A Systematic Review of Cyber Risk Analysis Approaches for Wind Power Plants

Wind power plants (WPPs), as large-scale cyber–physical systems (CPSs), have become essential to renewable energy generation but are increasingly exposed to cyber threats. Attacks on supervisory control and data acquisition (SCADA) networks can cause cascading physical and economic impacts. The systematic synthesis of cyber risk analysis methods specific to WPPs and cyber–physical energy systems (CPESs) is a need of the hour to identify research gaps and guide the development of resilient protection frameworks. This study employs a Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) protocol to review the state of the art in this area. Peer-reviewed studies published between January 2010 and January 2025 were taken from four major journals using a structured set of nine search queries. After removing duplicates, applying inclusion and exclusion criteria, and screening titles and abstracts, 62 studies were examined for analysis on the basis of a synthesis framework. The studies were classified along three methodological dimensions, qualitative vs. quantitative, model-based vs. data-driven, and informal vs. formal, giving us a unified taxonomy of cyber risk analysis approaches. Among the included studies, 45% appeared to be qualitative or semi-quantitative frameworks such as STRIDE, DREAD, or MITRE ATT&CK; 35% were classified as quantitative or model-based techniques such as Bayesian networks, Markov decision processes, and Petri nets; and 20% adopted data-driven or hybrid AI/ML methods. Only 28% implemented formal verification, and fewer than 10% explicitly linked cyber vulnerabilities to safety consequences. Key research gaps include limited integration of safety–security interdependencies, scarce operational datasets, and inadequate modelling of environmental factors in WPPs. This systematic review highlights a predominance of qualitative approaches and a shortage of data-driven and formally verified frameworks for WPP cybersecurity. Future research should prioritise hybrid methods that integrate formal modelling, synthetic data generation, and machine learning-based risk prioritisation to enhance resilience and operational safety of renewable-energy infrastructures.