Vulnerability Analysis Evaluating Bilevel Optimal Power Flow Approaches for Multiple Load Cases

This work presents two methodologies to enhance vulnerability assessment in power systems using bilevel attacker-defender network interdiction models. First, we introduce a systematic evaluation procedure for comparing different optimal power flow formulations in the lower-level problem. We demonstrate the procedure for a comparison of the widely used DC approximation and a linearized AC optimal power flow model. Second, we propose a novel scoring methodology to identify and prioritize critical attack vectors across diverse load and generation scenarios. Both methodologies go beyond traditional worst-case analysis. Case studies on a SimBench high-voltage test grid show that the DC approach fails to detect a significant portion of critical vulnerabilities. The scoring methodology further demonstrates the dependency of vulnerabilities on the considered load case and time step, highlighting the importance of assessing multiple scenarios and going beyond worst-case solutions. The proposed methodologies enhance power system vulnerability assessment and can support the effective development of robust defense strategies for future power systems.

💡 Research Summary

The paper tackles the problem of assessing power‑system vulnerability to high‑impact low‑probability (HILP) events using a bilevel attacker‑defender network interdiction (BNI) framework. In this framework the upper level represents an attacker who can disable a limited number of transmission lines (binary variables z_ij) to maximize system damage, while the lower level models the system operator who, given the attacked network, solves an optimal power flow (OPF) problem to minimize load shedding. Because an exact AC OPF in the lower level leads to a non‑convex mixed‑integer nonlinear program that is NP‑hard, most studies replace it with a linear DC approximation. The authors argue that this simplification may hide critical vulnerabilities, especially those involving voltage magnitude and reactive‑power constraints.

To investigate this, they develop two methodological contributions. First, they propose a systematic evaluation procedure that extracts not only the worst‑case attack vector but also a ranked list of the top N critical attack vectors (CA Vs) for each OPF formulation. The procedure iteratively solves the bilevel model, each time adding a constraint that excludes the previously found attack combination, thereby generating a set of distinct, high‑impact attacks. By comparing the CA V lists obtained with a linearized AC (LAC) lower‑level model and with the traditional DC model, they compute key performance indicators: the proportion u of LAC‑identified attacks missed by the DC model, and the absolute and relative objective‑value gaps (Ψ_abs, Ψ_rel) for the overlapping attacks.

Second, they introduce a scoring methodology that aggregates vulnerability information across multiple load and generation scenarios (different time steps). For each attack vector they accumulate three statistics: appearance count C, sum of rank positions R, and sum of objective values Y. From these they derive a “rank score” (Φ_rank = R·T·C²) and an “objective score” (Φ_obj = Y·C), which quantify how consistently and how severely a given attack vector threatens the system over the considered horizon. This multi‑scenario scoring enables the identification of attack vectors that may be sub‑optimal in any single snapshot but are repeatedly dangerous across many operating conditions.

The authors validate their methods on the SimBench 135‑bus high‑voltage test grid. They simulate 24 hourly operating points, each with realistic load and renewable‑generation profiles, and consider attack budgets Z equal to 5 %, 10 %, 15 %, 20 % and 25 % of the total number of branches. For each (scenario, Z) pair they generate the top 30 CA Vs using both the LAC and DC formulations. The results show that, on average, the DC model fails to detect about 15 % of the critical attack vectors identified by the LAC model. The missed attacks are especially prevalent during peak‑load periods when reactive‑power limits become binding, confirming that the DC approximation’s neglect of voltage and reactive constraints can lead to substantial under‑estimation of vulnerability.

The scoring analysis further reveals that certain attack combinations (e.g., simultaneous outage of two specific lines) achieve high Φ_obj and Φ_rank values across many time steps, indicating that they are consistently high‑impact even if they are not the absolute worst case in any single hour. For instance, with a 20 % attack budget, a particular two‑line outage attains an objective‑score equal to 77 % of the worst‑case value while being missed entirely by the DC‑based analysis.

These findings have two practical implications. First, reliance solely on DC‑based vulnerability assessments can leave system operators blind to a non‑trivial fraction of dangerous contingencies; incorporating a linearized AC model provides a more reliable picture. Second, the multi‑scenario scoring framework offers a systematic way to prioritize defensive investments (e.g., hardening, monitoring, or fast‑recovery schemes) toward attack vectors that are persistently threatening across diverse operating conditions, thereby enhancing overall system resilience.

The paper concludes that the proposed evaluation and scoring methodologies are not limited to bilevel models; they can be applied to any vulnerability‑assessment approach that yields a set of candidate attack vectors. Future research directions include extending the framework to stochastic load and renewable generation, modeling multiple coordinated attackers, integrating real‑time remedial actions, and scaling the approach to larger transmission networks.