Author ORCID Identifier
Semester
Spring
Date of Graduation
2026
Document Type
Dissertation
Degree Type
PhD
College
Statler College of Engineering and Mineral Resources
Department
Lane Department of Computer Science and Electrical Engineering
Committee Chair
Anurag K. Srivastava
Committee Member
Sarika Khushalani Solanki
Committee Member
Amr El Wakeel
Committee Member
Prashnna Gyawali
Committee Member
Venkatesh Venkataramanan
Abstract
Critical infrastructure systems such as cyber-power grids are becoming increasingly complex through the integration of distributed energy resources, sensors deployment, and automated control technologies. These systems rely on Operational Technology (OT) that must satisfy strict real time safety constraints, making them significantly more sensitive to disruptions than traditional IT environments. As connectivity expands, cyber-attacks targeting these infrastructures pose existential risks to grid reliability and national security. This work proposes an integrated framework to strengthen the cyber resilience of power grids and Industrial Control Systems (ICS) through a tripartite approach: long term defense mechanism, real-time detection, and decision support. First, we develop an OT-aware cyber defense framework leveraging Software-Defined Net working (SDN) to enhance security posture while respecting strict control protocol constraints. To evaluate system performance under stress, we introduce protocol-aware resiliency metrics that quantify the impact of disruptions on communication behavior. Furthermore, we design bio inspired defense mechanisms grounded in Infectious Disease Ecology to model and analyze the rapid propagation of cyber threats across the grid. Building on this foundation, we present a real-time anomaly detection engine using data-driven analytics through spatio-temporal Graph Neural Networks (GNNs). By analyzing streaming OT traffic, these models capture the inherent structural relationships among infrastructure devices and their temporal patterns, enabling early identification of cyber-physical anomalies. The proposed methodologies are validated in an advanced Hardware-in-the-Loop (HIL) and Human-in-the-Loop testbed emulating realistic grid operations and communication traffic. Finally, the operational effectiveness of these tools is evaluated through human-factor studies involving approximately 40 professional and trained operators, providing empirical insights into how cyber awareness tools influence decision-making during active incidents.
Recommended Citation
Hussain, Mohammed Mustafa, "Data-driven Analytics and Decision Support for Cyber-Physical Grid Resilience" (2026). Graduate Theses, Dissertations, and Problem Reports. 13305.
https://researchrepository.wvu.edu/etd/13305
Included in
Cybersecurity Commons, Digital Communications and Networking Commons, Power and Energy Commons, Systems Architecture Commons