Search for a command to run...
At the intersection of multi-layer grid operations and emerging cyber-physical threats, lies the critical challenge of ensuring secure and resilient coordination between transmission system operators (TSOs) and distribution system operators (DSOs). While most existing studies focus on the operational optimization of TSO-DSO interactions, the increasing deployment of IoT-controllable loads raises concerns about cyber vulnerabilities. This paper presents a unified modeling framework for evaluating the impacts of load-altering attacks (LAAs) within an AC-AC coordinated TSO-DSO environment. An LAA strategy is developed that originates at the distribution level and propagates upward through TSO-DSO coordination. This “bottom-up” propagation reveals systemic interdependencies and vulnerabilities across grid layers. To capture a range of attacker capabilities, we model representative adversaries (black-box, white-box, and grey-box) each reflecting different levels of system observability and access, and aiming to disrupt grid operations and exploit market dynamics to increase profits from their controlled distributed resources, considering heterogeneity of local resources and contractual arrangements to improve the realism of the market-based coordination framework. Case studies demonstrate how LAAs disrupt locational marginal prices, power flows, and distributed energy resource operations. The results reveal systemic vulnerabilities to coordinated cyber-physical threats and expose hidden weaknesses of grid coordination mechanisms.