Emerging Challenges in Smart Grid Cybersecurity Enhancement: A Review

: In this paper, a brief survey of measurable factors affecting the adoption of cybersecurity enhancement methods in the smart grid is provided. From a practical point of view, it is a key point to determine to what degree the cyber resilience of power systems can be improved using cost-effective resilience enhancement methods. Numerous attempts have been made to the vital resilience of the smart grid against cyber-attacks. The recently proposed cybersecurity methods are considered in this paper, and their accuracies, computational time, and robustness against external factors in detecting and identifying False Data Injection (FDI) attacks are evaluated. There is no all-inclusive solution to ﬁt all power systems requirements. Therefore, the recently proposed cyber-attack detection and identiﬁcation quantitatively and


Introduction
The smart grid is an advanced infrastructure in modern power systems with numerous benefits, such as the efficient integration of Renewable Energy Sources (RESs). However, the smart grid is highly dependent on advanced communication infrastructure since a large amount of data should be exchanged to properly operate such a complex system [1][2][3]. Hence, the smart grid has become more vulnerable to cyber-attacks. Communication systems attacks can significantly increase operation costs [4] or damage proper system operation [5]. For instance, cyber-attacks against Ukraine's power grids in 2015 led to a widespread power outage for several hours [1]. To ensure the safe and proper operation of the smart grid, power systems operators need to efficiently detect, identify, and locate such attacks and take immediate actions to protect the entire grid. This process is called cyber resilience. From the power systems operators' point of view, the initial step of resilience enhancement in the attack phase and/or post-attack phase is to successfully detect cyber-attacks. This is due to the unpredictable nature of the attack. Therefore, many research studies with different approaches have been carried out in the last decade to successfully detect and identify cyber-attacks as a part of enhancing the resilience of the smart grid [5][6][7][8][9].
Power systems operators face different challenges in detecting and identifying cyberattacks in the smart grid. The major challenges are as follows: • The accuracy of cyber-attack detection and identification. • Computational burden when detecting and identifying cyber-attacks. • Robustness against various factors affecting cyber-attack detection and identification.
Such issues must be well-addressed by cyber-attack detection and identification methods. Otherwise, attackers can successfully damage power grids.
In recent years, several research studies have been carried out to ensure cyber-attack detection and identification accuracy, as well as to minimize computational time and improve robustness against external factors. In [10], an Artificial Intelligence (AI)-based method Data-driven methods, e.g., machine learning techniques, have been widely used to efficiently detect cyber-attacks in the smart grid [37].
In [10], a supervised AI-based load estimator was proposed to determine the meters affected by FDI attacks by comparing the values of the estimated loads and their actual measurements. The presented model was able to detect FDI attacks, which led to a cumulative error of 1% in state variables. An additional load estimator was added to the existing model to effectively determine the tampered meters. A single hidden-layer forward Neural Networks (NN) and Artificial Neural Networks (ANN) was proposed for a proper learning rate. Such networks were trained using historical data, which helped to detect the FDI attack by the proposed estimator even if the attack was generated from the minimum number of compromised meters. In the case of a large-scale FDI attack, this method guarantees accurately detecting the attack and the tempered meters. In [11], a supervised learning method using historical data and log information for cyberattack detection in the smart grid was presented. The accuracy and detection rates of the presented method were reported to be 93.9% and 93.6%, respectively, which were higher compared to several newly-proposed schemes, such as the K-Nearest Neighbors (KNN) algorithm, Random Forest (RF) method, etc. In [12], the first attempt was made to detect cyber-attacks in the smart grid online using the RL method. The cyber-attack was defined as a POMDP, as the true states of the smart grid were known before the attack, while the attacker could compromise the true states of the smart grid and such changes could be unknown/unobservable to the system operator. The proposed method in [12] is a model-free scheme and as reported, it required less computational time to be performed. A single-agent RL method from the system defender point of view was trained to successfully detect low-magnitude attacks. As a result, the defender could detect minimum variations in the smart grid states regardless of the attacker's strategy. The proposed model-free scheme was robust against the unknown states of the system. In [13], a multivariate Gaussian-based method was employed to determine FDI attacks in the cyber-physical system of power distribution grids. Identification of transient and steady attacks was performed by analyzing measurement data collected by micro-PMUs. Using the K-Means clustering method, power distribution systems were divided into areas with similar voltage profiles, and, accordingly, the number of micro-PMUs was reduced. The reported accuracy and precision were reasonable for transient attack identification. In the case of steady attacks, the proposed method was developed on prediction error that could be possibly affected by the smart grid conditions. An improved regression model is capable of reducing prediction errors and increasing the accuracy of attack detection. In [14], covert data integrity assault on the smart grid was presented. To reduce the complexity of the problem, a PCA-based feature extraction mechanism was utilized to efficiently convert data in high-dimensional to low-dimensional space. An unsupervised machine learning-based algorithm, called isolation forest, was presented to detect and identify anomalies in the state estimation measurement features. Compared with the traditional machine learning-based techniques, the proposed method was more accurate. Since the computational complexity of the presented approach was low, less computational time was required to identify cyber-attacks. In [15], a supervised learning method was used to identify stealthy cyber-attacks in state estimation-measurement features of the smart grid. The Kernel Principal Component Analysis (KPCA)-based method was used to reduce the complexity of the problem due to the high-dimensional space in large-scale power systems and accurately represent the dataset in lower-dimensional space, as well as being used as an input of the extra-trees algorithm. The proposed method was robust against noisy data because of the characteristics of KPCA. It also needed less computational time compared to other machine learning-based schemes, such as traditional PCA, and could accurately identify cyber-attacks in the smart grid. In [16], the impact of concept drift on the cybersecurity of the smart grid was investigated, i.e., distinguish physical changes from variations associated with the data manipulation in the smart grid. To assess the behavior of the proposed method in identifying cyber-attacks, a detailed analysis was conducted. In [17], a cyber-attack identification method was presented by taking the system reconfiguration and integration of RESs into account. The F-Test was used to separate the attacked state vectors from the normal state vectors. It was noted that the suspicious samples rejecting the hypothesis of the F-Test need to be fully inspected. The difference between suspected vectors and the average from a similar system state vectors using three outlier detection algorithms, including Fuzzy C-Means (FCM) clustering, Interquartile Range (IQR), and Median Absolute Deviation (MAD) methods, was used as a comparison index to analyze the failed samples. The reported results showed that the proposed method was robust against parameter changes while presenting a high degree of accuracy in identifying FDI attacks.

State Estimation Methods
Correct state estimation can help to maintain the smart grid safe and fully-controlled [38]. However, state estimators are vulnerable to FDI attacks. Such attacks can bypass Bad Data Detection (BDD) algorithms and change the state estimation.
In [18], a decentralized method based on ML estimation was proposed to detect cyberattacks in the smart grid. The ML estimation, which could be converted into a chordal embedding space, was utilized as an attack detection tool. Using the Kron reduction of the Markov graph of phase angles, the proposed method was capable of breaking the ML estimation problem down into several local ML estimation problems. Based on the decentralized nature of the proposed method, privacy among utilities could be increased and this led to a reduction in the size of the problem, which greatly decreased computational burden. In [19], it was shown that the FDI attack detection problem can be formed as a matrix separation problem due to the nature of the attack matrix, which is a sparse matrix, and the measurement matrix, which is a low-rank matrix. The present matrix separation approaches, such as the Augmented Lagrangian Method (ALM), Low-Rank Matrix Factorization (LRMF), and Double-Noise-Dual-Problem (DNDP)-ALM, suffer from higher computational time and lower accuracy. An algorithm, called Go-Decomposition, was investigated to efficiently solve this problem. Under the no-noise condition, the proposed method had reasonable accuracy in the separation of FDI attacks compared to the LRMF method and had almost the same accuracy as ALM and DNDP-ALM methods. The computational time of the proposed method to solve the problem was relatively low and it was capable of handling large-scale attacks in the smart grid. In [20], an MDP was presented to model the attackers attacking strategy. Two levels of attackers' knowledge scenarios about the smart grid were analyzed. Attackers could predict states of the smart grid for a small interval, which was defined as a finite-horizon MDP. The optimal attacking strategy was determined from the attackers' perspective since the attack likelihood was later analyzed based on the attack strategy. The results of the vulnerability assessment showed the robustness of the proposed method against parametric uncertainties in an MDP problem and the operators' dispatch policy. The proposed approach in [21] investigated the vulnerability of power systems nonlinear state estimators to FDI attacks from the operator point of view. A robust approach was proposed to detect FDI attacks by analyzing the measurement statistical consistency using a subset of secure PMU measurements. Such secure measurements can be used to identify FDI attacks if they are not affected by anomalies while making the system fully-observable. In addition, precise identification of FDI attacks was guaranteed using a robust Huber M-estimator. The proposed method was robust against secure measurements containing bad and noisy data. In [39], it was shown that FDI attacks could be launched on power distribution systems since the systems states were estimated from power flow measurements. The simulation results demonstrated that by correctly estimating one state of the system, the FDI attack could be performed without being detected by BDD methods. In [40], the impact of FDI attacks on estimated states of power grids was investigated assuming attackers have partial knowledge of the system information. Then, the partial grid FDI attack was applied to demonstrate how FDI attacks could be undetectable. Subsequently, a method based on state estimation was presented to identify a subset of existing measurements and protect power grids against undetectable FDI attacks aimed at compromising the state of the system. In [41], an algorithm was proposed to protect the smart grid against FDI attacks by securing n − 1 meters, called the Basic Measurement Set (BMS), in n-bus power systems. Then, the method was extended to find a subset of the optimal BMS to minimize the vulnerability of the system if less than n − 1 meters could be secured.

Other Methods
As stated earlier, the main goal in cyber-attacks is to manipulate the state estimation of the smart grid. Except for the data-driven and state estimation methods, other approaches, such as Game Theory, have been used for vulnerability assessment of the smart grid to potential cyber-attacks [9,37].
In [42], the characteristics of FDI attacks were determined from the attacker's perspective to find the weaknesses of existing BDD methods. Then, from the defender's perspective, a two-layer defense model, including identification and protection schemes, was proposed. A zero-sum static Game Theory was employed to identify the optimal strategies of the defender and attacker. In [43], the minimax-regret method was utilized to determine a cost-effective policy against the load redistribution attack. The algorithm attempted to minimize the economic loss of a load redistribution attack under load variations. Since the defense strategy of the smart grid is highly sensitive to time-varying loading conditions, it is mandatory to use an algorithm against load variations. To address this requirement, a Game-Theoretic model was proposed under various loading conditions, and then, a multi-level intractable problem was converted to a bi-level tractable optimization problem. A greedy implicit enumeration algorithm was also employed to find the global optimum. The impact of FDI attacks on compromising the forecasted demand data was investigated in [44]. To assist the utilities in preventing such attacks, a Game Theory model was proposed, and the Nash equilibrium was determined. It is noted that no monitoring is the appropriate strategy for certain types of low-impact cyber-attacks whereas mixed strategies should be developed for the rest of the attacks. In [45], a game between attacker and defender in a dynamic cyber-attack scenario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simultaneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [46], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison.  Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. uted DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly effi-cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identifi-cation schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. gramming model was investigated under a time-delay of the system recovery and distrib-uted DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly effi-cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison.

Cyber-Attack Detection
Gaussian Markov Random Field Method   -gramming model was investigated under a time-delay of the system recovery and distrib-uted DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly effi-cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. gramming model was investigated under a time-delay of the system recove uted DoS attack conditions. An advanced Particle Swarm Optimization (P was employed to solve the optimization problem. The proposed model w cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detectio cation schemes discussed in this paper. Three resilience criteria, including a putational burden, and robustness against external factors, are used for com dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical pro-gramming model was investigated under a time-delay of the system recovery and distrib-uted DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly effi-cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. Cyber-Attack Detection Isolation Forest PCA-Based Method not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical pro-gramming model was investigated under a time-delay of the system recovery and distrib-uted DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly effi-cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison.

Cyber-Attack Detection
Gaussian Markov Random Field Method   -not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical pro-gramming model was investigated under a time-delay of the system recovery and distrib-uted DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly effi-cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. rithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical pro-gramming model was investigated under a time-delay of the system recovery and distrib-uted DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison.

Cyber-Attack Detection
Gaussian Markov Random Field Method   -rithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical pro-gramming model was investigated under a time-delay of the system recovery and distrib-uted DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. , the cyber-physical system vulnerability assessment was pro dynamic Game Theory scheme. A tri-level defender-attacker-defender mat gramming model was investigated under a time-delay of the system recove uted DoS attack conditions. An advanced Particle Swarm Optimization (P was employed to solve the optimization problem. The proposed model w cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detectio cation schemes discussed in this paper. Three resilience criteria, including a putational burden, and robustness against external factors, are used for com presented algorithm was relatively efficient and simpler than the state-of-the-art algo-rithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical pro-gramming model was investigated under a time-delay of the system recovery and distrib-uted DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. presented algorithm was relatively efficient and simpler than the state-o rithms and also was capable of covering a wider attack area. In [Error! Ref not found.], the cyber-physical system vulnerability assessment was pro dynamic Game Theory scheme. A tri-level defender-attacker-defender mat gramming model was investigated under a time-delay of the system recove uted DoS attack conditions. An advanced Particle Swarm Optimization (P was employed to solve the optimization problem. The proposed model w cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detectio cation schemes discussed in this paper. Three resilience criteria, including a putational burden, and robustness against external factors, are used for com attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algo-rithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical pro-gramming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison.

Cyber-Attack Detection
Gaussian Markov Random Field Method   --attack and the best defense strategy were specified from polynomial-time a presented algorithm was relatively efficient and simpler than the state-o rithms and also was capable of covering a wider attack area. In [Error! Ref not found.], the cyber-physical system vulnerability assessment was pro dynamic Game Theory scheme. A tri-level defender-attacker-defender mat gramming model was investigated under a time-delay of the system recove uted DoS attack conditions. An advanced Particle Swarm Optimization (P was employed to solve the optimization problem. The proposed model w cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detectio cation schemes discussed in this paper. Three resilience criteria, including a putational burden, and robustness against external factors, are used for com taneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algo-rithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. taneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algo-rithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. identified and targeted to maximize the system damage with an allocated budget. Simul-taneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algo-rithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. identified and targeted to maximize the system damage with an allocated b taneously, from the defender's perspective, most critical power substations to minimize the system damage with an allocated protection budget. The w attack and the best defense strategy were specified from polynomial-time a presented algorithm was relatively efficient and simpler than the state-o rithms and also was capable of covering a wider attack area. In [Error! Ref not found.], the cyber-physical system vulnerability assessment was pro dynamic Game Theory scheme. A tri-level defender-attacker-defender mat gramming model was investigated under a time-delay of the system recove uted DoS attack conditions. An advanced Particle Swarm Optimization (P was employed to solve the optimization problem. The proposed model w cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detectio cation schemes discussed in this paper. Three resilience criteria, including a putational burden, and robustness against external factors, are used for com nario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simul-taneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algo-rithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. nario was investigated. From the attacker's perspective, critical power sub identified and targeted to maximize the system damage with an allocated b taneously, from the defender's perspective, most critical power substations to minimize the system damage with an allocated protection budget. The w attack and the best defense strategy were specified from polynomial-time a presented algorithm was relatively efficient and simpler than the state-o rithms and also was capable of covering a wider attack area. In [Error! Ref not found.], the cyber-physical system vulnerability assessment was pro dynamic Game Theory scheme. A tri-level defender-attacker-defender mat gramming model was investigated under a time-delay of the system recove uted DoS attack conditions. An advanced Particle Swarm Optimization (P was employed to solve the optimization problem. The proposed model w cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detectio cation schemes discussed in this paper. Three resilience criteria, including a putational burden, and robustness against external factors, are used for com source not found.], a game between attacker and defender in a dynamic cyber-attack sce-nario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simul-taneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison.

Cyber-Attack Detection Gaussian Markov Random Field Method
  -source not found.], a game between attacker and defender in a dynamic cy nario was investigated. From the attacker's perspective, critical power sub identified and targeted to maximize the system damage with an allocated b taneously, from the defender's perspective, most critical power substations to minimize the system damage with an allocated protection budget. The w attack and the best defense strategy were specified from polynomial-time a presented algorithm was relatively efficient and simpler than the state-o rithms and also was capable of covering a wider attack area. In [Error! Ref not found.], the cyber-physical system vulnerability assessment was pro dynamic Game Theory scheme. A tri-level defender-attacker-defender mat gramming model was investigated under a time-delay of the system recove uted DoS attack conditions. An advanced Particle Swarm Optimization (P was employed to solve the optimization problem. The proposed model w cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detectio cation schemes discussed in this paper. Three resilience criteria, including a putational burden, and robustness against external factors, are used for com , a game between attacker and defender in a dynamic cyber-attack sce-nario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simul-taneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. , a game between attacker and defender in a dynamic cy nario was investigated. From the attacker's perspective, critical power sub identified and targeted to maximize the system damage with an allocated b taneously, from the defender's perspective, most critical power substations to minimize the system damage with an allocated protection budget. The w attack and the best defense strategy were specified from polynomial-time a presented algorithm was relatively efficient and simpler than the state-o rithms and also was capable of covering a wider attack area. In [Error! Ref not found.], the cyber-physical system vulnerability assessment was pro dynamic Game Theory scheme. A tri-level defender-attacker-defender mat gramming model was investigated under a time-delay of the system recove uted DoS attack conditions. An advanced Particle Swarm Optimization (P was employed to solve the optimization problem. The proposed model w cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detectio cation schemes discussed in this paper. Three resilience criteria, including a putational burden, and robustness against external factors, are used for com itoring is the appropriate strategy for certain types of low-impact cyber-attacks whereas mixed strategies should be developed for the rest of the attacks. In [Error! Reference source not found.], a game between attacker and defender in a dynamic cyber-attack sce-nario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simul-taneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. itoring is the appropriate strategy for certain types of low-impact cyber-attacks whereas mixed strategies should be developed for the rest of the attacks. In [Error! Reference source not found.], a game between attacker and defender in a dynamic cyber-attack sce-nario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simul-taneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. To assist the utilities in preventing such attacks, a Game Theory model was proposed, and the Nash equilibrium was determined. It is noted that no mon-itoring is the appropriate strategy for certain types of low-impact cyber-attacks whereas mixed strategies should be developed for the rest of the attacks. In [Error! Reference source not found.], a game between attacker and defender in a dynamic cyber-attack sce-nario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simultaneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. To assist the utilities in preventing such attacks, a Game Theory model was proposed, and the Nash equilibrium was determined. It is noted that no mon-itoring is the appropriate strategy for certain types of low-impact cyber-attacks whereas mixed strategies should be developed for the rest of the attacks. In [Error! Reference source not found.], a game between attacker and defender in a dynamic cyber-attack sce-nario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simultaneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. attacks on compromising the forecasted demand data was investigated in [Error! Reference source not found.]. To assist the utilities in preventing such attacks, a Game Theory model was proposed, and the Nash equilibrium was determined. It is noted that no mon-itoring is the appropriate strategy for certain types of low-impact cyber-attacks whereas mixed strategies should be developed for the rest of the attacks. In [Error! Reference source not found.], a game between attacker and defender in a dynamic cyber-attack scenario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simultaneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. attacks on compromising the forecasted demand data was investigated in [Error! Reference source not found.]. To assist the utilities in preventing such attacks, a Game Theory model was proposed, and the Nash equilibrium was determined. It is noted that no mon-itoring is the appropriate strategy for certain types of low-impact cyber-attacks whereas mixed strategies should be developed for the rest of the attacks. In [Error! Reference source not found.], a game between attacker and defender in a dynamic cyber-attack scenario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simultaneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. attacks on compromising the forecasted demand data was investigated in ence source not found.]. To assist the utilities in preventing such attacks, a model was proposed, and the Nash equilibrium was determined. It is noted itoring is the appropriate strategy for certain types of low-impact cyber-at mixed strategies should be developed for the rest of the attacks. In [Err source not found.], a game between attacker and defender in a dynamic cy nario was investigated. From the attacker's perspective, critical power sub identified and targeted to maximize the system damage with an allocated b taneously, from the defender's perspective, most critical power substations to minimize the system damage with an allocated protection budget. The w attack and the best defense strategy were specified from polynomial-time a presented algorithm was relatively efficient and simpler than the state-o rithms and also was capable of covering a wider attack area. In [Error! Ref not found.], the cyber-physical system vulnerability assessment was pro dynamic Game Theory scheme. A tri-level defender-attacker-defender mat gramming model was investigated under a time-delay of the system recove uted DoS attack conditions. An advanced Particle Swarm Optimization (P was employed to solve the optimization problem. The proposed model w cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detectio cation schemes discussed in this paper. Three resilience criteria, including a putational burden, and robustness against external factors, are used for com attacks on compromising the forecasted demand data was investigated in [Error! Reference source not found.]. To assist the utilities in preventing such attacks, a Game Theory model was proposed, and the Nash equilibrium was determined. It is noted that no mon-itoring is the appropriate strategy for certain types of low-impact cyber-attacks whereas mixed strategies should be developed for the rest of the attacks. In [Error! Reference source not found.], a game between attacker and defender in a dynamic cyber-attack scenario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simultaneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. attacks on compromising the forecasted demand data was investigated in ence source not found.]. To assist the utilities in preventing such attacks, a model was proposed, and the Nash equilibrium was determined. It is noted itoring is the appropriate strategy for certain types of low-impact cyber-at mixed strategies should be developed for the rest of the attacks. In [Err source not found.], a game between attacker and defender in a dynamic cy nario was investigated. From the attacker's perspective, critical power sub identified and targeted to maximize the system damage with an allocated b taneously, from the defender's perspective, most critical power substations to minimize the system damage with an allocated protection budget. The w attack and the best defense strategy were specified from polynomial-time a presented algorithm was relatively efficient and simpler than the state-o rithms and also was capable of covering a wider attack area. In [Error! Ref not found.], the cyber-physical system vulnerability assessment was pro dynamic Game Theory scheme. A tri-level defender-attacker-defender mat gramming model was investigated under a time-delay of the system recove uted DoS attack conditions. An advanced Particle Swarm Optimization (P was employed to solve the optimization problem. The proposed model w cient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detectio cation schemes discussed in this paper. Three resilience criteria, including a putational burden, and robustness against external factors, are used for com attacks on compromising the forecasted demand data was investigated in [Error! Reference source not found.]. To assist the utilities in preventing such attacks, a Game Theory model was proposed, and the Nash equilibrium was determined. It is noted that no monitoring is the appropriate strategy for certain types of low-impact cyber-attacks whereas mixed strategies should be developed for the rest of the attacks. In [Error! Reference source not found.], a game between attacker and defender in a dynamic cyber-attack scenario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simultaneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. attacks on compromising the forecasted demand data was investigated in [Error! Reference source not found.]. To assist the utilities in preventing such attacks, a Game Theory model was proposed, and the Nash equilibrium was determined. It is noted that no monitoring is the appropriate strategy for certain types of low-impact cyber-attacks whereas mixed strategies should be developed for the rest of the attacks. In [Error! Reference source not found.], a game between attacker and defender in a dynamic cyber-attack scenario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simultaneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. attacks on compromising the forecasted demand data was investigated in [Error! Reference source not found.]. To assist the utilities in preventing such attacks, a Game Theory model was proposed, and the Nash equilibrium was determined. It is noted that no monitoring is the appropriate strategy for certain types of low-impact cyber-attacks whereas mixed strategies should be developed for the rest of the attacks. In [Error! Reference source not found.], a game between attacker and defender in a dynamic cyber-attack scenario was investigated. From the attacker's perspective, critical power substations were identified and targeted to maximize the system damage with an allocated budget. Simultaneously, from the defender's perspective, most critical power substations were secured to minimize the system damage with an allocated protection budget. The worst dynamic attack and the best defense strategy were specified from polynomial-time algorithms. The presented algorithm was relatively efficient and simpler than the state-of-the-art algorithms and also was capable of covering a wider attack area. In [Error! Reference source not found.], the cyber-physical system vulnerability assessment was proposed using a dynamic Game Theory scheme. A tri-level defender-attacker-defender mathematical programming model was investigated under a time-delay of the system recovery and distributed DoS attack conditions. An advanced Particle Swarm Optimization (PSO) technique was employed to solve the optimization problem. The proposed model was highly efficient in determining vulnerable power transmission lines of power grids. Table 1 demonstrates a comparison of different cyber-attack detection and identification schemes discussed in this paper. Three resilience criteria, including accuracy, computational burden, and robustness against external factors, are used for comparison. This table shows that accuracy has been at the center of attention in recent research studies. Accuracy remains a major challenge in preventing data-driven-based techniques from being widely used in the power industry. The computational burden can be directly related to the cost as, in most cases, the computations can be enhanced by deploying a stronger processor and computing methods, e.g., parallel or distributed computing, which require financial investments. Therefore, the computational burden may translate into the unwanted but unavoidable cost of safe operation. Robustness against external factors is also discussed in different sets of literature. However, to what degree the security of the smart grid is enhanced is an important concern that has remained unresolved in many recent research studies. Table 1 also indicates that online cyber-attack detection and identification are the essential objectives among other operating objectives. The volatility, intermittent nature, and unpredictability of RESs behavior creates a high level of uncertainty and stochasticity in energy management systems. On the other hand, the integration of the Internet-of-Things (IoT), smart meters, and PMUs provides sophisticated attack surfaces. This increases the difficulties in the control and operation of the smart grid, particularly, cyber-attack detection and identification in narrow time windows. Among the variety of the proposed models, Game Theory and RL satisfy all three criteria, showing the importance of AI models in dealing with the minimum number of datasets for training and testing and the complicated behavior of attacker and defender models. Future research may use such advanced methods to tackle the complexity, scalability, and difficulties of cyber-attack detection in power grids management.

Conclusions
This paper provided an overview of the emerging challenges in smart grid cybersecurity enhancement. In recent research studies, numerous methods have been proposed to protect the smart grid against cyber-attacks. In this paper, three resilience criteria, including accuracy, computational burden, and robustness against external factors, in False Data Injection (FDI) attacks detection and identification were further investigated. The mentioned criteria considered in this paper are all quantifiable, and they help the system operators to determine to what extent the resilience can be enhanced by proposing methods with reasonable financial resource allocation.