Demonstration of Man in the Middle Attack on a Commercial Photovoltaic Inverter Providing Ancillary Services

Rapid modernisation of distribution power systems aims to improve system efficiency and reliability while increasing photovoltaic (PV) penetration levels. However, ensuring the cyber security of such smart distribution grids has emerged as major challenge. Cyber-attacks on key equipment of distribution power systems may lead to inefficient operation of the grid, breach private smart meter data or cause intentional false tripping of feeders. In this paper, a man in the middle attack on a commercial solar PV inverter, which provides ancillary services to the grid, is demonstrated to cause an intentional false tripping of the entire feeder leading to a regional blackout. The successful experimental implementation of the attack reveals the effectiveness and the risk of this attack. Detailed risk analysis is conducted to asses the influence of different factors, such as feeder loading and PV inverter capacity, on the effectiveness of the proposed attack.

[1]  Francesco Parisi-Presicce,et al.  DNPSec: Distributed Network Protocol Version 3 (DNP3) Security Framework , 2007 .

[2]  Igor Nai Fovino,et al.  Design and Implementation of a Secure Modbus Protocol , 2009, Critical Infrastructure Protection.

[3]  F. Torelli,et al.  Can PV plants provide a reactive power ancillary service? A treat offered by an on-line controller , 2011 .

[4]  Fadi A. Aloul,et al.  Smart Grid Security: Threats, Vulnerabilities and Solutions , 2012 .

[5]  Heejo Lee,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[6]  Daniel Esteban Morales Bondy,et al.  A clearinghouse concept for distribution-level flexibility services , 2013, IEEE PES ISGT Europe 2013.

[7]  Federico Coffele,et al.  Investigation of the sympathetic tripping problem in power systems with large penetrations of distributed generation , 2015 .

[8]  Marco Liserre,et al.  Reverse power flow control in a ST-fed distribution grid , 2016, 2016 IEEE Energy Conversion Congress and Exposition (ECCE).

[9]  Isao Ono,et al.  Detection of Cyber Attacks Against Voltage Control in Distribution Power Grids With PVs , 2016, IEEE Transactions on Smart Grid.

[10]  Elias Kyriakides,et al.  Diversifying the role of distributed generation grid side converters for improving the power quality of distribution networks using advanced control techniques , 2017, 2017 IEEE Energy Conversion Congress and Exposition (ECCE).

[11]  Bikash C. Pal,et al.  Centralized Volt–Var Optimization Strategy Considering Malicious Attack on Distributed Energy Resources Control , 2018, IEEE Transactions on Sustainable Energy.

[12]  Chen-Ching Liu,et al.  Cyber Security Risk Assessment of Solar PV Units with Reactive Power Capability , 2018, IECON 2018 - 44th Annual Conference of the IEEE Industrial Electronics Society.

[13]  Michail Maniatakos,et al.  FLEP-SGS2: a Flexible and Low-cost Evaluation Platform for Smart Grid Systems Security , 2019, 2019 IEEE Power & Energy Society Innovative Smart Grid Technologies Conference (ISGT).

[14]  Michail Maniatakos,et al.  Demonstration of Man in the Middle Attack on a Feeder Power Factor Correction Unit , 2020, 2020 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe).

[15]  Niels Kjølstad Poulsen,et al.  A Control-Based Method to Meet TSO and DSO Ancillary Services Needs by Flexible End-Users , 2020, IEEE Transactions on Power Systems.