Submitted Successfully!
To reward your contribution, here is a gift for you: A free trial for our video production service.
Thank you for your contribution! You can also upload a video entry or images related to this topic.
Version Summary Created by Modification Content Size Created at Operation
1
Ersan Kabalci
 -- 4302 2023-06-22 10:41:59 |
2 format correct
Catherine Yang
Meta information modification 4302 2023-06-25 04:40:51 |

Video Upload Options

Do you have a full video?
Send video materials Upload full video

Confirm

Are you sure to Delete?
Yes No
Cite
If you have any further questions, please contact Encyclopedia Editorial Office.
Irmak, E.; Kabalci, E.; Kabalci, Y. Cybersecurity in Microgrids. Encyclopedia. Available online: https://encyclopedia.pub/entry/45967 (accessed on 27 July 2024).
Irmak E, Kabalci E, Kabalci Y. Cybersecurity in Microgrids. Encyclopedia. Available at: https://encyclopedia.pub/entry/45967. Accessed July 27, 2024.
Irmak, Erdal, Ersan Kabalci, Yasin Kabalci. "Cybersecurity in Microgrids" Encyclopedia, https://encyclopedia.pub/entry/45967 (accessed July 27, 2024).
Irmak, E., Kabalci, E., & Kabalci, Y. (2023, June 22). Cybersecurity in Microgrids. In Encyclopedia. https://encyclopedia.pub/entry/45967
Irmak, Erdal, et al. "Cybersecurity in Microgrids." Encyclopedia. Web. 22 June, 2023.
Cybersecurity in Microgrids
Edit
This entry is adapted from the peer-reviewed paper 10.3390/en16124590

The demand for clean and sustainable energy sources is increasing at a rapid pace, and microgrids (MGs) have emerged as a promising solution for achieving energy resilience, efficiency, and security. As a general definition, a microgrid is a localized power system that integrates renewable energy resources, energy storage systems, and loads to operate autonomously or in parallel with the main grid. As MGs continue to grow in popularity as a means of providing reliable and sustainable energy to communities and businesses, the issue of cybersecurity becomes increasingly important. With the use of digital technology and communication systems, MGs are vulnerable to cyberattacks that can compromise their operation and even cause physical damage. 

microgrids digitalization optimization cybersecurity

1. Security Vulnerabilities in MGs

Cybersecurity vulnerabilities in MGs are similar to those found in large-scale energy grids. However, due to the unique characteristics of MGs, they require different attention. MGs are mainly based on RESs. Therefore, the devices used for energy generation, storage, and distribution are manufactured by different vendors and are not compatible with each other [1][2]. This can lead to cybersecurity vulnerabilities in MGs as cyberattackers may exploit the weaknesses of these devices.
The vulnerabilities of MGs are generally caused by factors such as inadequate security measures, lack of software and hardware updates, weak authentication, incorrect configuration, faulty software coding, and improperly separated networks [3]. Cybersecurity vulnerabilities allow a cyberattacker to take control of devices, gain unauthorized access to systems, install malware, and monitor network traffic. This can cause interruptions in the energy production and distribution processes of MGs and create security risks for individuals [4]. Table 1 provides a brief description of the categories and explanations of significant vulnerabilities encountered in MGs.
Table 1. Some significant vulnerabilities encountered in MGs.
Vulnerability Type Description Potential Consequences
Attacks on field devices Field devices are vulnerable due to limited memory and processing resources, which can be exploited by attackers. Attackers can overwrite memory sections of field devices with incorrect values, leading to device crashes or malfunctions.
Backdoor or malware loaded onto command-and-control network Malware/backdoors can be installed on the command-and-control network, providing attackers with covert access to devices or assets on the system. Attackers can gain unauthorized access to the network and compromise the security of devices or assets.
Attacks on databases Database attacks can impact system security and data collection from the field. Attackers can update device values through the database, which may not be reflected in the human–machine interface (HMI), or affect the collection of data from the field.
Devices with few or no security features Microgrid devices may lack basic security mechanisms, such as authentication or encryption. Attackers can send control messages that disable grid devices, which are executed as there is no way to verify their validity.
Misconfigurations of assets Default configurations, misconfigured assets, and using default passwords can undermine system security. Assets that are not enabled to authenticate, or use default or hardcoded credentials, can compromise security.
Unsatisfactory cybersecurity procedures and training for personnel Uneducated personnel can compromise network security by disregarding security policies and practices. Personnel can unintentionally or intentionally disable security features or install new software that impacts the security profile of the information system.
Incorrect configured network Networks that are not completely separated from the corporate network can become vulnerable to attackers. An attacker can exploit a security vulnerability in the microgrid information system by sending a phishing email with a malicious attachment.
Incorrect or nonexistent patches Incorrect or nonexistent patches can leave software and hardware vulnerable to attacks, compromising microgrid system security and reliability. The patching process can create a risk for the system’s accessibility, affecting the security and reliability of the microgrid system.
Unsafe coding techniques Inappropriate authentication, access control, and error checking can negatively impact system security. An attacker can bypass authentication mechanisms that use device serial numbers or 16-bit authentication keys.
Failure to use microgrid-specific security technologies The absence of a security technology aimed at detecting security vulnerabilities in MGs makes these systems vulnerable to attackers. The system becomes vulnerable to attackers due to the absence of a security technology aimed at detecting security vulnerabilities in MGs.
Security vulnerabilities in microgrid-specific protocols The communication protocols used in MGs are designed with little emphasis on security, making them more vulnerable to attacks. Microgrid-specific protocols are more vulnerable to well-known attacks due to their lack of emphasis on security.
Unauthorized personnel access Failure to monitor or restrict physical access to the microgrid network may result in unrestricted access to all assets in the network. Failure to monitor or restrict physical access to the microgrid network.

2. Threats to Microgrid Cybersecurity

MGs and smart grids, as complex cyberphysical systems, are vulnerable to various types of cyberattacks that can cause severe disruptions to energy generation, distribution, and consumption. To better understand these risks, it is essential to develop a systematic taxonomy of cyberattacks on smart grids based on their themes and characteristics [5][6]. Such a taxonomy can provide a useful framework for classifying and analyzing different types of cyberattacks, identifying common patterns and vulnerabilities, and designing effective countermeasures. A remarkable and up-to-date thematic taxonomy of cyberattacks to smart grids, which can also be considered for MGs, is presented by Ding et al., as illustrated in Figure 1 [7].
Figure 1. A thematic taxonomy of cyberattacks to smart grids [7].
As illustrated in Figure 1, cyberattacks on smart and microgrids has mainly focused on various attack methods such as false data injection attacks, denial of service attacks, data framing attacks, man-in-the-middle attacks, load altering attacks, false command injection attacks, load redistribution attacks, coordinated cyberphysical topology attacks, and replay attacks. These attacks exploit different vulnerabilities in power grids and have varying intentions and strategies. Moreover, the integration of information systems into power physical systems has resulted in severe threats such as malware attacks [7]. It is crucial to analyze and understand these cyberattacks on MGs to develop effective countermeasures against potential threats. Therefore, some of the most significant of attacks are outlined below:
False Data Injection Attack: False data injection (FDI) can have serious consequences by affecting the operation of MGs. FDI attacks cause incorrect processing or decision making in the system by providing misleading or erroneous data to the network users [8][9]. This can lead to faulty load distribution, device failures, or system crashes. Typically, an attacker injects false data into network devices starting from a point where the attacker can access the network system. By using fake data, the attacker can deceive the network devices and cause them to perform incorrect operations. For example, an attacker can change traffic density data by sending false signals to a traffic sensor and create traffic flow in the wrong direction [10]. False data injection attacks have been increasingly observed in recent years. To protect against these attacks, security vulnerabilities of microgrid systems need to be identified, and security measures need to be taken [11][12]. Additionally, designing network devices for authentication and accuracy checks can reduce the impact of attacks.
Denial of Service (DoS): The cybersecurity infrastructure in MGs should be designed to ensure access to energy, related information, and communication structures. In this context, a DoS attack targets power availability by reliably and timely affecting access to microgrid services [13][14]. Despite its simplicity, an effective DoS attack can cause significant disruption. A DoS attack can be carried out by overloading the device or channel with data, manipulating vulnerabilities or abnormalities in protocols and systems, or both. DoS attacks can also be generated by a large number of compromised information assets that have been turned into zombies, known as distributed denial of service (DDoS) attacks [15][16]. Therefore, a DoS attack on a microgrid can be carried out against the accessibility of traditional power usage, preventing control over communication, computation, and information systems, endangering data integrity, and causing power outages. If the microgrid is connected to the internet, DoS attacks can cause significant power outages and have extremely harmful consequences. MGs contain a variety of measurement devices, such as smart meters, smart devices, data collectors, phase measurement units, remote terminal units, smart electronic devices, and programmable logic controllers (PLCs). These devices are sensitive to DoS attacks due to their use of internet standard protocols [17]. For instance, PLCs, integral components of automation systems within microgrids, are responsible for controlling and monitoring various processes. However, their connection to the internet and utilization of standard protocols can introduce vulnerabilities. DoS attacks, for example, can disrupt the operation of PLCs by overwhelming them with a high volume of malicious requests, rendering them unresponsive or causing system malfunctions. It is crucial for microgrid operators and cybersecurity professionals to be aware of these vulnerabilities and implement robust security measures to mitigate potential risks. This may include implementing intrusion detection systems, access controls, secure network architectures, regular patching and updates, and ongoing monitoring and incident response protocols. By addressing these vulnerabilities, microgrids can enhance their resilience against cyberthreats and ensure the secure operation of their automation systems.
Data Framing Attacks: These are a type of cyberattack that targets communication networks. In this type of attack, the attackers attempt to deceive the devices in the network by sending fake messages that mimic the network traffic [18][19]. These fake messages are used to distort or alter the data as they are transmitted between the devices in the network. Attackers may also send fake messages to cut off a data stream or to cause damage to a specific device. This type of attack is especially dangerous for many industrial protocols because these protocols are typically designed without security measures and use plain text for communication between devices in the network. Attackers can exploit the weak points in the communication algorithms of network devices by manipulating data through techniques such as modifying the values stored in the devices’ memory, sending fake messages, or using other methods to disrupt or disable devices [20]. This type of attack can cause devices in the network to malfunction or even suffer physical damage [21].
Man-in-the Middle Attacks: One of the most significant threats faced by MGs is the man-in-the-middle (MitM) attack. The MitM attack is a type of cyberattack where the attacker intercepts communication between two parties to steal or alter data [22][23]. In the context of MGs, MitM attacks can cause significant disruptions to the energy supply chain, leading to power outages, equipment damage, and even safety hazards. The MitM attack in MGs typically involves an attacker gaining access to the communication network used to control and manage the grid’s various components. The attacker may use various methods to gain access, such as social engineering, phishing attacks, or exploiting vulnerabilities in the network infrastructure. Once the attacker gains access, they can intercept communication between the various components of the microgrid and manipulate data to their advantage [24][25]. For instance, the attacker can intercept communication between the microgrid’s control system and the energy storage system and modify the power flow to create an overload, which can damage the equipment or cause a power outage. Similarly, the attacker can manipulate the data from the RESs to make them appear unreliable, which can cause the microgrid to switch to a more expensive and less sustainable energy source. MitM attacks in MGs can also pose a significant threat to the privacy and confidentiality of the energy data [26]. For example, the attacker can intercept communication between the smart meters and the microgrid’s control system to gain access to the energy usage data of individual consumers. These data can be used for various purposes, such as identity theft or targeted advertising, leading to significant financial losses and privacy violations. Concludingly, the three main objectives of MiTM attacks are (1) to interrupt or modify measurements; (2) to alter smart meter data; and (3) to manipulate network traffic by the attacker. This attack technique relies on the Address Resolution Protocol (ARP) poisoning approach, and attack detection can be performed using packet evaluation techniques [27].
Load Manipulation Attacks: These attacks aim to modify power usage of targeted loads or even to overload them. For instance, the method of load manipulation can be employed indirectly by publishing incorrect price information to customers in terms of demand response management techniques. Power loads must be protected to prevent overloading and to manage them cost-effectively [28].
Malicious Command Injection Attack: In power grids, phase shifting transformers or phase shifters are used to control the flow of electricity. Phase shifters are used to prevent the accumulation of electrical density in transmission lines and to apply contract-based regulations. In an automatic power grid system, phase shifting commands are transmitted through the SCADA system. This situation can make the system vulnerable to cyberattacks in terms of both harmless and malicious commands being sent from the phase shifters. Malicious commands can cause serious damage, power outages, and disrupt cross-network interactions [29].
Load Redistribution Attacks: These attacks are related to the distribution or routing of energy sources on a microgrid. This type of attack is carried out when a device with low security levels changes the flow of energy on the grid by sending fake data packets or using a predetermined strategy [30][31]. Attackers can artificially increase energy consumption in a specific area of the grid, causing energy sources in that area to rapidly deplete. This can create a balancing issue across the entire grid, requiring other areas to be fed from different energy sources [32]. Load redistribution attacks also allow individuals with access to energy sources to manipulate energy consumption by redirecting energy sources from one area to another. This can cause power outages in specific areas of the grid and harm electricity consumers in the affected region. The best way to counter these types of attacks is to implement appropriate mechanisms for controlling the distribution and routing of energy sources on the grid and monitoring them securely. Additionally, it is important to take appropriate security measures on each device to ensure the security of each component of the grid [33].
Coordinated Cyberphysical Topology Attacks: Coordinated cyberphysical topology attacks (CCPT) are more dangerous for MGs than either physical topology attacks or cybertopology attacks alone [34][35]. CCPT attacks are divided into two categories: physical topology attacks and cybertopology attacks. In a physical topology attack, the attacker cuts the transmission line, while in a cybertopology attack, the attacker deceives the control center, hides the outage signal in the cyberlayer, and creates a false outage signal for another transmission line [36]. As a result, the most important goal of a coordinated topology attack is to overload the critical line by deceiving the control center into making incorrect dispatches [37].
Replay Attack: A replay attack can be carried out by intercepting information in a communication network and then mimicking a legitimate sender by distributing the intercepted information to reproduce the original information [38][39]. This type of attack relies on past data and makes it difficult for the control center to detect the attack. As a result, the attack can cause disruption in the power flow and lead to time delays at different frequencies. From the attacker’s point of view, a replay attack can intentionally disrupt the system and various processes completely [40].
Malware Attacks: Malware is software designed to harm or disrupt computer systems, and it can be introduced into a microgrid’s system through email attachments, software updates, or infected USB drives. Once installed, malware can spread throughout the system, causing significant damage [41][42]. Some types of malwares, such as ransomware, can encrypt the microgrid’s data and demand payment for their release, causing significant financial losses. Cyberattacks on microgrid systems can be carried out through the use of malicious software such as BlackEnergy, Stuxnet Trojan horses, or WannaCry ransomware. In December 2015, a cyberattack targeted the electricity grid in Ivano-Frankivsk, Ukraine, resulting in a power outage and directly affecting 80,000 people. It was determined that this cyberattack was created using phishing emails and the BlackEnergy Trojan horse [43]. This attack method was observed to have the ability to delete certain types of data, damage hard disks, and control systems.
Insider Attacks: This could involve a rogue employee, contractor, or supplier who has access to the microgrid’s systems and deliberately causes harm [44]. Such an attack could be motivated by financial gain, personal animosity, or ideological beliefs. Insider attacks can be challenging to detect, as the attacker may already have authorized access to the system.
Phishing Attacks: Phishing is another major threat to microgrid cybersecurity. Phishing is a type of social engineering attack that uses deceptive emails or other means to trick users into divulging sensitive information, such as passwords or other login credentials. Once attackers have this information, they can use it to gain unauthorized access to the microgrid system. To protect against phishing, microgrid operators should train employees to recognize and avoid phishing scams, and should implement multifactor authentication to prevent unauthorized access to critical systems [44].
Ransomware Attacks: Ransomware is a type of malware that prevents users from accessing their own data or computer systems until a ransom is paid to the attacker [45]. In recent years, ransomware has become a significant threat to the security of MGs. MGs are small-scale power grids that can operate independently or in conjunction with the main power grid. They typically use DERs such as solar panels and battery storage to generate and manage power. Ransomware attacks on MGs can cause significant disruptions to power supply and create safety hazards [46][47], and they can take various forms, including locking access to control systems or preventing the delivery of electricity to customers. Attackers may also demand payment in cryptocurrency, making it difficult to track the flow of funds and apprehend the perpetrators. The consequences of a successful ransomware attack can be severe, with potential risks to human life and property. For example, an attacker could disrupt the supply of power to critical infrastructure, such as hospitals or emergency services, causing life-threatening situations. In addition, an attack on a microgrid could lead to a wider power outage affecting a larger population.
Advanced Persistent Threats: Advanced persistent threats (APTs) are a significant concern in the context of MGs as these critical infrastructures are vulnerable to cyberattacks due to their interconnected nature and the increased use of digital technologies in microgrid management systems [48]. APTs are sophisticated and stealthy cyberattacks that are often orchestrated by state-sponsored actors, organized criminal groups, or hacker collectives [49]. Unlike traditional cyberattacks that are aimed at exploiting vulnerabilities in software or hardware systems, APTs are designed to remain undetected for extended periods to collect sensitive data, steal intellectual property, or disrupt critical infrastructure. In the context of MGs, APTs can be devastating as they can compromise the integrity of the system, disrupt operations, and cause physical damage to the infrastructure [50][51]. For example, an APT targeting the control system of a microgrid can lead to unauthorized access, data theft, and even physical damage to the equipment. Moreover, an APT can also be used to launch a ransomware attack, where the attacker encrypts the critical data and demands a ransom payment in exchange for the decryption key.
SQL Injection Attacks: These attacks can pose a significant threat to the cybersecurity of the system. MGs often use web applications and interfaces to monitor and control the system, and these interfaces are potential targets for SQL injection attacks. An SQL injection attack works by inserting malicious code into a web application’s input field, which is then executed by the database server [52][53]. This code can be used to bypass authentication, retrieve sensitive data, or modify the contents of the database. In the context of MGs, a successful SQL injection attack could allow an attacker to gain control of the system, modify power flow, or even shut down the microgrid entirely [54].
Zero-day Attacks: Zero-day exploits, also known as zero-day vulnerabilities, refer to previously unknown software vulnerabilities that hackers can exploit to launch attacks. These types of attacks are particularly concerning for MGs, as they can target critical infrastructure and cause significant damage to the system [55][56]. Zero-day exploits are a type of cyberthreat that is difficult to defend against, as the system administrators may be unaware of the vulnerability and unable to apply a patch or update to fix it. They are a growing concern in the energy sector, and MGs are not immune to these types of attacks. In fact, as MGs become more prevalent, the likelihood of being targeted by zero-day exploits increases. This is because MGs often rely on outdated software and hardware, which can contain vulnerabilities that are not yet known to system administrators. Hackers can exploit these vulnerabilities to gain access to the microgrid system and launch attacks that can disrupt operations, cause damage to equipment, and potentially harm people [56][57].
Physical Attacks: Physical attacks on MGs are also a significant threat to cybersecurity. These attacks could include vandalism, theft, or sabotage of the microgrid’s hardware or infrastructure [58][59]. Physical attacks can be challenging to prevent, as they often require significant security measures and resources.

3. Strategies for Cybersecurity in MGs

MGs are small energy networks that usually provide electricity to a few consumers. These grids are important in terms of the use of RESs and energy efficiency. However, MGs are vulnerable to cyberattacks and can be manipulated by malicious actors who have access to the grid if cybersecurity measures are not taken.
Some of the crucial strategies that should be applied to ensure the security of MGs are listed below [60][61]:
  • Encryption of communication channels: In MGs, communication between different devices is often carried out wirelessly. Therefore, encryption of communication channels is very important. Encrypting data traffic between wireless communication devices significantly reduces the risks of unauthorized access and data theft.
  • Access control: In MGs, communication between devices and systems often has an open structure, which can facilitate cyberattackers’ access to the system. Therefore, access control is important. Access control includes techniques such as authentication, authorization, and access control, and provides system access only to authenticated users and devices.
  • Device updates and patches: Devices in MGs, in addition to current software and hardware patches, should also be updated periodically to minimize cybersecurity vulnerabilities. Simultaneously performing these updates on all devices and systems helps make the system more secure.
  • Threat detection and response: Malware and other cyberthreats can spread quickly in MGs and cause serious damage. Therefore, an automatic threat detection and response system capable of detecting and monitoring threats and taking necessary measures should be established in MGs.
  • Network security: MGs can be protected with network security measures. Network security includes technologies such as firewalls, network monitoring systems, network access control, and similar measures, which help prevent malicious actors from accessing and damaging the network.
  • Identification and protection of weak points: Weak points in MGs can be a target for attackers. Therefore, identifying and protecting weak points is important in preventing attacks. This can include regular updates and patch installations, identifying and closing security vulnerabilities, encryption, and similar measures.
  • Personnel training: Personnel working in MGs should be trained on cybersecurity issues. This ensures that personnel are informed about secure practices and are knowledgeable about detecting and preventing cyberattacks.
  • Password management: Using strong and unique passwords is important in protecting MGs from cyberattacks. Passwords should be changed regularly and stored securely.
  • Emergency planning: MGs’ emergency plans should include contingency plans for a cyberattack or natural disaster. These plans should be regularly updated and tested to ensure their effectiveness in a crisis.
  • Physical security: Physical security is of great importance in MGs. Physical security involves the physical protection of devices, systems, and other hardware. Therefore, it is important to properly place devices, use mechanisms that ensure physical access control, and employ mechanisms that ensure the security of devices.

4. Vulnerability Assessment and Risk Analysis

Vulnerability assessment and risk analysis are two related but distinct processes that are often used in the field of cybersecurity to identify potential threats and vulnerabilities in computer systems, networks, and other digital assets.
Vulnerability assessment involves the systematic examination of a system or network to identify vulnerabilities that could be exploited by attackers. This can involve both automated and manual techniques, such as scanning for open ports, analyzing software configurations, and testing for known vulnerabilities in specific applications. Risk analysis, on the other hand, involves a more comprehensive examination of the potential impact of a security breach, including the likelihood of an attack occurring and the potential consequences for the organization. This can involve evaluating the value of assets that could be compromised, the cost of remediation, and the potential impact on reputation, financial stability, and legal liability [62][63].
Performing a vulnerability assessment in a microgrid involves several important steps to ensure that the microgrid system is secure and resilient. This process includes identifying the assets and infrastructure that need to be assessed, identifying potential threats, analyzing vulnerabilities, evaluating the likelihood and impact of an attack, developing and implementing mitigation strategies, and continuously monitoring and updating the microgrid system to ensure ongoing security and resilience. By following these steps, a vulnerability assessment can identify potential threats and vulnerabilities, assess the impact of an attack, and develop and implement effective mitigation strategies to protect the microgrid system. Figure 2 illustrates some of the main and crucial steps to perform a vulnerability assessment in a microgrid.
Figure 2. Crucial steps to perform a vulnerability assessment in a microgrid.
In addition to vulnerability assessment, to ensure the safe and reliable operation of MGs, it is essential to perform a comprehensive risk analysis that identifies potential hazards, assesses their likelihood and impact, prioritizes risks, develops appropriate risk mitigation strategies, and monitors the effectiveness of the risk management process over time [64][65]. As illustrated in Figure 3, the main and crucial steps to perform a risk analysis in a microgrid includes hazard identification, likelihood assessment, impact assessment, risk prioritization, risk tolerance determination, evaluation of existing controls, development of risk mitigation strategies, implementation of risk mitigation measures, and monitoring and review. By following these steps, organizations can effectively manage risk in their MGs and ensure the continuity of critical services even in the face of unexpected events.
Figure 3. Crucial steps to perform a risk analysis in a microgrid.

References

  1. Dileep, G. A Survey on Smart Grid Technologies and Applications. Renew. Energy 2020, 146, 2589–2625.
  2. Kimani, K.; Oduol, V.; Langat, K. Cyber Security Challenges for IoT-Based Smart Grid Networks. Int. J. Crit. Infrastruct. Prot. 2019, 25, 36–49.
  3. Stouffer, K.; Pillitteri, V.; Lightman, S.; Abrams, M.; Hahn, A. Guide to Industrial Control Systems (ICS) Security; National Institute of Standards and Technology: Gaithersburg, MD, USA, 2015; p. NIST SP 800-82r2, Appendix C.
  4. Veitch, C.; Henry, J.; Richardson, B.; Hart, D. Microgrid Cyber Security Reference Architecture; Sandia National Lab.: Albuquerque, NM, USA, 2013; pp. SAND2013–5472, 1090210, 460305.
  5. Reda, H.T.; Anwar, A.; Mahmood, A. Comprehensive Survey and Taxonomies of False Data Injection Attacks in Smart Grids: Attack Models, Targets, and Impacts. Renew. Sustain. Energy Rev. 2022, 163, 112423.
  6. Reda, H.T.; Anwar, A.; Mahmood, A.N.; Tari, Z. A Taxonomy of Cyber Defence Strategies Against False Data Attacks in Smart Grids. ACM Comput. Surv. 2023.
  7. Ding, J.; Qammar, A.; Zhang, Z.; Karim, A.; Ning, H. Cyber Threats to Smart Grids: Review, Taxonomy, Potential Solutions, and Future Directions. Energies 2022, 15, 6799.
  8. Cao, G.; Gu, W.; Lou, G.; Sheng, W.; Liu, K. Distributed Synchronous Detection for False Data Injection Attack in Cyber-Physical Microgrids. Int. J. Electr. Power Energy Syst. 2022, 137, 107788.
  9. Giraldo, J.; Hariri, M.E.; Parvania, M. Decentralized Moving Target Defense for Microgrid Protection Against False-Data Injection Attacks. IEEE Trans. Smart Grid 2022, 13, 3700–3710.
  10. Koduru, S.S.; Machina, V.s.P.; Madichetty, S. Cyber-Attacks in Cyber Physical Microgrid Systems: A Comprehensive Review. Electr. Electron. Eng. 2023, 2023040691.
  11. Tan, S.; Xie, P.; Guerrero, J.M.; Vasquez, J.C. False Data Injection Cyber-Attacks Detection for Multiple DC Microgrid Clusters. Appl. Energy 2022, 310, 118425.
  12. Barzegari, Y.; Zarei, J.; Razavi-Far, R.; Saif, M.; Palade, V. Resilient Consensus Control Design for DC Microgrids against False Data Injection Attacks Using a Distributed Bank of Sliding Mode Observers. Sensors 2022, 22, 2644.
  13. Hu, S.; Ge, X.; Chen, X.; Yue, D. Resilient Load Frequency Control of Islanded AC Microgrids Under Concurrent False Data Injection and Denial-of-Service Attacks. IEEE Trans. Smart Grid 2023, 14, 690–700.
  14. Chen, X.; Zhou, J.; Shi, M.; Chen, Y.; Wen, J. Distributed Resilient Control against Denial of Service Attacks in DC Microgrids with Constant Power Load. Renew. Sustain. Energy Rev. 2022, 153, 111792.
  15. Chen, X.; Hu, C.; Tian, E.; Peng, C. Event-Based Fuzzy Resilient Control of Nonlinear DC Microgrids under Denial-of-Service Attacks. ISA Trans. 2022, 127, 206–215.
  16. Jamali, M.; Baghaee, H.R.; Sadabadi, M.S.; Gharehpetian, G.B.; Anvari-Moghaddam, A. Distributed Cooperative Event-Triggered Control of Cyber-Physical AC Microgrids Subject to Denial-of-Service Attacks. IEEE Trans. Smart Grid 2023, 1.
  17. Kumar, V.; Mohanty, S.R. Chapter 1—Denial-of-Service Attack Resilient Control for Cyber Physical Microgrid System. In Microgrid Cyberphysical Systems; Subudhi, B., Ray, P.K., Eds.; Elsevier: Amsterdam, The Netherlands, 2022; pp. 1–27. ISBN 978-0-323-99910-6.
  18. Zuo, S.; Beg, O.A.; Lewis, F.L.; Davoudi, A. Resilient Networked AC Microgrids Under Unbounded Cyber Attacks. IEEE Trans. Smart Grid 2020, 11, 3785–3794.
  19. Zhuang, P.; Zamir, T.; Liang, H. Blockchain for Cybersecurity in Smart Grid: A Comprehensive Survey. IEEE Trans. Ind. Inform. 2021, 17, 3–19.
  20. Jiao, W.; Li, V.O.K. Support Vector Machine Detection of Data Framing Attack in Smart Grid. In Proceedings of the 2018 IEEE Conference on Communications and Network Security (CNS), Beijing, China, 30 May–1 June 2018; pp. 1–5.
  21. Ramakrishna, R.; Scaglione, A. Detection of False Data Injection Attack Using Graph Signal Processing for the Power Grid. In Proceedings of the 2019 IEEE Global Conference on Signal and Information Processing (GlobalSIP), Ottawa, ON, Canada, 11–14 November 2019; pp. 1–5.
  22. Ma, M.; Lahmadi, A.; Chrisment, I. Detecting a Stealthy Attack in Distributed Control for Microgrids Using Machine Learning Algorithms. In Proceedings of the 2020 IEEE Conference on Industrial Cyberphysical Systems (ICPS), Tampere, Finland, 10–12 June 2020; Volume 1, pp. 143–148.
  23. Karanfil, M.; Rebbah, D.E.; Ghafouri, M.; Kassouf, M.; Debbabi, M.; Hanna, A. Security Monitoring of the Microgrid Using IEC 62351-7 Network and System Management. In Proceedings of the 2022 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT), New Orleans, LA, USA, 24–28 April 2022; pp. 1–5.
  24. Naderi, E.; Asrari, A. Experimental Validation of a Remedial Action via Hardware-in-the-Loop System Against Cyberattacks Targeting a Lab-Scale PV/Wind Microgrid. IEEE Trans. Smart Grid 2023, 1.
  25. Sahoo, S.; Dragičević, T.; Blaabjerg, F. Multilayer Resilience Paradigm Against Cyber Attacks in DC Microgrids. IEEE Trans. Power Electron. 2021, 36, 2522–2532.
  26. Fritz, J.J.; Sagisi, J.; James, J.; Leger, A.S.; King, K.; Duncan, K.J. Simulation of Man in the Middle Attack On Smart Grid Testbed. In Proceedings of the 2019 SoutheastCon, Huntsville, AL, USA, 11–14 April 2019; pp. 1–6.
  27. Wlazlo, P.; Sahu, A.; Mao, Z.; Huang, H.; Goulart, A.; Davis, K.; Zonouz, S. Man-in-the-Middle Attacks and Defence in a Power System Cyber-Physical Testbed. IET Cyber-Phys. Syst. Theory Appl. 2021, 6, 164–177.
  28. Amini, S.; Pasqualetti, F.; Mohsenian-Rad, H. Dynamic Load Altering Attacks Against Power System Stability: Attack Models and Protection Schemes. IEEE Trans. Smart Grid 2018, 9, 2862–2872.
  29. Chakrabarty, S.; Sikdar, B. Detection of Malicious Command Injection Attacks on Phase Shifter Control in Power Systems. IEEE Trans. Power Syst. 2021, 36, 271–280.
  30. Choeum, D.; Choi, D.-H. Vulnerability Assessment of Conservation Voltage Reduction to Load Redistribution Attack in Unbalanced Active Distribution Networks. IEEE Trans. Ind. Inform. 2021, 17, 473–483.
  31. Zhang, Z.J.; Bloch, M.; Saeedifard, M. Load Redistribution Attacks in Multi-Terminal DC Grids. In Proceedings of the 2022 IEEE Energy Conversion Congress and Exposition (ECCE), Detroit, MI, USA, 9–13 October 2022; pp. 1–7.
  32. Pinceti, A.; Sankar, L.; Kosut, O. Detection and Localization of Load Redistribution Attacks on Large-Scale Systems. J. Mod. Power Syst. Clean Energy 2022, 10, 361–370.
  33. Lei, J.; Gao, S.; Shi, J.; Wei, X.; Dong, M.; Wang, W.; Han, Z. A Reinforcement Learning Approach for Defending Against Multiscenario Load Redistribution Attacks. IEEE Trans. Smart Grid 2022, 13, 3711–3722.
  34. He, H.; Huang, S.; Liu, Y.; Zhang, T. A Tri-Level Optimization Model for Power Grid Defense with the Consideration of Post-Allocated DGs against Coordinated Cyber-Physical Attacks. Int. J. Electr. Power Energy Syst. 2021, 130, 106903.
  35. Poursmaeil, B.; Ravadanegh, S.N. Robust Defense Strategy Against Cyber Physical Attacks In Networked Microgrids. In Proceedings of the 2019 International Power System Conference (PSC), Tehran, Iran, 9–11 December 2019; pp. 709–715.
  36. Qin, C.; Zhong, C.; Sun, B.; Jin, X.; Zeng, Y. A Tri-Level Optimal Defense Method against Coordinated Cyber-Physical Attacks Considering Full Substation Topology. Appl. Energy 2023, 339, 120961.
  37. Zhang, J.; Sankar, L. Physical System Consequences of Unobservable State-and-Topology Cyber-Physical Attacks. IEEE Trans. Smart Grid 2016, 7, 2016–2025.
  38. Na, G.; Eun, Y. A Probing Signal-Based Replay Attack Detection Method Avoiding Control Performance Degradation. Int. J. Control Autom. Syst. 2022, 20, 3637–3649.
  39. Naha, A.; Teixeira, A.; Ahlén, A.; Dey, S. Sequential Detection of Replay Attacks. IEEE Trans. Autom. Control 2023, 68, 1941–1948.
  40. Abdelwahab, A.; Lucia, W.; Youssef, A. Set-Theoretic Control for Active Detection of Replay Attacks with Applications to Smart Grid. In Proceedings of the 2020 IEEE Conference on Control Technology and Applications (CCTA), Montreal, QC, Canada, 24–26 August 2020; pp. 1004–1009.
  41. Alsokhiry, F.; Annuk, A.; Kabanen, T.; Mohamed, M.A. A Malware Attack Enabled an Online Energy Strategy for Dynamic Wireless EVs within Transportation Systems. Mathematics 2022, 10, 4691.
  42. Xu, S.; Tu, H.; Xia, Y. Resilience Enhancement of Renewable Cyber–Physical Power System against Malware Attacks. Reliab. Eng. Syst. Saf. 2023, 229, 108830.
  43. BlackEnergy APT Attacks in Ukraine. Available online: https://www.kaspersky.com/resource-center/threats/blackenergy (accessed on 19 April 2023).
  44. Jamil, N.; Qassim, Q.S.; Bohani, F.A.; Mansor, M.; Ramachandaramurthy, V.K. Cybersecurity of Microgrid: State-of-the-Art Review and Possible Directions of Future Research. Appl. Sci. 2021, 11, 9812.
  45. Karanfil, M.; Rebbah, D.E.; Debbabi, M.; Kassouf, M.; Ghafouri, M.; Youssef, E.-N.S.; Hanna, A. Detection of Microgrid Cyberattacks Using Network and System Management. IEEE Trans. Smart Grid 2022, 1.
  46. Czekster, R.M.; Avritzer, A.; Menasché, D.S. Aging and Rejuvenation Models of Load Changing Attacks in Micro-Grids. In Proceedings of the 2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW), Wuhan, China, 25–28 October 2021; pp. 17–24.
  47. Khalil, S.M.; Bahsi, H.; Dola, H.O.; Korõtko, T.; McLaughlin, K.; Kotkas, V. Threat Modeling of Cyber-Physical Systems—A Case Study of a Microgrid System. Comput. Secur. 2023, 124, 102950.
  48. Ning, B.; Xiao, L. Defense Against Advanced Persistent Threats in Smart Grids: A Reinforcement Learning Approach. In Proceedings of the 2021 40th Chinese Control Conference (CCC), Shanghai, China, 26–28 July 2021; pp. 8598–8603.
  49. Tian, W.; Du, M.; Ji, X.; Liu, G.; Dai, Y.; Han, Z. Honeypot Detection Strategy Against Advanced Persistent Threats in Industrial Internet of Things: A Prospect Theoretic Game. IEEE Internet Things J. 2021, 8, 17372–17381.
  50. Tian, W.; Ji, X.; Liu, W.; Liu, G.; Zhai, J.; Dai, Y.; Huang, S. Prospect Theoretic Study of Honeypot Defense Against Advanced Persistent Threats in Power Grid. IEEE Access 2020, 8, 64075–64085.
  51. Park, K.; Ahn, B.; Kim, J.; Won, D.; Noh, Y.; Choi, J.; Kim, T. An Advanced Persistent Threat (APT)-Style Cyberattack Testbed for Distributed Energy Resources (DER). In Proceedings of the 2021 IEEE Design Methodologies Conference (DMC), Bath, UK, 14–15 July 2021; pp. 1–5.
  52. Sheng, J. Research on SQL Injection Attack and Defense Technology of Power Dispatching Data Network: Based on Data Mining. Mob. Inf. Syst. 2022, 2022, e6207275.
  53. Gaggero, G.B.; Caviglia, R.; Armellin, A.; Rossi, M.; Girdinio, P.; Marchese, M. Detecting Cyberattacks on Electrical Storage Systems through Neural Network Based Anomaly Detection Algorithm. Sensors 2022, 22, 3933.
  54. Hasan, M.K.; Alkhalifah, A.; Islam, S.; Babiker, N.B.M.; Habib, A.K.M.A.; Aman, A.H.M.; Hossain, M.A. Blockchain Technology on Smart Grid, Energy Trading, and Big Data: Security Issues, Challenges, and Recommendations. Wirel. Commun. Mob. Comput. 2022, 2022, e9065768.
  55. Liu, M.; Zhao, C.; Zhang, Z.; Deng, R.; Cheng, P.; Chen, J. Converter-Based Moving Target Defense Against Deception Attacks in DC Microgrids. IEEE Trans. Smart Grid 2022, 13, 3984–3996.
  56. Takiddin, A.; Rath, S.; Ismail, M.; Sahoo, S. Data-Driven Detection of Stealth Cyber-Attacks in DC Microgrids. IEEE Syst. J. 2022, 16, 6097–6106.
  57. Salehghaffari, H.; Khodaparastan, M. Dynamic Attacks Against Inverter-Based Microgrids. In Proceedings of the 2019 IEEE Power & Energy Society General Meeting (PESGM), Atlanta, GA, USA, 4–8 August 2019; pp. 1–5.
  58. Kawoosa, A.I.; Prashar, D. Cyber and Theft Attacks on Smart Electric Metering Systems: An Overview of Defenses. In Smart Electrical Grid System; CRC Press: Boca Raton, FL, USA, 2022; ISBN 978-1-00-324227-7.
  59. Goudarzi, A.; Ghayoor, F.; Waseem, M.; Fahad, S.; Traore, I. A Survey on IoT-Enabled Smart Grids: Emerging, Applications, Challenges, and Outlook. Energies 2022, 15, 6984.
  60. Nejabatkhah, F.; Li, Y.W.; Liang, H.; Reza Ahrabi, R. Cyber-Security of Smart Microgrids: A Survey. Energies 2021, 14, 27.
  61. Gunduz, M.Z.; Das, R. Cyber-Security on Smart Grid: Threats and Potential Solutions. Comput. Netw. 2020, 169, 107094.
  62. Luo, J.; Li, H.; Wang, S. A Quantitative Approach and Simplified Generic Transient Motor Startup Power Models for Microgrids Security Assessment. Sustain. Cities Soc. 2022, 83, 103998.
  63. Mishra, S.; Anderson, K.; Miller, B.; Boyer, K.; Warren, A. Microgrid Resilience: A Holistic Approach for Assessing Threats, Identifying Vulnerabilities, and Designing Corresponding Mitigation Strategies. Appl. Energy 2020, 264, 114726.
  64. Peng, H.; Su, M.; Li, S.; Li, C. Static Security Risk Assessment for Islanded Hybrid AC/DC Microgrid. IEEE Access 2019, 7, 37545–37554.
  65. Colorado, P.J.; Suppioni, V.P.; Filho, A.J.S.; Salles, M.B.C.; Grilo-Pavani, A.P. Security Assessment for the Islanding Transition of Microgrids. IEEE Access 2022, 10, 17189–17200.
More
© Text is available under the terms and conditions of the Creative Commons Attribution (CC BY) license; additional terms may apply. By using this site, you agree to the Terms and Conditions and Privacy Policy.
Upload a video for this entry
Information
Subjects: Engineering, Electrical & Electronic
Contributors MDPI registered users' name will be linked to their SciProfiles pages. To register with us, please refer to https://encyclopedia.pub/register :
Erdal Irmak
,
Ersan Kabalci
,
Yasin Kabalci
View Times: 543
Revisions: 2 times (View History)
Update Date: 25 Jun 2023
Table of Contents
    1000/1000
    Hot Most Recent
    Video Production Service
    Feedback