Programmable intrusion detection for distributed energy resources in cyber–physical networked microgrids

A programmable intrusion detection method is presented to identify the malicious attacks to distributed energy resources (DERs) in the cyber–physical networked microgrids. The proposed method injects small programmable signals into the system and uses the response to identify abnormal conditions. Because of the low or even zero inertia induced by integrations of DER power-electronic-interfaces, microgrids have very limited resilience capability; and thus, being sensitive to attacks. One microgrid's malfunction caused by attacks can easily propagate to its neighboring systems when several microgrids are connected, leading to catastrophic electricity supply failures. Through the presented method, malicious intrusions can be effectively detected, located, and defended for securing microgrids. Theoretical derivations are provided to define the programmable detection rules. The detection rule is easy and flexible to update, making it difficult for attack actors to gain the knowledge of the detection rules, in order to avoid being detected. Numerical results on a cyber–physical networked microgrids system show that the proposed method is effective and efficient in precisely locating intrusion attacks to the microgrids system.