Protecting Power System Infrastructure Against Disruptive Agents Considering Demand Response

Abstract

Power system infrastructure is exposed to a range of threats, including both naturally occurring events and intentional attacks. Traditional vulnerability assessment models, typically based on the N-1 criterion, do not account for the intentionality of disruptive agents. This paper presents a game-theoretic approach to protecting power system infrastructure against deliberate attacks, taking into account the effects of demand response. The interaction between the disruptive agent and the system operator is modeled as a leader–follower Stackelberg game. The leader, positioned in the upper-level optimization problem, must decide which elements to render out of service, anticipating the reaction of the follower (the system operator), who occupies the lower-level problem. The Stackelberg game is reformulated as a bilevel optimization model and solved using a metaheuristic approach. To evaluate the applicability of the proposed method, a 24-bus test system was employed. The results demonstrate that integrating demand response significantly enhances system resilience, compelling the disruptive agent to adopt alternative attack strategies that lead to lower overall disruption. The proposed model serves as a valuable decision-support tool for system operators and planners seeking to improve the robustness and security of electrical networks against disruptive agents.

1. Introduction

1.1. Background and Motivation

Power systems are critical infrastructures whose reliable and secure operation is fundamental for the stability, economic development, and well-being of modern societies. These systems ensure the continuous supply of electricity, which is essential for the functioning of critical services, industries, and households. The integrity and robustness of these networks are vital to ensure energy security and system resilience. Given their strategic importance, the operation and planning of transmission networks are subject to strict reliability standards. Grid operators follow rigorous protocols in the event of system failures to prevent widespread blackouts. However, despite these procedures, several blackouts have still been reported in modern power systems [1,2], highlighting the ongoing challenges in power system monitoring, protection, and control.

Common criteria such as N-1 and N-2 are employed to guarantee system operability even after the loss of one or two system elements, typically due to accidental failures of lines or transformers [3]. However, while such reliability criteria account for random equipment outages, they do not adequately capture the threat posed by intentional and coordinated attacks aimed at disabling the power grid [4].

Transmission systems often span tens or even hundreds of kilometers, making them vulnerable not only to natural events such as lightning strikes and earthquakes, but also to intentional attacks [5]. In this context, the interdiction problem emerged as a modeling framework to assess the vulnerability of power systems to targeted attacks, involving a disruptive attacker that seeks to maximize system damage—typically measured in load shedding—and a system operator who responds by redispatching generation resources to minimize the impact.

A power system may be exposed to both natural unforeseen events and intentional attacks, whether physical or cyber-related. In particular, a cyber-attack often aims to disrupt or damage production. In the context of power systems, several types of cyber-attacks can be considered, including:

• False data injection: where incorrect measurements or control signals are introduced into the system to mislead operators or automated control systems.
• Denial of service: aimed at overwhelming communication channels or control centers to prevent legitimate commands or data from being processed.
• Command injection attacks: where unauthorized control actions are sent to critical components such as breakers or generators.
• Phishing and credential theft: which can grant attackers access to control systems or sensitive operational data.

In the context of this research, we focus exclusively on attacks—whether physical or cyber in nature—that result in the disconnection of three types of system elements: transmission lines, transformers, and generators. Other types of cyber-attacks, such as those targeting databases or manipulating DR signals to indirectly influence system operation, are not considered within the scope of this study.

From the standpoint of game theory, the power system interdiction problem can be modeled as a Stackelberg game. In this particular game, one player (the leader) represents the attacker who decides which components of the system to target in order to maximize disruption. The other player (the follower) represents the system operator, who responds by reconfiguring or operating the remaining infrastructure to minimize the impact of the attack. This hierarchical decision-making structure captures the sequential nature of real-world interdiction scenarios, where the defender reacts after the attacker’s actions are revealed [6]. Such a formulation enables the analysis of worst-case scenarios and supports the design of more resilient operational strategies in power system defense planning.

1.2. Evolution of the Interdiction Problem Formulation and Related Work

The interdiction problem, also known as the terrorist threat problem, was first formulated as a max-min optimization problem by Salmeron et al. in [7]. In this formulation, the disruptive agent seeks to maximize load shedding, while the system operator attempts to minimize it. To solve the problem, the authors implemented a heuristic method resembling Benders decomposition; nonetheless, the approach yielded suboptimal solutions, as acknowledged by the authors.

In [8], the max-min formulation of the interdiction problem was addressed by first linearizing the existing nonlinear expressions into equivalent linear constraints. Subsequently, the inner minimization problem was replaced by its dual, transforming the original max-min structure into a max-max problem. This reformulation led to a single-level equivalent model that could be solved using mixed-integer linear programming (MILP) techniques.

A generalization of the terrorist threat problem defined in [7,8] is presented in [9], allowing for the definition of different objective functions for the attacker and the system operator, as well as the inclusion of additional constraints in the upper-level optimization problem. This formulation presented a greater degree of flexibility compared to previous max-min models.

In [10], the authors propose a solution procedure for the mixed-integer bilevel programming model of the electric grid interdiction problem developed in [9]. By applying linear programming techniques and linearizing the nonlinear terms, the bilevel model is reformulated into an equivalent single-level mixed-integer linear program, without increasing the number of binary variables. This transformation allows for the use of standard MILP solvers to obtain globally optimal solutions.

In [11], a modification of the models presented in [9,10] is proposed to analyze the vulnerability of power systems under multiple contingencies. Two models are introduced and discussed: a minimum vulnerability model and a maximum vulnerability model. Both approaches rely on transforming the lower-level problem into a set of equivalent constraints, converting the original bilevel programs into single-level optimization problems. The first approach employs the Karush–Kuhn–Tucker (KKT) optimality conditions, while the second is based on duality theory.

Tri-level optimization models have also been developed to incorporate long-term system planning in the presence of adversarial threats. These models involve a planner (e.g., a utility or system operator), an attacker, and a real-time system operator, each making sequential decisions. Representative examples of this approach are found in [12,13,14], where optimal reinforcement and defense strategies are identified under uncertainty. Additional efforts have focused on enhancing distribution system resilience through hardening strategies, distributed generation, and reconfiguration capabilities [15,16].

Recent works have addressed the interdiction problem from the perspective of cyber attacks. In [17], the authors propose zero-sum Markov games to model the interactions between the disruptive agent and the system operator, taking into account the inherent uncertainties of real-world events and actions. In this framework, system protection is treated as a continuous process, where the defender and attacker engage in an ongoing interaction that dynamically influences the system state and, consequently, their optimal strategies. In [18], the authors analyze the impact of cyber attacks on power system stability, focusing on scenarios where malicious actors target critical components. Active defense strategies against cyber-physical attacks are explored in [19]. The interdependence between power and cyber networks is examined in [20], where cascading failures in power systems are analyzed within an attack-defense interaction framework. In [21], the authors propose a tri-level defense planning model to protect power systems against coordinated cyber-physical attacks. In [22], the authors investigate game-theoretic strategies to enhance the resilience of cyber and physical infrastructures facing component disruptions. These disruptions are modeled through an aggregate failure correlation function, which captures the conditional probability of infrastructure failure given the failure of an individual system at a specific level. A comprehensive review of cyber attacks on power systems can be found in [23].

Despite their methodological advances, most of the aforementioned models rely on simplified DC power flow representations, which neglect key aspects such as power losses, reactive power flows, and voltage magnitude constraints. This simplification is primarily driven by the need for computational tractability, particularly when reformulating bilevel problems into single-level optimization models. However, these abstractions reduce the fidelity of the vulnerability assessment and may overlook critical operational constraints. To address these shortcomings, a line of research has emerged that incorporates full AC power flow models into the interdiction framework. The first notable contribution in this direction appeared in [24], where the authors employed a hybrid genetic algorithm to solve the problem using an AC formulation. Subsequent studies have confirmed that AC-based models offer more accurate and realistic assessments of system vulnerability, as they allow the inclusion of voltage and reactive power constraints [25].

In parallel, the concept of Demand Response (DR) has received growing attention as a flexible and dynamic tool in power system operation. DR refers to the ability of electricity consumers to adjust their usage patterns in response to price signals, incentives, or reliability needs [26]. DR programs offer multiple benefits, including peak demand reduction, improved system efficiency, deferment of infrastructure investments, and better integration of intermittent renewable energy sources [27,28]. Furthermore, DR has also been recognized for its potential in enhancing system reliability and security, as it can be used to manage operational constraints and reduce the need for involuntary load shedding during emergencies [29].

Recent studies have explored the intersection of DR and power system vulnerability. For instance, ref. [30] examines cybersecurity threats arising from IoT-enabled energy smart appliances participating in demand-side response, highlighting potential risks to grid operations. Additionally, ref. [31] investigates the benefits and cyber vulnerabilities associated with DR systems in real-time grid operations, proposing models to assess and mitigate risks. The work by [32] introduces a data-driven distributionally robust scheduling approach for community integrated energy systems, considering uncertain renewable generations and integrated DR. Furthermore, ref. [33] presents a scenario-based economic dispatch framework that accounts for uncertainties in DR, enhancing the reliability of market clearing processes. Lastly, ref. [34] provides an in-depth analysis of vulnerabilities in DR systems integrating customer demand and smart grid technologies, offering insights into detection methods for potential cyber-attacks.

1.3. Contributions and Paper Organization

This paper integrates DR within the interdiction problem of power systems; an aspect that has received little attention in the existing literature. Specifically, we propose a game theory approach represented as a bilevel optimization model that simultaneously incorporates DR programs and a full AC power flow formulation. Bilevel problems are inherently nonconvex, even when both levels are linear, due to the nested structure and interdependence between levels. To address this complexity, two metaheuristics were implemented: Greedy Randomized Adaptive Search Procedure (GRASP) and Iterated Local Search (ILS). These algorithms were selected because they are well-suited to the nature of the problem under study, offering ease of implementation and low computational cost.

The results demonstrate that incorporating DR into the operator’s response strategy significantly reduces system vulnerability. Not only does DR lower the amount of load shedding, but it also forces the attacker to modify its strategy, resulting in less impactful disruptions. Furthermore, the proposed framework enables system planners and operators to identify critical components, evaluate potential threats, and design more effective mitigation strategies. Ultimately, this work contributes to building more secure, flexible, and resilient energy infrastructures in the face of evolving threats. To summarize, the key contributions of this paper are as follows:

• The effect of DR is integrated in the interdiction problem, proving that the strategic behavior of the disruptive agent is modified by its inclusion. Specifically, DR reduces the amount of load shedding and compels the attacker to adopt less impactful strategies, enhancing the system’s resilience.
• Unlike most attack-defense interdiction models, a full AC power flow formulation is presented to accurately capture the physical behavior and operational constraints of the power system. Furthermore, the model considers coordinated attacks on lines, transformers, and generators, offering a more comprehensive and realistic framework for vulnerability assessment.

The remainder of this paper is organized as follows. Section 2 presents the mathematical formulation of the interdiction problem, including both upper-level and lower-level optimization models. Section 3 describes the metaheuristics used to efficiently solve the proposed bilevel problem. Section 4 presents numerical results obtained from tests performed on the IEEE 24-bus system, under different attack scenarios and DR configurations. This section also analyzes the impact of varying levels of DR on system vulnerability and the resulting attacker strategies. Finally, Section 5 summarizes the main findings and discusses the implications of integrating demand-side flexibility into power system security frameworks.

2. Game Theory Approach and Mathematical Modeling

As mentioned in the introduction, the power system interdiction problem can be modeled as a Stackelberg game. In this setting, the leader is the malicious or disruptive agent who decides which elements of the system to attack in order to maximize damage (i.e., load shedding). In doing so, the attacker must consider the reaction of the system operator (the follower), who will deploy various strategies to mitigate the impact on the system. The action-reaction dynamic, portrayed as a bilevel optimization problem is indicated in Figure 1.

2.1. Stackelberg Equilibrium and Bilevel Problem Formulation

The solution to a game theory problem lies in the concept of equilibrium. An equilibrium point is defined as a situation in which no player has an incentive to unilaterally change their strategy, given the strategies chosen by the other players. The equilibrium in a Stackelberg game is reached when the leader anticipates the follower’s best response to each of their possible actions. Based on this anticipation, the leader selects their optimal strategy—namely, the one that maximizes their own benefit while taking into account how the follower will react. The follower then responds optimally to the leader’s chosen action by solving their own problem at the lower level [35].

Equation (1) presents a simplified mathematical formulation of a bilevel optimization problem. In this case, x is the decision variable of the leader (action), and y is the decision variable of the follower (reaction). The leader’s objective function is given by $F(x,y)$. Note that the value of this objective function depends on the follower’s response. At the lower level, the objective function is given by $G(x,y)$; in this case, the leader’s variable x acts as a parameter for the follower, and once this information is available, the follower decides on y, which in turn affects the leader’s objective function. The follower’s optimization problem at the lower level is subject to constraints $h(x,y)$, which depend on both the leader’s and the follower’s decision variables.

$$\underset{x}{max}F(x,y)\mathrm{sujet}\mathrm{to}:y\in arg\underset{y}{max}\{G(x,y):h(x,y)\le 0\}$$

(1)

In the interdiction problem developed in this paper, the leader’s decision variables are binary in nature and represent whether or not to attack specific elements of the transmission network, subject to a constraint on destructive resources (otherwise, the trivial solution would be to take down all circuits). However, the attacking agent must anticipate the reaction of the system operator, whose objective is to minimize operational costs. In response to an attack, the operator may redispatch generation, activate demand response contracts to ensure reliability, and, as a last resort, shed load. The decision variables at the lower level correspond to those of an optimal power flow (OPF) problem.

A distinctive feature of bilevel programming problems is that even when both the upper- and lower-level optimization problems are linear, the resulting single-level reformulation is generally nonconvex [36]. Various methods have been developed to address bilevel problems, including mathematical programming reformulations, evolutionary algorithms, decomposition techniques, and heuristic or metaheuristic approaches. A common strategy involves replacing the lower-level problem with its KKT optimality conditions, thereby transforming the original bilevel model into a Mathematical Program with Equilibrium Constraints (MPEC). However, this approach is only applicable when the lower-level problem is linear and satisfies certain regularity conditions. In the present case, the follower’s problem corresponds to an optimal power flow, which is nonlinear and nonconvex. Therefore, a metaheuristic approach is proposed to solve the bilevel programming problem, since the KKT conditions are necessary but not sufficient to guarantee global optimality of the lower-level optimization problem.

While metaheuristics do not guarantee global optimality or equilibrium in a strict theoretical sense, they have been widely adopted in similar game-theoretic and power system contexts to approximate equilibria with good empirical performance [37]. In this case, the solution obtained represents a near-equilibrium strategy that reflects realistic attacker–defender interactions under the modeled assumptions.

2.2. Hypotheses and Codification of the Interdiction Vector

The following hypotheses were considered in the mathematical modeling of the interdiction problem.

• The disruptive agent can attack lines, transformers, and generators, but has a limited budget, which limits the number of elements to attack.
• Every attack is assumed to be 100% effective, i.e., it renders the targeted device out of service (either line, transformer or generator).
• Transient effects of the attack are not considered; only steady-state power flow equations are taken into account.
• The Stackelberg game assumes complete information at the upper level—i.e., the attacker is aware of all relevant data from the operator and can anticipate the defender’s response. This assumption is consistent with standard formulations in interdiction literature, where the attacker is typically modeled as a strategic leader with full knowledge.
• For the sake of simplicity, cascading failures, outage duration, and network reconfiguration are not considered in the proposed model.

An attack plan can be indicated through an interdiction vector (IV) as illustrated in Figure 2, which represents a 8-bus power system with 16 elements susceptible to being attacked; namely, 10 lines, two transformers and 4 generators. In this case, lines L1, L10, transformer T1 and generator G2 are under attack, so their corresponding entries in the interdiction vector are set to zero, meaning that these elements were simultaneously rendered out of service due to a coordinated malicious attack.

Once the disrupting agent has selected an attack plan, the system operator’s response is computed based on this information. To simulate this response, we use MATPOWER 6.0 [38], an open-source MATLAB-based software package specifically designed for power system analysis, with particular emphasis on solving power flow and optimal power flow (OPF) problems.

Given a selected IV, an OPF is performed using the updated status of the network elements. The objective function of this OPF is the minimization of operating costs. Typically, the cost of load curtailment (or rationing) is significantly higher than both generation costs and the cost of activating DR contracts. As a result, the system operator will first attempt to re-dispatch generation using all available resources. If this re-dispatch is insufficient to meet demand in the degraded network, the operator will then activate DR contracts. If this still fails to ensure system reliability, the final measure will be to shed load.

Figure 3 illustrates the previous reasoning. In this case, a two-bus system is considered, with two generators, a single load, and a DR contract that can be activated in the event of a contingency. For simplicity, each transmission line in the system is assumed to have a maximum capacity of 100 MW. Additionally, transmission losses and voltage limits are neglected. Under normal operating conditions (base case), the economic dispatch relies on the least-cost resource, namely generator G1. Note that this generator has sufficient capacity to meet the entire demand, and the transmission system is capable of delivering the required power. Therefore, in the base case, the optimal dispatch assigns the entire 200 MW load to G1.

Note that if line L1 goes out of service—whether due to a random failure or a malicious event—the transmission capacity of the network is reduced by half, and G1 can only deliver 100 MW. The next least-cost resource is G2, but it has a maximum capacity of 50 MW. Therefore, the combined generation capacity is insufficient to meet the full demand. In this situation, the DR mechanism can be activated to reduce the load by 20 MW. However, since the remaining 30 MW still cannot be supplied, they must be shed. If the DR mechanism were not available, 50 MW of load would have to be shed. This would result in a more costly dispatch, as the cost associated with unserved energy is higher than the cost of voluntary demand reduction through a DR program.

2.3. Impact of DR in the Interdiction Problem

DR refers to the set of strategies and programs that encourage electricity consumers to adjust their power usage in response to supply conditions, such as price signals or grid reliability needs. DR aims to reduce or shift electricity demand during peak periods or critical system events, thereby enhancing grid stability, improving energy efficiency, and reducing the need for additional generation capacity [29].

This paper explores the impact DR on the power system interdiction problem. It is based on the assumption that the system operator holds DR contracts with different types of consumers—industrial, residential, and commercial—who are willing to reduce their electricity consumption in the event of a malicious attack on the grid in exchange for financial incentives. This provides the operator with an additional tool to respond to interdiction scenarios and enhance system resilience.

The effect of DR will be illustrated through the following example. Figure 4 shows the 8-bus power system from Figure 2, with additional details regarding generation and demand. For simplicity, losses are assumed to be negligible, and power flow limits on the lines are ignored. This system presents a particular characteristic: most of the loads are located in the upper part of the network, while a large portion of the generation is situated in the lower part. Both areas are separated by transformers T1 and T2. In this case, it is assumed that there is excess generation capacity in the lower part of the system, ensuring that the supply to those demands is guaranteed. This exemplifies a typical feature of power systems, where generation and demand are not always located in close proximity.

In the system depicted in Figure 4, it is assumed that the disruptive agent has limited resources, allowing it to attack only two circuits (either lines or transformers), which are insufficient to target the generators. In this scenario, given the system’s topology, the optimal strategy for the attacker is to disable transformers T1 and T2. By removing these components from service—and assuming the system can operate in an islanded mode—generator G1 becomes the sole source available to supply the demand in the upper part of the network. This area has a total demand of 250 MW, but G1 can only generate up to 150 MW, resulting in a load shedding of 100 MW.

Now, suppose the system operator holds a 20 MW DR contract with one of the loads in the upper part of the network, as illustrated in Figure 5. In this case, applying the same attack strategy—disabling transformers T1 and T2—would result in a load shedding of 80 MW. It is important to note that the total unmet demand remains 100 MW; however, only 80 MW correspond to involuntary load shedding, while the remaining 20 MW are curtailed through DR. This outcome is more favorable for the operator, as load shedding is significantly more costly than activating a pre-arranged DR contract.

Since the model assumes that the disruptive agent has complete information (i.e., a Stackelberg game), the optimal strategy for the attacker is no longer to target transformers T1 and T2, but rather to disable lines L4 and L5 as ilustrated in Figure 5. This action isolates one of the demand buses, resulting in a load shedding of 90 MW. Note that in this case, it is not necessary to activate the DR contract. This outcome highlights how the presence of a DR contract alters the attacker’s optimal strategy and ultimately leads to a lower load shedding compared to the scenario without DR.

2.4. Upper-Level Optimization Problem

As illustrated in Figure 1, the upper-level optimization problem consists of maximizing the damage inflicted on the power network indicated by Equation (2). Such damage can be quantified as the total system load shedding, which refers to the portion of demand that cannot be met due to insufficient generation capacity or limitations in the transmission infrastructure (due to the attack).

$$\underset{{\delta }^{\mathrm{Gen}},{\delta }^{\mathrm{Br}}}{max}\sum _{n=1}^N{P}_n^{\mathrm{LS}}$$

(2)

In Equation (2), N is the number of nodes, $P_n^{\mathrm{LS}}$ represents the load shedding at node n, and the binary vectors ${\delta }^{\mathrm{Gen}}$ and ${\delta }^{\mathrm{Br}}$ indicate the operational status of generators and branches, respectively, which is indicated in the IV as illustrated in Figure 2. In this case, a value of zero in either vector implies that the corresponding generator, line or transformer has been attacked and is therefore out of service.

In the interdiction problem, the malicious agent is assumed to have limited resources to carry out the attack. Targeting different components—such as circuits (lines or transformers) or generators—may incur varying resource costs. This constraint is represented by Equation (3). In this case, Gen, and Br represent the total number of generators and branches (including lines and transformers), respectively. The cost of attacking a branch is denoted by $M_l$, and the cost of attacking a generator is denoted by $M_g$. Furthermore, constraints (4) and (5) define the binary nature of the decision variables ${\delta }_g^{\mathrm{Gen}}$ and ${\delta }_l^{\mathrm{Br}}$ that are subsets of the IV.

$$\sum _{l=1}^{\mathrm{Br}}{M}_l(1-{\delta }_l^{\mathrm{Br}})+\sum _{g=1}^{\mathrm{Gen}}{M}_g(1-{\delta }_g^{\mathrm{Gen}})\le M$$

(3)

$${\delta }_g^{\mathrm{Gen}}\in \{0,1\},\forall g=1,\dots ,\mathrm{Gen}$$

(4)

$${\delta }_l^{\mathrm{Br}}\in \{0,1\},\forall l=1,\dots ,\mathrm{Br}$$

(5)

2.5. Lower-Level Optimization Problem

The lower-level optimization problem represents the response of the system operator. Given an attack plan (represented through an interdiction vector), the operator must react to minimize the impact on the system, primarily measured in terms of load shedding. As illustrated in Figure 1, the operator can take several actions: redispatch generation, deploy demand response, and, if necessary, implement load curtailment. These actions are prioritized in the order presented.

2.5.1. Objective Function

Equation (6) defines the objective function of the lower-level optimization problem. The goal is to minimize the impact of the attack measured as the total operational cost, which includes generation costs, load shedding penalties, and costs associated with demand response activation. In this case $c_g$, $c_n^{\mathrm{LS}}$, and $c_{i,n}^{\mathrm{DR}}$ represent respectively the cost of generating power of generator g, load shedding at bus n, and deploying DR resource i at bus n. Furthermore, $P_g^{\mathrm{Gen}}$ is the power generated by unit g, and $P_{i,n}^{\mathrm{DR}}$ is the power provided by DR resource i at bus n.

$$min\sum _{g\in \mathrm{Gen}}{c}_g{P}_g^{\mathrm{Gen}}+\sum _{n\in N}{c}_n^{\mathrm{LS}}{P}_n^{\mathrm{LS}}+\sum _{n\in N}\sum _i{c}_{i,n}^{\mathrm{DR}}{P}_{i,n}^{\mathrm{DR}}$$

(6)

2.5.2. Equality Constraints

Equations (7) and (8) describe the active and reactive power balance injections at each bus, respectively. In these expressions, $G_{mn}$ and $B_{mn}$ are the real and imaginary parts of the nodal admittance matrix, and ${\theta }_{mn}$ is the angle difference between voltages at nodes m and n. Also, Equation (9) defines the apparent power flow $S_l^{\mathrm{Br}}$ through each branch l as a function of its active and reactive components:

$$P_n=V_n\sum _{m\in N}{V}_m\left[G_{mn}cos\left({\theta }_{mn}\right)+B_{mn}sin\left({\theta }_{mn}\right)\right],\forall n\in N$$

(7)

$$Q_n=V_n\sum _{m\in N}{V}_m\left[G_{mn}sin\left({\theta }_{mn}\right)-B_{mn}cos\left({\theta }_{mn}\right)\right],\forall n\in N$$

(8)

$${\left(S_l^{\mathrm{Br}}\right)}^2={\left(P_l^{\mathrm{Br}}\right)}^2+{\left(Q_l^{\mathrm{Br}}\right)}^2,\forall l\in \mathrm{Br}$$

(9)

Equations (10) and (11) describe the active and reactive power flows through branches, adjusted by the binary variable ${\delta }_l^{\mathrm{Br}}$, which deactivates power flow through branches that have been attacked. Here, $g_{mn}$ and $b_{mn}$ represent the conductance and susceptance of the line between nodes m and n.

$$P_l^{\mathrm{Br}}={\delta }_l^{\mathrm{Br}}·\left[g_{mn}{V}_n^2+g_{mn}{V}_m{V}_{n}cos\left({\theta }_{mn}\right)-b_{mn}{V}_m{V}_{n}sin\left({\theta }_{mn}\right)\right],\forall l\in \mathrm{Br}$$

(10)

$$Q_l^{\mathrm{Br}}={\delta }_l^{\mathrm{Br}}·\left[-b_{mn}{V}_n^2+b_{mn}{V}_m{V}_{n}cos\left({\theta }_{mn}\right)-b_{mn}{V}_m{V}_{n}sin\left({\theta }_{mn}\right)\right],\forall l\in \mathrm{Br}$$

(11)

Equations (12) and (13) ensure active and reactive power balance at each bus, incorporating generation, demand, distributed generation, and demand response. Generator availability is captured by ${\delta }_g^{\mathrm{Gen}}$.

$${\delta }_g^{\mathrm{Gen}}·P_g^{\mathrm{Gen}}-P_n^{\mathrm{D}}+P_n^{\mathrm{DS}}+\sum _i{P}_{i,n}^{\mathrm{DR}}=P_n,\forall n\in N$$

(12)

$${\delta }_g^{\mathrm{Gen}}·Q_g^{\mathrm{Gen}}-Q_n^{\mathrm{D}}+Q_n^{\mathrm{DS}}=Q_n,\forall n\in N$$

(13)

Finally, Equation (14) sets the angular reference of the system:

$${\theta }_{\mathrm{ref}}=0$$

(14)

2.5.3. Inequality Constraints

The inequality constraints are defined by Equations (15)–(20). The superscripts “min” and “max” indicate the lower and upper bounds of each variable, respectively.

Equations (15) and (16) impose bounds on voltage angles and magnitudes at every bus $n\in N$:

$${\theta }_n^{\min }\le {\theta }_n\le {\theta }_n^{\max },\forall n\in N$$

(15)

$$V_n^{\min }\le V_n\le V_n^{\max },\forall n\in N$$

(16)

Equations (17) and (18) enforce limits on the active and reactive power outputs of generators:

$$P_g^{\min }\le P_g^{\mathrm{Gen}}\le P_g^{\max },\forall g\in \mathrm{Gen}$$

(17)

$$Q_g^{\min }\le Q_g^{\mathrm{Gen}}\le Q_g^{\max },\forall g\in \mathrm{Gen}$$

(18)

Equation (19) sets the permissible range for the apparent power flow through each branch:

$$S_l^{\min }\le S_l^{\mathrm{Br}}\le S_l^{\max },\forall l\in \mathrm{Br}$$

(19)

Finally, Equation (20) ensures that the sum of load shedding and demand response at each bus does not exceed the total demand at that bus:

$$0\le P_n^{\mathrm{DS}}+\sum _i{P}_{i,n}^{\mathrm{DR}}\le P_n^{\mathrm{D}},\forall n\in N$$

(20)

2.6. Information Exchange Between Leader and Follower

The information exchange between the upper and lower-level optimization problems is illustrated in Figure 6. In this case, the leader (i.e., the disruptive agent) determines the status of lines, transformers, and generators by selecting an interdiction vector that complies with the available destructive resource limits (M). This interdiction plan is then passed as input to the lower level, which solves an OPF problem aimed at minimizing the operational costs of the degraded network.

As illustrated in the example from Section 2.2, the network operator must initially rely on the generation resources still available in the system. This often results in increased operating costs, even when there is no load shedding, since the active generators may not have been part of the original economic dispatch. If the remaining generation resources are insufficient to meet the system demand, the operator must then activate available DR contracts, which essentially reduce demand from the operator’s perspective. Finally, if neither internal generation nor DR programs are enough to restore balance, the last resort is to curtail load. Note that information provided by the lower-level agent that the disruptive agent uses to compute its objective function is the amount of load shed.

3. Solution Approach

Although traditional approaches to solve the interdiction problem use exact techniques such as [7,8,9], they are based on a simplified model of the network and do not allow for the inclusion of nonlinear contraints in the lower-level optimization problem. In contrast, the model described by Equations (2)–(20) uses an AC representation of the network and therefore, conventional exact methods become computationally intractable. These types of problems are better handled by metaheuristic approaches than traditional optimization approaches. In the interdiction problem, the reaction of the system operator is solved using an OPF subroutine implemented in MATPOWER [38], taking as input an IV or attack plan determined by the disruptive agent. In this context, the search for an optimal IV is carried out using a metaheuristic approach.

Previous studies have addressed the interdiction problem using Genetic Algorithms and Cuckoo Search, as reported in [24,25], respectively. However, one of the main challenges associated with these metaheuristics is the frequent generation of infeasible solutions, often caused by the use of complex operators for solution updates. A simple yet effective way to mitigate this issue is by employing local search-based methods. In this work, two such methods are presented: GRASP and ILS. Both approaches provide a good balance between solution quality and computational efficiency.

3.1. Iterated Local Search

ILS is a metaheuristic designed to improve upon traditional local search methods by effectively escaping local optima. While basic local search explores the neighborhood of a solution to find a local optimum, it often becomes trapped in suboptimal regions. ILS addresses this limitation by iteratively applying local search to modified versions of previously visited solutions, thereby enhancing both the depth and breadth of the search process [39].

The ILS procedure begins with the construction of an initial feasible solution, represented by an IV that does not exceed the attacker’s available destructive resources, limited by Equation (3). This solution is then refined through a local search algorithm that makes small, iterative changes until a local optimum is reached. Once no further improvements are possible, the solution is perturbed to produce a new starting point that lies outside the basin of attraction of the previous local optimum. This perturbed solution undergoes a new round of local search, and the process is repeated (see Figure 7).

In this case, the local search consists of iteratively modifying the status of one adjacent element of the current solution at a time. On the other hand, the perturbation is performed by randomly changing the state of two elements in the current solution, while always ensuring compliance with the disruptor agent’s resource constraints.

The effectiveness of ILS relies on its balance between intensification and diversification. The local search phase focuses intensively on exploiting promising regions, while the perturbation step introduces diversity to explore new areas of the solution space. The flowchart of the implemneted ILS is depicted in Figure 8.

3.2. Greedy Randomized Adaptive Search Procedure (GRASP)

GRASP is a multi-start metaheuristic designed to solve complex combinatorial optimization problems. Each iteration consists of two main phases: a randomized greedy construction phase followed by a local search [40]. Once a complete initial solution is constructed, GRASP applies a local search procedure to improve it, typically by exploring the neighborhood of the current solution to reach a local optimum. The algorithm repeats this process for a fixed number of iterations or until a stopping criterion is met. Throughout the process, the best solution found is stored and returned at the end.

In this study, a constructive heuristic is first used to generate an initial set of feasible candidate solutions; therefore, it must be ensured that the cost associated with a given IV does not exceed the resources available to the attacker. This guarantees compliance with the constraint defined by Equation (3). The initial constructive phase is depicted in Figure 9.

The total destructive resources available to the disrupting agent are denoted by M. Initially, an IV is created with all elements set to one, meaning that no components in the network (lines, transformers, or generators) have been attacked and no resources have been used. Then, a random position in the IV is selected and set to zero, indicating that the corresponding element has been attacked and some of the destructive resources have been consumed. If the cost associated with the IV at this stage does not exceed M—that is, if there are still resources available to attack additional elements—another component of the network is disabled by setting its corresponding IV element to zero. This process continues until all resources have been exhausted, resulting in a set of distinct IVs (see Figure 9).

In the simulation environment, DR is modeled as dispatchable generation units, with their associated cost reflecting the price of demand response services. Once the total load shedding for a given IV is calculated, the solution undergoes a local search phase to improve its performance.

The local search strategy consists of making small perturbations to the IV, for example, flipping the status of one or more elements, and evaluating whether the modified IV results in higher load shedding. If so, the modified IV replaces the original one in the solution pool. This process iteratively explores the neighborhood of each candidate to enhance solution quality. From the set of final improved IVs, only the best-performing and mutually distinct solutions are retained. These constitute the final results of the GRASP-based optimization process. Figure 10 illustrates the flowchart of the GRASP technique developed for solving the interdiction problem described in this paper.

4. Tests and Results

Several tests were carried out using the IEEE 24-bus test system to demonstrate the applicability of the proposed methodology. This system is made of 38 branches, 11 generators, and 17 load buses. Simulations were conducted using a load profile corresponding to a typical winter day at 18:00 h. For modeling simplicity, the minimum generation output of all generators is assumed to be zero.

4.1. Results Without DR

In the first set of tests, the effect of DR was not included. Additionally, it is assumed that the cost of attacking a generator is twice that of attacking a line or transformer. Accordingly, in Equation (3), the attack costs are set as $M_g=2$ and $M_l=1$. All tests were carried out on a laptop equipped with an AMD Ryzen 5 4600H processor, 16 GB of RAM, and a 64-bit operating system.

The interdiction problem was solved for different values of M, as shown in

Table 1. Load shedding in MW with different techniques.

M	AG [24]	CS [25]	GRASP	ILS
2	194	-	194.00	194.00
3	309	-	309.00	309.00
4	442	559.8	725.63	725.63
5	842	-	896.17	896.17
6	1017	1022.9	1115.4	1115.4

. The results were compared with those obtained using Genetic Algorithms (GA) [24] and Cuckoo Search (CS) [25]. For some values of M, no solutions were reported using the CS method. It can be observed that the results obtained are generally similar. However, for M = 4 and M = 6, the load shedding values reported by GA and CS are lower than those obtained with GRASP and ILS. This discrepancy is due to the fact that, in the model proposed in this article, attacks on generators are allowed. Although such attacks are more resource-intensive for the attacker, they can lead to greater damage to the system in terms of load shedding. As shown in Table 1, the GRASP and ILS methods produced identical results. Overall, the performance of both methods was very similar, with GRASP demonstrating slightly better results in terms of computational time and solution accuracy as evidenced in

Table 2. Performance metrics of ILS and GRASP for twenty different runs and M = 6.

Metric	GRASP	ILS
Best solution (max)	1115.4	1115.4
Worst solution (min)	1017.0	1017.0
Mean solution	1105.56	1100.64
Standard Deviation	29.52	35.20
Average computation time (s)	228.4	237.2

.

Figure 11 and Figure 12 illustrate the convergence behavior of the GRASP and ILS metaheuristics, respectively, over four independent runs with 30 iterations each. As shown, GRASP consistently reached the same optimal solution in all four runs, whereas ILS became trapped in a suboptimal solution in one of the runs.

Table 3. Best attack plans found with GRASP and ILS.

M	Attack Plan	Load Shedding [MW]	Load Shedding [%]
2	11–14, 14–16	194.00	6.81
3	16–19, 20–23, 20–23	309.00	10.84
4	G13, G23	725.63	25.46
5	7–8, G13, G23	896.17	31.44
6	12–23, 13–23, 14–16, 15–24, G13	1115.40	39.14

shows the best attack plans found by GRASP and ILS. For $M=2$, the optimal attack strategy consists of removing lines 11–14 and 14–16, isolating bus 14. This results in a total load shedding of 194 MW. Although bus 14 includes generation capacity, it is insufficient to meet its own demand. For $M=3$, the optimal strategy involves attacking lines 16–19 and the corridor 20–23. This isolates buses 19 and 20 from the main system and leads to 309 MW of load shedding. For $M=4$, the optimal interdiction targets the generators at buses 13 and 23. Without these generators, the system is not able to meet total demand, resulting in 725.96 MW of load shedding. The interdiction strategies for $M=3$, and $M=4$ are illustrated in Figure 13. In this case, the attacked elements are shown as dashed red lines and the affected load buses (where there is load shedding) are indicated in red.

For $M=5$, the optimal interdiction strategy builds upon the one identified for $M=4$ by incorporating an additional attack on the transmission line connecting buses 7 and 8. This particular line plays a crucial role in maintaining the connectivity of the generator at bus 7 with the rest of the power network. Therefore, when this line is disabled, the generator at bus 7 becomes electrically isolated, rendering it unable to contribute power to the system—an effect functionally equivalent to removing the generator itself. As a consequence of this strategic configuration, the power system suffers a total load shedding of 896.17 MW. For $M=6$, the attack plan includes four transmission along with the generator located at bus 13. This combination leads to the disconnection of several critical corridors, resulting in a total load shedding of 1115.4 MW.

Figure 14 illustrates the attack plans for $M=5$ and $M=6$. As in previous figures, dashed lines represent the elements under attack, while buses experiencing load shedding are marked in red.

4.2. Results Considering DR

Table 4. Best attack plans considering DR programs at buses 19 and 20 for $M=3$.

DR Capacity [%]	Available DR [MW]	Interdiction Vector	Load Shedding [MW]
0	0.00	16–19, 20–23, 20–23	309.00
5	15.45	7–8, G23	293.79
10	30.90	7–8, G23	278.66
20	61.80	3–24, 9–11, 9–12	251.58

showed that the best attack strategy for $M=3$ involves destroying lines 16–19 and 20–23 (repeated twice for redundancy). This strategy effectively isolates buses 19 and 20, which have no local generation resources (see Figure 13b).

Suppose now that these two buses are connected to industrial consumers who are enrolled in a DR program. These consumers have agreed to reduce a portion of their electricity demand upon request from the system operator, specifically during periods of stress or contingency. It is assumed that the DR program is equipped with infrastructure that enables the remote and automated disconnection of load, allowing the operator to swiftly implement demand reductions.

To evaluate the impact of DR availability, the interdiction problem is solved again while varying the DR capability at buses 19 and 20 from 0% to 20% of their respective demands. The resulting load shedding for each DR level is summarized in Table 4.

For a DR level lower than 5%, it was observed that the disruptive agent does not alter its strategy, and the attack plan remains the same as reported in Table 3. However, once DR availability exceeds 5%, the attacker is forced to revise its approach. Specifically, the updated strategy involves attacking the generator with the highest capacity in the system, located at bus 23, as well as line 7–8, which isolates the generation at bus 7.

Despite this strategy, the resulting load shedding is lower than that of the original IV without DR. This indicates the mitigating effect of DR programs. Interestingly, the attack plans for 5% and 10% DR levels remains unchanged, targeting the same generator and radial line.

At a DR level of 20%, the attacker changes strategy once again. This time, the interdiction plan involves disabling circuits 3–24, 9–11, and 9–12, yielding an even lower load shedding value of 251.58 MW compared to the 309 MW of the base case. This new strategy aims to reduce the overall transmission capacity of the network by targeting key transformers that link the upper and lower parts of the system.

Figure 15 illustrates the interdiction strategies corresponding to different DR levels at buses 19 and 20. In the figure, attacked elements are shown as dashed lines, and affected load buses are highlighted in red. This analysis underscores the role of DR (highlighted in blue) as a deterrent mechanism that compels the disruptive agent to adopt alternative, less damaging strategies.

For $M=6$, the most affected nodes are located in the lower section of the power system. Suppose now that buses 9, 10, 13, and 14 are engaged in a DR program that allows them to voluntarily reduce up to 20% of their total demand when requested by the system operator. To evaluate the influence of DR in this scenario, the interdiction problem is solved again, varying the DR level from 0% to 20% at the selected buses. The results of these simulations are summarized in

Table 5. Best attack plans considering DR at buses 9, 10, 13, and 14 ($M=6$).

DR Capacity [%]	Available DR [MW]	Interdiction Vector	Load Shedding [MW]
0	0.00	12–23, 13–23, 14–16, 15–24, G13	1115.40
5	41.45	G13, G18, G23	1072.30
10	82.90	G13, G18, G23	1030.90
20	165.80	7–8, 11–13, 12–13, 12–23, 14–16, 15–24	907.50

, showing how increasing DR participation at critical buses reduces the overall system vulnerability and mitigates load shedding.

Note that the strategy of the disruptive agent also evolves as the level of DR increases. The total demand at buses 9, 10, 13, and 14 is 829 MW. When 5% DR is available, a decrease in load shedding of 84.5 MW is observed, reducing from 1115.4 MW in the base case to 1030.9 MW. In this scenario, the disruptive agent targets the generators with the highest installed capacity: G13, G18, and G23.

When the available DR increases to 10%, the attack plan remains unchanged; however, the resulting load shedding decreases further due to improved flexibility in the system. Finally, with 20% DR, the attacker is once again forced to modify their strategy. This time, the attack plan disables circuits 7–8, 11–13, 12–13, 12–23, 14–16, and 15–24, leading to a load shedding of 907.5 MW.

Figure 16 illustrates the effect of increasing DR capacity, where attacked elements are shown as dashed lines and load-affected buses are highlighted in red and DRs in blue. Circuits 12–23, 14–16, and 15–24, along with generator G13, appear as critical elements—frequently included in multiple attack strategies.

When DR is not available, the disruptive agent prefers to isolate the upper portion of the power system, which contains most of the generation capacity, while also disabling G13. This tactic causes a generation deficit in the lower region of the network, making load shedding inevitable.

When up to 10% DR is available at buses 9, 10, 13, and 14, the attacker finds it more effective to directly disable the largest generators instead of targeting the transmission infrastructure. However, when DR availability increases to 20%, the attacker reverts to isolating the upper area and, additionally, disables generator G7 by attacking the 7–8 circuit. This shift illustrates how DR acts as a deterrent, altering the optimal attack plans of the disruptive agent.

5. Conclusions

This paper presented a vulnerability assessment model for power systems that incorporates the effect of Demand Response (DR) within a bilevel interdiction framework. The proposed methodology identifies the most critical system components—lines, transformers, and generators—in terms of the load shedding that results from their removal by a malicious agent.

The main contribution of this work lies in integrating DR programs into the interdiction model, allowing for a more realistic representation of the operator’s ability to respond to intentional attacks. When the system operator is able to perform remote disconnection of loads engaged in DR programs, the vulnerability of the power system is significantly reduced. This forces the disruptive agent to alter its attack strategy, often leading to plans that produce less damage to the network.

The simulation results on the IEEE 24-bus system demonstrate the applicability and effectiveness of the proposed approach. It was confirmed that DR can serve as a deterrent, compelling the attacker to adopt alternative, less impactful strategies. Sensitivity analyses under varying DR levels also provided insights into alternative sets of critical elements, enabling the system operator to better understand the conditions under which specific infrastructure becomes vulnerable.

Importantly, the results of this study support the use of DR not only as an operational tool but also as a strategic defense mechanism. Moreover, identifying critical components—with or without DR—offers valuable information for both system operators and planners. This knowledge can inform investment decisions related to network reinforcements, improved monitoring of critical infrastructure, and the design of DR programs tailored to enhance overall system resilience.