The power control system plays a vital role in maintaining power supply in response to customer demand. An imbalance between supply and demand can cause system frequency instability, threatening the operational security of the power system. A central control scheme is commonly employed in traditional power systems, and the scheme features a single control center which collects information from and sends control commands to all agents. However, such a central control architecture no longer meets the need of current power systems. For example, geographically dispersed distributed generators are increasingly integrated into the power grid. These are not suitable for coordination by central control because of the requirement of plug and plug operation [29, 30]. Central control is also not applicable to microgrid operation, where distributed generators are required to supply power in island mode [31]. Because of its reliability, scalability, and flexibility, distributed control is preferred over central control [32,33,34]. However, in distributed control, local controllers have access to local information and neighbor information, and hence are vulnerable to cyber-attack. A malicious entity can disrupt data exchange among neighboring local controllers by launching FDI attacks [16,17,18,19,20].
4.1 FDI attack on distributed generator
Considering a converter-based distributed generator i, Pi and Pi,max are the active power output and the maximal power, respectively. Using the d-q transformation, the d- and q- axis voltages can be computed by Udi = Ui and Uqi = 0. Assuming the d- and q- axis currents are Idi and Iqi, respectively, the active power output can be obtained by:
$$ {P}_i={U}_{di}{I}_{di}+{U}_{qi}{I}_{qi}={U}_i{I}_{di} $$
(40)
If the power converter is controlled by a grid-feeding scheme [31], Idi should converge to its reference value Idi_ref in a sampling period of T. In the kth iteration, Idi_ref can be determined by
$$ {I}_{di\_ ref}(k)={P}_{i,\max }{\alpha}_i(k)/{U}_i(k) $$
(41)
where the design parameter αi denotes the utilization ratio defined by Pi / Pi,max. When Idi converges to Idi_ref in the kth iteration, Pi(k) = Pi, max αi(k).
According to (41), the active power output of distributed generator i can be regulated by altering the utilization ratio αi. Since the rated power of converter-based distributed generators is relatively small, multiple distributed generators are used in a distribution network for increased capacity. Such a system can be considered as a virtual power plant (VPP), as shown in Fig. 7, where Ptran accounts for the total active power transmitted to the transmission network.
To track the dispatch command Pref, the group of distributed generators in a VPP are coordinated using a leader-follower consensus algorithm [16]:
$$ \alpha \left(k+1\right)= A\alpha (k)+ BK\alpha (k)+ KC $$
(42)
where α(k) = [α0(k), …, αn-1(k)]T. B = [\( -{\hat{P}}_{\mathrm{max}} \)On × (n-1)]T with \( {\hat{P}}_{\mathrm{max}} \) =[P0,max, …, Pn-1,max]T and C = [Pref + Ploss + Pload O1 × (n-1)]T. A = [aij] is a weighted matrix with aij > 0 and \( {a}_{ii}=1-\sum \limits_{j=0,j\ne i}^{n-1}{a}_{ij} \). K is the controller gain and O is the zero matrix. Pload and Ploss represent the aggregated load power consumption and power loss in the VPP, respectively. By selecting proper A and K, the convergence of (4) can be proved [16]. When convergence is achieved, utilization ratios of all distributed generators reach an agreement and Ptran is steered to its preference value Pref.
Equation (42) shows that the communication network among distributed generators plays a key role in the regulation of the active power output of the VPP. If the local controller of a certain distributed generator is attacked by FDI attacks, its utilization ratio will be prevented from converging to the consensus value, resulting in failed tracking of Ptran to Pref [35, 36].
Attackers can attack the controller of a distributed generator by injecting false data into the actuator and making it send the same control command to its geographical neighbors. Assuming that r distributed generators are subjected to FDI attacks and considering αM(k) ≡ αM = [αM,. .., αM]T and αW(k) = [αr + 1(k),. .., αr + n(k)]T are the utilization ratio vectors of misbehaving and well-behaving distributed generators, respectively, the algorithm (42) can be rewritten as:
$$ {\displaystyle \begin{array}{l}\left[\begin{array}{c}{\alpha}_0\left(k+1\right)\\ {}{\alpha}_M\left(k+1\right)\\ {}{\alpha}_W\left(k+1\right)\end{array}\right]=\left[\begin{array}{ccc}1-{KP}_{0,\max }& -{KP}_{M,\max }& -{KP}_{W,\max}\\ {}{0}_{r\times 1}& {I}_{r\times r}& {0}_{r\times \left(n-r\right)}\\ {}{A}_0& {A}_M& {A}_W\end{array}\right]\\ {}\kern6.1em \times \left[\begin{array}{c}{\alpha}_0(k)\\ {}{\alpha}_M(k)\\ {}{\alpha}_W(k)\end{array}\right]+\left[\begin{array}{c}K\left({P}_{ref}+{P}_{load}+{P}_{loss}\right)\\ {}{0}_{r\times 1}\\ {}{0}_{\left(n-r\right)\times 1}\end{array}\right]\end{array}} $$
(43)
where Ir × r is the identity matrix. [A0 AM AW] is equal to the n-r rows of A + BK. PM,max = [P1,max,. .., Pr,max]T, and PW,max = [P(r + 1),max,. .., Pn,max]T.
Note that the first term on the right-hand side of (43) can be represented by the sum of the matrix \( \tilde{A}=\left[\begin{array}{ccc}1& {0}_{1\times r}& {0}_{1\times \left(n-r\right)}\\ {}{0}_{r\times 1}& {I}_{r\times r}& {0}_{r\times \left(n-r\right)}\\ {}{A}_0& {A}_M& {A}_W\end{array}\right] \) and its perturbation matrix \( \Delta =-\left[\begin{array}{ccc}{P}_{0,\max }& {P}_{M,\max }& {P}_{W,\max}\\ {}{0}_{n\times 1}& {0}_{n\times r}& {0}_{n\times \left(n-r\right)}\end{array}\right] \). Hence perturbation theory can be employed to analyze system stability [37].
It is observed that \( \tilde{A} \) is a lower block-triangular matrix with the eigenvalues λi = 1 for i = 1,. .., r + 1, and the eigenvalues λj for j = r + 2,. .., n-r. Since the blocks A0, AM, and AW are the same as the original system in (42), λj locates in the open unit disk. Assuming vr and ur are the respective left and right eigenvectors of \( \tilde{A} \) with vrur = 1, when K is sufficiently small, the perturbation on λi = 1 can be characterized by [16]:
$$ {\displaystyle \begin{array}{l}{V}^T\Delta U=\left[\begin{array}{c}-{P}_{\mathrm{max}}\\ {}{0}_{r\times \left(n+1\right)}\end{array}\right]\left[{u}_1,\dots, {u}_{r+1}\right]\\ {}\kern2.85em =\left[\begin{array}{ccc}-{P}_{\mathrm{max}}{u}_1& \dots & -{P}_{\mathrm{max}}{u}_{r+1}\\ {}{0}_{r\times 1}& \dots & {0}_{r\times 1}\end{array}\right]\end{array}} $$
(44)
where V = [\( {v}_1^T \),. .., \( {v}_{r+1}^T \)], U = [\( {u}_{r+2}^T \),. .., \( {v}_{n-r}^T \)], and Pmax = [P0,max,. .., Pn,max]T.
VTΔU has a negative eigenvalue and an eigenvalue 0 with algebraic multiplicity r. Accordingly, \( \tilde{A} \) +Δ has an eigenvalue 1 with algebraic multiplicity r if K is sufficiently small. The rest of the eigenvalues lie in the open unit disk. This indicates that \( \tilde{A} \) +Δ is stable. It is straightforward to verify that the system is stable at the steady state \( {\left\{{\alpha}_0^{\ast },{\alpha_M^{\ast}}^T,{\alpha_W^{\ast}}^T\right\}}^T \) with:
\( {\alpha}_0^{\ast }=\min \left\{\max \left\{{\tilde{\alpha}}_0,0\right\},1\right\} \), \( {\alpha}_M^{\ast }={\alpha}_M \) (44)
$$ {\alpha}_W^{\ast }={\left({I}_{n-r}-{A}_W\right)}^{-1}\left[{A}_0\ {A}_M\right]\left[\begin{array}{c}{\alpha}_0^{\ast}\\ {}{\alpha}_M\end{array}\right] $$
(45)
where \( {\tilde{\alpha}}_0=\left({P}_{ref}+{P}_{load}+{P}_{loss}-{P}_{M,\max }{\alpha}_M-{P}_{W,\max }{\alpha}_W^{\ast}\right)/{P}_{0,\max } \).
The analytical results show that the well-behaving distributed generators converge to the space spanned by \( {\alpha}_0^{\ast } \) and αM. Thus, when the false data is injected by attackers, utilization ratios of distributed generators fail to agree, preventing the active power output of a VPP from tracking the dispatch command. In addition, according to [16], the adjustable range of Ptran can be narrowed by FDI attacks in a large group of distributed generators. This degrades the controllability of the VPP.
4.2 FDI attack on microgrid
In a typical microgrid, a power inverter includes a DC power source, inverter bridge, power sharing unit, output filter, and voltage and current control loops. The output power dynamics of inverter i are:
$$ \left\{\begin{array}{l}{dP}_i/ dt=-{\omega}_{ci}{P}_i+{\omega}_{ci}\left({v}_{odi}{i}_{odi}+{v}_{oqi}{i}_{oqi}\right)\\ {}{dQ}_i/ dt=-{\omega}_{ci}{Q}_i+{\omega}_{ci}\left({v}_{odi}{i}_{odi}-{v}_{oqi}{i}_{oqi}\right)\end{array}\right. $$
(46)
where vodi and voqi are the d- and q-axis components of the output voltage. iodi and ioqi are the d- and q-axis components of the output current. Pi and Qi are the active and reactive output power. ωci is the cut-off frequency of the output filter.
The large-signal dynamic of the inverter is given by [38].
$$ \left\{\begin{array}{l}{dx}_i/ dt={f}_i\left({x}_i\right)+g\left({x}_i\right){u}_i\\ {}{y}_i={h}_i\left({x}_i\right)\end{array}\right. $$
(47)
where xi = [δi, Pi, Qi, ϕdi, ϕqi, γdi, γqi, ildi, ilqi, vodi, voqi, iodi, ioqi]. The detailed model of the inverter can be found in [38].
The power sharing function is realized by droop control expressed as [39,40,41,42,43]:
$$ \left\{\begin{array}{l}{\omega}_i={\omega}_{ni}-{m}_{pi}{P}_i\\ {}{v}_{mag,i}={V}_{ni}-{n}_{qi}{Q}_i\end{array}\right. $$
(48)
where vmag,i and ωi are the reference voltage and frequency, respectively. mpi and nqi are the respective droop coefficients, and ωni and Vni are the set points.
Droop control makes voltage and frequency deviate from their set points. The cooperative control structure is used to alter ωni and Vni in (48) to steer voltage and frequency to their reference values. Each converter can exchange information with its neighbors. Differentiating (48) yields:
$$ {\dot{\omega}}_i={\dot{\omega}}_{ni}-{m}_{pi}{\dot{P}}_i $$
(49)
The auxiliary control input is defined as:
$$ {\dot{\omega}}_i={u}_i $$
(50)
and the cooperative control law is given by [44,45,46,47,48,49,50]:
$$ {e}_{\omega_i}=\sum \limits_{j\in {N}_i}{a}_{ij}\left({\omega}_i(t)-{\omega}_j(t)\right)+{g}_i\left({\omega}_i(t)-{\omega}_{ref}\right) $$
(51)
where Ni contains the inverters that neighboring inverter i, and gi represents the non-zero gain for inverter i.
The auxiliary input ui is:
$$ {u}_i(t)=-{c}_{\omega }{e}_{\omega_i}(t) $$
(52)
where cω is a coupling gain, and the set point in (49) satisfies:
$$ {\omega}_{ni}=\int \left({u}_i+{m}_{pi}{\dot{P}}_i\right) dt $$
(53)
From (50)–(53), the auxiliary input ui uses the neighbor’s frequency to mitigate system frequency deviation. The information exchange among neighboring inverters is vulnerable to malicious attacks, which can make the frequency deviation fail to go back to zero. Since the traditional bad data detection evaluates the validity of the received data in a centralized way, it is not applicable to distributed control of microgrids.
Two types of attacks, namely controller attacks and communication channel attacks, are considered as shown in Fig. 8 [51]. Attacks on controllers inject false data into actuators/sensors to attack the local controller, and FDI attacks on actuators can be modeled as [52, 53]:
$$ {u}_i^c={u}_i+{\mu}_i{u}_i^a $$
(54)
where \( {u}_i^a \) is the false data injected into actuator i. \( {u}_i^c \) is the corrupted control input and ui is the original auxiliary input. μi is the attack signal, and when attack occurs, μi = 1, otherwise, μi = 0. Note that the attack signal can be either non-constant or constant. A non-constant attack signal that is viewed as noise can be handled by noise filtration techniques, while the attack signal is considered to be constant here [54].
If the whole controller is hijacked, the frequency corruption of inverter i can be expressed as
$$ {\omega}_i^c={\omega}_i+{\eta}_i{\omega}_i^a $$
(55)
where \( {\omega}_i^a \) is the false frequency data injected into controller i. \( {\omega}_i^c \) is the corrupted inverter frequency and ωi is the reference frequency in (48). ηi = 1 represents the presence of attack.
If the communication channel between two neighboring inverters is attacked by FDI, the local controller receives the corrupted frequency signal [7, 11, 55,56,57]. FDI attack on the communication channel can be modeled by:
$$ {\omega}_i^j={\omega}_i+{\eta}_i{\omega}_i^a $$
(56)
where \( {\omega}_i^a \) is the false data injected into controller i, and \( {\omega}_i^j \) is the corrupted inverter frequency transmitted to inverter j. ηi = 1 implies the presence of attack.
The next step is to reveal the vulnerability of the cooperative control of a microgrid under FDI attack. Considering the cooperative control protocol (51) is under attack, the synchronization error will not return to zero for an intact inverter if it is reachable from a corrupted inverter [17]. For example, considering \( {\omega}^a={\left[{\left({\omega}_1^a\right)}^T,\dots, {\left({\omega}_N^a\right)}^T\right]}^T \) and \( {u}^a={\left[{\left({u}_1^a\right)}^T,\dots, {\left({u}_N^a\right)}^T\right]}^T \) are the respective attack vectors injected to sensors and actuators, the global synchronization error dynamic is obtained by applying the control strategy (50) and (52) as well as FDI attacks (54)–(56), as:
$$ {\dot{e}}_{\omega }=-{c}_{\omega}\left(L+G\right){e}_{\omega } $$
(57)
where L is the Laplacian matrix defined as L = D − A, while more properties of L can be found in [58,59,60]. D = diag{Ni} with Ni being the set of inverters that send data to inverter i (the neighbors of inverter i). A = [aij] with aij being the weights of communication links between inverter i and j.
Let \( \iota =\eta \left(L+G\right){e}_{\omega}^a+\mu u \), η = diag (ηi), and μ = diag (μi), the solution to (57) is:
$$ {e}_{\omega }(t)={e}^{-{c}_{\omega}\left(L+G\right)t}{e}_{\omega }(0)+{\int}_0^t{e}^{-{c}_{\omega}\left(L+G\right)\left(t-\tau \right)}\iota d\tau $$
(58)
Given that (L + G) is a positive definite matrix, the first term in (58) approaches zero for cω > 0. Using \( {e}^{At}={\sum}_{m=1}^{\infty }{(At)}^m \) yields:
$$ {e}_{\omega }(t)\to \sum \limits_{m=1}^{\infty }{\int}_0^t{\left(-{c}_{\omega}\left(L+G\right)\left(t-\tau \right)\right)}^m\iota d\tau $$
(59)
If m is the first integer such that \( {l}_{ij}^m={\left({\left(L+G\right)}^m\right)}_{ij} \) is not zero, node i is reachable from node j, and m is the length of the shortest directed path from j to i. Consequently, there exists \( {l}_{ij}^m\ne 0 \) for 0 < m < N − 1 if inverter i is reachable from the compromised inverter j.
