Skip to main content
QUICK REVIEW

[Paper Review] Assessing the impact of cyber attacks manipulating distributed energy resources on power system operation

Philipp Linnartz, Alexander Winkens|arXiv (Cornell University)|Jan 1, 2022
Smart Grid Security and Resilience2 citations
TL;DR

This paper investigates cyber attacks manipulating distributed energy resources (DERs) in distribution grids, using time-domain simulations to assess impacts on voltage stability and cascading protection trips. It finds that reactive power (Q) setpoint manipulation causes more severe local voltage violations and additional DER tripping than simple disconnection, with high DER penetration and remote Q control increasing attack severity—mitigation via automated tap changers and Q control limits proves effective.

ABSTRACT

Successful cyber attacks on power systems cause severe disruptions. One possible manipulation strategy is the utilization of distributed energy resources (DERs) to disturb power system operation. In addition to the impact on bulk power system frequency, local cascading effects caused by DER control and protection can increase the severity of this strategy. To investigate these effects, manipulation scenarios including the disconnection as well as the manipulation of active (P) and reactive power (Q) setpoints of DERs are derived. The impact is analyzed using time-domain simulations and quantified using assessment criteria such as voltage band violation and plant protection triggering. Though DER disconnection leads to high amounts of lost P injection the manipulation of Q setpoints offers potential to disconnect additional DERs through local cascading effects. To mitigate the impact of the manipulation scenarios automated tap changer operation as well as a limitation of remotely accessible Q is suitable.

Motivation & Objective

  • To assess the impact of cyber attacks manipulating DERs on power system operation, especially cascading effects in distribution grids.
  • To quantify the severity of manipulation scenarios involving DER disconnection, active (P), and reactive (Q) power setpoint manipulation.
  • To evaluate the influence of high DER penetration and remote Q control access on attack criticality.
  • To identify effective mitigation strategies such as automated OLTC operation and Q control range limitation.

Proposed method

  • Developed generalized manipulation scenarios targeting DER disconnection, P setpoint adjustment, and Q setpoint manipulation.
  • Used time-domain simulations with detailed models of distribution grids (HV-MV benchmark systems) and DERs including protection and control functions.
  • Applied assessment criteria such as voltage band violations and plant protection triggering to quantify impact.
  • Simulated scenarios under varying DER penetration levels and initial operating conditions.
  • Evaluated mitigation strategies including automated OLTC operation at substations and limiting remotely accessible Q setpoints.
  • Used a severity index combining voltage deviation and protection trip events to rank attack scenarios.

Experimental results

Research questions

  • RQ1How do different manipulation strategies—DER disconnection, P setpoint adjustment, and Q setpoint manipulation—affect voltage stability and protection tripping in distribution grids?
  • RQ2To what extent do local cascading effects from voltage violations propagate through DER protection and fault ride-through characteristics?
  • RQ3How does increasing DER penetration influence the criticality of cyber manipulation attacks on distribution grids?
  • RQ4What is the impact of remote access to reactive power (Q) setpoints on attack severity?
  • RQ5Which mitigation strategies—automated OLTCs or Q control range limitation—are most effective in reducing attack impact?

Key findings

  • Manipulation of reactive power (Q) setpoints causes significantly more severe local voltage violations than DER disconnection, leading to additional plant protection triggering.
  • In high DER penetration scenarios, Q setpoint manipulation can disconnect more DERs through cascading effects than simple disconnection, increasing attack impact.
  • The worst-case scenario occurs when attackers can manipulate control signals of newly added DERs in expansion scenarios, amplifying system instability.
  • Automated OLTC operation at EHV/HV and HV/MV substations mitigates attack impact if voltage recovery occurs within 60 seconds, preventing further protection trips.
  • Limiting remotely accessible Q setpoints to ±0.33 per unit reduces attack severity, especially in over/under-voltage scenarios, and is a recommended control strategy.
  • DERs themselves often trip due to voltage deviations caused by their own manipulated injections, reducing the number of available assets for attackers.

Better researchstarts right now

From paper design to paper writing, dramatically reduce your research time.

No credit card · Free plan available

This review was created by AI and reviewed by human editors.