Cyberattacks are becoming a serious threat for power systems and their prevention are gaining attention and need to be better understood by developers, technology providers and network operators, among others.
SDN-microSENSE (SDN -microgrid reSilient Electrical eNergy SystEm) is an innovation H2020 project, that ended in October 2022. It provided a set of secure, privacy-enabled, and resilient to cyberattacks tools, thus ensuring the normal operation of the Electrical Power and Energy Systems (EPES) as well as the integrity and the confidentiality of communications. The Software Defined Network (SDN) technology can increase EPES security, to enable mitigation of cyberattacks in the communication layer of the power system infrastructure. The means to achieve attack mitigation is to isolate compromised devices from the rest of the communication system by (through SDN) dynamically rearranging the routing paths of transmitted data.
SDN-microSENSE intends to address security and privacy requirements that cover the whole energy value chain, involving traditional electricity generators, Transmission System Operators (TSOs), Distribution System Operators (DSOs), DER operators and prosumers. The full potential of the proposed architecture is demonstrated and validated through six use cases/pilots that address various cybersecurity requirements in EPES/SG:
- Pilot 1 Investigation of Versatile Cyberattack Scenarios and Methodologies Against EPEs
- Pilot 2 Massive False Data Injection Cyberattack Against State Operation and Automatic Generation Control
- Pilot 3 Large-scale Islanding Scenario Using Real-life Infrastructure
- Pilot 4 EPES Cyber-defence against Coordinated Attacks
- Pilot 5 Distribution Grid Restoration in Real-world PV Microgrids
- Pilot 6 Realising Private and Efficient Energy Trading among PV Prosumers
The project demonstrates that the incorporation of SDN into microgrids can offer some great advantages over conventional networks: The traditional hardware-dependant communication infrastructure is not designed to identify the flow and context of the data and it only focuses on packet forwarding using pre-defined network configurations. SDN provides programmability, dynamicity, flexibility, and intelligence to current network architectures, and its benefits can be delivered from four main features: dynamic flow control, network-wide visibility with centralized control, network programmability and simplified data plane.
Power systems group, from IREC, leads the work package linked to the self-healing capabilities (SDN-SELF); resilience against all kinds of faults, including faults in both the communication system and in the electrical power grid, that the SDN-technology could offer. In that context, it has been specified how SDN is applied in the EPES ecosystem, thus transforming the corresponding EPES devices into a new architectural paradigm called SDN-enabled EPES devices.
The developments achieved within the previously mentioned work package include the components for the monitoring and control of the equipment in the EPES infrastructures, for the analysis of the current situation in EPES domain and issue mitigation through islanding or energy management mechanisms and for the recovery of the grid observability and the improvement of its QoS when the communication network is under attack.
The main outcomes are:
- The development of SDN enabled measurement and control units, specifically an SDN-enabled energy meter and prototype of an SDN-enabled RTU
- The northbound and southbound interfaces for SDN-Controller and a Synchronization and Coordination Service (SCS) to redirect the connection to one or more SDN-controllers
- Several dashboards to monitor the status of the actions performed by the tools
- An SDN application to maximize the observability of the network in case of a failure or a cyberattack
- Development of tools using different algorithms (deep learning and mixed linear programming) to clusterize the grid and generate islands (intentional islanding) as a self-healing mechanism
- Tools to maintain the energy balance within a microgrid and check the viability for the energy trading actions, to restore the frequency and voltage when there is a blackout and coordination of the control modes regarding the microgrid DERs and Optimal Power Sharing
- A permissioned Fabric blockchain-based energy trading platform, leveraging provenance features of blockchain technologies, facilitating energy trading based on supply/demand and considering the real time security state of the network: Blockchain-based e-auction framework, Blockchain Based Intrusion and Anomaly Detection system
In addition, IREC has developed a testing platform (inside the Smart Energy Laboratory) allowing the integration, testing and validation of cyber-threads into a controlled electrical environment, as well as the application of SDN algorithms and technologies. Such testing environment allows full testing of cyber-attacks and potential countermeasures into electrical equipment and communication devices. This platform was required to validate developed tools before using them in the real electric grid, which is a critical infrastructure.
Moreover, IREC has included new functionalities to an own registered tool, called Optimization Tool for Self-healing and Clustering (OTSC), which is composed of two different parts inside the SDN-SELF architecture. The Islanding and optImisation fraMework (OTSC-IIM) part aims to create a new electric scheme by creating islands to divide the grid into different sectors. The intention of that is to isolate the elements that can cause problems in the grid and at the same time maintain the power supply to the maximum number of consumers. To perform the island, the tool needs to know the status of the grid and the distributed energy resources there. The Energy Restoration and Management Processes framework (OTSC-EMO) part aims to balance the energy in one or more islands in the electric grid. The idea of this tool is to work in an emergency scenario in the electric grid, where the electric grid is forced to divide the original topology into small parts. Both parts can work together, and once the OTSC-IIM finishes, the OTSC-EMO should start to work with the islanding situation.
The project manages information classified as ‘Restreint UE / EU Restricted’. IREC has received accreditation by the National Authority Service to process information with this classification level.
The consortium is formed by AYESA, Centre for Research and Technology Hellas (CERTH), ATOS, Public Power Corporation S.A. / Testing Research & Standards Center, Municipality of Avdira, Elektroenergien Sistemen Operator EAD (ESO), UBITECH LTD, Sidroco Holdings Ltd, Eight Bells LTD, Energynautics GmbH, SIAXAMPANIS E.E, RAVNA HYDRO LTD, ESTABANELL Y PAHISA ENERGIA SA, Independent Power Transmission Operator SA, DIL DIEL,GEIE ERCIM / W3C, University of Western Macedonia, PREDUZECE ZA TELEKOMUNIKACIJSKE USLUGE REALAIZ DOO BEOGRAD, Schneider Electric France SAS, Fundacion Tecnalia Research & Innovation, Innovative Energy and Information Technologies LTD, CEZ Distribution Bulgaria AD, CyberLens B.V, 0 INFINITY LTD,Incites Consulting SARL, Norges teknisk-naturvitenskaplige universitet (NTNU), Gottfried Wilhelm Leibniz Universität Hannover, Fundacio Institut de Recerca en Energia de Catalunya (IREC), Checkwatt AB, SINTEF Energy SA, Optimización orientada a la sostenibilidad SL, Fundación Ayesa and Schneider Electric España.
This project has received funding from the EU’s H2020 research and innovation programme under grant agreement No 833955.