Outsmarting cyberattacks on microgrids

A system that detects and mitigates stealthy intermittent attacks against intelligent systems such as small power grids called microgrids is expected to help meet emerging cybersecurity challenges, a KAUST-led team demonstrates.

Electronics-interfaced power devices play an increasingly important role in electricity generation and storage. Useful for small decentralized power systems that rely on renewable energy sources such as microgrids, they offer an ecofriendly and economical alternative to conventional generators in large-scale central plants.

However, their integration into the grid creates several uncertainties regarding reliability, stability and resilience. It also makes computing and communication capabilities easier to implement, but the presence of intelligent electronic devices in various parts of the grid can increase cybersecurity risks in this system.

Microgrids provide a localized and independent source of electricity when communities are isolated. They allow critical services, such as hospitals and emergency response centers, to remain operational when the main grid fails during extreme weather events. They also incorporate specialized equipment such as solar panels and wind turbines that require digital control systems and communication networks for optimal performance and seamless integration.

Therefore, a targeted cyberattack could disrupt the operation of a microgrid and cause major financial losses, safety risks or compromised services. Moreover, because microgrids are connected to large utility grids or neighboring microgrids, an attack on one system could spread to others and impact the overall security and stability of the grid.

“We developed a mitigation strategy that stabilizes voltage and frequency signals in an islanded microgrid after a cyberattack,” says Andres Intriago, a graduate student in Charalambos Konstantinou’s group.[1]

The researchers conceived a stealthy intermittent attack on a model microgrid equipped with devices known as grid-forming inverters, which supply a stable voltage and frequency in the microgrid, even when it is disconnected from the main grid.

Specifically, they constructed a covert attack and planned its activation and pause times to conceal the attack signal during specific periods and make it difficult to detect.

The team devised an algorithm that continuously compares actual voltages and frequencies to estimates generated by an observer deployed at each inverter in the absence of an attack. When an attack occurs, the error between measurements and estimates increases beyond a threshold, which triggers an alarm indicating a disturbance and prompts systems that control each inverter to fix the discrepancy. “This approach ensures the effectiveness of our technique,” Konstantinou says.

The researchers are investigating ways to achieve reliable and resilient operation in different power systems. They are developing techniques to compensate for low inertia in systems that use renewable energy sources instead of the traditional synchronous generators and, consequently, do not benefit from the stabilizing effects of inertia.


Discover more exciting KAUST research stories at KAUST Discovery.
  1. Intriago, A., Liberati, F., Hatziargyriou, N. D. & Konstantinou, C. Residual-based detection of attacks in cyber-physical inverter-based microgrids. IEEE Transactions on Power Systems, advance online publication, 14 June 2023. | article.