A Comprehensive Review On Secondary and Cyber-secured

Control Schemes for AC Microgrids

Journal: Proceedings of the IEEE

Manuscript ID 0157-REG-2024-PIEEE

Manuscript Type: Regular Paper

Date Submitted by the

12-Jun-2024
Author:

Complete List of Authors: S., Arunima; Indian Institute of Technology Goa

Subudhi, Bidyadhar; Indian Institute of Technology Goa

Keyword: Control systems, Cooperative systems, Directed graphs

PROCEEDINGS OF THE IEEE

Page 1 of 23
1

1
2
3 A Comprehensive Review On Secondary and
4
5
6
Cyber-secured Control Schemes for AC Microgrids
7 Arunima S. Student Member, IEEE, and Bidyadhar Subudhi, Senior Member, IEEE
8
9
10
11
12 Abstract - Integration of distributed energy resources stability and voltage/frequency fluctuations. To address these
13 (DERs) to a smart grid whilst providing a lot of benefits challenges, it is important to establish reliable control schemes
14 necessitates a substantial use of field devices. This is that ensure the robust and efficient operation of these complex
15 necessary for effective management by consumers, aggre- systems.
16 gators, third parties, and utilities. Inverters, connecting A number of issues such as flickers, voltage fluctuations,
17 DERs and power grids, are smarter with improved grid and uncertainty are encountered in a MG. In an islanded
18 support features and communication abilities. Yet, the MG, the individual DG generates an equal amount of reactive
19 rise in information and communication technologies has and active power (ratio to the power of individual DG) to
20 led to increased cyber security risks for these intelligent prevent DG overloading. It results in uniform transient current
21 inverters. This review article aims to evaluate how commu- distribution among the DG units, minimizing any circulating
22 nication limitations impact the reliability and consistency currents amongst DGs. However, the minor disparity in ampli-
23 of microgrids. It provides a comprehensive analysis and tude, output voltage, frequency, and phase angle of individual
24 comparison of cyber-enabled distributed secondary control group units could result in a relatively high circulating current.
25 schemes of microgrids. The paper focuses on computing Several control schemes were developed for a microgrid
26 local controls for an unavailable state signal in a coop- to address the aforesaid challenges. For instance, a control
27 erative and distributed manner using cyber information. approach presents that one inverter performs as a master unit
28 It also provides recent advancements in communication and fine-tunes the voltage while the other performs as the
29 constraints for distributed controlled microgrids, including slave. The control system for microgrid possesses various
30 communication delay, noise interference, time-varying net- functions encompassing sharing load or power amongst DGs,
31 work topology, limited communication bandwidth, cyber enhancement in power quality, energy market participation,
32 attacks, and uncertainties in communication links. We also and affording ancillary services.
33 analyze the effects of these constraints on the operation Islanded mode of operation for a microgrid needs regulation
34 of distributed controllers and present and compare the of frequency, power sharing, and voltage during its isolation
35 potential challenges associated with them. An attempt has from the corresponding main grid [4]- [6]. This operation
36 also been made to review the recent secondary control mode is challenging compared to the grid-connected mode, as
37 schemes for a microgrid which exhibit superior perfor- the power balancing needs a correct power-sharing approach
38 mances by regulating voltage/frequency at their nominal to form a power balance in the course of sudden disparity
39 values and power sharing during load changes and plug- occurrence in active power. Besides, the grid frequency and
40 and-play conditions. Finally, the paper concludes with a voltage are unsupported by the electric grid, and various
41 comprehensive summary on existing research, proposing DG units should regulate it. Power balance is accomplished
42 new research directions, and highlighting critical issues directly through local controllers using local measurements.
43 that need further investigation. A central controller is employed that sends suitable set-point
44 signals to local controllers of varied controllable loads and DG
Index Terms - microgrid control strategies, grid-
45 units. The objective of each DG is to supply power to the load
connected, islanded, multi-agent systems, power control
46 as per the desired need.
methods, cyber-attacks.
47 The application of cyber-enabled distributed control strategy
48 is expected to play a crucial role in designing and optimizing
I. I NTRODUCTION cyber-physical microgrid systems. However, integration of
49
50
51 T He microgrid is a cyber-physical network connecting information and communication technology in smart grids
intelligent nodes such as distributed energy resources has led to increased concern about their cyber security. The
(DERs) such as generators, battery energy storage systems interconnection of various field devices has created a large
52
(BESSs), and loads. The purpose is to efficiently deliver potential for attacks, which can jeopardize the integrity, con-
53
power to consumers by allowing these nodes to sense, control, fidentiality, and availability of information systems, as well
54
and communicate autonomously [1]- [3]. However, integrat- as the physical security of power systems. The emergence of
55
ing intermittent DERs presents challenges such as system DERs and customer-side smart inverters has increased the risk
56
57 of cyberattacks for several reasons. The installation of multiple
The authors are with the School of Electrical Science, Indian Institute
58 of Technology, Goa, India (e-mail: arunima20242101@iitgoa.ac.in, bidyad- smart inverters at customer locations increases the number of
59 har@iitgoa.ac.in) potential targets for attacks, making them more susceptible
60 PROCEEDINGS OF THE IEEE
 Page 2 of 23
2

1
2 to vulnerabilities, when connected to automation systems and However, there are studies and reports that offer a broad
3 other public networks [7]. Furthermore, owners of DERs may overview of this important topic. In [7], an attack-resilient
4 not have the required knowledge or resources to adequately framework to safeguard DERs and smart inverters from cyber
5 address cyber security issues. attacks is reviewed, which analyzes the cyber security chal-
6 Manufacturers of smart inverters and aggregators of DERs lenges posed by DERs and smart inverters and introduced
7 often have remote access to visualize, access, and manage measures for attack detection, prevention, and response. How-
8 smart inverters. These external entities offer online services ever, it is important to note that this article primarily focuses on
9 such as fault diagnosis, real-time performance evaluation, describing the framework itself rather than providing extensive
10 remote maintenance, and cloud storage. However, these ser- literature reviews on the impact analysis.
11 vices create vulnerabilities that can be exploited for remote Furthermore, there have been significant publications since
12 code injection and execution. Moreover, third-party cyber 2016, such as the technical reports released by Sandia National
13 attacks can affect a group of smart inverters from the same Laboratories (SNL) on the cyber security of smart inverters
14 service/brand, potentially causing power outages by reducing and advancements in technologies such as software-defined
15 or disconnecting solar generation. Additionally, the growing networking (SDN) and 5G. Unfortunately, due to the lim-
16 use of module-level power electronics has resulted in a higher itations of this article, we are unable to delve into these
17 number of smart micro-inverters, which control individual or topics extensively. While, [16], [17] have examined attack
18 a small number of photovoltaic (PV) panels. Consequently, models on smart inverters at the device level, including local
19 there is a large number of communication nodes and inverters hardware attacks and DoS, they did not thoroughly analyze
20 connected to networks. The small size and limited resources of the impacts of these attacks. Conversely, [18] provided a
21 micro-inverters also present challenges in terms of cost when comprehensive overview of various cyber attacks and their
22 it comes to improving security measures [8], [9]. effects on different grid services and grid-support functions
23 The use of ICT has greatly improved the functioning of for grid-tied converters. However, their discussion did not
24 microgrid networks. However, this progress has also made encompass detailed device-level security with unique attack
25 the networks more vulnerable to communication issues. It is schemes and defense strategies. The review in [19]- [21]
26 important to have reliable and fast communication networks considers different cyber attacks and the defense strategies
27 in order to coordinate electronically connected DERs with adopted for a smart-inverter, but the constraints during time-
28 low system inertia. Unfortunately, communication constraints varying communication topology are not considered in the
29 such as delays, data loss, and cyber attacks often occur due above works.
30 to limited network bandwidth. These constraints can lead to To address the gaps mentioned earlier, this review aims to
31 a loss of time synchronization and ultimately decrease the thoroughly analyze the attacks and defenses related to smart
32 performance and stability of microgrid networks. Additionally, inverters. Initially, we will provide a comprehensive overview
33 the addition or removal of a DER from the network can of the architecture of smart inverters, both at the device and
34 change the system’s structure, so it is important to consider grid levels. This will include discussions on the different
35 the switching characteristics of communication topologies. components, functions that support the grid, commonly used
36 The increased use of communication devices in microgrid communication protocols, and various grid topologies that
37 networks also opens up opportunities for cyber attacks on utilize inverters. Next, we present a detailed examination of
38 critical facilities. This greatly affects the effectiveness and cyberattacks on smart inverters, focusing on both the device
39 reliability of microgrid networks. Therefore, it is a challenge level and the grid level. The device-level security will focus on
40 to design control schemes for DERs that can accommodate the threats that individual inverters face, while the grid-level
41 communication constraints in heterogeneous microgrids. [10]- security will primarily revolve around the security analysis
42 [12]. of inverter-based systems, such as microgrids, when they are
43 A good number of reviews have been conducted to evaluate impacted by cyber-attacks. This analysis will cover the inter-
44 the state of cybersecurity concerning smart grids. Compre- actions between a set of smart inverters and control centres,
45 hensive reviews on this topic covering the cyber-physical as well as the interactions between different smart inverters.
46 security of smart grids and their various subsystems are Then, we will explore defense strategies to counter cyber-
47 reviewed in [13], [14]. However, there has not been a specific attacks on smart inverters, including detection techniques,
48 survey dedicated solely to examining inverter security. Smart mitigation methods, and preventive measures. The overall
49 inverters operate differently and are employed in low-inertia structure of the microgrid is given in Fig. 1. Furthermore,
50 distribution systems, resulting in variations in attack models we will discuss the opportunities and challenges that arise
51 and consequences. Furthermore, smart inverters are primarily in smart inverter security with the emergence of technolo-
52 installed on the user side, which means that the cyber security gies like 5G, artificial intelligence (AI), and other relevant
53 requirements and communication protocols differ from those advancements. Additionally, the review paper focuses on the
54 used in bulk power grids. In [15], a review on cyber security different secondary control strategies for microgrids based on
55 for smart microgrids, and the impact of smart inverter attacks the control challenges, control structure, and computational
56 on grid-support functions is discussed but, they did not focus complexities. The comparison of various control strategies of
57 into device-level security for smart inverters. Therefore, there microgrids is expected to provide a crisp understanding of
58 is currently no comprehensive survey solely dedicated to different techniques and procedures [22] with advantages, dis-
59 inverter security. advantages, and future ideas. Eventually, this review paper will
60 PROCEEDINGS OF THE IEEE
Page 3 of 23
3

1
2 help to develop an efficient concept for further development
3 on MG control requirements in software and experimental
4 prospectives.
5 The contributions of this review paper are as follows.
6 1) Firstly, it thoroughly investigates the architectures of
7 smart inverters, including their potential risks, vulnera-
8 bilities, security requirements, communication protocols,
9 and functionalities. This analysis provides valuable in-
10 sights into the complexities of smart inverters.
11 2) The paper extensively reviews existing cyber-security
12 studies related to smart inverters, examining both device-
13 level attacks and grid-level attacks. It explores various
14 methods of cyber-attacks and evaluates defense strate-
15 gies. Fig. 1: Microgrid System
16 3) Additionally, the paper critically model, analyze, and
17 evaluate the attack models. This evaluation offers an
18 understanding of the current state of attack studies in control schemes have inexpensive low-bandwidth, grid current,
19 the field. and robust system.
20 4) Furthermore, the paper provides a critical evaluation of Master-slave control technology in [44] employs a robust
21 defense strategies proposed to counter all the threats and control for a seamless transition between grid-connected and
22 cyber-attacks reported in the literature. It discusses the islanded modes. A separate PLL loop maintains the synchro-
23 limitations and strengths of these strategies, providing nization in the grid-connected operation. The problem with
24 valuable insights for future research and development. the above control is that both master and slave control depend
25 5) Moreover, the paper explores the opportunities and chal- on battery storage systems, and any malfunction in the battery
26 lenges presented by emerging technologies such as AI unit could lead to MG shutdown.
27 and 5G cyber-security of smart inverters. This discussion
28 highlights the potential impact of these technologies and
B. Droop-Control Strategy
29 the need for further exploration in this area.
6) Additionally, the paper examines control protocols in The droop characteristics, similar to the frequency regula-
30
smart inverter systems, considering various communi- tion implemented by the governor of a synchronous generator,
31
cation constraints such as cyber-attacks, uncertainties represent a set of steady-state operating points that rely solely
32
of communication links, limited communication band- on local measurements. These droop characteristics are crucial
33
width, noise disturbances, communication delays, and for achieving fast and decentralized load sharing in various
34
time-varying network topology. This analysis provides conditions. The primary control mechanism is designed to
35
a comprehensive understanding of the communication use only local measurements, allowing for easy integration
36
challenges in smart inverter systems. or removal of distributed generators without disrupting the
37
7) Finally, we have discussed the various secondary control system or requiring extensive re-engineering.
38
topologies in a microgrid, which is robust during sys- The droop equation of the ith DG for an active power-
39
tem/external disturbances and plug-and-play conditions. frequency droop is given by
40
41 The article is organized as follows. Section II discusses the fi = fi∗ − λ (Pi − Pi∗ ) (1)
42 secondary control strategies in an ACMG based on the control
43 problem, complexity in control structure and computation, where fi , Pi , Pi , and Pi∗ are the actual and nominal values
44 platform development, limitations, and reliability. Section IIIof frequency and active power respectively [45].
45 presents the observations. Sections IV presents the emerging The conventional droop controllers do not handle reactive
46 cutting edge trends in microgrid control. Section V discusses power-sharing. Hence [46], proposes a droop-control method
47 the future directions and Section VI presents the conclusions. to achieve accurate reactive power-sharing. Moreover, the
48 droop control method uses a DC-MG-based virtual frequency
49 II. I SSUES OF C ONTROL S TRATEGIES FOR AC M ICROGRID to suppress the communication constraints and current sharing.
50 The experimental analysis proves to have efficient perfor-
The section describes the secondary control strategies in
51 mance, but it causes the faults in the system to ride through and
an ACMG based on control problems, complexity in control
52 employs a low-bandwidth communication channel. A voltage-
structure and computations, objectives, issues, solutions, and
53 shifting strategy is employed to maintain reference tracking of
limitations.
54 nominal voltage. Voltage-shifting techniques employed are a
55 combination of distributed and decentralized controllers.
A. Master-Slave Control The implementation of open-loop schemes involves less
56
57 In [43], the master-slave current-sharing controls the ac- complexity as compared to the closed-loop schemes. The
58 tive parallel inverters that enhance the admissibility to low- Q-V droop technique used in [47] is an open-loop method
59 bandwidth communication (LBCom) effects. Therefore, these to enhance reactive power accuracy. The method achieves
60 PROCEEDINGS OF THE IEEE
 Page 4 of 23
4

1
2 reactive power-sharing without any modification in the output
3 impedance. Voltage restoration in the control scheme sets
4 V̇ to zero at a steady state to achieve the reactive power-
5 sharing. The conventional methods do not guarantee an ac-
6 curate reactive power-sharing. The control scheme in [47]
7 eliminates the deviation of voltage set-point by using the
8 V̇ restoration technique which further minimizes the reactive
9 power deviation during the steady-state region.
10
11 C. Hierarchical Control
12
13 Microgrids have the capability to operate in two distinct
14 modes: islanded mode and grid-connected mode. In the is-
Fig. 2: Centralized P/Q (Active/Reactive power)
15 landed mode, the microgrid functions independently without
control scheme
16 any connection to the main grid. It operates as a self-sufficient
17 system, generating its own power and fulfilling its energy
18 requirements. On the other hand, in the grid-connected mode,
19 a microgrid has the ability to both supply power to and
20 receive power from the main grid. As the use of microgrids
21 becomes more prevalent, the concept of hierarchical control
22 is introduced [33]. It is important to highlight that various
23 studies have been conducted to elucidate the characteristics
24 of microgrids, as well as the implementation of hierarchical
25 control to enhance their reliability, operation, and efficiency
26 [53].
27 The hierarchical control structure is an alternative per-
28 spective that organizes the control targets for all controllers,
Fig. 3: Centralized master/slave control scheme enabling each level controller to operate independently within
29
30 different time-frames. The hierarchical control structure of
31 each microgrid can be divided into three levels. The first level,
32 known as the primary level, is responsible for distributing
33 active and reactive powers among distributed generators (DGs)
34 to maintain voltage and frequency within a specified range
35 and prevent circulating current between DGs. The primary
36 control system at this level uses droop control along with
37 inner voltage and current controllers. The configurations of
38 the inner controllers are thoroughly examined. As the primary
39 controller is primarily focused on fast control actions, it
40 plays a crucial role in determining the stability of microgrids.
41 The secondary level controllers compensate for voltage and
42 frequency deviations caused by the primary controller. The
43 tertiary controller is crucial for power sharing during grid-tied
44 mode and ensures optimal and economical operation of the
45 microgrid. It also monitors the microgrid. While these three
46 Fig. 4: Droop control scheme levels of controllers improve the reliability and efficiency of
47 the microgrid in both modes, there are still concerns such
48 as voltage and current harmonic distortions and harmonic
49 sharing issues between converters. To address these challenges,
50 the authors have proposed new hierarchical control methods
51 [54]- [57]. Table II compares the resiliency, techniques, and
52 parameters involved in various control schemes.
53
54 D. Distributed Controller
55
56 The second control layer is responsible for correcting volt-
57 age and frequency deviations caused by the virtual output
58 impedances, virtual inertias, and primary control layer. It also
59 manages power/current sharing or balanced state of charge
60 Fig. 5: Distributed control scheme PROCEEDINGS OF THE IEEE
9
8
7
6
5
4
3
2
1

60
59
58
57
56
55
54
53
52
51
50
49
48
47
46
45
44
43
42
41
40
39
38
37
36
35
34
33
32
31
30
29
28
27
26
25
24
23
22
21
20
19
18
17
16
15
14
13
12
11
10
Page 5 of 23

TABLE I: Issues and Solutions with Different Control Approaches

Control Approach Objectives Issues Solution Limitation/Benefits References
Equal power-sharing or
Incorporate an unbalanced no compensation
Feeding the unbalanced
Unbalanced settings compensation reference to of harmonic voltage. [23]
settings.
Droop Control voltage reference. Enhances the voltage unbalance
factor.
Line impedance Variation of line impedance Virtual impedance Insensitive to line nature [24]
1. Enhance the reactive power-sharing
1. Inoculating small and active accuracy or requesting communicat-
power disturbances, as well ion links or maintaining reliability.
as incorporating a slow inte-
grator to traditional reactive 2. Enhanced power-sharing. Averts the
power droop control. circulation of reactive power. Better
use of individual DG.
2. To take the apparent power
3. Enhanced power-sharing. Compensate
bounds into account. the disparities on voltage-droop of fee-
ders requesting communication links.
3. Incorporate adaptive virtual
There exists an impedance. 4. The requirement of telecommunication
Active and error in power-sharing links and central communication are
[25] - [31]
reactive power-sharing as voltage is not taken 4. Direct droop approach and not needed.
as global parameter
inverse droop approach. 5. Fine-tune the DG units impedance in
selective and fundamental harmonic
5. Enhanced virtual impedance frequencies.
control strategy and slope-
tuning of voltage droop. 6. Accurate reactive power-sharing.
Communication unit and central computation
6. To request communication or distributed interaction is not needed amongst
links and consensus-based inverters.
distributed voltage control.
7. The impact of the parameter uncertainty
7. A new ESSs approach. has been explored. Good reactive power-
sharing. Enhancement in system stability.
Additional inertia. Enhance the
Oscillatory and slow dynamic Piecewise linear droop
Droop and Coordinated Control Dynamic response accuracy of power-sharing at [32]
response. and coordinated control.
more loading conditions.
A cooperative regulating
approach to micro-resources Enhanced inner-loop and damping characteristics.
Inner loop dynamic stability and active
and ESSs. Enhanced dynamic This inner-loop stability actively damp the resources

PROCEEDINGS OF THE IEEE

Hierarchical Control [33]
damping.
stability and consists of of high frequency.
an extra phase and shift loop.
Functions in stand-alone and grid-connected
Islanding detection Universal Integrated Synchronization and Control
Universal Integrated Synchronization and Control (UISC) Finding if MG is islanded modes. The seamless transition amongst need modes [34]
algorithm. (UISC)
with no control on structural reconfiguration.
There exist no communication links. Execute
Voltage-offset Voltage predictive control approach offset-free voltage control for a determined bus.
Estimator based Distributed Control [35]
(free) based on estimator. High robustness under various parameter
uncertainties.
There exist no communication links. Enhanced
dynamic stability. Eradicate the steady-state errors
Deviations in voltage and
Restoring frequency To use a generalized washout filter in the output voltage magnitude. Improved dynamic
Washout filter based Droop Control frequency as a result of [36]
and voltage. based control. response under feeder and load disturbances. Minimized
droop control.
overshoots in the resultant voltages under dynamic
disturbances.
Share resonance currents and
Compensation of Reduced voltage quality
Distributed Control Adjustable harmonic impedance harmonics in an automatic way. [37]
voltage harmonics. as a result of non-linear load.
Enhance THD.
1. Multi-agent systems coordinated droop
control
1. Require communication link or fully distributed.
2. Distributed frequency control based on
2. Quick response.
Distributed Control Restoring frequency Deviations in voltage and consensus and distributed finite-time [38]- [40]
and voltage. frequency as a result of voltage control strategy.
3. Faster convergence and accurate performance
droop control.
despite the disturbances in MG network.
3. Multi-agent system devoid of DG
para-meters and line impedance.
5

Fully distributed control of frequency

Cooperative Control Restoration of frequency/voltage. Fully distributed. [41]
and secondary voltage.
A robust least mean logarithmic square
Stability and power-quality
Reduce power quality issues algorithm of variable step-size is used to Effective harmonic mitigation while maintaining
Robust Control issues while using non-linear [42]
by mitigating load harmonics extract fundamental components of non- grid-current balance.
loads.
linear load during any abrupt conditions.
 Page 6 of 23
6

1
2 (SoC). To achieve this, the secondary control adjusts the nor- distributed control microgrid networks can be categorized into
3 mal values of the primary control to restore the terminal output random communication delays, aperiodic sampling delays, and
4 to their reference values and compensate for the deviations. In asymmetric/symmetric communication delays. These different
5 the connected mode, the reference values can be obtained from types of delays will now be discussed in detail.
6 the main grid or a command DER generator in the stand-alone 1) Random Communication Delay: Factors such as link
7 mode. breakage, message dropout, and the reception of noisy or
8 In the distributed secondary restoration control, the local tampered messages can cause random delays in the loss of
9 state set point value is adjusted by exchanging information measurement or control signals. These delays are considered
10 with neighbouring DERs. This is typically achieved through to be one of the most significant types of time delays that can
11 distributed cooperative control protocol with perfect commu- have a negative impact on distributed controllers. To mitigate
12 nication is given as the effects of random communication delay, various methods
13 N have been developed, including network predictive control
X
14 ui = aij (fi − fj ) + ai0 (fref − fi ) (2) (NPC) and generalized predictive control (GPC).
15 j=1 Works reported earlier [62], [63], has introduced differ-
16 ent GPC approaches highlighting their advantages such as
where aij is the edge weight corresponding from DGi to DGj ,
17 adaptability, low model precision requirements, and robustness
ai0 indicates that DGi can access the state reference frequency
18 against parameter variations. Additionally, a time delay com-
through a virtual leader. The output state of DGi is represented
19 pensation controller based on NPC has been proposed in [64],
by fi .
20 which consists of a network predictor and a delay compensator.
The control protocol equation represents the adjustment of
21 This controller has been shown to enhance system performance
the local state based on the difference between the reference
22 in the presence of random delay.
state and the states of neighbouring DGs. This ensures that the
23 steady-state error is transmitted to the primary control layer
24 for restoration of the terminal output. A proportional integral
25 (PI) restoration compensator is then designed to address this
26 error as below.
27 Z
28 ∆f = kP ui + kI
i i i
ui dt (3)
29
where the correction factor is defined as ∆f , and kP and
30 i i

kI are the gains [58]- [60]. The issues and solutions of

31 i Fig. 6: Combination of the NPC scheme with the traditional
different control schemes is given in Table I. The techniques
32 GPC scheme
and resilency of diffrent control schemes is given in Table II.
33
34 Fig. 6 illustrates the combination of the NPC scheme with
III. E FFECT OF C OMMUNICATION D ELAY ON the traditional GPC scheme in a networked control system.
35
C YBER -E NABLED M ICROGRIDS This integration creates a highly robust system that does not
36
37 The inclusion of communication delay is an essential as- rely on the accuracy of the model.
38 pect of communication networks within microgrid systems. The NPC scheme is a novel approach that deviates from
39 Regardless of whether the communication links possess low the traditional GPC control method by taking into account
40 or high bandwidth, it is crucial to take into account the delay the control of single information stream transmission. By
41 in designing a controller that ensures the stable operation of leveraging the network characteristics, such as vector message
42 practical microgrid networks. This consideration is necessary stream transmission, the NPC scheme effectively compensates
43 due to the presence of load perturbations, which require for communication delay. In a study conducted by [34], an
44 the electronically interfaced DERs to promptly respond to NPC scheme was proposed to address fixed and random time
45 control commands. These DERs can quickly react to control delays, ensuring system stability through a delay compensator.
46 signals by utilizing data exchanged with their neighbouring This approach successfully mitigated the adverse effects of
47 DERs, owing to their low inertias. However, the reliance on communication delay. A delay-inclusive NPC control layer
48 communication delays introduced through the exchange of for traditional power systems was presented in [65]. There
49 data with neighbouring DERs is inevitable. remains a research gap in exploring time-delayed distributed
50 There are multiple factors that can contribute to the occur- control for microgrid networks.
51 rence of time delays in practical microgrids. These include It is worth mentioning here that although extensive research
52 limited communication speed, the additional time required has been conducted on distributed cooperation with commu-
53 for receiving measurement messages, the computation time nication time delay for the secondary restoration problem in
54 needed for generating control inputs, and the execution time microgrid networks, the existing studies typically assume that
55 for implementing these inputs. In comparison to bulk power communication delay is random, time-varying or constant.
56 systems, the time delays associated with communication in However, it is important to recognize that communication
57 microgrids have a more significant impact on system stability time delay itself may possess its own dynamics, which can
58 and performance. This is due to the relatively low system iner- be influenced by factors such as computation capability and
59 tia and high response speed of microgrids [61]. Time delays in communication distance. Therefore, it is necessary to consider
60 PROCEEDINGS OF THE IEEE
Page 7 of 23
7

1
TABLE II: Control Variables, and Techniques Adopted in Different Control Schemes
2
3 References Control Schemes Controlled Variables Techniques
Resiliency Addressed
4 or Pros
5 [48] Virtual output impedance
Inverter frequency, voltage, Sum of virtual output impedance Enable appropriate transient
active power P, reactive power Q. to balance power sharing. response.
6
Model predictive control in
7 Unit storage range, load, power
order to reduce the cost
8 [49] Predictive control balance, dispatchable unit
of both load curtailment
Indirect
9 power limit.
and microgrid.
10 Load current balancing by altering
Inverter frequency and voltage
11 [50] Droop control with active power and reactive
output voltage. The frequency that Eradicate communication
12 power.
comes in voltage with droop link.
13 characteristics.
Frequency, voltage, latency, Independent of centralized
14 [51] Peer-Peer control Characteristics of droop control.
and bandwidth. system.
15
Master controller in voltage mode
16 [52] Master-slave control Frequency, voltage, and micro-sources that states frequency and voltage
Processed in both the control
17 to micro-sources.
of decentralized and centralized.
18
19
20 communication time delay as an additional system variable which the distributed controllers (5) update their inputs. This
21 when investigating the secondary restoration problem. Fur- delay is caused by the transmission of messages [67].
22 thermore, it remains crucial to simultaneously consider the
N
23 communication time delay and other physical constraints in X
ui = aij (fi (t − τ (t)) − fj (t − τ (t))) +
24 the research on distributed secondary restoration problem.
j=1
25
26 ai0 (fref − fi (t − τ (t))) (5)
27 Fig. 7 illustrates the relationship between the time-varying
28 delay τ (t), the communication time delay δk , and aperiodic
29 sampling. The DERi unit measures the messages at the ape-
30 riodic sampling instant σm and then transmits them to its
31 neighbours. During the transmission, the messages experience
32 a delay δk due to communication network transmission. To
33 prevent temporal message disorder, a buffer-based waiting time
34 strategy is employed. This strategy further delays the received
35 Fig. 7: Relationship between the time-varying delay τ (t), the messages, as indicated by the red line in Fig. 7. The waiting
36 communication time delay δk , and aperiodic sampling time is ∆ − δk .
37 Based on the aforementioned analysis, it can be concluded
38 that the time-varying delay τ (t) within the interval [tk , tk+1 )
39 is given by τ (t) = t − tk + ∆.
40 A. Aperiodic Sampling Delay
41 To tackle the issue of high communication traffic, alterna- B. Asymmetric/Symmetric Communication Delay
42 tive distributed control protocols have been developed. These The sharing of information among DER units in microgrids
43 protocols employ sampled-data techniques and time delays to can be disrupted by communication delays, leading to insta-
44 facilitate message exchange among DERs. In particular, the bility and disturbances. These delays can be categorized as
45 DERi unit will transmit measurement messages with times- asymmetric or symmetric. In the case of asymmetric commu-
46 tamps to its neighbouring units at irregular intervals referred nication delays, the distributed control protocols described in
47 to as σm . To account for potential transmission delays, a buffer [68] as follows:
48 is utilized to gather state messages and ensure they are received
49 in the correct order [66]. The discrete moment σm signifies N
X
50 the exact time when data is measured and is defined as below. ui = aij (fi (t − τ (t)) − fj ) +
51 j=1
52 0 = σ0 < σ1 < · ·· < σm , lim σm = ∞ (4) ai0 (fref − fi (t − τ (t))) (6)
m→∞
53
54 The time interval between sampling instants σm and σm+1 is In this equation, fi represents the measured information
55 denoted as ∆k = σm+1 − σm . It is important to note that variables (frequency) of DERi unit without time delays, while
56 ∆k satisfies the condition 0 ≤ ∆ ≤ ∆k ‘ ≤ ∆. In fi (t − τ (t)) represents the measured information variables of
57 the context of distributed control protocols (5) with aperiodic its neighbours with time-varying delays. Due to the existence
58 sampled messages, the time-varying delay τ (t) is given by of the time delay τ (t), DERi unit receives messages from
59 τ (t) = t − tk + ∆, where tk represents the time instant at DERj at time t and utilizes the delayed messages. It is
60 PROCEEDINGS OF THE IEEE
 Page 8 of 23
8

1
2 device. These attacks involve reconnaissance, ransomware,
3 worm attack, DER botneck, replay, hardware Trojan, denial
4 of service (DoS), and man-in-the-middle (MITM) techniques.
5 Attacks (9) to (12) are hardware-based and include firmware
6 attacks, side-channel noise injection attack, Hall Sensor Spoof-
7 ing, and PLL attacks. Lastly, attacks (13) to (15) focus on
8 compromising the control functions of the smart inverter,
9 such as malicious attack on control setting command, and
10 algorithm, spoofing of control input and DER measurement
11 data.
12 1) Backdoor/Reconnaissance Attack: The initial step in
13 launching a cyber-attack on a smart inverter typically involves
14 reconnaissance. This entails using network scanning tools like
15 OpenVAS and Nmap on devices controlled by the attacker.
16 The purpose of reconnaissance is to gather crucial information
17 about the targeted inverter, such as the status of security
18 patches, identified vulnerabilities, operating services, open
19 ports, and its IP and MAC addresses. Various methods can be
20 employed during this stage, such as exploiting vulnerabilities
21 in patching and booting via a malicious firmware update, or
22 Fig. 8: Various device-level attacks on different components creating a reconnaissance on the network layer’s flash memory
23 of a smart inverter through an insider, utilizing disguised software. Once the
24 reconnaissance is successfully installed in the smart inverter,
25 the attackers can then proceed to elevate their privileges and
26 important to note that DERi can receive its own messages introduce malware like worms, bot-network or ransomware
27 instantly, neglecting the computation and execution time. If into the system. This can be accomplished while bypassing or
28 these times are taken into account, the asymmetric delay disabling the embedded security functions [70].
29 becomes a symmetric delay case, as described in (5). It is 2) Ransomware Attack: The prevalence of ransomware, a
30 worth mentioning that if τ (t) is a constant value, then the type of malware, is increasing at an alarming rate, posing a
31 corresponding time delay is fixed. A more detailed analysis of significant threat to computer systems. This malicious soft-
32 the impact of time delay on frequency and voltage restoration ware operates by either locking users out of the system or
33 can be found in [69]. encrypting their vital data. Locker/blocker style ransomware
34 restricts users from accessing the system, while crypto style
35 IV. I MPACTS , P REVENTION , AND P ROTECTION OF ransomware encrypts their important files. In a locker-style
36 D IFFERENT C YBER - ATTACK I N A S MART-I NVERTER attack, the remote access functions of smart inverters, such as
37 BASED S YSTEM authorized user access credentials stored in the “passwd” file,
38 The impact of cyberattacks on smart inverters can span from are encrypted. This manipulation results in the smart inverters
39 individual devices to the entire grid, depending on the intention being rendered inoperable or malfunctioning. Consequently,
40 behind the attack. When it comes to device-level attacks, the DER operators are unable to access and control the compro-
41 attackers aim to compromise a single smart inverter to manip- mised smart inverters, leading to disruptions in the local grid
42 ulate its operational conditions or disrupt the communication [20].
43 between the inverter and external devices. On the other hand, 3) Worm Attack: A worm is a type of malware that can
44 grid-level attacks involve a more extensive approach, where the replicate, spread, and execute itself without any external
45 attackers utilize device-level attacks to target the interactions intervention. Its purpose is to infiltrate and compromise other
46 between smart inverters and the control center or between interconnected systems through networks [20]. For example, a
47 different inverters. The objective of such grid-level attacks is pandemic malware uses a brute force method to quickly find
48 to impede the grid operator from achieving grid objectives, and infect all devices within a network. This is different from
49 such as optimizing power flow and minimizing energy loss, a virus, which requires manual execution by a user to start
50 or even causing complete disruption to the operation of the replicating and spreading. In a DER network system, if a worm
51 entire DER system. This section provides a comprehensive manages to compromise a smart inverter device or gateway,
52 overview of cyber-attacks on smart inverters, organized based it can then spread to other DER devices and the DER control
53 on these two perspectives. center. As a result, the worm-infected DER control center
54 and devices have the potential to transmit worms to other
55 stakeholders in the power grid. If the worm attack spreads
A. Device-Level Attacks extensively, it can cause significant damage to the power grid,
56
57 Fig. 8 shows various device-level attacks on individual leading to a long recovery period. The extent of the damage
58 components of a smart inverter. Attacks (1) to (8) target the and the number of infected devices and systems are uncertain,
59 communication link between the inverter and the connected which further complicates the recovery process.
60 PROCEEDINGS OF THE IEEE
Page 9 of 23
9

1
2 4) DER Bot Network Attack: A DER bot network , which is and send it back to the intended recipient. One commonly
3 also known as DER Botnet, is a collection of DER devices that used technique for MITM attacks is ARP poisoning, where the
4 have been compromised by botnet malware. Although the DER attacker links their MAC address with the victim’s IP address.
5 Botnet has been inactive for a significant period, it can still be MITM attacks on a PV inverter using IEC61850 protocols by
6 manipulated by a single or multiple cyber attackers to carry out using a Raspberry Pi gateway as a protocol translator and the
7 coordinated malicious activities. For instance, the DER botnet Ettercap tool for ARP poisoning is conducted in [75]. This
8 can be utilized to initiate a DDOS (Distributed Denial-of- allowed them to modify intercepted packets and tamper with
9 Service) attack specifically targeting the DER control centers. the inverter’s power output limitation settings. Similarly, Carter
10 Moreover, DER smart inverters that have been affected by et al. and Onunkwo et al. also achieved successful MITM
11 botnet malware may encounter malfunctions during specific attacks on different inverters using ARP poisoning and the
12 grid events, resulting in a prolonged blackout at the regional Ettercap tool.
13 level [71]. 9) Firmware Attack: In addition to cyber-attacks targeting
14 5) Replay Attack: Replay attacks involve intercepting and communication links, there have been instances where smart
15 resending recorded data with potential alterations. In a study inverters in the field have been subjected to hardware-based
16 by SNL researchers, two inverters were targeted using UDP/IP attacks. These smart inverters are made up of various hardware
17 and TCP/IP protocols. The SPAN tool was used to modify the components, including communication interface, JTAG, exter-
18 dc disconnection voltage setting command. Results showed nal ROM, Hall sensors, DSP, and MCU. Skilled attackers can
19 that the UDP/IP protocol accepted falsified commands, while manipulate these hardware components either by physically
20 the TCP/IP protocol rejected them due to its sequence num- tampering with them or by replacing the firmware, which
21 ber feature. Another experiment on SunSpec Modbus-based can lead to false measurement readings or changes in device
22 inverters showed successful interception, modification, and configuration. Firmware replacement can occur when manu-
23 resending of packets containing various data [72]. facturers make their firmware files public or when attackers
24 6) Hardware Trojan Attack: Hardware Trojan refers to a extract the firmware from the device. By tampering with the
25 malicious alteration made to the circuitry of an integrated firmware, attackers can carry out false data injection attacks
26 circuit (IC), which can potentially target various layers of the (FDIAs) by altering the acquisition gain of internal sensors,
27 smart inverter. For instance, a Trojan circuit that is embedded introducing biases in reported measurements, and modifying
28 within a chip, commonly known as a spy chip, located on the control parameters like PID parameters and set-points of
29 network layer of the smart inverter, can be exploited as a back- grid-support functions. Nowadays, most smart inverters have
30 door access point. Furthermore, a printed circuit board (PCB) implemented measures such as authentication, encryption, and
31 Trojan can be created by tampering with the interconnect lines cyclic redundancy check (CRC) to detect and reject falsified
32 at the internal layers or modifying the components. These firmware. However, researchers have discovered additional
33 actions can result in the unauthorized disclosure of sensitive consequences when modified firmware is uploaded. For ex-
34 information pertaining to the smart inverter. Such attacks, ample, the inverters may lose communication capabilities and
35 which exploit vulnerabilities in the supply chain, have the can only be restored through local configuration, resulting in
36 potential to cause significant and widespread negative impacts a denial-of-service (DoS) situation for the inverters [18].
37 on the grid [73]. 10) Side-Channel Noise Injection Attack: The purpose of
38 7) Denial-of-Service (DoS) Attack: A Denial of Service this cyber-attack is to disrupt and manipulate sensor data by
39 (DoS) attack targeting a smart inverter is a cyber-attack introducing noise signals. One method is using ESD (Electro-
40 aimed at rendering the inverter inaccessible to its authorized Static Discharge) diodes to induce IEMI (Intentional Electro-
41 users either temporarily or indefinitely. One common method Magnetic Interference) noise into an ADC, corrupting the data
42 employed in such attacks involves overwhelming the commu- and leading to inaccurate readings. Another approach involves
43 nication link’s bandwidth by inundating the open port of the using the AV17 antenna to interfere with an IR (Infra-Red)
44 smart inverter with rapid traffic originating from the attacker’s light sensor, distorting the collected data. These cyber-attacks
45 device. Experiments on hardware-in-loop with smart inverters can significantly impact inverter control operations, potentially
46 is conducted in [74], testing this particular type of attack. causing malfunctions and reduced efficiency. Inverters are used
47 They utilized a MODBUS communication module and a Opal- in power generation, motor control, and renewable energy
48 RT to continuously transmit packets to the inverter every 100 systems. Manipulating sensor data can disrupt the normal
49 milliseconds. As a result, users are ultimately prevented from functioning of the inverter, leading to operational issues or
50 establishing connections, accessing data, or configuring the failure. These deliberate actions highlight vulnerabilities in
51 inverter. cyber-physical systems. By targeting crucial sensors, cyber
52 8) Man-in-the-middle (MITM) Attack: The MITM attack, attackers can undermine system reliability and integrity, posing
53 also known as the Man-in-the-Middle attack, occurs when risks to industries and critical infrastructure. Robust cyber-
54 an unauthorized person secretly intercepts and manipulates security measures are essential to protect against such attacks
55 communication between two parties who believe they are and ensure secure and reliable operation [76].
56 directly communicating with each other. In the case of a smart 11) Hall Sensor Spoofing Attack: This non-invasive hard-
57 inverter attack, the attacker redirects the data from both the ware attack specifically focuses on hall sensors that are re-
58 inverter and the connected users to their own device instead sponsible for measuring voltage and current of the inverter. In
59 of the intended destination. They can then modify the data this scenario, the attacker carries out the attack by physically
60 PROCEEDINGS OF THE IEEE
 Page 10 of 23
10

1
2 introducing external electromagnetic signals to disrupt the inverters (AV15. CA MITM). This enables the adversary to
3 magnetic field intensity of the Hall sensors. This is achieved simultaneously send malicious control commands to groups
4 by attaching or positioning an electromagnet [77] in close of smart inverters, amplifying the impact and causing a wide
5 proximity to the targeted inverter (AV16). As a result of this area grid blackout. Preventing and mitigating these types
6 attack, the measurement obtained from the Hall sensors can of attacks require robust security measures, including secure
7 be manipulated to show an increase. communication protocols, strong authentication mechanisms,
8 12) PLL Attack: Rather than compromising the perfor- and continuous monitoring of control parameters. It is essential
9 mance of sensors to trigger a misinformed response from for grid operators, DER control centers, and smart inverter
10 inverters, an alternative hardware-based attack involves di- manufacturers to implement stringent security practices to
11 rectly manipulating the AC power input. In [78], a study protect against DER control misconfiguration attacks and
12 was conducted to explore the vulnerability of Phase-Locked safeguard the stability and reliability [80].
13 Loop (PLL) by injecting positive signals precisely at the zero- The controller firmware modification refers to the act of
14 crossing point of the AC voltage at the point of common altering the software code that controls the operation of a
15 coupling (PCC). This manipulation deceives the zero-crossing smart inverter. This modification can have malicious intentions
16 detector of the PLL, resulting in distorted phase and frequency and lead to harmful actions performed by the inverter. One
17 measurements. Consequently, the output voltage waveform of specific example of this malicious modification can be seen
18 the inverters becomes distorted, leading to a significant desta- in the Converter Control block, as shown in Fig. 8. In this
19 bilization of the voltage frequency. However, executing this block, the maximum power point tracking (MPPT) algorithm,
20 attack requires a specialized high-voltage pulse generator that which is responsible for optimizing the power generation of
21 must be connected to the PCC, which is a power electronics the solar inverter, is tampered with. This alteration restricts
22 device with a high cost. the inverter’s ability to efficiently generate power from the
23 13) Malicious Attack on Control Setting, Command, and solar panels [81]. Additionally, if the Grid-Support Functions
24 Algorithm: The wide area grid blackout can have significant block is maliciously modified, the smart inverter will act in
25 consequences, including disruption of power supply to a large opposition to the commands intended to support the grid.
26 number of consumers, damage to electrical equipment, and This means that instead of providing the necessary support
27 potential safety hazards. This type of attack can be particularly and stability to the grid, the inverter will perform actions
28 devastating because it targets the control parameters of smart that go against these functions [79]. The consequences of
29 inverters, which play a crucial role in integrating DERs into these malicious modifications can be severe. They have the
30 the grid. To carry out this attack, the adversary exploits potential to cause disturbances or even blackouts at a regional
31 vulnerabilities in the DER control servers (AV11) or gains level. By tampering with the MPPT algorithm, the power
32 unauthorized access to the smart inverter portal (AV12). They generation of the solar inverter is limited, which can result
33 then manipulate the control settings of multiple smart inverters, in a decrease in the overall power supply to the grid. This
34 specifically those related to grid support functions and rapid reduction in power availability can lead to instability in the
35 shut-downs for solar systems. These settings, such as DER grid and potentially cause disruptions in the electrical supply
36 ride-through and trip threshold, are designed to ensure the to a large area. Furthermore, if the Grid-Support Functions
37 stability and reliability of the grid during disturbances. By block is compromised, the smart inverter may not respond
38 modifying these control settings, the adversary can cause the appropriately to grid commands. This can disrupt the balance
39 smart inverters to trip during a grid disturbance, leading to a between power generation and consumption, leading to grid
40 cascading effect that can result in a regional blackout. This instability and potentially causing blackouts or other distur-
41 attack takes advantage of the requirements outlined in IEEE bances at a regional level.
42 1547-2018, which mandate certain grid support functions for 14) Control Input Spoofing Attack: Modifying the firmware
43 DERs. To execute the attack, the adversary may employ of the inverter controller can compromise its security and lead
44 various methods, including using a malicious smart inverter to a spoofing attack. This attack manipulates the sensor data
45 user portal (AV12) or conducting man-in-the-middle (MITM) used as covert inputs by mixing the original values with a
46 attacks (AV13-15) [79]. malicious factor. This factor, denoted as ũ(t) = u(t) + λ,
47 In a MITM attack, the adversary intercepts and alters where λrepresents unknown signals introduced by the mali-
48 the communication between the DER control center and the cious modification. As a result, the controller receives falsified
49 smart inverters. They may install tools like Ettercap in the sensor data, which can cause the inverter to operate poorly or
50 DER site router or data aggregator to facilitate the attack even trip. This compromised state of smart inverters has the
51 (AV13. DER site MITM). In more sophisticated scenarios, the potential to create instability in the power grid. Additionally, if
52 adversary may steal TLS certificate keys or session keys to a large number of smart inverters are tripped simultaneously,
53 establish a MITM attack (AV14. TLS MITM). This allows it can result in a blackout in a specific region. These conse-
54 them to manipulate the control commands sent from the quences emphasize the importance of protecting the integrity
55 DER control center to the smart inverters, causing them to of the inverter controller and its associated sensor data [82].
56 operate maliciously. The most severe form of this attack 15) DER Data Spoofing Attack: The inverter controller is
57 occurs when the adversary successfully manipulates the TLS responsible for managing the operation of the inverter system
58 certificate authority (CA) and creates MITMs that are verified by using various grid parameters, such as Vpcc, and local
59 by the CA across multiple DER control centers and smart sensor data. These parameters are necessary to ensure that the
60 PROCEEDINGS OF THE IEEE
Page 11 of 23
11

1
2 network frequency. The researchers formulated the attack as
3 an optimization problem to quantify its impact and determine
4 a stable bound for measurement manipulation. In [93], the
5 effects of a Denial-of-Service (DoS) attack on inverter-based
6 microgrids with droop control architecture and secondary
7 supplementary control is presented. The DoS attack blocks
8 the transmission of feedback frequency measurements from
9 local DER to the control center for a specific duration. The
10 analysis showed that a microgrid with four inverters can
11 Fig. 9: Various grid-level attacks become unstable if the DoS attack lasts for more than 2.6
12 seconds. Longer durations of DoS attacks can lead to increased
13 oscillations in output frequency, voltage, and active power.
inverter functions properly and stays synchronized with the The second type is command-based attacks, which involve
14
grid. However, there are potential risks associated with the manipulating control commands sent from the control center
15
manipulation of these parameters. These risks can come from to the smart inverters. By altering these commands, an attacker
16
two different sources: the malicious smart inverter user portal can manipulate the behaviour of the inverters, potentially
17
(AV12) and the local MITM attack (AV13). The first risk, causing them to deviate from their intended operation. This
18
the malicious smart inverter user portal (AV12), refers to the can lead to disruptions in the stability and reliability of the
19 possibility of unauthorized access or alteration of the inverter grid. In [90], a game is created to evaluate the vulnerability
20 controller’s settings and parameters through a compromised of distribution systems. The game involves an attacker ma-
21 user portal. An attacker with malicious intent could gain nipulating the power settings of certain inverters, while the
22 unauthorized access to the user portal and change the grid defender, who is the grid operator, can respond by controlling
23 parameters, including Vpcc, in order to disrupt the inverter other inverters and reducing the load. Through solving the
24 system’s proper functioning. This unauthorized access could game, the researchers discovered that it is more effective for
25 lead to issues like voltage instability, degradation of power the attacker to compromise downstream DER nodes rather
26 quality, or even complete system failure. The second risk, the than upstream ones. In [89], a risk assessment is conducted
27 local MITM attack (AV13), involves an attacker intercepting for microgrids that are targeted by cyber-attacks focusing on
28 and modifying the communication between the inverter con- configuration manipulation. In this scenario, the configurations
29 troller and the grid. By positioning themselves between the and control commands of PV inverters are randomly altered
30 controller and the grid, the attacker can manipulate the grid remotely. To assess the potential economic loss and the steady-
31 parameters and sensor data exchanged between the two enti- state distribution of the microgrid, the researchers utilized state
32 ties. This manipulation can result in the transmission of false machine modelling and Monte Carlo simulation techniques.
33 or inaccurate information to the inverter controller, leading to These methods enable them to predict the expected outcomes
34 incorrect decisions and potentially harmful consequences. For and evaluate the impact of such attacks on the microgrid
35 instance, the attacker could change the Vpcc value, causing system.
36 the inverter to operate at incorrect voltage levels, which can
37 Both measurement-based and command-based attacks occur
damage the equipment or disrupt the stability of the grid. To between the inverters and the control center. These types of
38 mitigate these risks, it is crucial to implement strong security attacks are most commonly observed in grids with centralized
39 measures and protocols. This includes ensuring secure access control architectures, such as the P/Q control architecture,
40 controls and authentication mechanisms for the smart inverter master-slave control architecture, and droop control archi-
41 [83].
42 tecture (as shown in Fig. 2-5). In these architectures, the
43 control center has significant control over the behaviour of
B. Grid-Level Attack the inverters, making them vulnerable to manipulation by
44
45 These attacks have the potential to compromise the integrity attackers. On the other hand, distributed control system attacks
46 of the interactions between the control center and smart occur in grids with distributed control architectures. In these
47 inverters, as well as the collaboration among multiple inverters architectures, control decisions are made locally by individual
48 to achieve grid objectives. We categorize grid-level attacks into components, and measurements are exchanged between these
49 four distinct types, which are illustrated in Fig. 9. components. An attacker can tamper with these local measure-
50 The first type is measurement-based attacks, which involve ments, leading to incorrect control decisions being made by
51 manipulating measurements within the system. This can in- the components. This can disrupt the overall operation of the
52 clude altering voltage or current readings, which can lead grid and compromise its stability. Lastly, attacks triggered by
53 to inaccurate information being sent to the control center. targeting other devices disrupt the operation of smart inverters
54 By manipulating these measurements, an attacker can deceive by attacking other devices within the grid. For example, an
55 the control center into making incorrect decisions or taking attacker may target communication devices or sensors that
56 inappropriate actions. A dynamic stealthy attack model to are crucial for the proper functioning of the inverters. By
57 target primary frequency droop controllers in inverter-based compromising these devices, the attacker can disrupt the com-
58 microgrids is proposed in [94]. This attack modifies power munication and coordination among the inverters, leading to
59 measurements to avoid detection and potentially destabilize the potential grid failures. Overall, these different types of attacks
60 PROCEEDINGS OF THE IEEE
 Page 12 of 23
12

1
TABLE III: Grid-Level Attacks
2
3 Controller Attacker Affected Control Attack
Ref. Attacker Aim
4 used Role Variable Impact
5 Distributed
Active-power sharing
6 [84]
Controller
Smart Meters Modification Voltage reduction is violated and voltage is
7 reduced.
8 [85]
Distributed Transformer voltage
Increase Reactive function
Huge power loss and
9 Controller measurement voltage violation.
10 [86]
Distributed Inverter voltage and reactive
Block
Secondary voltage Deviation in voltage
11 droop Controller power-sharing droop and reactive power.
12 Distributed Inverter frequency Secondary frequency Deviation in frequency
[87] Block
droop Controller sharing droop and active power.
13
Oscillations in frequency and
14 Distributed Inverter load and active
[88] Modification Load sharing voltage, active power
15 droop Controller power-sharing
deviation.
16
Master-slave
17 [89] Control parameters Modification None Economic loss
Controller
18
Distribution Set-point of active/reactive Load-shedding based Economic loss and
19 [90]
system power
Modification
on game-theory voltage violation.
20 Master-slave Set-point of active Block and EMS and load shedding Unregulated frequency, huge load loss,
21 [91]
Controller power Minimization during under-frequency power-sharing not maintained.
22 1. Supplementary set-point of
23 [92]
Droop
active power
Block and Secondary frequency Large frequency deviation and
24 Controller
2. Setpoint of active power
Modification droop oscillations in active power.
25 Droop Secondary frequency Large oscillations in active power,
[93] Frequency measurement Block
26 Controller droop frequency, and voltage.
27 Droop Primary frequency Violation in frequency/voltage
[94] Active power measurement Modification
28 Controller droop and bypassing bad data detection.
29
30
31 highlight the various vulnerabilities that exist in inverter-based manipulate the DefaultDERControl command and compromise
32 microgrids or DER systems. It is crucial for grid operators measurements or setpoints. Maximizing the attack’s impact
33 and system designers to be aware of these vulnerabilities may involve compromising multiple inverters in a specific
34 and implement robust security measures to protect against sequence. However, there is a lack of quantitative analysis
35 cyber-attacks. A thorough investigation into the cyber-security on smart inverters. Additionally, studies often assume perfect
36 concerns related to a distribution system that uses inverters knowledge or configurations of the system, but in reality,
37 capable of reactive power is conducted in [85]. The researchers attackers may have limited resources. Investigating the impact
38 emphasized that manipulating voltage measurements could analysis under these conditions is valuable.
39 unintentionally adjust the transformer’s tap position, resulting
40 in a violation of the actual voltage levels. As a result, smart C. Defense Strategies Against Cyber-Attacks
41 inverters would compensate for this discrepancy by providing Defense Strategies against cyber-attack include three as-
42 reactive power, leading to a significant increase in power loss.pects detection, mitigation, and prevention on a DER based
43 A load redistribution attack on a distribution grid proposed in micrigrid system, which is discussed in detail in this section.
44 [84], utilizes conserved voltage reduction (CVR) as a service. 1) Cyber-attack Defense Strategies: Extensive research has
45 This attack involved injecting malicious data into smart meters,been conducted on cyberattack detection methods and intru-
46 which then prompted the control center to manipulate the sion detection systems (IDSs) in the field of smart grids,
47 tap position of the on-load tap changer (OLTC) and the particularly in relation to automatic generation control sys-
48 reactive power set-points of smart inverters based on the CVR tems, SCADA systems, and advanced metering infrastructures.
49 algorithm. The attack model was formulated as a bi-level As the use of smart inverters becomes more common, there
50 optimization problem, and the final results showed a significanthas been an increase in studies focusing on IDSs for smart
51 deviation in the voltage profile of the feeder and a substantialinverters and inverter-based systems.
52 increase in the active power flow at the substation. An IDS is a device or software application that monitors a
53 network, device, or system to identify any malicious activities.
54 Table III summarizes grid-level attacks. Most studies have In this survey, IDSs for smart inverters are divided into three
55 focused on developing attacks simultaneously or using a one- groups based on the type of data they monitor: cyber-based
56 shot approach, targeting a single type of attack. However, IDS, physical-based IDS, and hybrid IDS.
57 the timing and order of attacks involving multiple types The cyber-based IDS collects information from cyberspace,
58 greatly affect the potential impact on smart inverters. For including data extracted from network traffic (such as com-
59 example, to exploit smart inverter functions, the attacker must munication latency, packet length, sequence number, source
60 PROCEEDINGS OF THE IEEE
Page 13 of 23
13

1
2 port, and IP address), event records extracted from inverter IDS was proposed, but its application to smart inverters has
3 logs (such as communication status, sleep, restart, stop, and not been extensively researched. The concept of a hybrid IDS
4 start), and files (such as firmware files and objective files). was initially introduced in [99] to enhance the security of
5 In [95], a study using both behaviour-based and signature- smart inverters. This system can extract features from power
6 based IDS on a Raspberry PI-based single-board computer measurements, network traffic, and host conditions such as
7 is used to identify malicious traffic between a PV inverter memory and processor usage. In addition to detecting common
8 and an aggregator. The study included tests on five attack communication attacks, it can easily identify insider threats
9 scenarios: MITM-based data spoofing, MITM-based Denial posed by authorized users, which are difficult to detect solely
10 of Service (DOS), spoof TCP handshakes, invalid packets, based on cyber data. By combining physical knowledge and
11 and unauthorized client connections. The study found that measurements, the hybrid IDS can effectively identify these in-
12 the signature-based IDS, which used the Snort tool, failed sider threats. In [100], the authors developed a signature-based
13 to detect the spoof TCP handshake and MITM-based DOS hybrid IDS specifically for smart inverters. They employed
14 attacks. On the other hand, the behaviour-based IDS, which the temporal failure propagation graph (TFPG) technique to
15 used the adaptive resonance theory artificial neural network, detect flooding attacks and utilized the Failure Detection,
16 struggled to identify invalid packets with the same length as Identification, and Accommodation (FDIA) approach. This
17 normal packets. This limitation occurred because the IDS only hybrid IDS analyzed information from both cyberspace and
18 considered packet length and the number of packets within physical space to generate an event sequence. This sequence
19 a specific time interval for model training. In [9], a custom- was then compared to a predefined attack pattern table based
20 built hardware performance counter (HPC) to detect malicious on the TFPG, determining whether it matched any known
21 firmware modification attacks on a smart micro-inverter is attack patterns.
22 proposed. This HPC acted as a behaviour-based IDS that Based on the detection methods used, IDSs can be further
23 analyzed the assembly code instructions of the firmware using classified as signature-based IDS and behaviour-based IDS.
24 machine learning (ML) techniques like random forests, neural Signature-based IDS checks received information against pre-
25 networks, decision trees, and principal component analysis defined patterns to identify specific attacks. It is effective in
26 (PCA). detecting known attacks but may struggle to detect new attacks
27 The physical-based IDS analyzes physical-side information, without established patterns. On the other hand, behaviour-
28 such as inverter internal temperature, frequency, active/reactive based IDS does not rely on known signatures and is primarily
29 power, phase angle, and output voltage/current magnitude. designed to detect unknown attacks. It employs machine learn-
30 Similarly, a machine learning-based technique to detect switch ing (ML) techniques to create an attack classifier. However,
31 signal delay attacks and reactive power compensation attacks ML-based IDSs often necessitates additional hardware and
32 in PV inverters by analyzing the waveform of the output computations.
33 voltage/current developed in [96]. They also created a data- Table IV provides an overview of reviewed detection strate-
34 driven deep learning method to identify data integrity attacks gies. These techniques are effective in detecting most device-
35 on PV inverter sensors using electrical waveform data at level and grid-level attacks on smart inverters, but there
36 the PCC. In [97], generation of small probing signals from are limitations. One limitation is that the reviewed methods
37 the control center and inputting them into the outer control primarily rely on the integrity of PCC voltage/current waves
38 loop of inverters. By comparing the physical response of the to detect false data injection attacks. However, these measure-
39 inverters against pre-established detection rules, it was possible ments can also be vulnerable to simultaneous attacks, such as
40 to determine if the control parameters had been altered by Hall spoofing or firmware replacement. Another limitation is
41 false data injection attacks (FDIAs). This method effectively that the reviewed works do not differentiate between anomalies
42 detects FDIAs without disrupting the system’s operation. An- caused by equipment failures and those caused by cyber-
43 other approach, as described in [98], involves allowing the attacks. This distinction is important for accurate detection.
44 control center to modify the active power output of multiple Additionally, the current investigation does not cover the de-
45 inverters. This modification creates detectable perturbations in tection of stealthy false data injection attacks, where errors are
46 the voltage profile of the system, while minimizing the impact injected based on the dynamic model of the inverter. Hybrid
47 on grid stability. These perturbations act as a hidden signature IDS, which combines data from cyberspace and physical
48 that can be used for data authentication. Only the presence of space, shows promise in detecting various attacks and inferring
49 this signature can confirm the accuracy of the measurements. attacker motivations. However, hybrid IDS that use signature-
50 The hybrid IDS combines data from both cyberspace and based detectors require expert knowledge to associate cyber-
51 the physical environment.The previous review illustrates that attacks with inverter responses. This process is complex and
52 cyber-based Intrusion Detection Systems (IDS) have the ability inefficient, requiring extensive field testing to establish the
53 to directly detect various cyber-attacks targeting communi- necessary knowledge and detection rules. Further research is
54 cation networks or software. However, these systems often needed to develop detection rules tailored to different types of
55 lack the capability to fully analyze the physical impacts that smart inverters.
56 can indicate the purpose of an attack. Conversely, physical-
57 based IDS can infer the purpose of an attack from a higher D. Cyber-attack Impact Mitigation Strategies
58 level but struggle to identify the underlying causes from a In relation to cyber-attacks, the process of mitigating impact
59 cyber-security perspective. To address these gaps, a hybrid involves adopting strategies that empower the inverter or the
60 PROCEEDINGS OF THE IEEE
 Page 14 of 23
14

1
TABLE IV: Smart Inverter Detection Strategies
2
3 Information Algorithm Data Detector Attack
Ref.
4 Required Used Type Type Type
5 Voltage, Active/reactive power, Temporal failure Signature FDIA and
6 [100] Hybrid
Communication traffic, inverter event data propagation algorithm based Flooding
7 Host information, communication traffic, Distributed Signature Authorized
8 [99]
power measurement network
Hybrid
based attack
9 Signature
10 [97] Node voltage Check voltage profile Physical
based
FDIA
11 Voltage, Active/reactive power,
12 Behaviour
[101] Solar irradiance, inverter air/panel Deep autoencoders Physical FDIA
13 based
temperature
14
PCC Voltage, Active/reactive power, Behaviour Volt-VAR/Disconnect
15 [102] Neural network Physical
buildings power flow based Attack
16
Behaviour Signal delay in inverter
17 [96] PCC current/voltage Matrix factorization Physical
18 based switch
19 Behaviour
[103] PCC current/voltage Feature extraction Physical FDIA
20 based
21 Snort rule, artificial neural
Signature/
MITM, unauthorized
22 [95] Communication traffic
network
Cyber Behaviour
client
23 based
24 [104] Communication traffic Snort rule Cyber
Signature
Reconnaissance
25 based
26 Behaviour
[105] PCC current/voltage LSTM Physical FDIA
27 based
28 Behaviour
[9] Firmware assembly code Neural network Cyber Firmware modification
29 based
30
31
32 entire DER system to take appropriate actions to minimize An alternative approach to enhancing the resilience of the
33 harmful outcomes and protect the grid from potential system grid involves the incorporation of specific power electronics
34 breakdown. To organize these strategies, this survey classifies devices. Utilization of an energy buffer proposed in [7], is
35 them into four separate groups based on their implementa- a unique voltage-source inverter powered by energy storage.
36 tion areas. These groups comprise resilient control targeting This energy buffer is connected to various locations within
37 distributed control systems, resilient control through the use the grid, such as the PCC, with the aim of improving fault
38 of specialized devices, grid-level resilient control, and device- ride-through capability and system resilience in the face of
39 level resilient control. cyber-attacks. Additionally, the energy buffer is equipped with
40 grid-supporting functions that help mitigate function conflicts
41 In distributed control systems, attacks can manipulate or among DER inverters. Following a similar concept, dynamic
42 disrupt information flow between inverters. A mitigation volt-ampere reactive compensation (DVC) units into the distri-
43 strategy using event-driven control to detect and replace at- bution system is introduced in [109]. These DVC units serve
44 tacked frequency signals is proposed in [106]. This ensures as dynamic inductive or capacitive supporters, operating based
45 synchronization even with attacks on up to N-1 inverters. on a pre-designed non-linear volt-var curve. Simulation results
46 They also proposed an attack-resilient strategy for distributed demonstrated that when DVC units were deployed, malicious
47 secondary frequency control, allowing for attacks on N in- modifications to volt-var curves or reactive power set-points
48 verters. A trust-based resilient control strategy is introduced of other smart inverters did not result in grid oscillations.
49 in [107] for distributed secondary voltage control. It in- However, it is important to note that both the energy buffer
50 corporates self-monitoring, neighbour-monitoring, information and DVC units are specialized inverters that are susceptible to
51 discarding, and recovery mechanisms to withstand attacks and cyber-attacks, including device-level attacks. Therefore, it is
52 maintain control. A cyber-resilient approach for distributed crucial to consider the cyber-security aspects of these devices
53 secondary frequency/voltage control is introduced in [108]. as well.
54 They use an improved weighted mean subsequence reduced
55 technique to discard abnormal information and ensure system Grid-level resilient control strategies are designed for grid
56 stability. They also introduced a virtual communication graph operators and can be seamlessly integrated into the control
57 based on power angles of DERs to guarantee cyber-security center. These strategies effectively manage various grid com-
58 and enable successful implementation of the technique. This ponents in a collaborative manner to respond to cyber-attacks.
59 aids in restoring control. To protect against cyber-attacks on measurements transmitted
60 PROCEEDINGS OF THE IEEE
Page 15 of 23
15

1
TABLE V: Smart Inverter Cyberattack Mitigation Strategies
2 from DERs to the control center, a cyber-resilient optimal
3 centralized volt-var control method is introduced in [110]. Ref. Attack Category Attack Method Attack Type
4 This method uses the DRGP-GSR method to identify and Distributed
[86] Self-triggered DoS
5 detect erroneous data in the distribution system state estima- control
6 tor. When an intrusion is detected, the Energy Management Weighted mean
Distributed
7 System (EMS) computes optimal voltage set-points for the [108] subsequence FDIA
control
8 transformer and PV inverter using historical load demand reduced
9 and PV output measurements. The objective is to minimize
[107]
Distributed Resilient trust-
FDIA
10 expected total power losses through a cumulant-based proba- control based control
11 bilistic optimization problem. A cooperative control strategy
[106]
Distributed Synchronization
FDIA
12 to mitigate the impact of Denial-of-Service (DoS) attacks on control control
13 the information exchange between the Energy Storage System Event driven-
14 (ESS) and the EMS is introduced in [111]. This strategy Distributed based
[115] FDIA
15 utilizes a decentralized state of charge (SoC) management control synchronization
16 algorithm that adjusts the V/f set-points of the ESS based control
17 on local information and incorporates supplementary control Distributed Trust-based
[116] FDIA
18 loops for other dispatchable DERs. By adopting this approach, control control
19 the adverse effects of DoS attacks on the information exchange Dynamic volt-
Special
20 between the ESS and the EMS can be minimized. [109] ampere reactive FDIA
devices
21 compensation
22 Device-level resilient control strategies can be implemented Special Energy
[7] FDIA
in inverters as resilient control functions. These control func- devices buffer
23
tions are responsible for managing the output behaviours of the Decentralized
24
inverter in response to cyber-attacks. A solution proposed in [111] Grid-level SOC DoS
25
[112], aims to protect the inverter-based microgrid from FDIAs management
26
(False Data Injection Attacks). This solution involves incor- Optimal volt-VAR
27 [110] Grid-level FDIA
porating a virtual inertia control loop into the ESS (Energy control
28
Storage System) inverter controller. This control loop is based Engineering
29 [114] Device-level FDIA
on monitoring the change rate of the frequency and enables control
30
fast compensation for frequency oscillations during an FDIA [117] Device-level Thevenin law FDIA
31
event. To defend against attacks targeting the volt-var curves Fault in
32
of smart inverters, the Thevenin law is utilized in [113]. This Virtual current internal
33 [118] Device-level
approach predicts the steady-state PCC voltage by determining sensors current
34 sensor
35 the intersection between the volt-var curve and the Thevenin’s
equivalent. If the predicted voltage falls outside the allowed Virtual inertia Abnormal DER
36 [119] Device-level
loop connection
37 range, the received volt-var curve is disregarded. The slope of
the volt-var curve is also checked using the Thevenin’s law and Virtual inertia
38 [112] Device-level
loop
FDIA
39 the multivariate circle criterion. An efficient mechanism was
40 proposed in [114] as a mitigation solution. This mechanism
41 suggests a secure range of parameters for various grid-support
functions, reducing the risk of malicious parameter modifica- E. Cyber-attack Prevention Strategies
42
43 tions. To safeguard smart inverters and prevent attacks, imple-
44 menting Intrusion Prevention (IPs) during the design stage
45 Table V presents a concise overview of the mitigation strate- is crucial. These IPs detect and counter intrusions, includ-
46 gies. The table reveals that the majority of the studies focused ing measures like authentication of PE Hardware, preventing
47 on addressing a single type of attack. For instance, when physical access, Shielding, Standard Network Prevention, PQC
48 considering the attack that compromises the communication (power-quality control)-grade Network Protocol, preventing
49 link between the smart inverter and the control center, the spoofing of grid data and local sensor data, preventing mali-
50 reviewed works primarily concentrated on the attack scheme cious firmware update and control command, hardware Trojan
51 where the attackers manipulate the set-point/commands. How- Prevention, PQC-grade codesigning, malware file prevention,
52 ever, it is crucial to acknowledge that the decision-making and standard firmware security. Given limited resources, de-
53 process of the control center can also be influenced by the velopers should prioritize IPs based on their security budget
54 measurements collected from the grid. If these measurements and potential threats. To enhance computational resources,
55 are deliberately altered simultaneously, it can lead to inap- developers can use external security systems like a malware
56 propriate mitigation actions being taken by the control center. file screening server and a blockchain security server. These
57 Consequently, it becomes imperative to detect command-based systems can be accessed through APIs (Application Program-
58 and measurement-based attacks concurrently, although this ming Interface) installed on the smart inverters, providing
59 poses a greater challenge. additional support for enhanced security measures.
60 PROCEEDINGS OF THE IEEE
 Page 16 of 23
16

1
2 MTD (Moving Target Defense) is a cybersecurity tech- scanning, detecting malicious codes or software, and deleting
3 nique that involves changing network configurations to create such threats.
4 uncertainty for potential adversaries. In [120], [121] two Access control is a security mechanism that governs the
5 studies, researchers have developed the Artificial Diversity authorization of individuals or entities to access and utilize
6 and Dynamic Security tool using the SDN (software defined resources within a communication system environment. It
7 network) communication architecture. This tool serves as a encompasses two distinct forms: physical access control and
8 defense mechanism to enhance the security of microgrids and logical access control. In the context of systems employing
9 distribution systems with smart inverters. By randomizing IP smart inverters, physical access control serves to restrict
10 addresses, port numbers, and communication paths, the tool unauthorized individuals from accessing power plants, control
11 prevents adversaries from conducting reconnaissance activ- rooms, and physical IT assets associated with the inverters,
12 ities, launching DoS attacks, and gaining insights through among other areas [122]. On the other hand, logical access
13 traffic analysis. The effectiveness of the prevention strategies control regulates connections to computer networks, system
14 mentioned above has been confirmed, with communication files, and computer data. It operates by employing insulation
15 latency remaining below 10 ms [120]. This latency is much and authentication methods. The physical access control relies
16 lower compared to the latency caused by geographic dis- on components such as access cards and fingerprints, while the
17 tance or inverter read/write times. However, it is important logical access control relies on passwords, security questions,
18 to consider that implementing these strategies may result in and similar measures. These components play a crucial role in
19 additional costs for hardware and software. facilitating effective access control. In 2019, a proposal was
20 Network segmentation is a strategic approach that involves made for a hardware-enforced trusted execution environment
21 dividing a network into different segments or subnets, called (TEE) platform aimed at safeguarding smart inverters from
22 enclaves. This allows network administrators to control the FDIAs (False Data Injection Attacks) targeting internal sen-
23 flow of traffic between these enclaves by implementing specific sors. This platform incorporates access control techniques in
24 policies. Enclaves can be created using virtual private networks two key aspects: firstly, only the TEE is granted access to
25 (VPNs), hardware proxies, or firewall rules to separate DER the hardware responsible for collecting sensor data, thereby
26 assets, such as smart inverters. If an unauthorized person preventing unauthorized agents from the rich execution envi-
27 gains access to one of these enclaves, either physically or ronment (REE) from tampering with measurements. Secondly,
28 remotely, their ability to launch attacks is limited to the the TEE digitally signs the sensor data before transmitting
29 devices within that particular enclave. By implementing net- it to the REE. Consequently, any attempts to manipulate the
30 work segmentation, the risk of Denial of Service (DoS) and sensor data through malware would prove ineffective without
31 distributed DoS (DDoS) attacks in DER networks can be physically compromising the TEE [123].
32 reduced. This is because the overall target area is decreased, Smart inverters are vulnerable to cybe rattacks, making cy-
33 as the risk is spread across multiple enclaves. Additionally, ber security best practices crucial for protecting these devices
34 network segmentation helps minimize the chances of smart and communication networks. Plant managers play a critical
35 inverters being compromised and used as part of a botnet for role in implementing these practices. The following measures
36 DDoS attacks [120]. are recommended in [123] to enhance security.
37 The process of encryption involves converting plain, read- 1) Implement a comprehensive access control mechanism
38 able text into encoded, unreadable cipher-text using a digital that includes both physical and logical access control.
39 key. This method is highly effective in ensuring integrity, non- This ensures that only authorized individuals can access
40 repudiation, authentication, and confidentiality of a message. the system.
41 However, in the case of smart inverters, the prevalent use of 2) Minimize the number of network devices to reduce
42 conventional Modbus protocols often results in the transmis- potential vulnerabilities and points of entry for cyber
43 sion of plain-text messages, which has been demonstrated to attacks.
44 be insecure and susceptible to cyber attacks. By implementing 3) Avoid open ports unless absolutely necessary. Open
45 encryption on these messages, the security of smart inverters ports can provide an entry point for attackers, so it is
46 can be enhanced to a certain extent. This is achieved by important to limit their use.
47 prolonging the decryption time required for accessing the data 4) Whenever possible, avoid wireless access and minimize
48 and increasing the cost of potential attacks for adversaries remote access. Wireless connections and remote access
49 [120]. can increase the risk of unauthorized access and poten-
50 Whitelisting is used to authorize only approved actions tial cyber attacks.
51 from trusted sources, and in the case of smart inverters, 5) Monitor network traffic between inverters and connected
52 it creates a list of approved IP addresses and commands devices to identify any abnormal high usage of band-
53 for external devices. Any command or IP address not on width. This can help detect potential cyber attacks or
54 this list will be blocked by the whitelisting applications. In unauthorized activities. In addition to these measures,
55 addition to whitelisting, antivirus software can also be used in it is recommended to deploy an Intrusion Detection
56 smart inverters or the external devices that interact with them. System (IDS) to actively detect and respond to cyber
57 Their main purpose is to prevent malicious actions or known attacks.
58 malware that could harm the smart inverters or their operators. 6) Utilize secure communication protocols and encrypted
59 These antivirus applications perform tasks like automatic file communication tunnels to protect data transmission.
60 PROCEEDINGS OF THE IEEE
Page 17 of 23
17

1
2 This ensures that data remains confidential and cannot model must be carefully considered, as cyber attacks targeting
3 be intercepted or tampered with by attackers. AI systems through data poisoning are a real concern [127].
4 7) Establish Virtual Private Networks (VPNs) to create Secondly, existing AI-powered mitigation strategies are often
5 a secure connection from within the private network. evaluated in simplified simulation environments that differ
6 VPNs provide an additional layer of security by encrypt- from real-world systems, especially the complex and ever-
7 ing data and ensuring secure communication. changing smart grids. Thirdly, AI-powered cyber attacks, such
8 8) Regularly update and improve insecure software config- as penetration testing, face the challenge of a vast attack
9 urations, as well as update old firmware and software space with numerous decision variables. Finally, the lack
10 versions of inverters that may be susceptible to mal- of evidence and validation in AI-based approaches in cyber
11 ware. Keeping software up to date helps address known security, especially in IDS, is apparent. IDS performance can
12 vulnerabilities and reduces the risk of exploitation. be greatly affected by measurement noise and distribution shift
13 9) Utilize antivirus software to detect and mitigate potential between training and online data. It is important to address this
14 malware threats. Antivirus software can help identify issue as AI-based mitigation strategies that lack adaptability
15 and remove malicious software that may compromise can put the safety of smart inverters at risk. Additionally, cyber
16 the security of the system. attacks using AI and trained with Reinforcement Learning
17 10) Conduct a comprehensive risk assessment and vulner- (RL) may perform poorly when faced with new environments
18 ability analysis with the assistance of security experts, that have changed state transition probability.
19 such as penetration tests. This helps identify potential The introduction of 5G and future wireless networks can
20 weaknesses and allows for proactive measures to be bring various benefits to smart grids, such as faster commu-
21 taken to strengthen the overall security posture. nication, reduced delay, and improved reliability for device-
22 By implementing these best practices, plant managers can to-device communication. Many manufacturers have started
23 significantly enhance the cyber security of smart inverters and integrating smart inverters, which are important IoT devices,
24 protect against potential cyber attacks. with the 5G interface. Compared to its predecessor, 4G, 5G
25 offers better security features. For example, 5G networks
26 enable secure connectivity to IoT devices through a Universal
V. E MERGING C UTTING E DGE T OPICS AND C HALLENGES
27 Subscriber Identification Module, which enhances security
28 The increase in the use of DERs has resulted in a notable in- compared to the previous version used in 4G networks.
29 crease in the adoption of smart inverters, related field devices, Additionally, 5G improves over-the-air encryption to ensure
30 and applications. This rapid growth requires grid managers the integrity of traffic, which was lacking in 4G networks.
31 to find more advanced and reliable solutions to effectively However, the introduction of 5G also brings new security
32 handle these DERs. These solutions must tackle issues such challenges. It has been shown that fake base station attacks
33 as complexity, scalability, and particularly, cybersecurity, in can be carried out in 5G networks, leading to denial-of-service
34 order to guarantee the efficient functioning of the grid. attacks and privacy breaches. Moreover, the digital keys used
35 AI (Artificial Intelligence) techniques leverage large vol- for authentication may be exposed to third parties through the
36 umes of data to create intelligent machines capable of perform- application programming interface to 5G functions. Currently,
37 ing complex tasks that typically require human intelligence. there is a lack of comprehensive studies on penetration testing
38 ML (Machine Learning), which is the most promising solution or risk assessment for 5G applications, particularly in relation
39 for AI, has already found applications in various areas of smart to smart inverters. It is important for future research to address
40 grid, including cybersecurity, fault diagnosis, power grid sta- this knowledge gap [128].
41 bility assessment, and load forecasting. AI can also assist smart SDN, or Software-Defined Networking, is an innovative net-
42 inverters in mitigating the impact of cyberattacks. For example, work architecture approach that aims to enhance the flexibility
43 generative adversarial networks can be used to recover missing and agility of networks. It achieves this by separating the con-
44 or abnormal measurements or control commands for smart trol and forwarding planes of the network, allowing for direct
45 inverters when they are subjected to denial of service or false programmability of network control. This programmability is
46 data injection attacks [124], [125]. Deep reinforcement learn- facilitated by logically centralized controllers known as SDN
47 ing (DRL) can contribute to resilience control by executing controllers, which take over the decision-making functions
48 optimal defense actions. For instance, DRL has been utilized of the network. The programmability and flexibility offered
49 to dynamically adjust the parameters of uncompromised smart by SDN present opportunities for improving security and
50 inverters, thereby mitigating grid voltage imbalances caused by resilience in smart grids. One of the key advantages of SDN
51 cyberattacks. In recent years, AI-powered cyberattacks have is its ability to provide global visibility of communications,
52 gained significant attention in the field of IT security, includ- which can greatly aid in intrusion detection. By leveraging
53 ing activities such as autonomous penetration testing, lateral the capabilities of the SDN controller, potential cyber attacks
54 movement, payload generation, password cracking, and target can be more effectively detected. In the event that an attack
55 profiling [126]. Smart inverters can also benefit from these is detected, the programmability of SDN can be utilized to
56 technologies to identify vulnerabilities and enhance security. mitigate its impact. This can be achieved through actions such
57 However, the implementation of AI-based intrusion detection as isolating compromised devices, dropping malicious traffic,
58 systems, mitigation strategies, and cyber attacks poses chal- and reconnecting devices to the communication networks.
59 lenges. Firstly, the integrity of the dataset used to train an AI Furthermore, SDN has been shown to efficiently support
60 PROCEEDINGS OF THE IEEE
 Page 18 of 23
18

1
2 Moving Target Defense (MTD) in inverter-based systems. the potential of the MG Control system.
3 By dynamically changing IP addresses, port numbers, and This review paper will provide the opportunity to understand
4 communication paths, SDN can effectively implement MTD the outcomes with various microgrid control systems and
5 strategies, as demonstrated in [120], [121]. However, it is the limitations, merits, and demerits. This further help the
6 important to note that the adoption of SDN also introduces researchers understand the challenges and operation with the
7 new security challenges. Compared to traditional networks, simulation outcome and experimental results to enhance the
8 the SDN controller becomes a critical point of vulnerability. future development of MG-based requirements.
9 If attackers gain access to the SDN controller, they can
The growth in renewable energy and its dispersion into the
10 exploit loopholes and insert malicious codes, enabling them to
corresponding main grids paved way to new concepts and
11 manipulate control signals sent to the network switches. Addi-
ideas, particularly in network management that encompasses
12 tionally, attackers can overwhelm the controller by constantly
the MG. The study in [129] tried to introduce standards for
13 sending multiple service requests, leading to Denial of Service
three varied kinds of MG, storage, market structure, and hier-
14 (DoS) or Distributed Denial of Service (DDoS) attacks.
archical control. The issues explored in the MG include power
15 The integration of renewable energy systems in a micro-
quality, island detection techniques, black start operations,
16 grid produces dynamics or uncertainties in the MG system.
protection, and monitoring of fault management. Following
17 Hence, robust monitoring of renewable energy sources in a
the development in the sensitive loads and converters relying
18 microgrid is required. Perquisite knowledge of system state is
on DG units, power management and quality have been
19 essential for the secure MG operation. After the estimation
significant for forthcoming MGs. The primary performance
20 of state variable, state-feedback controller can be designed
parameters of power quality include frequency and voltage
21 efficiently. In centralized state estimation approach, a large
control and power sharing. Multiple island-finding techniques
22 amount of data needs to be handled. Hence, a distribute
utilized in MG functionalities state that the accuracy and speed
23 state-estimation method was introduced which depends on the
of detection have been the main parameter. Hence, minimizing
24 states of only neighbouring DGs. These traditional methods
the operation time has been crucial for further studies in the
25 cannot be performed when the MG becomes unobservable
island mode detection. Another significant challenge for MG
26 during cases of tampered data, missing sensor data, or sensor
includes flexible protection techniques. Protection methods
27 fault. While designing a state estimator of high performance,
must also find faults and function in grid-connected and island
28 the knowledge regarding noise characteristics is essential.
modes.
29 To address this many works have considered using phasor
measurement unit and machine-learning to assists classical The future trends associated with the control approaches
30
31 state-estimators. Direct use of machine based systems in a for island MGs includes the energy service encompassing
32 AC microgrid, is not much researched topic and a wide scope the ideal power flow, storage management, demand response,
33 still remains in this field. The state estimation can be done by and MG protection, particularly in meshed topologies [130].
34 considering non-constant variable noise and trained models. Other future trends include optimizing the performance under
35 Thus, there is a need of developing state-estimation scheme penetration level [131] corresponding to the DG resources,
devoid of DG units, configurations, and measurements. self-healing ability, cost-prioritized droop approaches, stability
36
37 Microgrid is a huge network consisting of various sensors, enhancement in cases like complex load, and variable inertia,
38 controllers, and agents to take decision according to the end- taking into account the source dynamics of DG. Among the
39 user requirements. For the design of such a complex network several analyses undertaken, none of the introduced control
40 high-end engineering efforts are required. These complex techniques could be a perfect solution for concurrently com-
41 networks require novel approaches, engineering tools, and pensating the power quality requirements. Hence, further study
42 methods for successful operation. Domain specification, under- must focus on the new power electronic control technique
43 standing , and characterizing the requirements plays a major for satisfying the following requirements, namely more anal-
44 role in analyzing the complex MG network. The entire network ysis on the 3-phased 4-wire MG, enhancement in cyber-
45 can be analyzed as a systems of systems (SoS) which comes security, minimizing the communication interactions, taking
46 under Model Based System Engineering (MBSE) to design, into account electrical topologies for control approaches and
47 analyze and understand the MG. The perspective of SoS helps researching more hybrid MGs [132].
48 in the complete view of MG representing both control and Fig. 10 - Fig. 13 show the voltage, frequency, active, and
49 operation. reactive power characteristics in a microgrid with cyber attack
50 Microgrids require intelligent meters utilized in the exper- for the controller in [74]. Fig. 10 and Fig. 11 show the voltage
51 iment to monitor energy consumption and is defined at the and frequency characteristics of the DGs, and it is observed
52 time to island. These techniques can allow efficiency gain, that the voltage/frequency reference tracking performance is
53 especially in transport activity, including electric vehicles, unaffected by cyber attack by applying the controller in [74].
54 and enables the charging of the vehicles during outages. The transients owing to uncertainty, during cyber attack yield
55 Indeed, integrating the novel techniques of MG is an essential small peak and are rapidly damped out by the controller in
56 part of energy transmission and helps to take the methods [74]. Fig. 12 and Fig. 13 show the active and reactive power
57 forward in the dynamic world. However, the initial cost of the characteristics, from which it is confirmed that, the power
58 implementation part is still challenging, and novel integration outputs increases to maintain the power balance among the
59 of implementation of MG strategies is analyzed to scale up DGs duringcyber attack.
60 PROCEEDINGS OF THE IEEE
Page 19 of 23
19

1
2 [4] A. Vukojevic and S. Lukic, “Microgrid protection and control schemes
for seamless transition to island and grid synchronization,” IEEE Trans.
3 Smart Grid, vol. 11, no. 4, pp. 2845–2855, Mar. 2020.
4 [5] Y. Chen, C. Li, D. Qi, Z. Li, Z. Wang, and J. Zhang, “Distributed
5 event-triggered secondary control for islanded microgrids with proper
trigger condition checking period,” IEEE Trans. Smart Grid, vol. 13,
6 no. 2, pp. 837–848, Sep. 2022.
7 [6] S. Murugesan and V. Murali, “Decentralized unintentional islanding
8 identification for converter-interfaced multiple dgs,” IEEE Trans. In-
9 Fig. 11: Secondary fre- dustr. Inform., vol. 17, no. 7, pp. 4512–4520, Aug. 2021.
Fig. 10: Secondary voltage [7] J. Qi, A. Hahn, X. Lu, J. Wang, and C.-C. Liu, “Cybersecurity for
10 quency characteristics of
characteristics of DGs using distributed energy resources and smart inverters,” IET Cyber-Phys.
11 DGs using the controller in Syst.: Theory Appl., vol. 1, no. 1, pp. 28–39, 2016.
the controller in [74]
12 [74] [8] Y. Li, K. Ding, J. Zhang, F. Chen, X. Chen, and J. Wu, “A fault
diagnosis method for photovoltaic arrays based on fault parameters
13 identification,” Renew. Energy, vol. 143, pp. 52–63, 2019.
14 [9] A. P. Kuruvila, I. Zografopoulos, K. Basu, and C. Konstantinou,
15 “Hardware-assisted detection of firmware attacks in inverter-based
cyberphysical microgrids,” Int. J. Electr. Power Energy Syst., vol. 132,
16 p. 107150, 2021.
17 [10] M. N. Alam, S. Chakrabarti, and A. Ghosh, “Networked microgrids:
18 State-of-the-art and future perspectives,” IEEE Trans. Ind. Informat.,
vol. 15, no. 3, pp. 1238–1250, 2018.
19 [11] C. Yu, H. Zhou, X. Lu, J. Lai, and G.-P. Liu, “Distributed optimal
20 Fig. 12: Active power char- Fig. 13: Reactive power synchronization rate control for ac microgrids under event-triggered
21 acteristics of DGs using the characteristics of DGs using
mechanism,” IEEE Trans. Power Syst., vol. 36, no. 3, pp. 1780–1793,
2020.
22 controller in [74] the controller in [74] [12] P. Prabhakaran, Y. Goyal, and V. Agarwal, “A novel communication-
23 based average voltage regulation scheme for a droop controlled dc
24 microgrid,” IEEE Trans.Smart Grid, vol. 10, no. 2, pp. 1250–1258,
2017.
25 VI. C ONCLUSIONS [13] C.-C. Sun, A. Hahn, and C.-C. Liu, “Cyber security of a power grid:
26 In order to address the research challenges on the cyberse- State-of-the-art,” Int. J. Elect. Power Energy Syst., vol. 99, pp. 45–56,
27 curity of smart inverters and smart grids, this review provides a
2018.
[14] H. He and J. Yan, “Cyber-physical attacks and defences in the smart
28 comprehensive analysis of recent studies focusing on the cyber grid: a survey,” IET Cyber-Phys. Syst.: Theory Appl., vol. 1, no. 1, pp.
29 security and different control schemes of smart inverters based 13–27, 2016.
30 on their architecture, techniques used, parameter limitations, [15] F. Nejabatkhah, Y. W. Li, H. Liang, and R. Reza Ahrabi, “Cyber-
security of smart microgrids: A survey,” Energies, vol. 14, no. 1, p. 27,
31 and merits and demerits for microgrid operation. It begins by 2020.
32 providing an overview of smart inverters and control schemes [16] M. Gursoy and B. Mirafzal, “On self-security of grid-interactive smart
33 in a smart inverter based microgrid, including their device- and inverters,” in Proc. IEEE Kansas Power Energy Conf. IEEE, 2021,
pp. 1–6.
34 grid-level architectures, functionalities, and communication [17] D. J. Sebastian and A. Hahn, “Exploring emerging cybersecurity risks
35 protocols. The paper then proceeds to examine various attack from network-connected der devices,” in Proc. North Amer. Power
36 strategies, considering both the device level and the grid level. Symp. IEEE, 2017, pp. 1–6.
[18] S. Sahoo, T. Dragičević, and F. Blaabjerg, “Cyber security in control
37 The defense strategies against a cyber attack are categorized of grid-tied power electronic converterschallenges and vulnerabilities,”
38 into detection, mitigation, and prevention. Furthermore, the IEEE J. Emerg. Sel. Topics Power Electron., vol. 9, no. 5, pp. 5326–
39 article critically discusses the attack models and defense strate- 5340, 2019.
40 gies that have been reviewed, highlighting their limitations
[19] Y. Li and J. Yan, “Cybersecurity of smart inverters in the smart grid:
A survey,” IEEE Trans. Power Electron., 2022.
41 and identifying research gaps. Additionally, it explores the [20] B. Ahn, T. Kim, S. Ahmad, S. K. Mazumder, J. Johnson, H. A. Man-
42 opportunities and challenges posed by emerging technologies tooth, and C. Farnell, “An overview of cyber-resilient smart inverters
43 such as 5G and AI in securing smart inverters. Given that
based on practical attack models,” IEEE Trans. Power Electron., 2023.
[21] J. Hou, C. Hu, S. Lei, and Y. Hou, “Cyber resilience of power
44 smart inverters play a crucial role in the realms of smart grids electronics-enabled power systems: A review,” Renew. Sustain. Energy
45 and the IoT industry, this survey offers valuable insights to Rev., vol. 189, p. 114036, 2024.
46 enhance the cyber security and control techniques of smart [22] Q. Xu, N. Vafamand, L. Chen, T. Dragievi, L. Xie, and F. Blaabjerg,
“Review on advanced control technologies for bidirectional dc/dc
47 inverters and smart grids. converters in dc microgrids,” IEEE J. Emerg. Sel. Top. Power Electron.,
48 vol. 9, no. 2, pp. 1205–1221, Mar. 2021.
49 R EFERENCES [23] M. Savaghebi, A. Jalilian, J. C. Vasquez, and J. M. Guerrero, “Au-
tonomous voltage unbalance compensation in an islanded droop-
50 [1] S. K. Mazumder, M. D. R. Greidanus, J. Liu, and H. A. Mantooth, controlled microgrid,” IEEE Trans. Industr. Electron., vol. 60, no. 4,
51 “Vulnerability of a voc-based inverter due to noise injection and its pp. 1390–1402, Apr. 2013.
52 mitigation,” IEEE Trans. Power Electron., vol. 38, no. 2, pp. 1445– [24] J. C. Vasquez, J. M. Guerrero, M. Savaghebi, J. Eloy-Garcia, and
1450, 2022. R. Teodorescu, “Modeling, analysis, and design of stationary-reference-
53 [2] K. Gupta, S. Sahoo, R. Mohanty, B. K. Panigrahi, and F. Blaabjerg, frame droop-controlled parallel three-phase voltage source inverters,”
54 “Distinguishing between cyber attacks and faults in power electronic IEEE Trans. Industr. Electron., vol. 60, no. 4, pp. 1271–1280, Apr.
55 systemsa noninvasive approach,” IEEE J. Emerg. Sel. Top. Power 2013.
Electron., vol. 11, no. 2, pp. 1578–1588, 2022. [25] J. He and Y. W. Li, “An enhanced microgrid load demand sharing
56 [3] B. Ahn, A. M. Jenkins, T. Kim, J. Zeng, L. McLauchlan, and S.- strategy,” IEEE Transactions on Power Electronics, vol. 27, no. 9, pp.
57 w. Park, “Exploring ransomware attacks on smart inverters,” in IEEE 3984–3995, Sep. 2012.
58 Energy Conversion Congress and Exposition (ECCE). IEEE, 2023, [26] A. Milczarek, M. Malinowski, and J. M. Guerrero, “Reactive power
pp. 1567–1573. management in islanded microgridproportional power sharing in hier-
59
60 PROCEEDINGS OF THE IEEE
 Page 20 of 23
20

1
2 archical droop control,” IEEE Trans. Smart Grid, vol. 6, no. 4, pp. [47] J. Zhou and P.-T. Cheng, “A modified q-V̇ droop control for accurate
1631–1638, Jul. 2015. reactive power sharing in distributed generation microgrid,” IEEE
3 [27] H. Mahmood, D. Michaelson, and J. Jiang, “Accurate reactive power Trans. Ind. Appl., vol. 55, no. 4, pp. 4100–4109, Jul. 2019.
4 sharing in an islanded microgrid using adaptive virtual impedances,” [48] M. Roslan, M. Hannan, P. J. Ker, and M. Uddin, “Microgrid control
5 IEEE Trans. Power Electron., vol. 30, no. 3, pp. 1605–1617, Mar. 2015. methods toward achieving sustainable energy management,” Appl.
[28] C. Guzman, A. Cardenas, and K. Agbossou, “Load sharing strategy Energy, vol. 240, pp. 583–607, Apr. 2019.
6 for autonomous ac microgrids based on fpga implementation of ada- [49] J. R. Araújo, E. N. Silva, A. B. Rodrigues, and M. G. da Silva,
7 line&fll,” IEEE Trans. Energy Convers., vol. 29, no. 3, pp. 663–672, “Assessment of the impact of microgrid control strategies in the power
8 Sep. 2014. distribution reliability indices,” J. Control Autom. Electr. Syst., vol. 28,
[29] J. He, Y. W. Li, J. M. Guerrero, F. Blaabjerg, and J. C. Vasquez, “An no. 2, pp. 271–283, Jan. 2017.
9 islanding microgrid power sharing approach using enhanced virtual [50] A. F. Habibullah, F. A. Padhilah, and K.-H. Kim, “Decentralized control
10 impedance control scheme,” IEEE Trans. Power Electron., vol. 28, of dc microgrid based on droop and voltage controls with electricity
11 no. 11, pp. 5272–5282, Nov. 2013. price consideration,” Sustainability, vol. 13, no. 20, p. 11398, Oct.
[30] J. Schiffer, T. Seel, J. Raisch, and T. Sezi, “Voltage stability and 2021.
12 reactive power sharing in inverter-based microgrids with consensus- [51] X. Zhang, J. Guan, and B. Zhang, “A master slave peer to peer
13 based distributed voltage control,” IEEE Trans. Control Syst. Technol., integration microgrid control strategy based on communication,” in
14 vol. 24, no. 1, pp. 96–109, Jan. 2016. 2016 IEEE PES Asia-Pacific Power and Energy Engineering Conf.
[31] X. Tang, X. Hu, N. Li, W. Deng, and G. Zhang, “A novel frequency and (APPEEC). IEEE, 2016, pp. 1106–1110.
15 voltage control method for islanded microgrid based on multienergy [52] X. Chen, Y. H. Wang, and Y. C. Wang, “A novel seamless transferring
16 storages,” IEEE Trans. Smart Grid, vol. 7, no. 1, pp. 410–419, Jan. control method for microgrid based on master-slave configuration,” in
17 2016. 2013 IEEE ECCE Asia Downunder, 2013, pp. 351–357.
[32] M. S. Golsorkhi and D. D. C. Lu, “A control method for inverter-based [53] M. Carpintero-Renterı́a, D. Santos-Martı́n, and J. M. Guerrero, “Mi-
18 islanded microgrids based on v-i droop characteristics,” IEEE Trans. crogrids literature review through a layers structure,” Energies, vol. 12,
19 Power Deliv., vol. 30, no. 3, pp. 1196–1204, Jun. 2015. no. 22, p. 4381, 2019.
20 [33] Y. Han, P. Shen, X. Zhao, and J. M. Guerrero, “Control strategies [54] B. She, F. Li, H. Cui, J. Zhang, and R. Bo, “Fusion of microgrid
for islanded microgrid using enhanced hierarchical control structure control with model-free reinforcement learning: review and vision,”
21 with multiple current-loop damping schemes,” IEEE Trans. Smart Grid, IEEE Trans. Smart Grid, 2022.
22 vol. 8, no. 3, pp. 1139–1153, May 2017. [55] B. She, F. Li, H. Cui, J. Wang, L. Min, O. Oboreh-Snapps, and R. Bo,
23 [34] M. Karimi-Ghartemani, “Universal integrated synchronization and con- “Decentralized and coordinated vf control for islanded microgrids
trol for single-phase dc/ac converters,” IEEE Trans. Power Electron., considering der inadequacy and demand control,” IEEE Trans. Energy
24 vol. 30, no. 3, pp. 1544–1557, Mar. 2015. Convers., 2023.
25 [35] Y. Wang, Z. Chen, X. Wang, Y. Tian, Y. Tan, and C. Yang, “An [56] D. Kanakadhurga and N. Prabaharan, “Demand side management in
26 estimator-based distributed voltage-predictive control strategy for ac microgrid: A critical review of key issues and recent trends,” Renew.
islanded microgrids,” IEEE Trans. Power Electron., vol. 30, no. 7, pp. Sustain. Energy Rev, vol. 156, p. 111915, 2022.
27 3934–3951, Jul. 2015. [57] P. Xie, J. M. Guerrero, S. Tan, N. Bazmohammadi, J. C. Vasquez,
28 [36] Y. Han, H. Li, L. Xu, X. Zhao, and J. M. Guerrero, “Analysis of M. Mehrzadi, and Y. Al-Turki, “Optimization-based power and energy
29 washout filter-based power sharing strategyan equivalent secondary management system in shipboard microgrid: A review,” IEEE Syst. J.,
controller for islanded microgrid without lbc lines,” IEEE Trans. Smart vol. 16, no. 1, pp. 578–590, 2021.
30 Grid, vol. 9, no. 5, pp. 4061–4076, Sep. 2018. [58] C. Samende, J. Cao, and Z. Fan, “Multi-agent deep deterministic
31 [37] X. Wang, F. Blaabjerg, and Z. Chen, “Autonomous control of inverter- policy gradient algorithm for peer-to-peer energy trading considering
32 interfaced distributed generation units for harmonic current filtering distribution network constraints,” Appl. Energy, vol. 317, p. 119123,
and resonance damping in an islanded microgrid,” IEEE Trans. Indu. 2022.
33 Appl., vol. 50, no. 1, pp. 452–461, Feb. 2014. [59] R. Hao, T. Lu, Q. Ai, and H. He, “Distributed online dispatch for
34 [38] A. Bidram, A. Davoudi, F. L. Lewis, and J. M. Guerrero, “Distributed microgrids using hierarchical reinforcement learning embedded with
35 cooperative secondary control of microgrids using feedback lineariza- operation knowledge,” IEEE Trans. Power Syst., 2021.
tion,” IEEE Trans. Power Syst., vol. 28, no. 3, pp. 3462–3470, Aug. [60] E. Espina, J. Llanos, C. Burgos-Mellado, R. Cardenas-Dobson,
36 2013. M. Martinez-Gomez, and D. Saez, “Distributed control strategies for
37 [39] F. Guo, C. Wen, J. Mao, and Y.-D. Song, “Distributed secondary microgrids: An overview,” IEEE Access, vol. 8, pp. 193 412–193 448,
38 voltage and frequency restoration control of droop-controlled inverter- 2020.
based microgrids,” IEEE Trans. Industr. Electron., vol. 62, no. 7, pp. [61] Y. Han, K. Zhang, H. Li, E. A. A. Coelho, and J. M. Guerrero, “Mas-
39 4355–4364, Jul. 2015. based distributed coordinated control and optimization in microgrid and
40 [40] S. Shrivastava, B. Subudhi, and S. Das, “Distributed voltage and microgrid clusters: A comprehensive overview,” IEEE Trans. Power
41 frequency synchronisation control scheme for islanded inverter-based
microgrid,” IET Smart Grid, vol. 1, no. 2, pp. 48–56, 2018.
Electron., vol. 33, no. 8, pp. 6488–6508, 2017.
[62] Y.-P. Tian, S. Chun, G. Chen, S. Zong, Y. Huang, and B. Wang, “Delay
42 [41] N. M. Dehkordi, N. Sadati, and M. Hamzeh, “Fully distributed cooper- compensation-based time synchronization under random delays: Algo-
43 ative secondary frequency and voltage control of islanded microgrids,” rithm and experiment,” IEEE Trans. Control Syst. Technol., vol. 29,
IEEE Trans. Energy Convers., vol. 32, no. 2, pp. 675–685, Jun. 2017. no. 1, pp. 80–95, 2020.
44 [42] A. Parida and B. Subudhi, “A variable step size robust least mean [63] E. A. Coelho, D. Wu, J. M. Guerrero, J. C. Vasquez, T. Dragicević,
45 logarithmic square-based control scheme for improved power quality C. Stefanović, and P. Popovski, “Small-signal analysis of the microgrid
46 of grid-interfaced pv system,” IEEE Trans. Smart Grid, vol. 13, no. 3, secondary control considering a communication time delay,” IEEE
pp. 2086–2093, 2022. Trans. Ind. Electron., vol. 63, no. 10, pp. 6257–6269, 2016.
47 [43] D. Li and C. N. Man Ho, “A delay-tolerable masterslave current-sharing [64] G.-P. Liu, “Predictive controller design of networked systems with
48 control scheme for parallel-operated interfacing inverters with low- communication delays and data loss,” IEEE Trans. Circuits Syst. II,
49 bandwidth communication,” IEEE Trans. Ind. Appl., vol. 56, no. 2, Express Briefs, vol. 57, no. 6, pp. 481–485, 2010.
pp. 1575–1586, Jan. 2020. [65] W. Yao, L. Jiang, Q. Wu, J. Wen, and S. Cheng, “Delay-dependent
50 [44] P. Buduma, M. K. Das, R. T. Naayagi, S. Mishra, and G. Panda, stability analysis of the power system with a wide-area damping
51 “Seamless operation of master–slave organized ac microgrid with controller embedded,” IEEE Trans. Power Syst., vol. 26, no. 1, pp.
52 robust control, islanding detection, and grid synchronization,” IEEE 233–240, 2010.
Transactions on Industry Applications, vol. 58, no. 5, pp. 6724–6738, [66] X. Lu and J. Lai, “Communication constraints for distributed secondary
53 2022. control of heterogeneous microgrids: A survey,” IEEE Trans. Ind. Appl.,
54 [45] A. S and B. Subudhi, “Distributed control for accurate volt- vol. 57, no. 6, pp. 5636–5648, 2021.
55 age/frequency regulation and power sharing in a microgrid,” in Proc. [67] R. Zhang and B. Hredzak, “Distributed control system with aperiodic
5th International Conference on Energy, Power and Environment: sampled time-delayed data for batteries and renewable energy sources
56 Towards Flexible Green Energy Technologies (ICEPE), 2023, pp. 1–6. in microgrid,” IEEE Trans. Sustain. Energy, vol. 11, no. 2, pp. 1013–
57 [46] Y. Liu, X. Zhuang, Q. Zhang, M. Arslan, and H. Guo, “A novel droop 1022, 2019.
58 control method based on virtual frequency in dc microgrid,” Int. J. [68] J. Lai, X. Lu, X. Yu, A. Monti, and H. Zhou, “Distributed voltage
Electr. Power Energy Syst., vol. 119, p. 105946, Jul. 2020. regulation for cyber-physical microgrids with coupling delays and slow
59
60 PROCEEDINGS OF THE IEEE
Page 21 of 23
21

1
2 switching topologies,” IEEE Trans. Syst., Man, Cybern.: Syst., vol. 50, microgrid,” IEEE Trans. Ind. Electron., vol. 66, no. 2, pp. 1543–1551,
no. 1, pp. 100–110, 2019. 2018.
3 [69] J. Lai, H. Zhou, X. Lu, X. Yu, and W. Hu, “Droop-based distributed [89] X. Liu, M. Shahidehpour, Y. Cao, L. Wu, W. Wei, and X. Liu,
4 cooperative control for microgrids with time-varying delays,” IEEE “Microgrid risk analysis considering the impact of cyber attacks on
5 Trans. Smart Grid, vol. 7, no. 4, pp. 1775–1789, 2016. solar pv and ess control systems,” IEEE Trans. Smart Grid, vol. 8,
[70] S. R. B. Alvee, B. Ahn, S. Ahmad, K.-T. Kim, T. Kim, and J. Zeng, no. 3, pp. 1330–1339, 2016.
6 “Device-centric firmware malware detection for smart inverters using [90] D. Shelar and S. Amin, “Analyzing vulnerability of electricity distribu-
7 deep transfer learning,” in Proc. 2022 IEEE Design Methodologies for tion networks to der disruptions,” in Proc. Amer. Control Conf. IEEE,
8 Power Electronics, Bath, U.K.,Sep. 1-2, 2022, pp. 1–5. 2015, pp. 2461–2468.
[71] S. Soltan, P. Mittal, and H. V. Poor, “Blackiot:iot botnet of high wattage [91] M. Chlela, G. Joos, and M. Kassouf, “Impact of cyber-attacks on
9 devices can disrupt the power grid,” in Proc. 27th USENIX Security islanded microgrid operation,” in Proc. Workshop Commun., Comput.
10 Symposium, 2018, pp. 15–32. Control Resilient Smart Energy Syst., 2016, pp. 1–5.
11 [72] J. Johnson, “Cybersecurity assessments on emulated [92] S. Liu, P. X. Liu, and X. Wang, “Effects of cyber attacks on islanded
microgrid frequency control,” in Proc. IEEE 20th Int. Conf. Comput.
12 der communication networks.” 2019. [Online]. Available:
Supported Cooperative Work Des. IEEE, 2016, pp. 461–464.
https://api.semanticscholar.org/CorpusID:241960137
13 [73] S. Ghosh, A. Basak, and S. Bhunia, “How secure are printed circuit [93] S. Liu, Z. Hu, X. Wang, and L. Wu, “Stochastic stability analysis and
14 boards against trojan attacks?” IEEE Design & Test, vol. 32, no. 2, pp. control of secondary frequency regulation for islanded microgrids under
random denial of service attacks,” IEEE Trans. Ind. Inform., vol. 15,
15 7–16, 2014.
no. 7, pp. 4066–4075, 2018.
[74] A. Sunil. and B. Subudhi, “Dynamic event-triggered distributed sec-
16 ondary control for a microgrid considering time-delay and distur- [94] H. Salehghaffari and M. Khodaparastan, “Dynamic attacks against
17 bances,” in Proc. IECON 2023- 49th Annual Conference of the IEEE inverter-based microgrids,” in Proc. IEEE Power & Energy Soc. Gen.
Meeting (PESGM). IEEE, 2019, pp. 1–5.
18 Industrial Electronics Society, Singapore, Oct. 16-19, 2023, pp. 1–6.
[95] C. B. Jones, A. R. Chavez, R. Darbali-Zamora, and S. Hossain-
[75] B. Kang, P. Maynard, K. McLaughlin, S. Sezer, F. Andrén, C. Seitl,
19 F. Kupzog, and T. Strasser, “Investigating cyber-physical attacks against McKenzie, “Implementation of intrusion detection methods for dis-
20 iec 61850 photovoltaic inverter installations,” in Proc. 2015 IEEE 20th tributed photovoltaic inverters at the grid-edge,” in Proc. 2020 IEEE
Power & Energy Society Innovative Smart Grid Technologies Confer-
21 Conference on Emerging Technologies & Factory Automation (ETFA),
ence (ISGT), 2020, pp. 1–5.
Luxembourg, 2015, pp. 1–8.
22 [76] N. Gajanur, M. D. R. Greidanus, S. K. Mazumder, and M. A. [96] F. Li, R. Xie, B. Yang, L. Guo, P. Ma, J. Shi, J. Ye, and W. Song,
23 Abbaszada, “Impact and mitigation of high-frequency side-channel “Detection and identification of cyber and physical attacks on distri-
bution power grids with pvs: An online high-dimensional data-driven
24 noise intrusion on the low-frequency performance of an inverter,” IEEE
approach,” Int. J. Emerg. Sel. Top. Power Electron., vol. 10, no. 1, pp.
Trans. Power Electron., vol. 37, no. 10, pp. 11 481–11 485, 2022.
25 [77] A. Barua and M. A. Al Faruque, “Hall spoofing: A non-invasive dos
1282–1291, 2019.
26 attack on grid-tied solar inverter,” in Proc. 29th USENIX Security
[97] Y. Li, Y. Qin, P. Zhang, and A. Herzberg, “Sdn-enabled cyber-physical
security in networked microgrids,” IEEE Trans. Sustain. Energy,
27 Symposium (USENIX Security 20), 2020, pp. 1273–1290.
vol. 10, no. 3, pp. 1613–1622, 2018.
[78] H. M. Albunashee, C. Farnell, A. Suchanek, K. Haulmark, R. A.
28 McCann, J. Di, and A. Mantooth, “A test bed for detecting false data
[98] K. Jhala, P. Pradhan, and B. Natarajan, “Perturbation-based diagnosis
29 injection attacks in systems with distributed energy resources,” IEEE
of false data injection attack using distributed energy resources,” IEEE
Trans. Smart Grid, vol. 12, no. 2, pp. 1589–1601, 2020.
30 J. Emerg. Sel. Top. Power Electron., vol. 10, no. 1, pp. 1303–1315,
[99] A. Chavez, C. Lai, N. Jacobs, S. Hossain-McKenzie, C.-t. B. Jones,
2019.
31 [79] I. Zografopoulos, N. D. Hatziargyriou, and C. Konstantinou, “Dis-
J. Johnson, and A. Summers, “Hybrid intrusion detection system
32 tributed energy resources cybersecurity outlook: Vulnerabilities, at-
design for distributed energy resource systems,” in Proc. 2019 IEEE
CyberPELS (CyberPELS), 2019, pp. 1–6.
33 tacks, impacts, and mitigations,” IEEE Syst.J., 2023.
[100] C. Sun, R. Zhu, and C. Liu, “Cyber attack and defense for smart
[80] J. Choi, B. Ahn, S. Pedavalli, S. Ahmad, A. Villasenor, and T. Kim,
34 “Secure firmware update and device authentication for smart inverters
inverters in a distribution system,” in Proc. CIGRE Study Committee
35 using blockchain and phyiscally uncloable function (puf)-embedded
D2 Colloquium, Helsinki, Finland, 2019.
[101] K. G. Lore, D. M. Shila, and L. Ren, “Detecting data integrity attacks
36 security module,” in Proc. 2021 6th IEEE Workshop on the Electronic on correlated solar farms using multi-layer data driven algorithm,” in
Grid (eGRID), Nov. 8-10, 2021, pp. 01–04.
37 [81] I. Zografopoulos, J. Ospina, X. Liu, and C. Konstantinou, “Cyber-
Proc. IEEE Conf. Commun. Netw. Secur. IEEE, 2018, pp. 1–9.
38 physical energy systems security: Threat modeling, risk assessment,
[102] D. M. Shilay, K. G. Lorey, T. Weiz, T. Lovetty, and Y. Cheng,
“Catching anomalous distributed photovoltaics: An edge-based multi-
39 resources, metrics, and case studies,” IEEE Access, vol. 9, pp. 29 775– modal anomaly detection,” arXiv preprint arXiv:1709.08830, 2017.
29 818, 2021.
40 [103] B. Yang, L. Guo, F. Li, J. Ye, and W. Song, “Vulnerability assessments
[82] J. Zhang and J. Ye, “Cyber-attack detection for active neutral point
41 clamped (anpc) photovoltaic (pv) converter using kalman filter,” in
of electric drive systems due to sensor data integrity attacks,” IEEE
Trans. Ind. Inform., vol. 16, no. 5, pp. 3301–3310, 2019.
42 Proc. 2022 IEEE Applied Power Electronics Conference and Exposition [104] A. Singh, “Distributed intrusion detection system for modbus protocol,”
43 (APEC), (APEC), Houston, TX, USA, 2022, pp. 1939–1944. 2020.
[83] J. Ye, A. Giani, A. Elasser, S. K. Mazumder, C. Farnell, H. A. [105] F. Li, Q. Li, J. Zhang, J. Kou, J. Ye, W. Song, and H. A. Mantooth,
44 Mantooth, T. Kim, J. Liu, B. Chen, G.-S. Seo et al., “A review of “Detection and diagnosis of data integrity attacks in solar farms based
45 cyber–physical security for photovoltaic systems,” IEEE J. Emerg. Sel. on multilayer long short-term memory network,” IEEE Trans. Power
46 Topics Power Electron., vol. 10, no. 4, pp. 4879–4901, 2021. Electron., vol. 36, no. 3, pp. 2495–2498, 2020.
[84] D. Choeum and D.-H. Choi, “Vulnerability assessment of conservation [106] M. S. Sadabadi, S. Sahoo, and F. Blaabjerg, “A fully resilient cyber-
47 voltage reduction to load redistribution attack in unbalanced active secure synchronization strategy for ac microgrids,” IEEE Trans. Power
48 distribution networks,” IEEE Trans. Ind. Inform., vol. 17, no. 1, pp. Electron., vol. 36, no. 12, pp. 13 372–13 378, 2021.
49 473–483, 2020. [107] L. Ma and G. Xu, “Distributed resilient voltage and reactive power
[85] A. Teymouri, A. Mehrizi-Sani, and C.-C. Liu, “Cyber security risk control for islanded microgrids under false data injection attacks,”
50 assessment of solar pv units with reactive power capability,” in Proc. Energies, vol. 13, no. 15, p. 3828, 2020.
51 IECON 2018-44th Annual Conference of the IEEE Industrial Electron- [108] A. Bidram, B. Poudel, L. Damodaran, R. Fierro, and J. M. Guer-
52 ics Society, 2018, pp. 2872–2877. rero, “Resilient and cybersecure distributed control of inverter-based
[86] G. Xu and L. Ma, “Resilient self-triggered control for voltage restora- islanded microgrids,” IEEE Trans. Industr. Inform., vol. 16, no. 6, pp.
53 tion and reactive power sharing in islanded microgrids under denial- 3881–3894, 2019.
54 of-service attacks,” Appl. Sci., vol. 10, no. 11, p. 3780, 2020. [109] A. Joseph, K. Smedley, and S. Mehraeen, “Secure power distribution
55 [87] B. Wang, Q. Sun, R. Han, and D. Ma, “Consensus-based secondary against reactive power control malfunction in der units,” IEEE Trans.
frequency control under denial-of-service attacks of distributed gener- Power Del., vol. 36, no. 3, pp. 1552–1561, 2020.
56 ations for microgrids,” J. Franklin Inst., vol. 358, no. 1, pp. 114–130, [110] A. Majumdar, Y. P. Agalgaonkar, B. C. Pal, and R. Gottschalg, “Cen-
57 2021. tralized volt–var optimization strategy considering malicious attack on
58 [88] H. Zhang, W. Meng, J. Qi, X. Wang, and W. X. Zheng, “Distributed distributed energy resources control,” IEEE Trans. Sustain. Energy,
load sharing under false data injection attack in an inverter-based vol. 9, no. 1, pp. 148–156, 2017.
59
60 PROCEEDINGS OF THE IEEE
 Page 22 of 23
22

1
2 [111] M. Chlela, D. Mascarella, G. Joós, and M. Kassouf, “Fallback control [121] A. R. Chavez, J. Hamlet, and W. Stout, “Artificial diversity and
for isochronous energy storage systems in autonomous microgrids defense security (addsec) final report,” Sandia National Lab.(SNL-NM),
3 under denial-of-service cyber-attacks,” IEEE Trans. Smart grid, vol. 9, Albuquerque, NM (United States), Tech. Rep., 2018.
4 no. 5, pp. 4702–4711, 2017. [122] P. Chiantore and J. Watson, “Operation & maintenance best practices
5 [112] M. Chlela, G. Joos, M. Kassouf, and Y. Brissette, “Real-time testing guidelines 3.0,” SolarPower Europe, London, Tech. Rep, 2018.
platform for microgrid controllers against false data injection cyberse- [123] D. J. Sebastian, U. Agrawal, A. Tamimi, and A. Hahn, “Der-tee:
6 curity attacks,” in Proc. IEEE Power Energy Soc. Gen. Meeting, 2016, Secure distributed energy resource operations through trusted execution
7 pp. 1–5. environments,” IEEE Internet Things J., vol. 6, no. 4, pp. 6476–6486,
8 [113] I. Friedberg, F. Kupzog, H. Sandberg, and K. McLaughlin, “Intrusion 2019.
resilience for pv inverters in a distribution grid use-case featuring [124] O. A. Omitaomu and H. Niu, “Artificial intelligence techniques in smart
9 dynamic voltage control,” in Proc. Int. Conf. Crit. Inf. Infrastructures grid: A survey,” Smart Cities, vol. 4, no. 2, pp. 548–568, 2021.
10 Secur, vol. 11777, 2019, p. 97. [125] Y. Li, Y. Wang, and S. Hu, “Online generative adversary network based
11 [114] J. Johnson, J. Quiroz, R. Concepcion, F. Wilches-Bernal, and M. J. measurement recovery in false data injection attacks: A cyber-physical
approach,” IEEE Trans. Ind. Inform., vol. 16, no. 3, pp. 2031–2043,
12 Reno, “Power system effects and mitigation recommendations for der
cyberattacks,” IET Cyber- Phys. Syst.: Theory Appl., vol. 4, no. 3, pp. 2019.
13 240–249, 2019. [126] B. Guembe, A. Azeta, S. Misra, V. C. Osamor, L. Fernandez-Sanz,
14 [115] S. Sahoo, Y. Yang, and F. Blaabjerg, “Resilient synchronization strategy and V. Pospelova, “The emerging threat of ai-driven cyber attacks: A
review,” Appl. Artif. Intell., vol. 36, no. 1, p. 2037254, 2022.
15 for ac microgrids under cyber attacks,” IEEE Trans. Power Electron.,
[127] M. Xue, C. Yuan, H. Wu, Y. Zhang, and W. Liu, “Machine learning
vol. 36, no. 1, pp. 73–77, 2020.
16 [116] S. Abhinav, H. Modares, F. L. Lewis, F. Ferrese, and A. Davoudi, security: Threats, countermeasures, and evaluations,” IEEE Access,
17 “Synchrony in networked microgrids under attacks,” IEEE Trans. Smart vol. 8, pp. 74 720–74 742, 2020.
[128] R. Borgaonkar and M. G. Jaatun, “5g as an enabler for secure iot in
18 Grid, vol. 9, no. 6, pp. 6731–6741, 2017.
the smart grid,” in Proc. 1st Int. Conf. Societal Automat., 2019, pp.
[117] B. Kang, D. Umsonst, M. Faschang, C. Seitl, I. Friedberg, F. Kupzog,
19 H. Sandberg, and K. McLaughlin, “Intrusion resilience for pv inverters 1–7.
20 in a distribution grid use-case featuring dynamic voltage control,” in [129] O. Palizban, K. Kauhaniemi, and J. M. Guerrero, “Microgrids in active
network management–part ii: System operation, power quality and
21 Proc. Int. Conf. Crit. Inf. Infrastructures Secur. Springer, 2020, pp.
protection,” Renew. Sust. Energ. Rev., vol. 36, pp. 440–451, Aug. 2014.
97–109.
22 [118] P. M. Papadopoulos, L. Hadjidemetriou, E. Kyriakides, and M. M. [130] J. Hu, Y. Shan, K. W. Cheng, and S. Islam, “Overview of power
23 Polycarpou, “Robust fault detection, isolation, and accommodation of converter control in microgridschallenges, advances, and future trends,”
IEEE Trans. Power Electron., vol. 37, no. 8, pp. 9907–9922, Aug. 2022.
24 current sensors in grid side converters,” IEEE Trans. Ind. Appl., vol. 53,
[131] N. Salehi, H. Martnez-Garca, G. Velasco-Quesada, and J. M. Guerrero,
no. 3, pp. 2852–2861, 2016.
25 [119] M. Chlela, D. Mascarella, G. Joos, and M. Kassouf, “Cyber-resilient
“A comprehensive review of control strategies and optimization meth-
26 control of inverter based microgrids,” in Proc. IEEE Glob. Conf. Signal
ods for individual and community microgrids,” IEEE Access, vol. 10,
pp. 15 935–15 955, Jan. 2022.
27 Inf. Process. IEEE, 2016, pp. 841–845.
[132] A. A. Derbas, M. Kheradmandi, M. Hamzeh, and N. D. Hatziargyriou,
[120] I. Onunkwo, B. J. Wright, P. G. Cordeiro, N. Jacobs, C. F. Lai, J. T.
28 Johnson, T. Hutchins, W. M. Stout, A. D. Chavez, B. T. Richardson
“A hybrid power sharing control to enhance the small signal stability in
29 et al., “Cybersecurity assessments on emulated der communication
dc microgrids,” IEEE Trans. Smart Grid, vol. 13, no. 3, pp. 1826–1837,
May 2022.
30 networks,” Sandia National Lab.(SNL-NM), Albuquerque, NM (United
States); DNK , Tech. Rep., 2019.
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60 PROCEEDINGS OF THE IEEE
Page 23 of 23

1
2
3
4
5
6
7 To 12 June 2024
8
9
The Editor in Chief
10 Proceedings IEEE
11
12 Dear Professor,
13
14
15 Greetings!
16
17 We would like to submit work on A Comprehensive Review On Secondary and Cyber-secured
18 Control Schemes for AC Microgrids authored by Arunima S and B.Subudhi for possible
19
20 review and publication in Proceedings IEEE. This has not been submitted to elsewhere for
21 publication.
22
23 With regards
24
25
26 Bidyadhar Subudhi
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

1
PROCEEDINGS OF THE IEEE