Congestion Management in Active Distribution Networks and its Cyber Security

The evolution of the traditional power grid (TPG) to the digital smart grid is expected to improve the operation of the power system. The smart grids' capability to support various distributed generation technologies, self-healing capacity, and ability to minimize operational costs are some of its benefits. However, distribution networks are facing congestion challenges due to the increased number of flexible loads and Distributed Energy Resources (DER) being used. Moreover, the dependence of such technologies on uncontrollable factors, such as temperature, wind speed, solar radiation, etc., may result in potential congestion problems which were not of concern in the past within the distribution network. This is due to the high power consumption of active loads and the weakening correlation between electricity prices and demand resulting from the increased penetration level of intermittent Renewable Energy Sources (RES). Such congestion results in voltage violations and/or thermal overloading as a result of the power flow exceeding a network asset's transfer capability, possibly damaging devices such as distribution transformers and feeders. Rather than incurring a huge cost to reinforce the network assets, the Distribution Network Operator (DNO) can use Demand Side Management (DSM) to motivate consumers to shift their load from peak to off-peak times. However, congestion management methods based on DSM rely on communication between DNO, aggregators, and consumer meters to encourage customers to make some corrective actions, such as peak shifting, peak clipping, and valley filling, to relieve congestion. Cyber attacks against aggregators can compromise the operation of DSM-based congestion management methods, and hence, affect the security and reliability of electrical networks. The congestion management schemes become useless in the event of a cyber attack and can instead result in an increase in network congestion. The vulnerability of DSM-based congestion management methods to Load Altering Attacks (LAA) is hence studied to determine the cyber weaknesses in the DSM protocols. An optimization algorithm is developed to determine which aggregators a cyber attacker would compromise in order to cause congestion by minimally altering their load profiles. The impact of such attacks on congestion and consumers' electricity bill is then studied. A mitigation scheme is formulated to determine the most critical aggregators in the network. The security of these agg