TESP-Attack: Cyber Threats in Transactive Energy

• TESP-Attack is a simulation platform for evaluating cyber-attacks on transactive energy systems by integrating physical power-flow, market clearing, and network emulation.
• It employs realistic adversarial scenarios—including MITM, replay, DoS, and FDI attacks—across centralized and blockchain-enabled market architectures to quantify impacts on price, load, and latency.
• The framework guides practical mitigation strategies such as encryption, rate limiting, and on-chain reputation mechanisms to enhance the security and resilience of energy markets.

TESP-Attack denotes a focused suite of security assessment and adversarial scenarios for transactive energy systems (TES), developed atop the Transactive Energy Security Simulation Testbed (TESST). TESST integrates physical power-flow simulation, market-clearing algorithms (both centralized and decentralized blockchain-based), and detailed emulation of network conditions to analyze security vulnerabilities at the intersection of energy market operations and cyber infrastructures. TESP-Attack systematically explores, implements, and quantifies the impact of multiple cyber-attack vectors—such as man-in-the-middle (MITM), replay, denial-of-service (DoS), and false data injection (FDI)—on the integrity, performance, and resilience of centralized and blockchain-enabled decentralized TES markets (Zhang et al., 2019).

1. TESST Architecture and the Role of TESP-Attack

TESST is architected as a modular simulation environment combining:

• Physical layer: PyPower for IEEE 9-bus transmission modeling; GridLAB-D/EnergyPlus for 12.47 kV distribution feeders and 102-prosumer microgrid simulation, interconnected at bus 7. Standard AC power-flow equations provide the operational baseline:

$$P_i = \sum_{j=1}^n |V_i||V_j| (G_{ij}\cos\theta_{ij} + B_{ij}\sin\theta_{ij}), \quad Q_i = \sum_{j=1}^n |V_i||V_j| (G_{ij}\sin\theta_{ij} - B_{ij}\cos\theta_{ij}),$$

$$I_{ij} = \frac{V_i - V_j}{Z_{ij}}, \quad |I_{ij}| \le I^{\max}_{ij}$$

Voltages, injections, and currents are solved every 15 minutes to generate node-level stability data and aggregated load profiles.

• Market layer: Two options are available:
  • A centralized Transactive Market Platform (TMP), executing uniform double-auction clearing for prosumer and consumer bids on price and quantity ($(P_\text{bid}, Q_\text{bid})$), determining market-clearing price $P_\text{clear}$ as intersection of supply and demand.
  • A blockchain-enabled decentralized market (RIAPS/Ethereum/TRANSAX), where signed offers are posted to a distributed ledger, and multiple solvers submit matchings and invoke settlement via smart contract consensus.
• Network layer: NS-3-based tap-bridge virtual wireless network, enabling explicit attacks (packet interception, mod, replay, DoS), supporting dynamic and granular adversarial control at the communication level.

TESP-Attack orchestrates attacks via programmable scripts in NS-3, interfacing at the prosumer/consumer containers, TMP API endpoints, and blockchain transaction gateways (Zhang et al., 2019).

2. Threat Models and Attack Classes

TESP-Attack formalizes a threat model for TES communication and computation, capturing adversary capabilities such as:

• MITM on bid/offer traffic: Adversary intercepts and modifies market bids—between prosumer containers and the TMP or blockchain API. Modifications can be profit-oriented or disruption-driven.
• Replay Attack: Captures and re-injects previously valid signed offers (timestamp mutation) to desynchronize market state.
• Denial-of-Service (DoS): Saturates the NS-3 wireless channel or the TCP port serving TMP or blockchain interfaces, aiming to prevent timely bid submissions or to stall smart contract execution.
• False Data Injection (FDI): Compromises smart-meter readings (voltages $V_i$, currents $I_{ij}$, or local temperatures $T_{\text{Current}}$), thereby biasing market bids and potentially destabilizing the physical grid.

Attackers are instantiated as programmed NS-3 nodes with the capacity for inline packet rewriting and traffic generation (Zhang et al., 2019).

3. Mathematical Representations of Attack Scenarios

TESP-Attack implements adversarial manipulation of market processes through precise algorithmic interventions:

• Profit-Driven Bid Modification:

Adversary controls an $\alpha$ fraction of prosumers, scaling their bids by $\beta < 1$:

$$P'_{\text{Bid}, k} = \beta P_{\text{Bid}, k}, \quad Q'_{\text{Bid}, k} = \beta Q_{\text{Bid}, k}, \quad k \in \{1, \ldots, \alpha N\}$$

with typical parameters such as $\beta = 0.5$. Algorithmically, MITM scripts capture and rewrite bid packets before forwarding.

• Disturbance-Driven (Random) Bid Manipulation:

Adversary injects extreme or randomized bids:

$$P'_{\text{Bid}, k} = P_{\min} + \text{rand}(0,1)(P_{\max} - P_{\min})$$

$$Q'_{\text{Bid}, k} = Q_{\min} + \text{rand}(0,1)(Q_{\max} - Q_{\min})$$

Forcing large swings in market outcomes and load oscillations.

• Replay Attack:

The attacker re-injects previously logged offer $\mathcal{O}_t$ at a later interval:

$$\text{send}\;\mathcal{O}_t\;\|\;\text{timestamp} = t + \Delta$$

inducing discrepancies in scheduled delivery versus measured consumption/prosumption.

• FDI on Measurements:

Metered values replaced via additive noise:

$$V_i'(t) = V_i(t) + \varepsilon_i,\quad I_{ij}'(t) = I_{ij}(t) + \delta_{ij}$$

chosen to push state estimator output outside operational thresholds.

• DoS:

Network saturation at rate $R_\text{DoS}$ such that:

$$R_{\text{DoS}} > \frac{B_{\text{channel}}\,p_{\text{thresh}}}{1 - p_{\text{thresh}}}$$

where $p_{\text{loss}}$ exceeds acceptable $p_{\text{thresh}}$, halting bid flow or market settlement (Zhang et al., 2019).

4. Experimental Outcomes and Metrics

Attack experiments were run under both centralized and blockchain-enabled market architectures. The efficacy and consequences were quantified through:

• Peak price deviation: $$\Delta P_{\text{clear}} = |P_{\text{clear,attack}} - P_{\text{clear,normal}}|$$ in $/kWh$
• Load imbalance: $\Delta L = \sum_t | D_t - S_t |$ (kW)
• Latency of offer submission: $T_{\text{latency}}$ (percent increase versus baseline)
• Packet loss: $p_{\text{loss}}$ (%)
• Voltage stability index/market stalling

A summary of key outcomes is presented in the following table:

Attack Type	Architecture	Peak $\Delta P_{\text{clear}}$ ($/kWh) |$\max\Delta L$(kW) |$T_{\text{latency}}$↑ ($p_{\text{loss}}$$(</tr> </thead><tbody><tr> <td>Profit-Driven</td> <td>Centralized</td> <td>0.05</td> </tr> <tr> <td>Profit-Driven</td> <td>Blockchain</td> <td>0.02</td> </tr> <tr> <td>Disturbance-Driven</td> <td>Centralized</td> <td>0.30</td> </tr> <tr> <td>Disturbance-Driven</td> <td>Blockchain</td> <td>0.10</td> </tr> <tr> <td>Replay</td> <td>Centralized</td> <td>0.15</td> </tr> <tr> <td>FDI</td> <td>Centralized</td> <td>–</td> </tr> <tr> <td>DoS</td> <td>Centralized</td> <td>n/a</td> </tr> </tbody></table></div> <p>Profit-driven attacks induce only moderate artifacts in the centralized market (peak price deviation$$0.05\%%%%4%%%%/\text{kWh}$,$25\,\text{kW}$$), triggering thermal cycling in responsive loads. Under blockchain clearing, both price and load deviations are consistently smaller, despite increased offer latency and packet loss due to distributed consensus overheads. DoS attacks result in up to 100<h2 class='paper-heading' id='architectural-vulnerabilities-and-comparative-security-analysis'>5. Architectural Vulnerabilities and Comparative Security Analysis</h2> <p>The centralized clearing market is acutely vulnerable to bid tampering (both profit and disturbance-driven) and DoS. A minority of compromised controller nodes suffice to sway clearing prices and operational setpoints. Replay and FDI attacks cause state estimator divergence and operational instability—potentially leading to voltage collapse or undesired protective relay actuation.</p> <p>Decentralized, blockchain-enabled markets inherently replicate all offers across multiple untrusted solvers and enforce immutability via cryptographic signatures and contract settlement. This architecture hinders MITM and replay attacks—successful tampering requires broad compromise across all involved solvers. Automated matching and settlement eliminate the single point of control of TMP. Nonetheless, decentralized paradigms introduce new risks: latent consensus-driven delays ($$T_{\text{latency}}$up to 20$p_{\text{loss}}$), and exposure to consensus-layer DoS (e.g. through mining withholding or gas exhaustion) (Zhang et al., 2019). 6. Mitigation Strategies and Open Research Challenges Recommended countermeasures include: Implementation of reputation and fine mechanisms for prosumer misbehavior, enforced on-chain through security deposits. End-to-end encryption and mutual authentication (TLS) for all prosumer-to-market communications, in both centralized and blockchain options. Network-level defenses: rate-limiting, priority queuing, and distributed anomaly detection for bid submission and acceptance patterns. Extension of FDI-specific test scenarios in the GridLAB-D environment, complemented by robust bad-data detection within state estimation. Further investigation of system-level tradeoffs introduced by blockchain, especially regarding operational latency, throughput, and ability to resist emerging consensus-layer attacks (Zhang et al., 2019). A plausible implication is that while decentralized ledger solutions increase resilience to data tampering and solver collusion, no architecture is categorically secure; layered, cross-cutting detection and control mechanisms remain essential. 7. Significance and Future Directions TESP-Attack, through rigorous co-simulation of cyber-physical energy systems with realistic adversarial action spaces, provides a powerful platform for empirically grounded security analysis of both established and emerging TES architectures. It enables quantification of attack impact across operational, market, and infrastructural axes, and databases countermeasure efficacy under precise metrics and conditions. Future research should prioritize: Comprehensive exploration of consensus-extending attacks on blockchain-aided trading. Deployment and validation of distributed attack-resilient state estimation and automated market surveillance. Formal specification and verification of system security properties under adversarial conditions, with particular attention to admitted network-level distortions. TESP-Attack thus represents a crucial advance in the systematic security assessment of transactive energy markets at cyber-physical scale, setting a benchmark for future experimental, algorithmic, and theoretical research in this domain (Zhang et al., 2019). Sponsor Organize your preprints, BibTeX, and PDFs with Paperpile. Get 30 days free Whiteboard Generate a whiteboard explanation of this topic. Topic to Video (Beta) Generate a video overview of this topic. Follow Topic Get notified by email when new papers are published related to TESP-Attack. Continue Learning How does TESP-Attack integrate physical power-flow simulations with market-clearing algorithms? What specific metrics are used to quantify the impact of different cyber-attack vectors in TESP-Attack? How do centralized and blockchain-enabled market architectures compare in terms of vulnerability to these attacks? What role do network-level defenses play in mitigating the security threats modeled by TESP-Attack? Find recent papers about blockchain security in transactive energy systems. Related Topics Sandwich Attacks in Decentralized Systems Thermal Performance Degradation Attacks Secure Time Synchronization Systems Malicious Resource Farming Overview Man-in-the-Middle Attacks Reflective Amplification Attacks Adversarial Transaction Sequencing Grid-Level Defense Strategy Attack-Resilient Energy Storage Scheduling UAV Security Threats Analysis Content Overview References Whiteboard Topic to Video Follow Topic Continue Learning Related Topics Stay informed about trending AI/ML papers: About Updates Chrome Extension Paper Prompts Sponsorship API Terms Privacy RSS Contact Twitter Discord