A Multi-Scale Attention-Based Attack Diagnosis Mechanism for Parallel Cyber-Physical Attacks in Power Grids

Parallel cyber--physical attacks (PCPA) can simultaneously damage physical transmission lines and disrupt measurement data transmission in power grids, severely impairing system situational awareness and attack diagnosis. This paper investigates the attack diagnosis problem for linearized AC/DC power flow models under PCPA, where physical attacks include not only line disconnections but also admittance modifications, such as those caused by compromised distributed flexible AC transmission system (D-FACTS) devices. To address this challenge, we propose a learning-assisted attack diagnosis framework based on meta--mixed-integer programming (MMIP), which integrates a convolutional graph cross-attention attack localization (CGCA-AL) model. First, sufficient conditions for measurement reconstruction are derived, enabling the recovery of unknown measurements in attacked areas using available measurements and network topology information. Based on these conditions, the attack diagnosis problem is formulated as an MMIP model. The proposed CGCA-AL employs a multi-scale attention mechanism to predict a probability distribution over potential physical attack locations, which is incorporated into the MMIP as informative objective coefficients. By solving the resulting MMIP, both the locations and magnitudes of physical attacks are optimally estimated, and system states are subsequently reconstructed. Simulation results on IEEE 30-bus and IEEE 118-bus test systems demonstrate the effectiveness, robustness, and scalability of the proposed attack diagnosis framework under complex PCPA scenarios.