) in which the prior system knowledge is not used for the attack [20]. DoS attack policy is generally opted by the attackers with limited information about the control system [67] and usually DoS attacks are easily detectable; however, poor network conditions can affect the easiness of detection [20].
For the LFC system, the communication channels ((1) connecting RTU/PMU and the control center and (2) connecting control center and governor) are the main disruption resources of the DoS attack. DoS attacks can block the measurement data to be transferred to the control center and affect the updating of the control command from the control center/delay the control signals sent to the actuator deteriorating the power system performance [24]. DoS attacks are also powerful enough to adversely affect the dynamic performance of the LFC system, if the attack happens early before the system convergence [24,68]. Among the various types of DoS attacks (periodic, trivial, random, and protocol aware jamming attack), energy-constrained PWM jamming signal is mainly investigated in LFC systems due to the simplicity of implementation and detection avoidance [69].
Generally, these attacks utilize network defects to consume system resources for disabling the normal operation [70]. Servers with low processing speed and inadequate memory are the main target points of independent DoS attacks. However, for the communication networks with high performance and parallel processing capability, coordinated DoS attack using distributed puppet clients are carried out by attackers. These attacks with higher communication network blocking capability are known as distributed denial of service (DDoS) attack. LFC systems are wide area network control systems with process layer (comprising the data acquisition units that collect measurement data), bay layer (includes communication channels of data transmission), and station layer (comprising control center for computational analysis). Due to this distributed network and a large number of control computations, LFC systems are also prone to DDoS attacks and the communication delay caused by DDoS can adversely affect frequency stability [70]. DDoS attacks, generally executed at application or DNS servers, do not require much model knowledge and it is easy to realize; however, the detection is difficult because the attacker itself is hidden using puppets [70,71]. In other words, the request packets sent by an adversary imitate or appear similar to legal requests with the motive of using system resources [71]. The study of DDoS attack and coordinated defense requires knowledge regarding the interactive characteristics of control devices, communication network, and the physical environment [70].

Attacking Strategies of DoS and DDoS Attacks in LFC System
The DoS attackers use different attacking strategies like "flooding of network" [70] and "implementation of PMU measurement data packet loss" [72] to perform a DoS attack in the LFC system. DoS attackers exploit the side-channel vulnerability of virtual private network (VPN) tunnels of PMU traffic and selectively drop the measurement packets from target PMU through side-channel analysis. The attacker first identifies the IP pair of interested security gateways and uses timing side-channels for the identification and blocking of packets from targeted PMU. The phasor data concentrator (PDC) collects measurements (grid frequency, tie-line power flow, etc.) from PMU and sends the aligned data to the system control center. The measurement packets that are received outside a certain time window are considered as missing data positions and they are filled using fillers (usually zeros) to keep a constant format for the data packets. The zero value is harmful for the operation of AGC, and the absence of data packets can result in increased delivery of energy on tie-line or forced oscillation of power generation and eventually leads to instability [72].
In the case of DDoS attacks, the adversaries affect the availability of services of host servers, like application server, DNS server, etc., with the help of compromised systems in the network [73]. For instance, in the case of synchronize sequence number (SYN) flood attack, the loopholes in the transmission control protocol (TCP) is utilized to systematize the DDoS attack. The delays induced due to the DDoS attack launched in the information layer can affect the control action of the LFC system [70]. The DDoS adversaries can cause the unavailability of either measurement data or control data. The attacker initially attacks the master controllers and utilizes a large number of clients of the network as agents for blocking servers. During the SYN flood attack, flooding of the server is done by taking advantage of defects of the three-way handshakes of the TCP protocol. DDoS is implemented through manipulating the agents to send SYN packets (the packets used to initialize connection in TCP-based communication) to servers. However, the invaded agents will not respond to the acknowledgment packets sent by servers and create numerous waiting TCP connections in the attacked servers. As a result, the network will be congested with useless packets and as a direct consequence network congestion happens. Consequently, data transmission delays occur in control and measurement channels of the LFC system and affect the stability of power systems [70].

DoS Attack Model
Among the two main DoS attack models (Queueing Model and Stochastic Model [21]) of CPS, the LFC system generally uses the queuing model for the analysis and study of the DoS attack. The queuing model considers a sequence of DoS off/on transitions and the time interval of the DoS attack during which no communication is available [21]. The sleep and attack intervals distribution diagram of the queuing model DoS attack is given in Figure 7 and during the attack interval no data transmission takes place through the attacked sensor or actuator channels. In the absence of attack (represented by DoS off-periods), the LFC control center receives the sensor measurements of respective control cycles and corresponding control signals are generated. In the presence of DoS attack (represented by DoS on-periods) in the sensor channel of LFC system, the controller generates control signal based on the most recently available sensor measurements for maintaining frequency stability. In other words, the control signal generated during the previous control cycle will be used [20,24].
Queuing Model [21]: Let {h n } n∈N 0 with h 0 ≥ 0 be considered as the DoS off/on transition sequence. The time instants at which the DoS pulses undergo a shift from zero to one are the instants at which the communication of the measurement/control channel start getting interrupted. Then, the attack time interval of the n th DoS attack with an interval length of τ n ∈ R ≥0 can be given as follows, and no communication takes place during this time interval due to the presence of DoS attack. Let Ξ(τ, t) (DoS on-period set) and Θ(τ, t) (DoS off-period set) represent the sets of time instants in the interval [τ, t] during which the communication is banned and permitted [21], where τ, t ∈ R ≥0 , and t ≥ τ, Here, Ξ(τ, t) represents the union of all attack time intervals for a time period (τ, t) and Θ(τ, t) represents the set of all sleep intervals for the time period (τ, t). Then, the DoS attack model should be formulated in such a way that, the absence of DoS attack allows the transmission of data to the authorized system units and the presence of DoS attack is represented by the absence of data. Accordingly, DoS attack at the sensor and actuator channels [64] can be modeled as where S y and S u represents the boolean diagonal matrices with the diagonal entry representing the presence ([S (.) ] ii = 1, during Ξ(τ, t)) and absence ([S (.) ] ii = 0, during Θ(τ, t)) of attack. Therefore, when [S (.) ] ii = 1, the attacked actuator and sensor channels will be unavailable during the attack time interval and no data transfer occurs. When [S (.) ] ii = 0, the adversary unblocks the attacked channel or the data transfer is permitted.

Data Integrity Attack/Deception Attack
Data Integrity attacks are implemented through the manipulation of measurement and control signals transmitted among the cyber parts of the power system [21]. The attackers implement data manipulation or malicious data injection in actuator and sensor channels, in such a way that, the transmitted data lies within its own allowable limits. If this condition is violated, the bad data detection schemes easily detect these attacks and it results in an attack without intelligence. In short, for the attack to be successful, it should obey the power system principles [39]. Various types of data integrity/deception attacks on LFC system are discussed below.

False Data Injection (FDI) Attack
It is a general class of integrity attack that is capable of corrupting the real-time data, like frequency and ACE, in LFC systems [74]. FDI attacks generally follow predefined attack templates for signal injection [39]. However, real-world resourceful attackers use strategies that adapt during the attack. The preliminary phase may be designed to uncover system configuration using disclosure resources and obtain real-time data. Then, the subsequent phase will cause the disruption of resources affecting the normal system operation [34]. FDI attacks are applied to the measurement and control channels of the LFC system in the form of input attack vectors (a y i (t) or a u i (t)) formulated using data corruption strategies or attack templates.
The data corruption y a i (t) or u a j (t) applied for executing FDI attack at sensor and actuator channels can be modeled as where i = 1, 2, ....., m and j = 1, 2, ....., n, λ is the attack parameter, τ a is the attack time period, and F (.) is a function that can be independent or dependent on time, actuator signals, and sensor signals. Various kinds of FDI attack templates are provided as follows [20,39,64,74].
• Ramp attack: Ramp attack involves the modification of output measurements y(t) or control signals u(t) using a gradually increasing or decreasing ramp function for an attack period τ a . During the attack period, y a i (t) or u a j (t) will be equal to λ r · t, where λ = λ r is the ramp parameter and F (.) = t.

•
Pulse attack: Pulse attack involves the modification of output measurements or control signals using temporally spaced short pulses with some attack parameter λ p . Further, F (.) can describe the pulse shape characteristics.

•
Random attack: Random attack involves the modification of output measurements or control signals, over the attack time period, through the addition of values returned from a uniform random function rand(a, b). In this case, λ = 1 and F (.) = rand(a, b), where (a, b) represents the lower and upper bounds of y(t) or u(t) [75].

•
Scaling attack: Scaling attack involves the modification of output measurements or control signals to higher or lower values based on the scaling parameter λ s . In this case, the attack at the sensor and actuator channels can be represented as y a i (t) = λF (.) = λ s y i (t) and u a j (t) = λF (.) = λ s u j (t), respectively. When the parameter λ s is adjusted in such a way that λ s y i (t) = y min or λ s u j (t) = u min , then such kind of attack is called min attack, where y min and u min represents the minimum values of the output and control signals, respectively. When the parameter λ s is adjusted in such a way that λ s y i (t) = y max or λ s u j (t) = u max , then it is called max attack, where y max and u max represent the maximum values of the output and control signals, respectively.

•
Bias injection attack [20,64]: Bias injection attack is the simplest attack, in which the sensor or control signals of the intended channel are injected with a constant bias signal and the attack vectors can be modeled as a y i (t) = b i and a u j (t) = b j for sensor and actuator channels, respectively.
AGC is an appealing target of FDI adversaries as it controls grid frequency, the critical global parameter of the power system. The FDI attacks are launched in the LFC system through the following ways [25][26][27][28]. Compromising the logically isolated VPN channels from the distributed sensors • Global positioning system (GPS) spoofing: GPS spoofing allows penetration to PMU and affects clock synchronization of substations leading to wrong phase angle measurements However, the measurement communication channel is the primarily focused disruption resource of FDI attackers, due to the strong protection of computer programs at the control center and due to the less coordination of distributed physical sensors [25,33]. FDI attacks need a good knowledge of system configuration and attack impact models for computation of optimal attack sequence [25,28]. When the attacker has full knowledge of system configuration, but limited access to measurement meters due to their physical protection, the attackers solve the optimization problem for the identification of the minimum number of meters/sensors with maximum vulnerability. However, during an incomplete information scenario, FDI attackers gather topology information for launching valid FDI attack through the following means [76].

•
Through the collection of offline and online data using manual techniques or by deploying meters for accessing the grid • Using the market data related to the economic dispatch problem • Utilizing power flow measurements: The correlation among the power flow measurements provides topology information, when the system parameters like active and passive loads are varied.
In AGC, the influence of FDI attack over tie-line power and frequency measurements can be illustrated as follows [33], where ∆P ij tie (t) represents the difference between the actual and scheduled tie-line power balancing the areas i and j, a ij is the area capacity factor, ACE i,FDI−Tie (t) and ACE i,FDI−Freq (t) are the false generation correction values due to tie-line power FDI attack and frequency FDI attack, and A tie (t) and A f req (t) are the FDI signals injected to the tie-line power and frequency measurements. When A tie (t) > 0 and A f req (t) > 0, then ACE i (t) < 0, due to the secondary control action that forces ACE i,FDI−Tie (t) and ACE i,FDI−Freq (t) to be less than zero. This leads to a condition of ∆ f i (t) < 0 and ∆P ij tie (t)) < 0 as the generator shortfall in that control area. The reverse situation happens when A tie (t) < 0 and A f req (t) < 0 and can result in load shedding or generator tripping [33].
The FDI attack at the system frequency can be also implemented by injecting a bias signal at the frequency measurements of LFC to drive the steady state frequency deviation to a non-zero value without being detected by employed detection mechanisms [77]. In the absence of bias injection signals, the system frequency asymptotically converges to a nominal value. The computation of the amount of bias injection is performed with an aim of maximizing the impact at the steady state. Its attack policy follows an open-loop approach and does not require disclosure capabilities. However, the adversary needs knowledge about the closed-loop system. The disruption resources include the communication channels of actuator and sensor data [20].
The LFC system model generally considered for the analysis of bias injection attack in [36,77,78] does not account for the speed governor dynamics for brevity. Further, another assumption followed is that the mechanical power supplied to the rotor shaft is equal to the electric power generation [77]. The bias injection attack on frequency measurements of a single-area LFC system is given in Figure 8. Here, the scalar α ∈ R denotes the bias or false data injected into the measurement channel and σ : R + → {0, 1} determines whether the system is under attack or not [77]. The bias injection attack input applied at the frequency measurement signal of the LFC system is given as a y (t) = −ασ(t). (28) In the absence of attack, the system frequency converges asymptotically to the nominal value. The discrete time state space model of the LFC system with an integral controller under bias injection attack is given in [77].
In addition to the above scenario, the FDI attack is also modeled as a nonlinear function with an upper-bound on the non-linearity and it can be used to corrupt the entire transmission data of measurement channel [69].

Replay Attack
Replay attack is another kind of data integrity attack, implemented by first performing a disclosure attack to gather data sequences from the compromised resources and then replaying the recorded data until the end of the attack [63,64]. Replay attacks basically follow the strategy of fraudulently repeating or delaying the valid data transmitted [65]. Attacks of this kind do not require any prior knowledge about the system model, including the information of designed controllers and estimators [21,64]. However, in the attack scenario of predefined physical attack along with the replay attack, scenario dependent knowledge is required for the implementation of physical attack [20]. Replay attacks require disclosure potentials to acquire data from the communication channels of the control system. In addition, it is capable of disrupting the data channels that are disclosed [20]. These attacks can be modeled as time-varying delays, with unknown information about their upper bound and rate of change [65].
In the case of Byzantine replay attacks, attackers iterate the recorded data from the attacked sensors or actuators for a definite time [65]. The attacks on sensors can be conducted by either cracking the cryptography algorithm or by inducing false sensor readings through manipulating local conditions around it [79,80].
The replay attack at the sensor channel can be modeled as [81,82] a y (t) = −Cx(t) where 0 < τ < t. y(t − τ) is the sensor data gathered through monitoring. The two stages of replay attack (monitoring and replay phase) are modeled as follows.
• Replay Phase (t 0 ≤ t < 2t 0 ): During replay phase, the collected sensor data is sent to the controller until the end of the attack, The replay attack at the actuator channel can be modeled in the same manner as in the sensor channel.
In the case of replay attacks over AGC, the adversary monitors and records the sensor measurements (frequency and power measurements) during the normal operation of the power system for some duration. The actual measurements of the compromised sensors/adversarial sensors are replaced by the recorded measurements during the attack and transferred to the control center [48]. The disclosure resources of the replay attack include the communication channels eavesdropped by the attacker (sensor-controller loop in LFC) [48]. The disruption resources generally include the communication channel the attacker can tamper. In the case of a replay attack, it can tamper only the channel from which the data is recorded [64]. One of the peculiarities of the replay attack is that if the invasion happens near the steady state operation of the system, recorded data will be also close to steady state response value. Thus, the anomaly detected at this stage can be easily accounted as a false positive or error during the steady state. This makes the replay attack difficult to be detected during the steady state [79,83].

Covert Attack
Covert attacks create a stealthy and powerful attack strategy from the complete knowledge of the system and using its accessibility to control and measurement signals transmitted over the communication channels [80,84,85]. The covert agent is assumed to have resources to access and inject data to both measurement and actuation channels.
Covert attacks work by the cancellation of the effect of attack signals by calculating the output response of the system and subtracting it from the measurement readings [63,86]. Consequently, the diagnosis system at the controller side receives the measurement data with no information about the attack. This makes the attack stealthy. In addition, it also exploits the threshold maintained in the decision logic of detection systems to reduce false alarms due to the existence of model uncertainties and unknown disturbances. Therefore, the attack would remain covert in spite of the model discrepancies occurring between the plant model of the attacker and the real process [84].
The covertness of attack has been defined in two different domains (physical domain and cyber domain) [87]. Cybernetically covert attacks have a low probability of detection by the diagnostic algorithms that monitor the system dynamics and communication. While the covert attacks in the physical domain (physically covert attacks) can modify the behavior of the system to induce physical effects without being identified by the human observer [87]. The covert attack requires disclosure capabilities, disruption capabilities, and complete knowledge of plant dynamics or system model [20,88]. The covert attacks on LFC system are not investigated in this literature.

Zero Dynamics Attack
Zero dynamics attacks also exploit the information of the complete system model to produce attack signals that do not create any change in the output measurement [20]. These attacks utilize the properties of linearity and zeros in transfer function to create an attack strategy that decouples itself from the closed-loop system output [84]. It does not require any disclosure capabilities as it follows an open-loop attack policy. Disruption capabilities on the actuator communication channels are needed for zero-dynamics attacks, and the perfect knowledge about zero-dynamics of the system is required and it can be computed from state and output equation matrices [20]. The LFC systems are generally not prone to zero-dynamics attacks due to the absence of zero and it is a minimum phase system.

Resonance Attack
Safe and secured operation of the power system is also ensured by admissible intervals of the frequency and RoCoF in power systems. Resonance attack is a type of attack which can lead to an abnormal frequency or RoCoF in the power system by altering the power load or tie-line signals according to a resonance source. Usually, the resonance source is either the output of the system or the function of output. The modified loads or power signals are kept within an admissible interval such that it is too small to be recognized by the detection methods [11]. As the divergence of RoCoF results in the divergence of frequency, the power systems are provided with typical RoCoF protection delays based on the power system inertia. These protection relays may trip as a consequence of adversarial attacks that are capable of moving the RoCoF value beyond its predefined boundary. Consequently, it results in the blackout of power systems.
In the LFC system, the resonance attack can be implemented by deceitfully manipulating power system load demands [11]. Usually, the generation in power plants happens according to the customer's load demand in real-time. The control center sends instructions to the power plant for generating the demanded power, after receiving the power load request of customers via communication networks. By adversely manipulating the aggregated or individual customer load, through the communication channels of demand aggregation system (DAS) in the control center, the power system can be driven to undesirable states. DAS is the system, used in the control center to aggregate customer's inputs or load demands [11]. The abrupt load changes of the accessible grid are performed through various internet-based load manipulation attacks that can cause circuit overflow and disturbance in the balance between the power supply and power demand [89]. The direct and indirect load modification attack strategies are implemented using Electronic Load Controller (ELC) and by compromising grid-wise friendly devices using malicious codes. Once the friendly devices are manipulated using codes, then the load devices can be directly switched on or off [11].
The alternate resonant sources of the LFC system include [11] the following.
• Internal state of the plant: If the attacker is aware of the internal states of the plant (like governor output, turbine output, etc.), then a powerful attack can be launched through load modification according to the estimated state. • Frequency Derivation: Frequency derivation is another resonance reference that allows the attacker to produce fake input for resonance attack. For instance, the attack input a y (t) can be taken as a y (t) = −0.3 * sign(f (t)) as in [11], wheref (t) is the frequency derivation.
In single-area LFC system, the load is manipulated in accordance with the resonance source. In multi-area interconnected LFC systems, in addition to local load changes of individual areas, interconnected frequency signals can also be manipulated to implement the attack. The intensity of attack is higher in the case of multi-area systems as the attack in one area causes instability in the non-attacked area too. Resonance attacks become more powerful with the increase in areas [11]. In another version of resonance attack, called resonance switching attack, the adversary switches a small part of the load located near the inter-area link and over-imposes a low switching frequency with one of the inter-area oscillation modes of the system. The identification of inter-area oscillation mode frequency is usually carried out through offline analysis of line measurements [90].

Time-Delay Switch (TDS) Attack
The adversaries induce TDS attacks in control systems by strategically embedding time delays into the sensor and control loops in order to degrade the stability of the system [91]. LFC systems would either break down or will be driven to an unstable state if significant time delays are injected into the telemetered measurement states or control signals. An LFC system with a TDS attack is modeled as a hybrid system with switch action, "Off/Delay-by-τ", where τ is the random delay time introduced in the measurement state or control signals. The introduction of time delays in the dynamic states of the system can switch the system into an unstable state [91].
To summarize, the identification of attack space of LFC system and the practical implementation strategies of different attacks are provided in Table 2.

Attack Detection and Defense Mechanisms
In this section, previous works on the defense and detection mechanisms of power systems and LFC systems are discussed in general.

DoS Attack
As mentioned in Section 3.2, DoS adversaries can launch attacks in the transmission channels of CPS through network protocol attacks, network traffic flooding, and communication channel jamming [68]. The general defense and detection approaches followed against DoS attacks in state estimation problem include modified Kalman filtering approach, hypothesis testing problem detection approach [92,93], and game theory approach [94]. The secure control approaches of DoS attacks in CPS include stochastic time-delay system approach, impulsive system approach, small gain system approach, triggering system approach, and game theory approach [21].
In the case of the LFC systems, the launch of DoS attack can deteriorate the system performance and destabilize system severely if the attack is launched before the convergence of the system dynamics [68]. A single-area LFC system with time delay in the communication channel is considered for the study of DoS attack in [14], and for the proper utilization of limited communication bandwidth, an event-triggered control strategy is used. The LFC system under DoS attack is formulated as a time-varying delay switched system and utilizes an average dwell time approach to establish exponential stability criteria [14]. It is proven that if there exists an appropriate ratio of time intervals in the presence and absence of DoS attacks, the convergence of power systems can still be guaranteed. A similar kind of approach is applied for the multi-area LFC system in [95], where exponential stability and L 2 − gain are obtained. The ground of the analysis techniques is to understand the maximum degree of tolerance of the LFC system against the DoS attack and to find the total length of time of DoS attacks for which the stability of the LFC system is maintained [14].
A resilient control strategy against aperiodic DoS attack in interconnected-area power systems with communication delay is proposed in [40]. It is also synchronized with a detection mechanism for differentiating DoS attacks from delays induced in the network. The criteria for the tolerable DoS attacks are derived by employing the Lyapunov-Krasovkii method and switched system method [40]. A resilient event-triggered communication scheme of interconnected power systems that tolerates data losses due to an energy-bound DoS attack is introduced in [96]. The work concentrates on the development of resilient control without the prior knowledge of additional probability distributions of DoS attacks. A new switched system model of the multi-area power system under the simultaneous presence of DoS and stochastic deception attack is developed in [69]. By the virtue of Lyapunov stability theory, exponentially mean-square stability of the system is obtained. In this work, a periodic power-constraint jamming signal is used to model the DoS attack and the signal of deception attack is modeled as a nonlinear function related to measurable outputs.
Apart from the resilient control concepts, there are works concentrated on developing the defense mechanisms against DoS attacks using cellular computational network (CCN) prediction and learning-based techniques. The mitigation of DoS attack in a PV source integrated two-area power system through the implementation of a virtual synchrophasor network (VSN) is presented in [72]. It uses a CCN for the prediction of dropped data from the PMU. The predicted data from CCN are used to implement a VSN. In [24], a defense method using ''Deep auto-encoder Extreme Learning Machine" (DAELM) is proposed. The algorithm supplies lost data through prediction and maintains normal system operations. The prediction of dropped frequency due to attack is implemented with the help of a historical database and data prediction algorithm. Then, the control center sends the actuator command corresponding to the forecast frequency to retain the normal operation of the system [24].
As mentioned earlier, DoS attacks usually penetrate to the servers with less memory and low processing speed and the individual DoS attacks are often inefficient to attack systems with improved processing capability [70]. In such situations, the adversaries carry out DDoS attacks through distributed puppet clients. Moreover, this attack is easily realizable and difficult to locate, as the attackers hide themselves through puppets. The impact of communication delay due to DDoS on the multi-area power system is discussed in [70]. For DDoS attacks, defense mechanisms have to be employed in both information and power layers. The access control line (ACL)-based fireworks are installed in routers to detect DDoS attacks in the information layer. In addition, the hysteresis and large delays induced in the power layer are eliminated by using compensation controllers [70]. Some of the defense mechanisms of DoS and DDoS attacks are summarized in Table 3.  [14], Sensor channel [14], strategy strategy [14], integration two-area, additional control [14,30,40] guaranteed three-area [30] loop [30], both exponential H∞ actuator and stability [30] sensor channels [40] Coordinated

FDI Attack
FDI attacks are the cyber-attacks that work through the injection of malicious data and data manipulation. Therefore, for the detection of FDI attacks and to ensure the operational reliability of power systems, system monitoring through meter measurements and state estimation techniques are generally employed [97]. Detection schemes employed in LFC systems involve algorithms to check whether the obtained measurements of power system parameters lie within the acceptable ranges [64]. A good detection algorithm should be capable of providing information regarding the location, size and time of the attack in real-time [27]. The detection mechanisms in the networked control system are generally called as anomaly detectors, and they are collocated with the controllers [64].
In legacy power systems with AGC, the state estimation algorithms are executed at relatively high time intervals, therefore it cannot contribute to improving the reliability of sensor data sent to AGC [25,34]. In fact, modern power systems are equipped with high performance computing and data acquisition units that run state estimation algorithms with reduced execution time. Therefore, this can enhance the reliability of measurement data send to AGC algorithms, after passing them through state estimation algorithms [25]. However, the FDI attacks on these power systems have the capability of disturbing the state estimation process, resulting in the transmission of manipulated estimates of sensor measurements to the control center. It basically exploits the tolerance of state estimation algorithms against small measurement errors [76]. Usually, when a power system is attacked, the compromised data is compared with the measurement data of a healthy system, by the monitoring systems to detect those attacks. However, if the attacker has good knowledge about the system, small feasible attack signals would be nearly undetectable and result in a stealthy deception attack [98]. The investigation of the stealthiness properties of FDI attacks in LTI control systems is conducted in [99].
The countermeasures of FDI attacks can be classified into protection-based approaches and detection-based approaches [100]. Protection-based defense methods help in the identification and protection of critical sensors and detection-based methods concentrate on the detection of FDI attacks using estimation techniques [101].
The vulnerability of the terminal units makes the power systems more prone to integrity attacks. Therefore, protecting the set of basic measurements is one of the defense mechanisms against FDI attacks. In [97], the author demonstrates the existence of successful FDI vectors if the number of compromised meter measurements (k) follows a condition. If k ≥ m − n + 1, there exists a successful attack vector that can manipulate measurements without being detected where m is the number of meters of measurement and n is the number of state variables. If the number of meters that are attacked is less than m − n + 1, then the attack will be detected. Based on this condition, in [102] it is proven that the protection of a set of basic measurements is necessary and sufficient to detect FDI attacks. The problem of finding the location of the basic set of compromised meters using graphical meters is proposed in [103]. Apart from these, few works of literature that investigates various detection mechanisms used in FDI attacks are also discussed below.
Reachability methods are used in [104,105] to identify the existence of FDI attacks, which can cause the violation of safety conditions. In [97], the unknown vulnerability of existing bad data detection algorithms for two class of attacks (FDI attacks and generalized FDI attacks) with the attack goals of finding a random attack vector and targeted attack vector is investigated. Based on the attacking mechanisms, this type of attack is basically classified into "FDI attack" and "Generalized FDI attack" [76,97]. In FDI attacks, the attacker can inject bad data into meter measurements whilst keeping the measurement residual unchanged. In generalized FDI attacks, the attacker utilizes the typical measurement error tolerance of state estimation algorithms and it remains stealthy without being detected [76,97]. Various state estimation methods that use algorithms, like 'Weighted least squares-WLS', "Maximum likelihood criterion", "Least absolute value estimator", etc., are provided in [106]. In addition, different bad data detection schemes like "largest normalized residual", "performance index", and "Chi-square test" are also discussed.
The state estimation techniques (for example, the one which uses Bayesian network) also have disadvantages like the inefficacy in the detection of attack that injects measurement data identical to historical data. Therefore, a new detection scheme based on the tracking of measurement variation dynamics is proposed in [101]. The distance between the probability distributions of measurement variations is derived using Kullback-Leibler distance (KLD) under the AC estimation model. The larger KLD indicates the larger deviation of measurement from the historical data, indicating the presence of false data [101]. Noticing the sparse nature of FDI attacks, a detection technique based on sparse optimization is demonstrated in [107]. The methods of low rank matrix factorization and nuclear norm minimization are proposed to separate the anomalies and nominal states of the power grid [107]. A defense strategy for the attack against smart grid state estimation at the control center is provided in [108]. The method uses an "adaptive cumulative sum algorithm" (CUSUM) for the detection of the adversary as quickly as possible without violating the level of detection accuracy [108]. The defense mechanism for a power system which is typically partitioned into micro-grid groups is proposed in [109]. In this work, the boundaries and information sharing structures of microgrids are dynamically reconfigured such that it would be impossible to create a synchronized FDI attack. More details of FDI attacks detection mechanisms in power grids are provided in [110][111][112][113][114][115][116]. In addition to the aforementioned techniques, some of the works that concentrate on the detection in AGC systems using machine learning techniques are discussed below.
A multi-layer perceptron (MLP) classifier-based detection scheme for cyber-attacks in the LFC system is proposed in [117]. In this work, the MLP classifier will be provided with training samples of ACE values collected under normal and compromised conditions. The relevant features of ACE signals are then extracted to clearly identify the difference between normal and compromised signals. The performance of the classifier is then evaluated using an optimal subset and objective function [117]. A neural network-based detection approach for FDI attacks in the sensing loop of two-area distribution system is demonstrated in [26]. The control inputs and output measurement states are sent to the Luenberger observer for the state estimation. The neural network detection unit receives these estimates for the detection and tracking of FDI attacks. The ability of the neural network to estimate the nonlinear behavior of the system also add advantages to this method [26]. AGC system with non-linearities like time-delay and governor dead-band is equipped with a detection scheme using a particle filter-based approach and sequential importance sampling (SIS) algorithm in [118]. Particle filters are tools used to track the dynamic states of the nonlinear system, modeled using a Bayesian network [118]. A recurring neural network (RNN)-based method is proposed for the detection of FDI attack in the AGC system with non-linearities like transportation time delay and governor dead band in [119]. Another detection technique that relies on physics-based method and deep learning is proposed in [75]. The deep learning method uses historical data of frequency and tie-line power flow measurements for the learning of data patterns and prediction of ACE values through the learned patterns [75]. As a countermeasure for an optimal coordinated attack (FDI attack and load manipulation), a threshold-based detection method is proposed in [38].
A concurrent detection and mitigation mechanism for AGC against FDI attack, through the simultaneous estimation of input and state, is proposed in [29]. It uses a recursive three-step filter for the execution of three steps, namely, time updation, measurement updation, and unknown input estimation [29].
Bias injection attack is one of the variants of FDI attack and the analysis of the impact of bias injection attack over LFC is discussed in [77]. The study is based on finding the maximal impact of the attack on the system when the attacker invades the system frequency and keep it within safe steady-state value without triggering the alarm [77]. The state estimation problem of stochastic dynamical linear systems under bias injection attacks is considered in [120]. The work proposes criteria for the selection of sensors, to be secured in order to compensate for the impact of the attack. The estimator used is the Kalman filter and the attack detection is implemented using the chi-squared test [120]. A set-theoretic method-based detection for bias injection attack is proposed in [36]. Set-induced anomaly detector is developed through the extraction of a convex and compact polyhedral invariant set from the discrete-time network dynamics. Detection happens when the state vector exists from this invariant set [36]. The set-theoretic detection approaches also help to identify attacks during the transient response of the system, even in the presence of disturbances [36]. The distributed detection and isolation of bias injection attack of the smart energy grid using an internal observer is proposed in [121]. It provides local and global steps for the distributed detection of sensor attack sets based on a judgment matrix. It also examines the practical aspects, like detection delay, the accuracy of bias injection attack detection, precomputed threshold limitation, etc., while deploying the detection scheme [121].

Replay Attack
An online detection mechanism for replay attack, noise-injection attack, and destabilization attack on AGC is proposed in [48]. The proposed algorithm basically employs the dynamic watermarking technique to detect tampered measurements. The generation unit superimposes the control command with a random signal of small magnitude which has certain probability distribution [48]. As a result, the honest sensors display statistical properties similar to the superimposed signal, while the compromised sensors with excessive distortion will not exhibit these relevant statistical properties. Therefore, malicious activities can be detected through certain tests of these statistical properties [48]. It is claimed that the algorithm can be employed even when the adversaries are completely aware of the statistical and physical system models.
A strategy for the detection of the replay attack for system controller of the smart grid is proposed in [83]. The control law is changed from static to random to improve the detection rate of replay attacks. However, this technique compromises the performance to some level [83]. The feasibility conditions of replay attack in a Gaussian LTI control system with infinite Linear Quadratic Gaussian (LQG) controller and χ 2 anomaly detector are provided in [79]. The proposed method also guarantees the desired detection probability by trading off either LQG performance or detection delay, either by the increase of control effort or decrease of control accuracy [79]. The resilient control strategy against replay attacks in networked control systems using receding horizon control law is given in [122]. The computed control sequence is stored in the plant to use in the near future as a response to replay attacks. The list of the detection techniques of various attacks of LFC system are summarized in Table 4.  [36] disturbances and during pass undetected transient system response

Covert Attack
The detection technique of covert attack involves the analysis of weak points of an attack and changing the plant behavior after the attacker has discovered the system model. The main weak point of this attack is that it relies strongly on complete system knowledge. A modulation matrix is inserted in the path of control variables to alter the input behavior of the process in [84], for developing a remedial measure. This makes the adversary lose the complete knowledge about the system and the attacks are detected. The preventive measures against covert attack include increasing the difficulty in accessing the control loops. According to the work in [123], the undesirable access can be reduced by using firewall policies, by applying network segmentation and by using specific architecture for network. In addition, the accessibility to data flows can be reduced by using encryption algorithms and time stamping strategies. Another countermeasure is to use control functions like switching controllers that are hard to be identified [87].

Resonance Attack
Resonance attack is a type of deception attack with two prerequisites: the first is the ability to access the resonance source, and the second is the ability to inject or modify the power plant input according to the resonance reference. Therefore, protection of the input data is the most important countermeasure [11]. In [11], the proposed countermeasure includes the reshaping of the tampered input for the weakening of the resonance effect. In order to ensure the data authenticity, cryptographic techniques along with timestamps or sequence numbers can be used.

Time-Delay Switch Attack
Time-delay switch attack implemented in LFC system can affect the system stability and deteriorate performance [91]. The delay injection can be performed by either delaying the telemetered communication packets or at the scale of sampled data points of the sensor [124]. Another way is that the adversary can get access to communication channel and switch off/on the channel. The stability analysis of the LFC system under TDS attack is provided in [91,124]. The delay margin of LFC system under constant and time-varying delays are determined using linear matrix inequality (LMI) techniques and delay-dependent stability criterion in [125]. A prevention strategy using a time delay estimator is proposed in [91]. Here, the controller is augmented with the delay estimator for tracking the injected time delays.
Rapid evolution of PMU and wide area measurement systems (WAMS) helped in the enhancement of coordinated stability control strategies without neglecting time-delays of power system measurements. Therefore, it is necessary to analyze the impact of time-delays in power systems and it is investigated in [126][127][128].

Future Research
The implication from the current review of LFC systems is that most of the research is confined to linear and time-invariant dynamics of the system. The defense mechanisms are not equipped to handle nonlinear system dynamics or time-varying node topology [65]. Only very few works incorporate the non-linearities like GRC and dead zone for the study of attack resilience of the LFC system [30]. Different fields in the cyber-security of LFC system that have not received adequate attention are mentioned below.
• Impact analysis of coordinated or hybrid attacks and the development of mitigation techniques for these attacks. Resource constraints, like bandwidth of communication channels, energy limitations, etc., should be also considered simultaneously during the development of attack detection and defense mechanisms, and then the security and service quality can be assured at the same time [21]. • Analysis of individual or coordinated attacks in LFC systems under noisy communication networks [20]. • Adequate attention and profound discussion is needed in the area of multiple attack strategies for the development of adaptive defense strategies against different types of attacks [21].

•
The vulnerability to distributed attack strategies like DDoS is higher for geographically distributed control systems like LFC. Therefore, more effective coordinated defense strategies for cyber and physical layer has to be developed. ACL-based firework defense strategies of cyber layer applied in [70] have poor real-time performance.

•
Extension of estimation and detection schemes to the stochastic model of the LFC system [120].

•
RESs are gathering higher attention in the field of power systems due to their intermittent nature.
Research in the field of cyber-security of LFC systems with integrated RES has to be performed further, as the impact of cyber-attacks can be worse in such kind of systems. • Apart from analyzing various FDI attacks using the predefined attack templates, multi-step attack strategies adopted by attackers can be also considered for the impact analysis.

•
Many of the resilient control techniques developed for defending data integrity techniques do not consider time-delays of the communication channel. The stability of the LFC system may not be affected by small time-delays [27]. However, it can affect the controller efficiency and attack estimation accuracy. Therefore, the defense techniques considering transmission time-delays have to be included in future research.
• Research works that analyze the effects of covert attacks in networked control systems like LFC are also highly encouraged as it seems to be an unexplored area. As the covert adversaries implement powerful and stealthy attack strategies it is high time to investigate the impact of such attack in LFC system and look for the development of countermeasures.

Conclusions
In this work, a state-of-the-art on the cyber-security of load frequency systems is presented. Some of the inferences obtained from the review is that the vulnerability to cyber-attacks is higher for multi-area LFC systems due to the increased number of attack points. In addition, as the frequency response time of AGC systems is more, the computational algorithms of these systems are slower compared to other control loops in the power systems. Therefore, more research is essential to develop fast computational algorithms and resilient control strategies. This review can help give a background about the different LFC configurations, attack points of LFC systems, and existing cyber-attack resilient measures followed for the LFC systems. However, as mentioned in Section 5, there are many research areas like "stochastic LFC systems", "non-linearities of LFC systems", "cyber-security against stealthy attacks in LFC systems", etc. still remain unexplored. This review work may assist to follow up research in those areas which have received less attention since the core details like modeling of attacks of LFC systems and most of the attack scenarios are comprehensively provided through this discourse.