The decentralization of Smart Grids is an ongoing transformation. For novel Smart Grid appliances, e.g. distributed control algorithms (DCAs), IT security is a core requirement and needs to be considered already in the development phase.
Prospectively, millions of new regenerative energy resources and electric cars need to be coordinating additionally to the existing power grid, to match supply and demand. The development of innovative DCAs is one possible contribution in the direction of a resilient Smart Grid. While decentralization of control algorithms can help avoiding single-point-of-failures and improve the system’s resilience, as depicted in Fig. 1, its complexity increases. The OpenDISCO framework is a tool for assisting the development of resilient Smart Grid control despite these challenges.
Related work
Power grid functionality has traditionally been implemented in a centralized way. Current research shows alternative solutions based on DCAs for many of these applications, realized by so-called decentralized Virtual Power Plants (Stübs, 2018) and implementing grid functionality like Demand Response (Sakurama & Miura, 2017), Frequency-Load Control (Dong, 2016) and Power System State Estimation (Etemad & Lahouti, 2016).
The integration of Controller-Hardware-in-the-Loop (CHIL) into a Smart Grid validation environment has been thoroughly tested (Andrén et al., 2013) and several Cyber-Physical Energy System (CPES) testbeds exist (Cintuglu et al., 2017). Verification of DCAs is a well-researched topic among wireless sensor networks (Wang & Bagrodia, 2011). However, a truly decentralized framework has not been developed and we aim to contribute to this development with a security assessment framework for the Smart Grid.
OpenDISCO framework
The proposed framework aims to accompany the development cycles of any DCA for CPES by describing an interface for an advanced resilience assessment. Three main properties, namely a modular structure, the distributed execution, stress condition simulation, build the core of the framework:
-
a)
Modular Structure
Smart Grid engineers can independently develop modules to be executed by the OpenDISCO framework, that can implement the DCA’s logical structure, as shown in Fig. 2. Thanks to the modularity of the framework, it is easy to introduce a new or different DCA in the code. Modules are required to implement an event-driven interface, thus granting interoperability with simulation tools. The modularity mechanism is built upon a message queue and an event-driven operation: When a message or event arrives at the control node, it is sent to the central message queue and is then available for processing by the framework’s modules.
-
b)
Distributed Execution
Each control node can be either simulated or executed in a distributed environment with a preconfigured topology. Message exchange between the control nodes is implemented using the publisher-subscribe concept. The communication network’s topology is either realized in hardware or simulated. Thereby different topologies can be used for evaluation, for example ring topology, fully meshed topology or an incomplete mesh.
-
c)
Stress Condition Simulation
The framework includes an XML based attack description language, which allows to implement various attacker models. By creating designated attack simulation modules for the control nodes, it is possible to describe denial-of-service attacks and connectivity malfunctions, such as dropping or delaying messages, changing reported measurements and control commands, or even disconnecting from and re-connecting to the evaluated micro-grid. An additional feature is support for probabilistic and/or orchestrated attack behavior.
Case study
The presented case study shows a decentralized frequency-load control algorithm in an islanded micro grid (Nguyen et al., 2017). Each distributed energy resource (DER) is equipped with a control node, which implements a single node of the DCA and is responsible for commanding the DER. The power generating part of the DER is simulated in a digital real-time simulator, while the control nodes communicate in a communication network, shown in Fig. 3. The algorithm’s task is to react to deviations in the micro grids electrical frequency from the nominal value of 50 Hz. The algorithm is realized as a distributed averaging consensus, requiring the control nodes to communicate and then act collectively. In the evaluated scenario, each control node can only communicate with its direct neighbors, implementing a locality-aware ICT topology.
The evaluation of the connection between the digital real-time simulator and the control nodes was realized by implementing a cluster of Raspberry Pi embedded systems, as pictured in Fig. 4.
Demo setup
The demo setup uses a physical Raspberry Pi cluster as pictured in Fig. 4 and powered by a 230 V, 60 W power hub, providing low voltage DC via USB to the Ethernet switch and embedded devices, which are mounted on a rack. Implementing a CHIL configuration, each Raspberry Pi functions as the controller of a DER in the simulated CPES, in this case an islanded micro grid. The interconnection between the embedded devices utilizes Ethernet and TCP/IP. The connection from a displaying computer to the cluster is managed by a dedicated Raspberry Pi and realized via IEEE 802.11 wireless protocol with WPA2 password authentication. The managing Raspberry Pi then redirects incoming Wi-Fi connections via Ethernet, if requested, to any of the Raspberry Pi computers. When connected to the demo setup, the effect of DoS attacks on the implemented control algorithm’s performance can be displayed and evaluated on any connected device.