Cyber-Physical Emulation and Threat Scenario Simulation for Enhanced Microgrid Resilience
Microgrid systems have gained significant prominence as compelling platforms for investigating and validating advanced power system operations due to their inherent flexibility and resilience. However, such systems are susceptible to complex cybersecurity risks that require proactive and robust defe...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/11029216/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849706067207913472 |
|---|---|
| author | Khandaker Akramul Haque Mohamed Massaoudi Leen Al Homoud Katherine R. Davis Mahmoud Kabalan Hassan Salamy |
| author_facet | Khandaker Akramul Haque Mohamed Massaoudi Leen Al Homoud Katherine R. Davis Mahmoud Kabalan Hassan Salamy |
| author_sort | Khandaker Akramul Haque |
| collection | DOAJ |
| description | Microgrid systems have gained significant prominence as compelling platforms for investigating and validating advanced power system operations due to their inherent flexibility and resilience. However, such systems are susceptible to complex cybersecurity risks that require proactive and robust defense mechanisms. Failure to address these vulnerabilities can severely undermine the coordination and power-sharing mechanisms among distributed generators (DGs). This paper introduces a cyber-physical emulation of an existing microgrid at the University of St. Thomas with its overlaid synthetic cyber network to evaluate its vulnerabilities and strengthen its security. Unlike previous testbeds that focus primarily on single-layer analysis or simplified attack models, our framework uniquely integrates real-world microgrid specifications with comprehensive cyber network emulation, enabling the first systematic evaluation of complex multi-stage attacks on operational microgrids using industry-standard protocols and structured adversarial techniques. Our results reveal that correlation analysis identified critical attack relationships. Implementing these focused security measures shows a reduction in attack success rates by 64% and improved system recovery time following disruptions, demonstrating the framework’s effectiveness for enhancing microgrid resilience. Different threat scenarios, guided by the MITRE ATT&CK framework, are implemented to systematically assess the system’s susceptibility to cyberattacks. Additionally, the Distributed Network Protocol 3 (DNP3) is leveraged to collect data in the form of DNP3 objects, enabling effective monitoring and control within this threat simulation. Our findings demonstrate the enhanced resilience of the microgrid when subjected to various cyber threats. Furthermore, it highlights how the proposed methodology can be scaled to safeguard larger power systems. |
| format | Article |
| id | doaj-art-e6cbad58f0354eab9b0e4dba89431525 |
| institution | DOAJ |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-e6cbad58f0354eab9b0e4dba894315252025-08-20T03:16:18ZengIEEEIEEE Access2169-35362025-01-011310145510147110.1109/ACCESS.2025.357842111029216Cyber-Physical Emulation and Threat Scenario Simulation for Enhanced Microgrid ResilienceKhandaker Akramul Haque0https://orcid.org/0000-0002-0111-1568Mohamed Massaoudi1https://orcid.org/0000-0002-9388-2115Leen Al Homoud2Katherine R. Davis3https://orcid.org/0000-0002-1603-1122Mahmoud Kabalan4https://orcid.org/0000-0002-0113-1841Hassan Salamy5https://orcid.org/0000-0003-1314-1702Department of Electrical and Computer Engineering, Texas A&M University, College Station, TX, USADepartment of Electrical and Computer Engineering, Texas A&M University, College Station, TX, USADepartment of Electrical and Computer Engineering, Texas A&M University, College Station, TX, USADepartment of Electrical and Computer Engineering, Texas A&M University, College Station, TX, USADepartment of Electrical and Computer Engineering, University of St. Thomas, Saint Paul, MN, USADepartment of Electrical and Computer Engineering, University of St. Thomas, Saint Paul, MN, USAMicrogrid systems have gained significant prominence as compelling platforms for investigating and validating advanced power system operations due to their inherent flexibility and resilience. However, such systems are susceptible to complex cybersecurity risks that require proactive and robust defense mechanisms. Failure to address these vulnerabilities can severely undermine the coordination and power-sharing mechanisms among distributed generators (DGs). This paper introduces a cyber-physical emulation of an existing microgrid at the University of St. Thomas with its overlaid synthetic cyber network to evaluate its vulnerabilities and strengthen its security. Unlike previous testbeds that focus primarily on single-layer analysis or simplified attack models, our framework uniquely integrates real-world microgrid specifications with comprehensive cyber network emulation, enabling the first systematic evaluation of complex multi-stage attacks on operational microgrids using industry-standard protocols and structured adversarial techniques. Our results reveal that correlation analysis identified critical attack relationships. Implementing these focused security measures shows a reduction in attack success rates by 64% and improved system recovery time following disruptions, demonstrating the framework’s effectiveness for enhancing microgrid resilience. Different threat scenarios, guided by the MITRE ATT&CK framework, are implemented to systematically assess the system’s susceptibility to cyberattacks. Additionally, the Distributed Network Protocol 3 (DNP3) is leveraged to collect data in the form of DNP3 objects, enabling effective monitoring and control within this threat simulation. Our findings demonstrate the enhanced resilience of the microgrid when subjected to various cyber threats. Furthermore, it highlights how the proposed methodology can be scaled to safeguard larger power systems.https://ieeexplore.ieee.org/document/11029216/Cyber-physical situational awarenesscybersecurityintrusion detectionmicrogrid resilience |
| spellingShingle | Khandaker Akramul Haque Mohamed Massaoudi Leen Al Homoud Katherine R. Davis Mahmoud Kabalan Hassan Salamy Cyber-Physical Emulation and Threat Scenario Simulation for Enhanced Microgrid Resilience IEEE Access Cyber-physical situational awareness cybersecurity intrusion detection microgrid resilience |
| title | Cyber-Physical Emulation and Threat Scenario Simulation for Enhanced Microgrid Resilience |
| title_full | Cyber-Physical Emulation and Threat Scenario Simulation for Enhanced Microgrid Resilience |
| title_fullStr | Cyber-Physical Emulation and Threat Scenario Simulation for Enhanced Microgrid Resilience |
| title_full_unstemmed | Cyber-Physical Emulation and Threat Scenario Simulation for Enhanced Microgrid Resilience |
| title_short | Cyber-Physical Emulation and Threat Scenario Simulation for Enhanced Microgrid Resilience |
| title_sort | cyber physical emulation and threat scenario simulation for enhanced microgrid resilience |
| topic | Cyber-physical situational awareness cybersecurity intrusion detection microgrid resilience |
| url | https://ieeexplore.ieee.org/document/11029216/ |
| work_keys_str_mv | AT khandakerakramulhaque cyberphysicalemulationandthreatscenariosimulationforenhancedmicrogridresilience AT mohamedmassaoudi cyberphysicalemulationandthreatscenariosimulationforenhancedmicrogridresilience AT leenalhomoud cyberphysicalemulationandthreatscenariosimulationforenhancedmicrogridresilience AT katherinerdavis cyberphysicalemulationandthreatscenariosimulationforenhancedmicrogridresilience AT mahmoudkabalan cyberphysicalemulationandthreatscenariosimulationforenhancedmicrogridresilience AT hassansalamy cyberphysicalemulationandthreatscenariosimulationforenhancedmicrogridresilience |