Smart PV Inverter Cyberattack Detection using Hardware-in-the-Loop Test Facility

This paper evaluates residential smart photovoltaic (PV) inverters' responses to cyberattacks and assesses the performance of an intrusion detection strategy for smart grid devices by comparing time-series power flow results from a simulation application called Faster Than Real-Time (FTRT) Simu...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	IEEE access 2023-01, Vol.11, p.1-1
Hauptverfasser:	Kaewnukultorn, Thunchanok, Sepulveda-Mora, Sergio B., Broadwater, Robert, Zhu, Dan, Tsoutsos, Nektarios G., Hegedus, Steven
Format:	Artikel
Sprache:	eng
Schlagworte:	Computer Science Cyberattack cyberattack detection cyberattacks Cybersecurity Denial of service attacks Engineering grid supporting function Hardware-in-the-Loop laboratory Hardware-in-the-loop simulation Intrusion detection Inverters Load flow MATHEMATICS AND COMPUTING Photovoltaic cells Power flow Power measurement Reactive power Smart grid Smart grids Smart inverters Telecommunications Test facilities Thresholds
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page	1
container_issue
container_start_page	1
container_title	IEEE access
container_volume	11
creator	Kaewnukultorn, Thunchanok Sepulveda-Mora, Sergio B. Broadwater, Robert Zhu, Dan Tsoutsos, Nektarios G. Hegedus, Steven
description	This paper evaluates residential smart photovoltaic (PV) inverters' responses to cyberattacks and assesses the performance of an intrusion detection strategy for smart grid devices by comparing time-series power flow results from a simulation application called Faster Than Real-Time (FTRT) Simulator to measurements from a Power Hardware-in-the-Loop (P-HIL) laboratory as a testbed. Twenty different cyberattacks from three classes - Denial of Service (DoS), Intermittent attack, and Modification - were designed and tested with grid-tied smart inverters in order to study the inverters' responses to malicious activities. The intrusion detection strategy was developed using a comparison between the predicted PV power output from FTRT and the power flows measured from P-HIL laboratory through the API interface. Real and reactive power thresholds were assigned based on a number of repeated experiments to ensure the applicability of the thresholds. The results showed that inverters from different manufacturers have their own unique responses which could be detected by the power flow measurements. Our detection method could identify over 94% of actual malicious actions and 7.4% of no-attack hours are detected as false positives. Out of 38 under-attack hours, 2 undetected hours are due to the intermittent attacks. Different attacks can be detected based on the targeted components of the complex power that attackers are aiming to cause disturbances. Our findings additionally show that DoS can be noticed immediately after the devices have been sabotaged, and they can be detected from the active power analysis. However, modification attack detection will depend more on the reactive power measurements, while intermittent attacks remain the most challenging for the proposed detection method since the objective of intermittent attacks is to create an oscillation of the complex power components which need a relatively high time resolution for the measurement.
doi_str_mv	10.1109/ACCESS.2023.3308052
format	Article
fullrecord	<record><control><sourceid>proquest_osti_</sourceid><recordid>TN_cdi_osti_scitechconnect_1996426</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10227258</ieee_id><doaj_id>oai_doaj_org_article_e5881f0884344b7abeb0bdd10979ec18</doaj_id><sourcerecordid>2859716019</sourcerecordid><originalsourceid>FETCH-LOGICAL-c436t-b89a9777df4ece45c506ea32a00472f7bc1b5ac9ac257b322b2e41cad30ff3803</originalsourceid><addsrcrecordid>eNpNkc1qGzEUhYfQQkKaJ0gWQ7seV78jaRmmSWwwNOA0WyFp7thy3JEryQl--yodU6KNxOWcw_10quoaoxnGSH2_7bq71WpGEKEzSpFEnJxVFwS3qqGctp8-vM-rq5S2qBxZRlxcVI-r3ybm-vG5XoyvEDPEujtaiCZn417qH5DBZR_G-pD8uK7nJvZvJkLjxyZvoFmGsK-fIOX63ji_8_n4pfo8mF2Cq9N9Wf26v3vq5s3y58Oiu102jtE2N1Yqo4QQ_cDAAeOOoxYMJQYhJsggrMOWG6eMI1xYSoglwLAzPUXDQCWil9Viyu2D2ep99IXjqIPx-t8gxLUuYN7tQAOXEg9ISkYZs8JYsMj2ffk7ocBhWbK-TlkhZa-T8wV648I4FnaNlWoZaYvo2yTax_DnUJD1NhziWBg1kVwJ3CKsiopOKhdDShGG_6thpN_r0lNd-r0ufaqruG4mlweADw5CBOGS_gX9Lo-9</addsrcrecordid><sourcetype>Open Website</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2859716019</pqid></control><display><type>article</type><title>Smart PV Inverter Cyberattack Detection using Hardware-in-the-Loop Test Facility</title><source>IEEE Open Access Journals</source><source>DOAJ Directory of Open Access Journals</source><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><creator>Kaewnukultorn, Thunchanok ; Sepulveda-Mora, Sergio B. ; Broadwater, Robert ; Zhu, Dan ; Tsoutsos, Nektarios G. ; Hegedus, Steven</creator><creatorcontrib>Kaewnukultorn, Thunchanok ; Sepulveda-Mora, Sergio B. ; Broadwater, Robert ; Zhu, Dan ; Tsoutsos, Nektarios G. ; Hegedus, Steven ; Electrical Distribution Design, Inc., Blacksburg, VA (United States)</creatorcontrib><description>This paper evaluates residential smart photovoltaic (PV) inverters' responses to cyberattacks and assesses the performance of an intrusion detection strategy for smart grid devices by comparing time-series power flow results from a simulation application called Faster Than Real-Time (FTRT) Simulator to measurements from a Power Hardware-in-the-Loop (P-HIL) laboratory as a testbed. Twenty different cyberattacks from three classes - Denial of Service (DoS), Intermittent attack, and Modification - were designed and tested with grid-tied smart inverters in order to study the inverters' responses to malicious activities. The intrusion detection strategy was developed using a comparison between the predicted PV power output from FTRT and the power flows measured from P-HIL laboratory through the API interface. Real and reactive power thresholds were assigned based on a number of repeated experiments to ensure the applicability of the thresholds. The results showed that inverters from different manufacturers have their own unique responses which could be detected by the power flow measurements. Our detection method could identify over 94% of actual malicious actions and 7.4% of no-attack hours are detected as false positives. Out of 38 under-attack hours, 2 undetected hours are due to the intermittent attacks. Different attacks can be detected based on the targeted components of the complex power that attackers are aiming to cause disturbances. Our findings additionally show that DoS can be noticed immediately after the devices have been sabotaged, and they can be detected from the active power analysis. However, modification attack detection will depend more on the reactive power measurements, while intermittent attacks remain the most challenging for the proposed detection method since the objective of intermittent attacks is to create an oscillation of the complex power components which need a relatively high time resolution for the measurement.</description><identifier>ISSN: 2169-3536</identifier><identifier>EISSN: 2169-3536</identifier><identifier>DOI: 10.1109/ACCESS.2023.3308052</identifier><identifier>CODEN: IAECCG</identifier><language>eng</language><publisher>Piscataway: IEEE</publisher><subject>Computer Science ; Cyberattack ; cyberattack detection ; cyberattacks ; Cybersecurity ; Denial of service attacks ; Engineering ; grid supporting function ; Hardware-in-the-Loop laboratory ; Hardware-in-the-loop simulation ; Intrusion detection ; Inverters ; Load flow ; MATHEMATICS AND COMPUTING ; Photovoltaic cells ; Power flow ; Power measurement ; Reactive power ; Smart grid ; Smart grids ; Smart inverters ; Telecommunications ; Test facilities ; Thresholds</subject><ispartof>IEEE access, 2023-01, Vol.11, p.1-1</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2023</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c436t-b89a9777df4ece45c506ea32a00472f7bc1b5ac9ac257b322b2e41cad30ff3803</citedby><cites>FETCH-LOGICAL-c436t-b89a9777df4ece45c506ea32a00472f7bc1b5ac9ac257b322b2e41cad30ff3803</cites><orcidid>0000-0002-1248-7616 ; 0000-0001-7862-6423 ; 0000-0002-5769-0124 ; 0000-0002-0429-6764 ; 0000-0002-9847-5463 ; 0000000257690124 ; 0000000298475463 ; 0000000204296764 ; 0000000178626423 ; 0000000212487616</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10227258$$EHTML$$P50$$Gieee$$Hfree_for_read</linktohtml><link.rule.ids>230,315,782,786,866,887,2106,27642,27933,27934,54942</link.rule.ids><backlink>$$Uhttps://www.osti.gov/biblio/1996426$$D View this record in Osti.gov$$Hfree_for_read</backlink></links><search><creatorcontrib>Kaewnukultorn, Thunchanok</creatorcontrib><creatorcontrib>Sepulveda-Mora, Sergio B.</creatorcontrib><creatorcontrib>Broadwater, Robert</creatorcontrib><creatorcontrib>Zhu, Dan</creatorcontrib><creatorcontrib>Tsoutsos, Nektarios G.</creatorcontrib><creatorcontrib>Hegedus, Steven</creatorcontrib><creatorcontrib>Electrical Distribution Design, Inc., Blacksburg, VA (United States)</creatorcontrib><title>Smart PV Inverter Cyberattack Detection using Hardware-in-the-Loop Test Facility</title><title>IEEE access</title><addtitle>Access</addtitle><description>This paper evaluates residential smart photovoltaic (PV) inverters' responses to cyberattacks and assesses the performance of an intrusion detection strategy for smart grid devices by comparing time-series power flow results from a simulation application called Faster Than Real-Time (FTRT) Simulator to measurements from a Power Hardware-in-the-Loop (P-HIL) laboratory as a testbed. Twenty different cyberattacks from three classes - Denial of Service (DoS), Intermittent attack, and Modification - were designed and tested with grid-tied smart inverters in order to study the inverters' responses to malicious activities. The intrusion detection strategy was developed using a comparison between the predicted PV power output from FTRT and the power flows measured from P-HIL laboratory through the API interface. Real and reactive power thresholds were assigned based on a number of repeated experiments to ensure the applicability of the thresholds. The results showed that inverters from different manufacturers have their own unique responses which could be detected by the power flow measurements. Our detection method could identify over 94% of actual malicious actions and 7.4% of no-attack hours are detected as false positives. Out of 38 under-attack hours, 2 undetected hours are due to the intermittent attacks. Different attacks can be detected based on the targeted components of the complex power that attackers are aiming to cause disturbances. Our findings additionally show that DoS can be noticed immediately after the devices have been sabotaged, and they can be detected from the active power analysis. However, modification attack detection will depend more on the reactive power measurements, while intermittent attacks remain the most challenging for the proposed detection method since the objective of intermittent attacks is to create an oscillation of the complex power components which need a relatively high time resolution for the measurement.</description><subject>Computer Science</subject><subject>Cyberattack</subject><subject>cyberattack detection</subject><subject>cyberattacks</subject><subject>Cybersecurity</subject><subject>Denial of service attacks</subject><subject>Engineering</subject><subject>grid supporting function</subject><subject>Hardware-in-the-Loop laboratory</subject><subject>Hardware-in-the-loop simulation</subject><subject>Intrusion detection</subject><subject>Inverters</subject><subject>Load flow</subject><subject>MATHEMATICS AND COMPUTING</subject><subject>Photovoltaic cells</subject><subject>Power flow</subject><subject>Power measurement</subject><subject>Reactive power</subject><subject>Smart grid</subject><subject>Smart grids</subject><subject>Smart inverters</subject><subject>Telecommunications</subject><subject>Test facilities</subject><subject>Thresholds</subject><issn>2169-3536</issn><issn>2169-3536</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2023</creationdate><recordtype>article</recordtype><sourceid>ESBDL</sourceid><sourceid>RIE</sourceid><sourceid>DOA</sourceid><recordid>eNpNkc1qGzEUhYfQQkKaJ0gWQ7seV78jaRmmSWwwNOA0WyFp7thy3JEryQl--yodU6KNxOWcw_10quoaoxnGSH2_7bq71WpGEKEzSpFEnJxVFwS3qqGctp8-vM-rq5S2qBxZRlxcVI-r3ybm-vG5XoyvEDPEujtaiCZn417qH5DBZR_G-pD8uK7nJvZvJkLjxyZvoFmGsK-fIOX63ji_8_n4pfo8mF2Cq9N9Wf26v3vq5s3y58Oiu102jtE2N1Yqo4QQ_cDAAeOOoxYMJQYhJsggrMOWG6eMI1xYSoglwLAzPUXDQCWil9Viyu2D2ep99IXjqIPx-t8gxLUuYN7tQAOXEg9ISkYZs8JYsMj2ffk7ocBhWbK-TlkhZa-T8wV648I4FnaNlWoZaYvo2yTax_DnUJD1NhziWBg1kVwJ3CKsiopOKhdDShGG_6thpN_r0lNd-r0ufaqruG4mlweADw5CBOGS_gX9Lo-9</recordid><startdate>20230101</startdate><enddate>20230101</enddate><creator>Kaewnukultorn, Thunchanok</creator><creator>Sepulveda-Mora, Sergio B.</creator><creator>Broadwater, Robert</creator><creator>Zhu, Dan</creator><creator>Tsoutsos, Nektarios G.</creator><creator>Hegedus, Steven</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>ESBDL</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>7SR</scope><scope>8BQ</scope><scope>8FD</scope><scope>JG9</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>OTOTI</scope><scope>DOA</scope><orcidid>https://orcid.org/0000-0002-1248-7616</orcidid><orcidid>https://orcid.org/0000-0001-7862-6423</orcidid><orcidid>https://orcid.org/0000-0002-5769-0124</orcidid><orcidid>https://orcid.org/0000-0002-0429-6764</orcidid><orcidid>https://orcid.org/0000-0002-9847-5463</orcidid><orcidid>https://orcid.org/0000000257690124</orcidid><orcidid>https://orcid.org/0000000298475463</orcidid><orcidid>https://orcid.org/0000000204296764</orcidid><orcidid>https://orcid.org/0000000178626423</orcidid><orcidid>https://orcid.org/0000000212487616</orcidid></search><sort><creationdate>20230101</creationdate><title>Smart PV Inverter Cyberattack Detection using Hardware-in-the-Loop Test Facility</title><author>Kaewnukultorn, Thunchanok ; Sepulveda-Mora, Sergio B. ; Broadwater, Robert ; Zhu, Dan ; Tsoutsos, Nektarios G. ; Hegedus, Steven</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c436t-b89a9777df4ece45c506ea32a00472f7bc1b5ac9ac257b322b2e41cad30ff3803</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2023</creationdate><topic>Computer Science</topic><topic>Cyberattack</topic><topic>cyberattack detection</topic><topic>cyberattacks</topic><topic>Cybersecurity</topic><topic>Denial of service attacks</topic><topic>Engineering</topic><topic>grid supporting function</topic><topic>Hardware-in-the-Loop laboratory</topic><topic>Hardware-in-the-loop simulation</topic><topic>Intrusion detection</topic><topic>Inverters</topic><topic>Load flow</topic><topic>MATHEMATICS AND COMPUTING</topic><topic>Photovoltaic cells</topic><topic>Power flow</topic><topic>Power measurement</topic><topic>Reactive power</topic><topic>Smart grid</topic><topic>Smart grids</topic><topic>Smart inverters</topic><topic>Telecommunications</topic><topic>Test facilities</topic><topic>Thresholds</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Kaewnukultorn, Thunchanok</creatorcontrib><creatorcontrib>Sepulveda-Mora, Sergio B.</creatorcontrib><creatorcontrib>Broadwater, Robert</creatorcontrib><creatorcontrib>Zhu, Dan</creatorcontrib><creatorcontrib>Tsoutsos, Nektarios G.</creatorcontrib><creatorcontrib>Hegedus, Steven</creatorcontrib><creatorcontrib>Electrical Distribution Design, Inc., Blacksburg, VA (United States)</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE Open Access Journals</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Engineered Materials Abstracts</collection><collection>METADEX</collection><collection>Technology Research Database</collection><collection>Materials Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>OSTI.GOV</collection><collection>DOAJ Directory of Open Access Journals</collection><jtitle>IEEE access</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Kaewnukultorn, Thunchanok</au><au>Sepulveda-Mora, Sergio B.</au><au>Broadwater, Robert</au><au>Zhu, Dan</au><au>Tsoutsos, Nektarios G.</au><au>Hegedus, Steven</au><aucorp>Electrical Distribution Design, Inc., Blacksburg, VA (United States)</aucorp><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Smart PV Inverter Cyberattack Detection using Hardware-in-the-Loop Test Facility</atitle><jtitle>IEEE access</jtitle><stitle>Access</stitle><date>2023-01-01</date><risdate>2023</risdate><volume>11</volume><spage>1</spage><epage>1</epage><pages>1-1</pages><issn>2169-3536</issn><eissn>2169-3536</eissn><coden>IAECCG</coden><abstract>This paper evaluates residential smart photovoltaic (PV) inverters' responses to cyberattacks and assesses the performance of an intrusion detection strategy for smart grid devices by comparing time-series power flow results from a simulation application called Faster Than Real-Time (FTRT) Simulator to measurements from a Power Hardware-in-the-Loop (P-HIL) laboratory as a testbed. Twenty different cyberattacks from three classes - Denial of Service (DoS), Intermittent attack, and Modification - were designed and tested with grid-tied smart inverters in order to study the inverters' responses to malicious activities. The intrusion detection strategy was developed using a comparison between the predicted PV power output from FTRT and the power flows measured from P-HIL laboratory through the API interface. Real and reactive power thresholds were assigned based on a number of repeated experiments to ensure the applicability of the thresholds. The results showed that inverters from different manufacturers have their own unique responses which could be detected by the power flow measurements. Our detection method could identify over 94% of actual malicious actions and 7.4% of no-attack hours are detected as false positives. Out of 38 under-attack hours, 2 undetected hours are due to the intermittent attacks. Different attacks can be detected based on the targeted components of the complex power that attackers are aiming to cause disturbances. Our findings additionally show that DoS can be noticed immediately after the devices have been sabotaged, and they can be detected from the active power analysis. However, modification attack detection will depend more on the reactive power measurements, while intermittent attacks remain the most challenging for the proposed detection method since the objective of intermittent attacks is to create an oscillation of the complex power components which need a relatively high time resolution for the measurement.</abstract><cop>Piscataway</cop><pub>IEEE</pub><doi>10.1109/ACCESS.2023.3308052</doi><tpages>1</tpages><orcidid>https://orcid.org/0000-0002-1248-7616</orcidid><orcidid>https://orcid.org/0000-0001-7862-6423</orcidid><orcidid>https://orcid.org/0000-0002-5769-0124</orcidid><orcidid>https://orcid.org/0000-0002-0429-6764</orcidid><orcidid>https://orcid.org/0000-0002-9847-5463</orcidid><orcidid>https://orcid.org/0000000257690124</orcidid><orcidid>https://orcid.org/0000000298475463</orcidid><orcidid>https://orcid.org/0000000204296764</orcidid><orcidid>https://orcid.org/0000000178626423</orcidid><orcidid>https://orcid.org/0000000212487616</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	ISSN: 2169-3536
ispartof	IEEE access, 2023-01, Vol.11, p.1-1
issn	2169-3536 2169-3536
language	eng
recordid	cdi_osti_scitechconnect_1996426
source	IEEE Open Access Journals; DOAJ Directory of Open Access Journals; Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals
subjects	Computer Science Cyberattack cyberattack detection cyberattacks Cybersecurity Denial of service attacks Engineering grid supporting function Hardware-in-the-Loop laboratory Hardware-in-the-loop simulation Intrusion detection Inverters Load flow MATHEMATICS AND COMPUTING Photovoltaic cells Power flow Power measurement Reactive power Smart grid Smart grids Smart inverters Telecommunications Test facilities Thresholds
title	Smart PV Inverter Cyberattack Detection using Hardware-in-the-Loop Test Facility
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-02T13%3A02%3A29IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_osti_&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Smart%20PV%20Inverter%20Cyberattack%20Detection%20using%20Hardware-in-the-Loop%20Test%20Facility&rft.jtitle=IEEE%20access&rft.au=Kaewnukultorn,%20Thunchanok&rft.aucorp=Electrical%20Distribution%20Design,%20Inc.,%20Blacksburg,%20VA%20(United%20States)&rft.date=2023-01-01&rft.volume=11&rft.spage=1&rft.epage=1&rft.pages=1-1&rft.issn=2169-3536&rft.eissn=2169-3536&rft.coden=IAECCG&rft_id=info:doi/10.1109/ACCESS.2023.3308052&rft_dat=%3Cproquest_osti_%3E2859716019%3C/proquest_osti_%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2859716019&rft_id=info:pmid/&rft_ieee_id=10227258&rft_doaj_id=oai_doaj_org_article_e5881f0884344b7abeb0bdd10979ec18&rfr_iscdi=true