IEEE Access (Jan 2020)
Prosumer Nanogrids: A Cybersecurity Assessment
Abstract
Nanogrids are customer deployments that can generate and inject electricity into the power grid. These deployments are based on behind-the-meter renewable energy resources and are labeled as “prosumer setups”, allowing customers to not only consume electricity, but also produce it. A residential nanogrid is comprised of a physical layer that is a household-scale electric power system, and a cyber layer that is used by manufacturers and/or grid operators to remotely monitor and control the nanogrid. With the increased penetration of renewable energy resources, nanogrids are at the forefront of a paradigm shift in the operational landscape and their correct operation is vital to the electric power grid. In this paper, we perform a cybersecurity assessment of a state-of-the art residential nanogrid deployment. For this purpose, we deployed a real-world experimental nanogrid setup that is based on photovoltaic (PV) generation. We analyzed the security and the resiliency of this system at both the cyber and physical layers. While we noticed improvements in the cybersecurity measures employed in the current nanogrid compared to previous generations, there are still major concerns. Our experiments show that these concerns range from exploiting well-known protocols, such as Secure Shell (SSH) and Domain Name Service (DNS), to the leakage of confidential information, and major shortcomings in the software updating mechanism. While the compromise of multiple nanogrids can have a negative effect on the entire power grid, we focus our analysis on individual households and have determined through Simulink-based simulations the economic loss of a compromised deployment.
Keywords