Microgrids use ICT to intelligently deliver energy and integrate clean generation. They can operate independently from a larger grid and can help to strengthen grid resilience. Applications include remote as well as urban areas, hospitals, and manufacturing complexes. Cybersecurity challenges arise, exposing the microgrids to cyber-attacks, possibly resulting in harm to infrastructure and to people. Research has classified attacks based on confidentiality, integrity, and availability, and most countermeasures focus on specific attacks or on protecting specific components. A global approach is needed combining solutions that can secure the entire system and respond in milliseconds.
This reference work for researchers, in academia, industry and at grid operators as well as for students, provides an up-to-date framework for cybersecurity technologies and perspectives on operation, control, testbed and protection of microgrids from a system level perspective. Coverage includes the role of modern power electronics in active distribution networks, cyber-induced steady-state and dynamic issues, situational awareness of cyber-attacks, AI aided detection of data manipulation, cyber security threats in multi-agent microgrids, communication assisted protection, design and modeling of cyber-attacks for grid tied PV systems, stealth cyber-attacks, resilient distributed control, cyber-physical testbeds for smart grids and EV charging, and event-driven resiliency of microgrids against cyber-attacks. The book offers advanced cyber-attack detection strategies for microgrids to address breaches, counter attacks, deploy appropriate countermeasures, and stabilize microgrids under cyber-attacks.
Inspec keywords: distributed control; reviews; power engineering computing; telecommunication networks; distributed power generation; power generation control; data integrity; security of data
Other keywords: distributed control; power engineering computing; telecommunication networks; security of data; data integrity; distributed power generation; power generation control; reviews
Subjects: Power engineering computing; Data security; General electrical engineering topics; General and management topics; Telecommunication applications; Distributed power generation; Control of electric power systems; Multivariable control systems
This chapter provides an overview of the steady-state and dynamic issues in cyber-physical power systems. Based on the steady-state resiliency requirements, the corrective measures can be accommodated based on the time scale of the steady-state updates. Moreover, investigating steady-state stability will also require firm thresholds and reconfiguration measures. However, the challenges with an assessment of cyber-induced threats in dynamic conditions naturally increase as it interferes with all the operational sectors, such as control, modeling, stability, and protection. Hence, we provide an overview of some of the commonly used resilient schemes and introduce some new self-healing innovations without reporting any interruption. More details about these aspects will be discussed in the following chapters of this book.
With the advancement of power electronics and semiconductors technology, new faster devices with lower switching energy were developed, enabling faster switching frequency operation. As a result, the volume and size of the power converters were considerably reduced, bringing advantages for those applications in which the power density is very important [1]. As modern power electronics continue to transform the emerging challenges in the distribution networks, the controllability of interconnected power electronic converters becomes a severe problem. The advances in IT infrastructural developments have simplified this problem but have exposed the system to a larger threat of cyber attacks. This chapter overviews the different challenges faced by modern power electronics and the extent to which they are vulnerable to man-made threats, i.e, cyber attacks.
Similar to utility grid and other terrestrial microgrids, aircraft electric power systems and shipboard microgrids have their own power generation, distribution, utilization and generation storage. The rapid development of power electronics technology has allowed the converters to operate at DC voltage levels required for transmission, distribution and consumption. However, the coordination among power electronic converters can lead to malicious intrusions that aim to manipulate microgrids' operation and cause deviation from their mission-critical objectives. Such manipulations may lead to disturbances during motion, thus posing serious risks to passenger lives and cargo. The disturbances can also affect operations in critical sectors such as commercial transportation and defence, which may directly influence the global economy and national security. This chapter overviews the industrial security measures considered for microgrids in mission-critical applications, such as those found in electric aircrafts and shipboard power systems, with further insights on vulnerable areas, which can be exploited by stealthy attackers.
Development of a secure critical infrastructure, such as the power system, necessitates addressing the associated cybersecurity challenges at the network, physical, and application layers. With the continuously evolving cyberattacks in grid networks, including advanced persistent threats (APTs), the development of cybersecurity situational awareness (CSA) is an emerging trend that facilitates precise and detailed command and control to enhance the security and resilience of power systems. The comprehensive and timely CSA is necessary to predict cyberattacks at an early stage and provide an intelligent incident response to minimize their impacts on the power system. In this chapter, we present a high-level conceptual architecture of CSA against cyber threats in the smart grid. The proposed conceptual architecture integrates data-driven anomaly detection algorithms, heterogeneous database, and event visualization dashboard to monitor grid network and analyze and predict cybersecurity threats that can affect the normal grid operation. We then discuss the several components of Iowa State University PowerCyber (ISU PC) testbed that can be utilized to emulate substation and control center networks and further test and validate anomaly detection methods and intrusion detection system (IDS) tools in a cyber-physical testbed environment. As a proof of concept, we present a data-driven anomaly detection algorithm for wide-area monitoring system (WAMS) using synchrophasors and evaluated its performance by computing true positive rates for line fault and cyberattack events. Furthermore, we present the prototype demonstration at the commercial scale by integrating the proposed detection algorithm with the General Electric (GE)-based WAMS platform to support CSA in power system. Finally, we conclude this chapter by outlining how a cybersecurity training can enhance the overall CSA while emphasizing the need to develop robust anomaly detectors to secure the grid network.
The electrical grid is rapidly changing. Microgrids, distributed energy resources, and increased automation in decision-making enabled by smart sensors have bridged the gap between utilities and end users by increasing transparency and allowing consumers to monitor and control their electricity usage efficiently via advanced metering infrastructure. The intelligent sensors have enabled system operators to continually monitor the power system in real time and take appropriate measures to prevent system breakdowns. The power grid's cyber-physical security has gained more attention in the research community in the recent past. Smart devices and communication infrastructure are vulnerable to cyber threats, and if their security is compromised, then the consequence can be devastating. This chapter presents the basics of data manipulation attacks on the smart grid targeting power system state estimation (PSSE), a core function of the energy management system (EMS) on which power system operations and security analysis heavily depend; and artificial intelligence (AI)-aided methods to detect the data manipulation in real time.
In this chapter, a brief understanding of distributed cyber-physical MGs, the cyber risk associated with them, and a few existing possible security measures are presented. Specifically, the impact of MG operations with different FDI attacks such as time-invariant, bounded time-variant, and unbounded attacks is analyzed. In addition to this, deceptive attack such as DoS and replay attacks impacts on cyber-physical MG is presented. Furthermore, different existing security measures applicable at the cyber layer, physical layer, and control layer are also detailed in this chapter. However, cyber security in MGs remains an ongoing research, with potential future research scope in the direction of the distributed attack detection techniques and security measures for multiple coordinated stealthy attacks.
In recent years, fossil fuel-based electric power sources are a major concern due to environmental issue. Depletion of such energy sources is also a matter of worry. The power delivery networks in a power system have been stressed due to aging of transmission and distribution infrastructure and the growing demand of electricity. Integration of renewable energy sources (RESs) to the power grid using advanced power electronic converters is a promising solution for enhanced reliability of supply, clean energy and improved power quality [1]. High penetration of RESs in a grid causes voltage rise and protection issues threatening grid security and reliability. The concepts of 'Microgrid' and 'Smart grid' are emerging in power system as viable solution to these problems.
Flexibility can be defined as the power system's ability to respond to both expected and unexpected changes, either in demand or on the supply side. This concept contributes to improving the grid's stability allowing a higher penetration of renewable energy sources (RESs). A real-time flexibility utilization system can be viewed as a cyber-physical system where the communication component is cyber, whereas the control components have physical effects. In this chapter, we discuss security properties and challenges that must be considered in the flexibility utilization of energy districts.
This chapter provides a detailed understanding of physics- and data-oriented approaches for emulating cyberattack in a grid-connected system through FDI attacks. The physics-oriented tools are developed based on the graph model of the systems control architecture, whereas the data-oriented tools are based on the GT approach and GAN. The design process for all three approaches is carried out on the same system. The physics-oriented tools are identified to have an average FDIA accuracy of 75 to emulate the fault with long training times. Furthermore, the data-oriented approach with game theory has less training accuracy with less training time, and the GANs have the highest training accuracy of 99.4% with a training time of 1 min 36 s for 7 000 iterations. Besides, the GAN-based FDIA is also identified to have a maximum-likelihood ratio while emulating the cyberattack profile.
This chapter discusses a cooperative mechanism for detecting potentially deceptive cyber attacks that attempt to disregard average voltage regulation and current sharing in cyber-physical microgrids. Considering a set of conventional cyber attacks, the detection becomes fairly easy for distributed observer-based techniques. However, a well-planned set of balanced attacks, termed as the stealth attack, can bypass the conventional observer-based detection theory as the control objectives are met without any physical errors involved. In this chapter, we discuss the formulation and associated scope of instability from stealth attacks to deceive distributed observers realizing the necessary and sufficient conditions to model such attacks. To address this issue, two disagreement indices (DIs) for each agent are introduced to detect potential threats to voltage and current, which accurately identify the attacked agent(s) under various scenarios. To facilitate detection under worst cases, the DIs from the secondary voltage control sublayer are strategically cross-coupled to the current sublayer, which ultimately disorient the control objectives in the presence of stealth attacks and provide a clear norm for triggering defense mechanisms. Finally, its performance is simulated under many potential threats on sensors and communication links.
Microgrids rely on cyber networks in their monitoring and control systems. This poses significant challenges in terms of cybersecurity in microgrids. This chapter addresses this problem by the design of a resilient cooperative distributed control system for DC microgrids that are resilient to stealthy false data injection (FDI) cyberattacks, which adversely impact the data integrity of the control systems and the communication networks, while simultaneously remaining undetected by anomaly detection algorithms. The chapter also reviews some of the recent scientific contributions in the resilient control systems for DC microgrids and discusses some of the research challenges in this area.
To enhance the reliability, resiliency and sustainability of a microgrid (MG) in the presence of several distributed energy resources (DERs) and loads, communication systems play a vital role, forming it into a cyber-physical system (CPS). However, integration of information and communication technology (ICT) in the MG architecture exposes MG to potential malicious cyber attacks as well. Similarly, electric vehicles (EVs) also come with a host of many cybersecurity risks. The integration of power, communication and transportation sectors empowers the intruders to exploit the vulnerability and disrupt the operation of multiple sectors. Testbed plays a vital role in the study of the threat landscape and the impact of cyber attacks (such as denial of service (DoS) attacks and false data injection attacks (FDIA)) in such cyber-physical infrastructure. This study would further aid to develop and verify the detection and mitigation schemes against cyber attacks.
This work presents a detailed study on the development of real-time (RT) cosimulation testbed for inverter-based MG and RT testbed for EV-charging infrastructure. The MG testbed consists of OP5700 RT simulator to emulate cyber-physical layer through HYPERSIM software; and SEL-3530 Real-Time Automation Controller (RTAC) hardware configured with ACSELERATOR RTAC SEL-5033 software. A human-machine interface (HMI) is further developed in ACSELERATOR Diagram Builder SEL-5035 software for local/remote monitoring and control. Furthermore, communication protocols such as Modbus, sampled measured values (SMVs), generic object-oriented substation event (GOOSE) and distributed network protocol 3 (DNP3) on an Ethernet-based interface were established to link the cyber and physical layers. Furthermore, the testbed for EV-charging infrastructure consists of AC and DC emulators to emulate the respective charging station (AC/DC) and EV. It also constitutes various charging cables supported for different charging protocols such as combined charging system (CCS), GB/T and CHAdeMO. To monitor the message exchanges, charging discovery system (CDS) hardware along with its software is used. Few of the test cases have been presented to demonstrate the ability of these testbeds.
Though recent advancements in microgrids are largely based on distributed control strategies to enhance reliability, their susceptibility to cyber attacks still remains a challenging issue. Additionally in converter-dominated microgrids, mitigation of cyber attacks upon detection in a timely manner is the need of the hour to prevent the system from immediate shutdown. Since most of the existing research is primarily focused on detection of cyber attacks in microgrids without giving prior attention to comprehensive steps of mitigation, this chapter classifies cyber attacks as events and introduces an event-driven cyber attack resilient strategy for microgrids, which immediately replaces the attacked signal with a trusted event-driven signal constructed using true transmitted measurements. This mechanism not only disengages the attack element from the control system but also replaces it with an event-triggered estimated value to encompass normal consensus operation during both steady-state as well as transient conditions even in the presence of attacks. Finally, the event detection criteria and its sensitivity are theoretically verified and validated using different conditions in the presence of stealth attacks in AC and DC systems.
This chapter provides future outlooks and recommendations/perspectives on the digitization of future energy systems. Cyberattacks are often viewed as a low-probability, high-consequence event. Complacency in the face of changing information and the information on the scope of the cybersecurity risk is growing ever more concerning. When confronted with a complex problem like cybersecurity, finding a solution can be done by visualizing the problem in five elements: vulnerability, threat, consequence, probability, and response. This chapter concludes with our remarks on the obstacles and suitable practices/guidelines, which are most suited for different sectors of grid operation.