AUTHOR=Tong Heqin , Xu Jianbing , Li Xiao , Zhang Liquan TITLE=Cyber-attack research for integrated energy systems by the correlated matrix based object-oriented modeling method JOURNAL=Frontiers in Energy Research VOLUME=Volume 10 - 2022 YEAR=2022 URL=https://www.frontiersin.org/journals/energy-research/articles/10.3389/fenrg.2022.774645 DOI=10.3389/fenrg.2022.774645 ISSN=2296-598X ABSTRACT=The rise of integrated energy system requires the integration of multiple sources of energy to be embraced and transit over power grid, that means the information and communication system of traditional power system will be extended, and their complexity will be increased. As the information and communication system plays a more important role in the infrastructure of power system, cyber-attack on it may impact on the power system and cause serious threat for the integrated energy system. To analyze the threat on the complex and integrated system, some researchers provide some modeling methods to study the impact of cyber-attack on the information and communication system, such as Attack Tree Model, Attack Graph Model, Petri Net Model for cyber-attack, Attack Description Language Model, State Transition Graph Model, etc. However, these modeling methods have some shortages, for example, they cannot describe the systematical cyber-attack and show the secure status during the cyber-attack; it is hard for them to analyze the larger and complicated information and communication system. To overcome the shortages, in this paper, a correlated matrix based object-oriented model is proposed for cyber-attack modeling. By this model, the relationship between the attacker and victim can be directly built; the cyber-attack path and packet from the attacker can be tracked; and the status of the nodes and links can be showed during cyber-attack. To build the cyber-attack model, there are two steps. Firstly, the procedure and approach of the cyber-attack will be modeled by object-oriented method; then, correlated matrix model will be built for network topology, attack path and attack procedure. By combining these two models, the whole cyber-attack model is created. Finally, to demonstrate the modeling method and its benefit, we use the MITM (Man-in-the-middle Attack) attack on measurement data of AVC (Automation Voltage control) system as examples, and build hardware-in-the-loop (HIL) co-simulation platform to verify the model.