Professional Documents
Culture Documents
Abstract: As electrical power operations tend to be smart grid with strong penetration of renewable energy resources, the
evolution of operational technology brings on board another dimension of vulnerabilities with the participation of cyber-physical
systems (CPSs). Thus, it becomes essential to perform technical risk assessment and CPS prognosis to envisage the integrity
of the system's operational resilience. The communication network elements such as cyber signal transmission, wireless sensor
networks (WSNs) and the internet of things (IoTs) converges as a superhighway hub. This seeks to improve on network
operations for efficient power delivery of distributed energy resources (DERs) integration grid. It then demands system
configuration to be firewalled to avoid operational intrusions and malfunctions. The paper examines the technical threats
involved in the paradigm of schemes and mitigation strategies. The areas of study are the vulnerabilities of the DERs integration
with CPS, WSNs and IoTs layers. The risk aversion strategies of DERs integration with CPS are also discussed. The study aims
to ascertain the intrusion level and responses of the integrated DERs grid in terms of power management. The paper's objective
is to present an overview of current developments in the integrated cyber-power systems evolution and the implementation
strategies with DERs.
1 Introduction signal processing or internet from its user agents through wired or
wireless sensors within that network arrangement [5, 7, 9].
Distributed energy resources (DERs) network relies on resilient The physical subsystems of the network are typical real world
communication schemes for the integration of the grid system [1]. applications that provide services different from the scope of cyber
The communication scheme coordinates all the links from the subsystems element although they are interactive. These make
sources to the demand sides, through which information for the CPSs network a complex entity embodiment of configured
system performance and actuations are transmitted [1, 2]. Without operational technology, comprising cybernetics and physical device
robust communication backbone, the control intelligence and characteristics that actuate systems to perform and actualised
regulation of the network activities will be sedentary and be in functions [7]. It is expected that CPSs configuration becomes
disarray [2]. To this effect, the choice of communication paradigm reliable and interoperable with the assigned links, immune to any
is extremely important for the optimal performance of the DERs form of algorithm intrusions or not susceptible to any form of
integration [3]. Resilient communication enhances operational cybernetic vulnerabilities [7, 9, 10]. Fig. 1 illustrates block diagram
effectiveness of the network coordination for prompt interaction of CPS configured architecture, where the power system side
and functional activities [4, 5]. With the advent of wireless sensor denotes the physical subsystem, and the cyber system side
network (WSN) and internet of things (IoTs) configuration in represents cyber subsystem. The CPS interface gives credence to
power system communication schemes, especially in the DERs the controlling and monitoring elements which impacts greatly on
integration for smart grid applications, cyber physical system plays the physical subsystem functioning.
active and very interactive roles [4]. However, the system becomes
technically susceptible to vulnerabilities resulting from host of
cyber-attacks which requires critical appraisal of such projects to 2 Overview of DERs integration with cyber
ensure operational integrity and to secure infrastructure sustenance physical systems
for value addition and investment returns [6]. Networks The increase in the application of DERs leads to enhance power
incorporating cyber physical systems (CPSs) are deemed complete delivery at the distribution level [3]. This supports the paradigm of
integration of computing technology and configuration of energy conservation and improves greenhouse gas (GHG)
algorithms to interact with power distribution physical components emission. It then demands dynamic systems for network integration
such as protection and regulation intelligence (built-in sensors, and coordination of communication signals for prompt responses
processors and unit identifications) [7]. These communicate with and data transmission flexibility with less cost incursion [11].
physical real world applications as transactive entities through Distributed renewable generation integration may be considered as
uniquely defined signal propagation [8]. The transactive ability of the most beneficial of CPSs, thus state estimation and system
the communication medium loses its uniqueness when it is forecasting play pivotal role in its application. Besides, the
subjected to unwanted attacks [8]. Where directives for the dynamism of demand side management application promotes the
execution of specific applications are denied or redirected from the concept of readily communication scheme which is easily deployed
assigned tasks, this then renders the system inoperative from its for promptness and resilience [8, 12]. The technology concept is
desired functional capabilities [9]. CPS contains interdisciplinary much availed in the energy management system (EMS) scheme,
approaches to cybernetics, mechatronics, design configurations and where advanced metering infrastructure (AMI) performance relies
process sciences. Cyber subsystems of the network forms mostly on CPSs configuration. The regime of CPSs deployment in
mechanism to either control or monitor scheme applications the DERs integration promises to enhance diversification of
through computer algorithms, which are closely integrated with
J. Eng., 2019, Vol. 2019 Iss. 18, pp. 4830-4835 4830
This is an open access article published by the IET under the Creative Commons Attribution License
(http://creativecommons.org/licenses/by/3.0/)
power grid with more extensive computation and communication
infrastructures. The structural framework leads to an improved
intelligent network compositions, standards and applications [6].
The framework integrates the concept of industrial control systems
(ICSs) [15].
In various industrial configuration settings, ICSs have been
used to enhance the control, monitoring and production of
advancement in the connectivity with communication
configurations, and as a result it can be accessed remotely [15, 16].
ICSs play important roles in the monitoring and controlling of
physical productions and chemical processes [16]. ICS is a
universally accepted term that embraces several types of control
systems used in industrial application, namely, supervisory control
and data acquisition (SCADA), distributed control systems (DCSs)
Fig. 1 Block diagram of CPS configuration model [7]
and other miniature control system formations like programmable
logic controllers (PLCs) [15, 18]. Incorporating CPSs with ICSs in
electricity distribution grids, especially for automatic control for
distribution tasks in order to achieve optimal performance, in this
context fits into an EMSs paradigm. The purpose of contemporary
EMSs is to enhance the functionality of interactive control
strategies leading towards energy efficiency and a more
comfortable or user-friendly environment [15, 19, 20]. Lately,
EMSs and, more generally, ICSs have been integrated together as
communication scheme, consenting to remote monitoring and
controlling for underlying processes. While this can enhance
significant performance efficiency and usability benefits, it also
increases the possibility of cyber physical attacks, hence
developing CPS structural framework in consonance with ICSs
configuration scheme to formulate the security dimensions of CPS
attacks [6, 8, 21, 22]. The scheme is infused into the power grid
application, where electricity from distributed generation (DG) is
being enhanced as a smart grid. The smart grid thus offers several
Fig. 2 CPS integrated aspect of DERs grid application [4] benefits and advanced characteristics. At the national level, it
delivers an enhanced emission control with global load balancing
through smart generation and energy savings. Whereas at the local
level, it allows home consumers better control over their energy
use that yields benefit in terms of economics and environmental
[17, 23, 24]. These aforementioned applications are susceptible to
severe cyber-attacks mostly from the cyber interactive end of the
distribution network. The CPS structural framework of DERs
integrated grid composition has two major components, namely,
power application and supporting infrastructure [16, 25–27]. The
power application is where the core functions of the distribution
grid are provided (electricity generation, transmission and
Fig. 3 CPS structural framework configuration of DERs [13] distribution). Whereas the support infrastructure is the intelligent
components that include the core operations of set of software/
operational applications, where WSNs communicate with IoTs to algorithms, hardware and communications networks to control and
monitor and control functions [13]. The entities which interface for monitor the distribution grid network performances [4, 15, 22]. The
the communication and control of CPS activities heavily depend on framework defines the CPS structural segmentation, where the
frameworks which pose increasing risk of cyber-attacks [14–16]. security attributions can be applied. Each structured component
These frameworks need to be firewalled to protect integrated and defines the kind of attacks prone to be experienced and the level of
critical grid infrastructures from malicious network attacks [17]. influence on the system. The severities of the attacks depend on the
The firewall, thus, describes the ensuring security integration application and configuration status of the components [28]. Thus,
without disrupting network reliability and stability with high the magnitude of the vulnerability impact and the dimension of the
permeability structure of the network physical systems [3–5]. attack exposure determine the level of severity. Details of the
Fig. 2 shows CPSs aspect of DERs integrated grid application. attacks in relation to the structural framework are outlined in the
technical risk synthesis in Section 4. Fig. 3 depicts the structural
2.1 CPSs structural frameworks framework of CPS configuration. The physical power system is
controlled by the system model and control which harnesses the
Legacy grid networks cannot reliably guarantee the use of large nonlinear controller and the state estimator. The inputs to the state
penetration of renewable power generation with the integration of estimator are either derived from stored database or real-time
CPSs, due to network reformation challenges as result of structural online monitoring through WSNs and IoTs. The susceptibility of
reconfiguration cost and the characteristics of distributed the data topology subjects the system into vulnerabilities, where
renewable power generation dispatch [4, 10, 18]. This leaves no cyber-attacks are prone and intruding.
other choice than for the CPS to be applied predominately in the
modern DERs integration as smart grid at the distribution network 2.2 CPS security development and deployment models
level [18]. The effort to achieve smarter grid network with DERs
integration inevitably serves as double edge cutting saw as this Fig. 4 illustrates the CPSs security and vulnerability hierarchical
approach is used to monitor and curtail DERs uncertainties through model. The access point vulnerability defines the source of the
forecasting and state estimation, and also developing the network attack and its dimensions. When the security configuration of the
to be responsive to technological trend of transactive energy access point is weak, there is the probability of intrusion to hack
involving the demand side management [4, 7]. The scheme of into the system easily. For this reason, any scheme of intrusion tries
smart grid proposes a framework to overlay the distribution of through this stage to infiltrate the system. The model configuration
4 Technical risk synthesis between cyber, cyber physical and physical. The cyber considers
data computing, communication and interactions that do not affect
The impact of network attacks aggravates the integrity of cyber the physical world, while the cyber physical considers all
physical systems which makes the power grid unusable, and interactions with the physical world. The cyber physical aspect is
renders the confidentiality of the DERs integration worthless [4, 6, where the cyber and the physical world can connect and interact.
8]. CPSs primarily consist of three types of components; Finally, the physical aspect contains all the physical components
communication and computing, control and monitoring, equipment which might have security-related vulnerabilities and needs
and operation. Communication can be wireless or wired, and it can intrinsically safe properties [11, 14, 19]. Figs. 6 and 7 present
connect CPS to parent systems, such as control centres, or to cyber-based attacks on infrastructures and technical risk synthesis,
subordinate components in the physical world [31, 35, 36]. The respectively, whileTable 2 briefly discusses the attacks.
computation and control configuration are embedded in the
intelligence regulation, for sending control commands and
receiving the tracking operations. The monitoring and operation 5 Risk mitigation strategies of CPS in DERs
aspects connect the CPS to the physical world applications through integration applications
sensors to monitor physical components and operate actuators. The The paradigm of DERs integration brings on board advanced
CPS component may have the ability to communicate with the software and other cyber configurations to be applied within the
control centre or other CPS configuration per design criteria [22]. distribution grid. The concept of CPS risk mitigation mainly
Although the computing capabilities of CPS components do not centres on the cyber and cyber physical aspect of the grid network,
affect physical equipment applications directly, they can still be although the rippling effect ends up at the physical side. Brief
exploited to cause unexpected attacks and physical consequences description of targeted areas of risk mitigation techniques are being
[17, 31]. Regardless of the CPS's ability to monitor and control the outlined in Table 3 and Fig. 8 shows schematic segmentation of the
physical properties, the physical components can cause to risk mitigation scenarios. This present areas of much concern
themselves unexpected attacks not of physical attacks but which needs critical attention in relation to CPS security advance
misleading information being sent to CPS via other components in real world application [4–6, 8, 9, 15].
malfunction. This heterogeneity within the CPS intermediate
component or component itself leads to lack of understanding of
cyber types of security threats that may exploit this heterogeneity. 6 Conclusion
Therefore, it is necessary to make clear the aspects of security The study undoubtedly has uncovered interesting thoughts about
analysis and engineering prediction in three ways to differentiate the cyber physical systems application relating to DERs integration
as a departure from the legacy systems. The legacy system had less This work was supported by National Natural Science Foundation
of cyber security deployment. The advent of smart grid encourages of China (No.51476071) and the National Key Technology Support
the evolution of CPS to enhance resilient system against attacks as Program, China. [Grant number 2015BAD21B06].
a departure from resilient fault regime. The concept proposes more
state estimations and algorithm computations, which demands
intelligent programming. This brings huge task to the power
system providers, where cyber-attack issues keep escalating. This
is to reemphasis that before large-scale DERs integration projects
of any sort is undertaken, it first needs to address the cybersecurity
prognosis and ascertain the state of system reliability. The paper is
a motivation for ongoing and future works on DERs integration
control design for active power delivery incorporating wireless
sensors and internet of things as communication scheme.
7 Acknowledgments
4834 J. Eng., 2019, Vol. 2019 Iss. 18, pp. 4830-4835
This is an open access article published by the IET under the Creative Commons Attribution License
(http://creativecommons.org/licenses/by/3.0/)
[14] Wang, W., Xu, Y., Khanna, M.: ‘A survey on the communication architectures
in smart grid’, Comput. Netw. J., 2011, 55, pp. 3604–3629
[15] Paridari, K., O'Mahony, N., Mady, A.El-D., et al.: ‘Framework for attack-
resilient industrial control systems: attack detection and controller
reconfiguration’, Proc. IEEE, 2018, 106, (1), pp. 113–128
[16] Sridhar, S., Hahn, A., Govindarasu, M.: ‘Cyber physical system security for
the electric power grid’, Proc. IEEE, 2012, 100, (1), pp. 210–224
[17] McDaniel, P., McLaughlin, S.: ‘Security and privacy challenges in the smart
grid security & privacy', IEEE Proc., 2009, 7, (3), pp. 75–77
[18] Mallouhi, M., Al-Nashif, Y., Cox, D., et al.: ‘A testbed for analyzing security
of SCADA control systems’. IEEE PES Innovative Smart Grid Technologies,
Anaheim, CA, USA, 2011
[19] Davis, C.M., Tate, J.E., Okhravi, H., et al.: ‘SCADA cyber security testbed
development’. North American Power Symp., Carbondale, Illinois, 2006
[20] Farraj, A., Hammad, E., Kundur, D.: ‘A cyber-physical control framework for
transient stability in smart grids’, IEEE Trans. Smart Grid, 2016, PP, (99), pp.
1205–1215
[21] Bao, L., Zhang, D.Y.: ‘The internet of things and privacy protection
technology’, Electron. Technol., 2010, 23, (7), pp. 110–112
Fig. 8 Schematic illustration of cyber-attacks and mitigation strategies of [22] Madakam, S., Date, H.: ‘Security mechanisms for connectivity of smart
DERs integration [4] devices in the internet of things’, in Mahmood, Z. (Ed.): ‘Connectivity
frameworks for smart devices’ (Springer, Berlin, 2016), pp. 23–41
[23] Horvath, I., Gerritsen, B.: ‘Cyber-physical systems: concepts, technologies
8 References and implementation principles’. TMCE, Karlsruhe, Germany, 2012, pp. 19–36
[24] Taha, A.F., Qi, J., Wang, J., et al.: ‘Risk mitigation for dynamic state
[1] Zahurul, S., MariunaI, N., Grozescu, V., et al.: ‘Future strategic plan analysis estimation against cyberattacks and unknown inputs’, IEEE Trans. Smart
for integrating distributed renewable generation to smart grid through wireless Grid, 2018, 9, (2), pp. 886–899
sensor network: Malaysia prospect’, Renew. Sust. Energy Rev., 2016, 53, pp. [25] Kim, K., Chang, Y., Kim, H., et al.: ‘Physical one-way data transfer system
978–992 design for control system network’, J KISS, 2013, 40, (2), pp. 126–130
[2] Parikh, P.P., Kanabar, M.G., Sidhu, T.S.: ‘Opportunities and challenges of [26] Gollmann, D.: ‘Security for cyber-physical systems’, in Kučera, A.,
wireless communication technologies for smart grid applications’. IEEE Henzinger, T.A., Nešetřil, J., et al. (Eds.):‘Mathematical and engineering
Power and Energy Society General Meeting, Providence, RI, USA, 2010, vol. methods in computer science’ (Springer, Berlin, Germany, 2013), pp. 12–14
17 [27] Ilić, M.D., Xie, L., Khan, U.A., et al.: ‘Modeling future cyber-physical energy
[3] Islam, S.Z., Mariun, N., Hizam, H., et al.: ‘Communication for distributed systems’. Proc. of Power and Energy Society General Meeting-Conversion
renewable generations (DRGs): a review on the penetration to smart grids and Delivery of Electrical Energy in the 21st Century, Pittsburgh, PA, USA,
(SGs)’. Proc. of the IEEE Int. Conf. on Power and Energy (PE Con), Kota 2008
Kinabalu, Malaysia, 2012, pp. 870–875 [28] Nolan, K., Kelly, M.: ‘IPv6 convergence for IoTs cyber–physical systems’,
[4] Qi, J., Hahn, A., Lu, X., et al.: ‘Cybersecurity for distributed energy resources Information, 2018, 9, p. 70, pp. 1–22
and smart inverters’, IET Cyber Phys. Syst., Theory Appl., 2016, 1, pp. 28–39 [29] Stevens, M.W., Pope, M.: ‘Data diodes, DSTO electronics and surveillance’
[5] IEEE Smart Grid webinar slide cyber physical system (Research Laboratory, Adelaide, 1995)
[6] Available at https://arxiv.org/pdf/1701.04525v1 (cyber physical security sury) [30] Cardenas, A.A., Tanya, R., Shankar, S.: ‘Rethinking security properties threat
[7] Tariq, M.U., Grijalva, S., Wolf, M.: ‘A service-oriented cyber-physical models, and the design space in sensor networks: A case study in SCADA
reference model for smart grid’, in Khaitan, S.K., McCalley, J.D., Liu, C.C. systems’, Ad Hoc Netw., 2009, 7, (8), pp. 1434–1447
(Eds.): ‘Cyber physical systems approach to smart electric power grid. Power [31] Yang, G., Xu, J., Chen, W., et al.: ‘Security characteristic and key technology
systems’ (Springer, Berlin, Germany, 2015), pp. 25–42 of the internet of things’, J. Nanjing Univ. of Post and Telecommun. Natural
[8] Govindarasu, M., Hann, A., Sauer, P.: ‘Cyber-physical systems security for Sci., 2010, 30, (4), pp. 20–29
smart grid’ (PSERC Publication, New York, 2012) [32] Ding, C., Wu, LM.: ‘Security system structure and key technology of IoT /
[9] Tsado, Y., Lund, D., Gamage, K.A.A.: ‘Resilient communication for smart CPS’, Zhongxing Commun. Technol., 2011, 17, (1), pp. 11–16
grid ubiquitous sensor network: state of the art and prospects for next [33] Bao, L., Zhang, L.: ‘Security analysis of cyber-physical system’. AIP Conf.
generation’, Comput. Commun. J., 2015, 71, (1), pp. 34–49 Proc., Hangzhou, China, 2017, vol. 1839, pp. 020178-1–020178-6
[10] Mo, Y., Kim, T.H-J., Brancik, K., et al.: ‘Cyber-physical security of a smart [34] Wu, C.: ‘First exploration for security consumption of the internet of things’,
grid infrastructure’, Proc. IEEE, 2011, 100, (1), pp. 195–209 Strategy Decision Res., 2010, 25, (4), pp. 411–419
[11] Khaitan, S.K., McCalley, J.D.: ‘Cyber physical system approach for design of [35] Kim, Y.K., Lee, S.H., Na, J.C., et al.: ‘Multi-channel transmission method for
power grids: A survey’. IEEE Power and Energy Society General Meeting improving TCP reliability and transmission efficiency in UNIWAY’, J.
(PES), Vancouver, Canada, 2013 Ambient. Intell. Humaniz. Comput., 2017, 8, pp. 1–16
[12] Khaitan, S.K., McCalley, J.D.: ‘Design techniques and applications of cyber [36] Lee, E.: ‘Cyber physical systems: design challenges’. ISORC. IEEE, Orlando,
physical systems: a survey’, IEEE Syst. J., 2014, 9, (2), pp. 350–365 FL, USA, 2008, pp. 363–369
[13] Muharrem, A.: ‘Cyber-physical robust control framework for enhancing
transient stability of smart grids’, IET Cyber-Phys. Syst., Theory Appl., 2017,
2, (4), pp. 1–9, ISSN 2398-3396