Smart PV Inverter Cyberattack Detection Using Hardware-in-the-Loop Test Facility

Simple item page
Author(s)Kaewnukultorn, Thunchanok
Author(s)Sepúlveda-Mora, Sergio B.
Author(s)Broadwater, Robert
Author(s)Zhu, Dan
Author(s)Tsoutsos, Nektarios G.
Author(s)Hegedus, Steven
Date Accessioned2024-01-10T15:20:05Z
Date Available2024-01-10T15:20:05Z
Publication Date2023-08-23
DescriptionThis article was originally published in IEEE Access. The version of record is available at: https://doi.org/10.1109/ACCESS.2023.3308052.
AbstractThis paper evaluates residential smart photovoltaic (PV) inverters’ responses to cyberattacks and assesses the performance of an intrusion detection strategy for smart grid devices by comparing time-series power flow results from a simulation application called Faster Than Real-Time (FTRT) Simulator to measurements from a Power Hardware-in-the-Loop (P-HIL) laboratory as a testbed. Twenty different cyberattacks from three classes - Denial of Service (DoS), Intermittent attack, and Modification - were designed and tested with grid-tied smart inverters in order to study the inverters’ responses to malicious activities. The intrusion detection strategy was developed using a comparison between the predicted PV power output from FTRT and the power flows measured from P-HIL laboratory through the API interface. Real and reactive power thresholds were assigned based on a number of repeated experiments to ensure the applicability of the thresholds. The results showed that inverters from different manufacturers have their own unique responses which could be detected by the power flow measurements. Our detection method could identify over 94% of actual malicious actions and 7.4% of no-attack hours are detected as false positives. Out of 38 under-attack hours, 2 undetected hours are due to the intermittent attacks. Different attacks can be detected based on the targeted components of the complex power that attackers are aiming to cause disturbances. Our findings additionally show that DoS can be noticed immediately after the devices have been sabotaged, and they can be detected from the active power analysis. However, modification attack detection will depend more on the reactive power measurements, while intermittent attacks remain the most challenging for the proposed detection method since the objective of intermittent attacks is to create an oscillation of the complex power components which need a relatively high time resolution for the measurement.
SponsorThis work was supported in part by the U.S. Department of Energy under Award DE-0008768, and in part by the University of Delaware Graduate College through the University Dissertation Fellowship. 10.13039/100000015-U.S. Department of Energy (Grant Number: DE-0008768). 10.13039/100006094-University of Delaware Graduate College through the University Dissertation Fellowship.
CitationT. Kaewnukultorn, S. B. Sepúlveda-Mora, R. Broadwater, D. Zhu, N. G. Tsoutsos and S. Hegedus, "Smart PV Inverter Cyberattack Detection Using Hardware-in-the-Loop Test Facility," in IEEE Access, vol. 11, pp. 90766-90779, 2023, doi: 10.1109/ACCESS.2023.3308052.
ISSN2169-3536
URLhttps://udspace.udel.edu/handle/19716/33782
Languageen_US
PublisherIEEE Access
dc.rightsAttribution-NonCommercial-NoDerivatives 4.0 Internationalen
dc.rights.urihttp://creativecommons.org/licenses/by-nc-nd/4.0/
KeywordsSmart inverters
Keywordscyberattacks
Keywordshardware-in-the-loop laboratory
Keywordsgrid supporting function
Keywordscyberattack detection
TitleSmart PV Inverter Cyberattack Detection Using Hardware-in-the-Loop Test Facility
TypeArticle
Files
Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
Smart PV Inverter Cyberattack Detection Using Hardware.pdf
Size:
5.76 MB
Format:
Adobe Portable Document Format
Description:
Main article
Download
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
2.22 KB
Format:
Item-specific license agreed upon to submission
Description:
Download
Collections
Open Access Publications
Open Access Publications