This paper addresses the failure of fault localization and state estimation in power systems under parallel cyber-physical attacks (PCPAs), for the first time modeling a composite attack scenario involving both admittance tampering and communication disruption. We propose a joint framework comprising a graph attention network–driven fault localization (GAT-FL) module and a linear programming–based line status identification module, integrating DC power flow modeling, voltage phase angle reconstruction, distributed FACTS device modeling, and DoS-resilient communication design. Compared to conventional methods, the proposed approach improves fault localization accuracy by 12.6% and achieves over 98.3% accuracy in line status identification. Comprehensive simulations demonstrate its strong robustness against multiple concurrent attacks, high real-time performance, and practical engineering feasibility.

Parallel cyber-physical attacks (PCPA) refer to those attacks on power grids by disturbing/cutting off physical transmission lines and meanwhile blocking transmission of measurement data to dwarf or delay the system protection and recovery actions. Such fierce hostile attacks impose critical threats to the modern power grids when there is a fusion of power grids and telecommunication technologies. In this paper, we investigate the fault diagnosis problem of faulty transmission lines under a broader spectrum of PCPA for a linearized (or DC) power flow model. The physical attack mechanism of PCPA includes not only disconnection but also admittance value modification on transmission lines, for example, by invading distributed flexible AC transmission system (D-FACTS). To tackle the problem, we first recover the information of voltage phase angles within the attacked area. Using the information of voltage phase angle and power injection of buses, a graph attention network-based fault localization (GAT-FL) algorithm is proposed to find the locations of the physical attacks. By capitalizing on the feature extraction capability of the GAT on graph data, the fault localization algorithm outperforms the existing results when under cyber attacks, e.g., denial of service (DoS) attacks. A line state identification algorithm is then developed to identify the states of the transmission lines within the attacked area. Specifically, the algorithm restores the power injection of buses within the attacked area and then identities the state of all the transmission lines within the attacked area by solving a linear programming (LP) problem. Experimental simulations are effectiveness of the proposed fault diagnosis algorithms.