Energy Reports (Nov 2022)
Time series-based detection and impact analysis of firmware attacks in microgrids
Abstract
Distributed generation (DG) and microgrids (MG) are critical components of future power systems. However, the reliance of DGs and MG on resource-constrained embedded controllers for their operation renders them potential cyberattack targets. In this paper, we analyze the adversarial objectives of attackers attempting switching and control input modification attacks by manipulating controller firmware. We demonstrate the attack impact in the simulated Canadian urban distribution feeder system consisting of four DGs. To detect malicious firmware within the inverter controllers, we propose utilizing custom-built Hardware Performance Counters (HPCs) in conjunction with Time Series Classifiers (TSCs). TSCs respect the sequential order and attributes of the utilized custom-built HPCs sampling the controller’s firmware. Our experimental results demonstrate that malicious firmware can be successfully identified with 97.22% accuracy using a TSC trained on a single custom-built HPC.
