Abstract

In this paper, we propose a Hardware-in-the-Loop (HIL) simulation testbed suitable for the implementation and testing of realistic cyberattacks on grid-tied smart inverter systems integrated with Distributed Energy Resources (DER) that use the Distributed Network Protocol-3 (DNP3) protocol for communications between grid components. Specifically, our testbed combines a Real-Time Digital Simulator (RTDS) NovaCor device, outfitted with GNETx2 network interface cards, a grid-tied DER topology implemented via the RTDS software package RSCAD, and a custom virtual network that emulates a man-in-the-middle (MITM) attacker. The MITM attacker captures DNP3 traffic and falsifies telemetry data in DNP3 packets to trigger unwarranted commands from a DNP3 controller that exploits smart inverter grid support functions. We choose DNP3 and implement grid support functions according to the IEEE Std. 1547-2018 mandated for the interconnection and interoperability of DER power systems with associated power components. Furthermore, we develop a protocol payload agnostic attack detection framework that leverages the round-trip time (RTT) anomalies between DNP3 requests and responses and can detect the presence of attacks without having to analyze the payload's contents, while balancing trade-offs between false alarm counts, missed detections, and time to detection. To facilitate further research, we publicly release benign and attack network traffic exchanged between various sensors, controllers, and actuators in our grid-tied inverter testbed.

Department(s)

Computer Science

Comments

U.S. Department of Energy, Grant DE-CR0000029

Keywords and Phrases

Cybersecurity; Datasets; DER; DNP3; Smart Grid Communications; Smart Inverters; Testbed

Document Type

Article - Conference proceedings

Document Version

Citation

File Type

text

Language(s)

English

Rights

© 2025 Institute of Electrical and Electronics Engineers, All rights reserved.

Publication Date

01 Jan 2025

Download

Full Text Link

Share

 
COinS