Radial microgrids exhibit insufficient physical-aware resilience against coordinated cyber-physical attacks and often fail to satisfy power flow and voltage constraints post-defense. Method: This paper proposes a physics-informed cyber-physical co-defense framework. It introduces a novel attack behavior prediction mechanism integrating hypergraph neural networks (HGNN) with model-agnostic meta-learning (MAML); formulates a bi-level Stackelberg game coordinated by an ADMM-based optimizer to jointly optimize topology reconfiguration and distributed energy resource dispatch; and employs NSGA-II for multi-objective resilience enhancement. Contribution/Results: Evaluated on IEEE 69-bus, 123-bus, and synthetic 300-bus systems, the framework restores nearly full load supply under 90% high-priority attacks while effectively suppressing voltage violations. It identifies Feeder 2 as the most critical vulnerability channel. The framework demonstrates strong scalability and engineering feasibility.

This paper presents a physics-aware cyberphysical resilience framework for radial microgrids under coordinated cyberattacks. The proposed approach models the attacker through a hypergraph neural network (HGNN) enhanced with model agnostic metalearning (MAML) to rapidly adapt to evolving defense strategies and predict high-impact contingencies. The defender is modeled via a bi-level Stackelberg game, where the upper level selects optimal tie-line switching and distributed energy resource (DER) dispatch using an Alternating Direction Method of Multipliers (ADMM) coordinator embedded within the Non-dominated Sorting Genetic Algorithm II (NSGA-II). The framework simultaneously optimizes load served, operational cost, and voltage stability, ensuring all post-defense states satisfy network physics constraints. The methodology is first validated on the IEEE 69-bus distribution test system with 12 DERs, 8 critical loads, and 5 tie-lines, and then extended to higher bus systems including the IEEE 123-bus feeder and a synthetic 300-bus distribution system. Results show that the proposed defense strategy restores nearly full service for 90% of top-ranked attacks, mitigates voltage violations, and identifies Feeder 2 as the principal vulnerability corridor. Actionable operating rules are derived, recommending pre-arming of specific tie-lines to enhance resilience, while higher bus system studies confirm scalability of the framework on the IEEE 123-bus and 300-bus systems.