Cyber-attacks in Cyber-Physical Microgrid Systems: A Comprehensive Review

1. Introduction

Microgrid, the new age power grid architecture, is gaining more attention from researchers and industry. The possibility of integrating renewable generations, electric vehicles, energy storage and distributed energy resources into the power grid and coupling them with effective communication links will improve the efficiency of the power grid [1]. Also, the microgrids are capable of powering the localized loads by operating in isolated mode [2].

With the aim of reducing carbon emissions, renewable energy generation is encouraged in the power sector, and the transportation sector is moving towards the electrification of vehicles. To achieve the sustainable development goals, by 2030, it is targeted to integrate $8000GW$ of renewables compared to $2800GW$ at present. By 2025 at least 100 countries should be targeting 100% working with renewable generation. At present Norway stands first in renewable power integration with 99%, Newzealand $\left(81\%\right)$ , Brazil $\left(79\%\right)$, Colombia $\left(74\%\right)$, Canada $\left(68\%\right)$, Sweden $\left(67\%\right)$, Portugal $\left(65.5\%\right)$ and saudi arabia with least integration of $\left(0.1\%\right)$.

The renewable energy share globally increased from 26.30% to 28.1%from 2020 to 2021. It is observed that 17% of the global $C{O}_2$ emissions are due to the transport sector; the global EV market is receiving huge support, which leads to over 16.5 million EVs on the road. By 2030, 2% of the global electrical demand is expected to be due to EVs. Therefore microgrid is the best alternative for the conventional grid in terms of grid integration with RES and EVs [3], the variety of sources and loads that can be integrated into a microgrid is shown in Figure 1.

With a variety of intermittent distributed energy resources, the information of load availability and demand on the grid should be continuously monitored and communicated to the controller for effective operation and control. The communication network is established based on the OSI model, TCP/IP model, EAP protocol and microgrid communication [4,5]. Figure 2 denotes the different protocol structures. The development of IoT devices and architectures makes it viable to utilise the services of smart meters, smart health, smart transport and smart grid [6]. IoT architecture is preferred on the demand side, whereas the EPA model is implemented on the supply side.

The battlegrounds between the countries have constantly been shifting. Intruding their cyberspace and attacking the communication channels of the enemy, thereby interrupting their information transfer, is the war strategy followed in the near future. This kind of war strategy is termed cyber warfare [7], and even the strongest and most developed countries are vulnerable to this strategy.

To overcome this, countries are focusing on building cyber security and creating cyber awareness [8,9,10]. According to the crunch base cyber security report [11], over a decade, there has been an almost 700% increase towards cyber security funding. USA holds the king share of 76% in global cyber security funding and Israel and the UK stand next with 13% and 3%, all the other countries accounting for 8%. There are seven different types of attacks as shown in Figure 3 where an attacker can create havoc in the country.

Espionage is a form of gentle cyber attack, where an attacking country tries to monitor and steal sensitive information by phishing attacks or botnets [12]. Sabotage attacks or cyber sabotage deliberately destroy critical infrastructure by introducing a malfunction into the system [13]. These attacks are frequently observed, introducing a software update bug. Flooding the communication channel with multiple requests causing the channel to be irresponsive to legitimate users, is defined as a denial of service attack [14]. This attack is dangerous and causes communication delays or interruptions, affecting military bodies and research bodies. Cyber attack on power grids is the most dangerous and impactful phenomenon. It can cause interruption information sharing, cause disruption in critical services and cause huge economic losses [15].

Propaganda attacks are largely used to influence the audience and their perspective by spreading false news that makes people lose faith and create agitations in the country; these kinds of attacks look simple but effective [16]. Economic disruption attacks target the economic pillars of the country; these attacks try to take down the financial systems like the stock market and the banking sector by stealing money or blocking people to access the funds available [17]. Surprise attacks are performed to create a massive impact in less time, weakening the country’s defence systems.

2. Real-World Cyber Attack Scenarios

The most notable and successful cyber-attack was the 2010 Iran nuclear plant attack; this attack targeted the PLCs in the nuclear plant. Stuxnet virus introduced for this attack has its impact on 2,00,000 computers and nearly caused damage to 1000 machines [18]. 2012 Aramco cyber-attack uses shamoon virus; this attack is intended to delete some confidential files in the Aramco workstations. 30,000 Saudi Aramco workstations are affected by this attack [19].

The best examples of cyber warfare are the attacks that took place in the context of the Russia-Ukraine war. These cyber-attacks have made the world realise the importance of cyber security. 2015 cyber-attack on Ukraine’s power grid has caused a blackout and led to a power outage for 2, 30,000 people [20]. The attack group known as Sandworm used black energy 3 malware to compromise the information systems of energy distribution companies [21]. Spear phishing [22] method is used to implement the attack. Followed by the 2015 attack, in less than a year, one more attack was targeted by Russia towards Ukraine’s capital Kyiv. Industroyer malware [23] used this attack maloperate the protective relays, where the data packets of the relays are diverted to the wrong IP address. This attack caused a blackout for 1 hr.

One of the biggest cyber-attacks on oil resources took place in the US on 7 May 2021. This ransomware cyber-attack has halted the working of oil pipelines in nearly 17 states of the USA. Darkside malware is used in this attack [24]. A similar attack happened in Iran in 2021, where 4300 gas stations could not process the payment. The 2021 Natanz cyber-attack is one more example of cyber warfare, where it is speculated that Israel is responsible for the attack on nuclear power plant as a part of the Iran and Israel war [25].

These cyber-attacks on the cyber-physical systems are implemented by accessing the information from the communication links. Depending on the protocol used for communication, there are possible different attacks that are shown in Figure 4

3. DC Microgrid Control and Architecture

DC microgrid, an example of a cyber-physical system, is considered to examine the communication in CPS and the possibility of cyber-attacks in communication links. Figure 5 shows the control architecture of the distributed control DC microgrid [26,27]. This architecture consists of three nodes, which communicate with neighbouring nodes. There are two control layers: the primary control layer and the secondary control layer. The sensor value information from the neighbouring converters is transferred to the particular converter through the secondary control layer. The received information is processed and passed through the control algorithm, and the control outputs are sent to the plant; the control outputs are sent to the plant through the primary layer communication [28]. The secondary and primary layers, which carry critical sensor information, are prone to cyber-attacks. The attack on the communication layers leads to the disruption in the control technique and causes the maloperation of the DC microgrid.

There are various cyber-attacks targeted towards CPS, the most prominent, frequent and effective cyber-attacks preferred by the attackers are false data injection (FDI) attacks, Man in the middle (MITM) attacks and Denial of service (DoS) attacks.

3.1. False Data Injection Attacks

The primary aim of false data injection attacks is to modify the sensor values transmitted through the communication links [29]. FDI attacks increase the computational burden on the controllers, cause revenue losses, mismanagement of control devices, and lead to load dysfunction and power imbalance. Adversary targets the vulnerabilities in the communication links and injects false data into the existing sensor values using different injection techniques. Structured query language (SQL) injection and cross-site scripting attacks are the most common and popular. In SQL injection attacks, the attacker tries to inject the commands that exploit the authenticity and authorization of the application [30]. The attacker can read, modify and delete the data using this injection technique. Cross-site scripting technique inserts malicious code into the web application; this attack tries to manage the cookies, hijack the sessions and change the user settings [31]. Some other types of injection techniques are code injection, command injection and CCS injection. Figure 6 represents the FDI attack on the sensor values.

Depending upon the knowledge and accessibility of the attacker, FDI attacks are further classified into two types, internal FDI attacks and external FDI attacks. If the attacker possesses complete knowledge of the system and has access to the critical infrastructure, the FDI attack in this scenario is considered an internal FDI attack. Internal FDI attacks are considered as most effective and dangerous attacks. As the attacker is aware of the system working, FDI attacks designed are more constructive and stealthy, which makes it difficult to identify. External FDI attacks are performed by the external agent who has mere knowledge of the system working; in this scenario, the attacker completely depends on the vulnerabilities in the communication network.

3.2. Man in the Middle Attack

In man in a middle attack, the attacker tries to steal the information between two parties that should be secure and private. A man-in-the-middle attack has two steps, step 1 is intruding into the communication channel or intercepting the data traffic, and step 2 is decrypting the information that is transmitted through the channel [32] as shown in Figure 7. The motive for a MITM attack can be anything, such as stealing the authorized parties’ identity, modifying the parties’ login credentials, taking control of financial transactions, etc.

There are certain methods through which attacker tries to intrude into the network. IP spoofing [33], ARP spoofing [34] and DNS spoofing [35]. In IP spoofing, the attacker who stands in the middle of the communication between the authorized parties, the attacker spoofs the IP address of the sender and receiver. For the sender, the attacker spoofs the IP address of the receiver, and he appears as the receiver to the sender and vice versa, making the operation look legitimate. ARP is the address resolution protocol used to map the device’s IP address into the MAC address.

When an ARP request is sent by one device, an ARP response is obtained by the device matching the request, these responses and requests are formed as an ARP cache. When the attacker gets access to the ARP cache, the attacker tries to match his MAC address with the device’s IP address in the network. This makes the attacker to access the data transfer between the parties. DNS spoofing is the type of attack technique in which the user is directed to the fake account intended by the attacker; this happens due to the altered domain names in the server. When the user tries to enter confidential information such as login credentials, the information gets stolen by the attacker.

After intruding into the network by using any of the methods mentioned above, the attacker should find a way to decrypt the messages transmitted between the parties. HTTPS spoofing, SSL hijacking, SSL stripping and SSL beast are the methods often used to decrypt the messages [36].

3.3. Denial of Service Attack

A denial of service attack aims to make the service unavailable to the authorized user by flooding the server with false requests [37,38]. This attack causes disruption in the availability factor in the CIA triad. CIA stands for confidentiality, integrity and availability; these are the guidelines and policies followed to ensure information security. Disruption in any one of the factors indicates a cyber-attack on the system. However Dos attack doesn’t cause a breach of confidentiality or integrity, but it causes a loss of time and computational resources. Attackers often aim DoS to halt the system’s performance and cause financial losses. Sometimes this attack is also performed to expose the vulnerability of the system. DoS attack is pictorially represented in Figure 8, where an attacker gains access to multiple devices and floods the server with requests.

DoS attack is distinguished based on the point of attack in the communication system. If the attack targets a specific application, it is defined as an application layer attack. In this attack, the application is flooded with multiple HTTP requests; this attack is measured in requests per second (RPS). If a DoS attack is performed by exploiting the vulnerabilities in communication protocols, it is defined as a network layer attack; this attack disrupts the entire network and is measured in bits per second (BPS). Finally, the most common form of DoS attack is the volumetric attack, which targets the bandwidth of the communication channel. The bandwidth of the communication channel is flooded, creating congestion in network traffic; this attack is measured in BPS. Different techniques for implementing DoS attacks are SYN scan, smurf attack, teardrop attack, ARP attack and Fraggle attack. Another variant of the DoS attack is the distributed denial of service (DDoS) attack [39]. In this attack, a group of devices are used to attack the network, whereas in the DoS attack attacker uses a single device.

4. Defense Mechanisms

To address cyber-attacks, every organisation or system follows some basic security measures. User authentications, Firewall [40], Anti-virus, data encryption and Cryptography are the basic security measure implemented, but these security systems are not strong enough to address the present cyber-attacks that are rapidly evolving and innovative. Intrusion detection systems (IDS) and Intrusion prevention systems are used in addition to the basic security measures. IDS monitors the information flow in the network continuously and detects the attack packets [41,42]. IDS is classified into network intrusion detection system (NIDS) and host intrusion detection system (HIDS). NIDS is a software-defined system it monitors, captures and analyses network traffic. It detects malicious data packets by comparing them with the already known attack patterns. But the operation of NIDS is very difficult in busy and complex networks. HIDS is a host-based system installed on individual devices; it monitors the information received on the particular device and generates alerts for any malicious packets found. Depending on the operation, IDS is classified into signature-based IDS [43], and anomaly-based IDS [44].

Signature-based IDS works on detecting the patterns in the data packets. Signature IDS searches the database for attack patterns; if there is any similarity with the attack patterns, it sends an alert. The drawback of the system is it detects only known attack patterns, and there is a possibility of false negatives for new and unknown attacks. Anomaly-based IDS monitors the deviation from the normal, and a confidence interval creates a boundary that it marks as an anomaly. The disadvantage of this method is the high possibility of false positives for policy changes and new authentic intrusions. Hybrid IDS is introduced to overcome the disadvantage of the signature and anomaly-based IDS, which uses both techniques. Signature-based IDS detects known attacks, and anomaly-based IDS detects unknown attacks. Intrusion prevention system (IPS) is the extension of IDS, which not only detects intrusions but is also capable of blocking malicious data from entering the network [45].

4.1. Artificial Intelligence for Cyber Security

AI’s broad scope and capabilities made it possible to penetrate various fields. Cyber security is also enhanced with the application of AI into it [46]. There are different levels of algorithms applied in cyber security, and with the increase in complexities of real-world systems, AI has also evolved.

Initially, basic machine learning algorithms, also called shallow models, are used for cyber security, later deep learning techniques are introduced that are capable of dealing with complex networks, and further reinforcement learning methods are proposed that are futuristic and claimed to be self-learning methods. Figure 9 gives the classification of various ML models used for cyber security.

Machine learning models, referred to as shallow models, are further classified into supervised learning and unsupervised learning based on their learning procedure. In unsupervised learning, the classified outputs are formed into clusters; these algorithms mostly depend on the internal pattern of the data. The k-means algorithm is used to detect malicious entries into the network [47]; the k-means algorithm groups the unlabelled data into clusters. The value of K indicates the no.of clusters. This technique divides the data into different groups, which gives insights for data analysis about unknown and known attack patterns. Sequential pattern mining [48], a subset of data mining, is also a data analytic method that gives the knowledge of the attack patterns; this method will send an alert if any malicious activity or abnormal activity is registered. Another data mining method used to detect web intrusion is the apriori algorithm [49]; the apriori method that runs on the specific rule set will keep track of frequently occurring data patterns and indicate if any new pattern is detected.

Supervised learning methods are already specified with the class labels to verify model classification or predictions. The k-nearest neighbours (KNN) method is used to classify the incoming entry as normal or malicious entry [50]. Naïve Bayes is a statistical method that uses a probabilistic method based on the Bayesian theory; the probability of a field prone to attack can be calculated [51]. Support vector machine (SVM) is a classification method that separates the intrusions and normal entries from the dataset. SVM uses a kernel that facilitates the classification of even complex and nonlinear data; SVMs can transform the data into the next dimension if the decision boundary cannot be determined in this dimension [52]. Decision trees and random forests are tree-based classifiers [53]. Based on the training data, a tree-like structure is created in a decision tree, predictions can be made based on the tree’s structure, and any unknown entities can be sorted out [54,55]. The random forest also follows a similar method, but instead of a single tree, a large group of trees are created, and the final structure of the tree for classification is decided by voting process[56,57,58].

Deep learning (DL) models are designed to handle complex and non-linear systems; DL models are considered superior to ML models in system handling capability. The architecture of DL models also differs from ML models; there is no fixed algorithm for this model [59]. DL model consists of neurons placed in different layers; the working of neurons in the DL model is inspired by the working of the human brain, and neurons of each layer are interconnected. Information transmits from the input layer to the output through multiple hidden layers. DL model consists of two stages, the training state and the testing stage. The training stage consists of the modification of weights for each connection during multiple iterations; this process makes the DL model learn the patterns of the data feeding to the network.

Later the efficiency of the trained model is tested on the testing data. Deep neural networks (DNN) have the structure discussed above with multiple hidden layers, an increase in the depth of the network gives the model the ability to classify the nonlinear data [60,61]. Convolution neural networks (CNN) is widely used for image classification, the data to be classified is converted into image format, and the malicious data is identified [62,63]. Recurrent neural networks (RNN) are used for time series data; this network model predicts the occurrence of the next data sample based on the previous output and the present inputs [64]. But this model suffers from memory issues; often the outliers and extreme cases are considered as the attack vectors.

To overcome this, the models like Long-Short Term Memory (LSTM) and Gated Recurrent Unit (GRU) are introduced that contain the memory element, and the network architecture also differs from the classical RNN [65]. Generative adversarial networks (GaN) and autoencoders are unsupervised techniques in deep learning where the outputs are not specified. The GaN model consists of two networks, namely the generator and discriminator. The generator takes the input data sample and generates a sample of data; the generated sample is compared with the training data or real sample using a discriminator. Discriminator, after comparison, decides whether the incoming data sample is real or fake [66,67]. Autoencoders is a neural network architecture, and this technique often uses for video and image classification [68]. The input data is compressed to the lower dimension called as latent space; the latent space consists of data containing the most prominent features. From the latent space, the auto-encoder tries to recreate the input data at the output; by comparing the output of the autoencoder, normal and fake data are classified. During the training phase, autoencoders are trained to recreate the input near the output; higher variation in the output and input indicates the attacked data.

Reinforcement learning is the advanced and futuristic architecture proposed to practice self-learning [69]. RL, also known as reward-based learning, works on the reward obtained by the action it performed in the previous iteration. The agent is present in a customized environment with predefined rules, goals and reward criteria. The model reaching the goal with high reward points is considered the optimized model; RL model continuously updates its decision-making or policy based on the rewards.

Popular real-time datasets like KDD99 and DARPA are considered to evaluate the deep learning and machine learning algorithms’ performance. Initially, machine learning algorithms are implemented on the KDD99 dataset and the performance obtained is as follows naïve bayes with 97% accuracy [70], SVM with 93% accuracy [71], Decision tree with 94.3% accuracy [72], Random forest with 99% accuracy [73] and Deep belief networks with 96.5%[74]. Further, the same KDD99 dataset is classified using deep learning models, and performance is as follows, GRU with 98.64%[75], CNN-LSTM with 99.7% [76,77,78].

5. Case Study of Stealth Fdi Attack on DC-DC Converter

From the looming threat of cyber attacks, researchers and engineers have built efficient detection and mitigation strategies to protect the CPS from attackers [79]. But the covert attack strategy implemented by attackers makes it difficult to find the presence of the attack in the system. The adversary tries to mimic the system’s behaviour and tries to hide the effect of the attack reaching the controller; this makes the controller assume normal operation. These attack types demand the adversary to know the system working, making it even more difficult to detect and mitigate. This article proposes a strategy to detect and mitigate the covert attack on the DC-DC converter, the major component in the CPS, like microgrids and smart grids.

Covert attacks or stealth attacks are studied in literature based on the type of attack and their criticality. In [80], authors discussed the stealth attack and their effects on the critical infrastructure; a taxonomy is proposed to discuss the risk possessed by the stealth attack at each stage of the system. Stealthy covert attacks in cyber-physical systems are discussed in [81], where it discusses modelling different types of stealth attacks from an adversary perspective. The decoupling method and zero dynamics methods are discussed, which makes attacks completely stealthy. In [82], a steal attack methodology for a smart grid is proposed in which the attack detection probability is reduced by minimizing the Kulback Leibler (KL) divergence. The KL divergence term is reduced by obtaining a proper tradeoff between the loss of mutual information and the reduction in attack detection. An attack index is introduced in [83] to detect the stealth attack on current sensor information in distributed controlled DC Microgrid. In [84] a man-in-the-middle stealth attack is performed on battery energy storage systems with the help of an artificial neural network. Two ANNs are used, one to estimate the power of BESS and the other to estimate the state of charge of the BESS for the adversary. The above-discussed literature discusses the effective implementation of stealth attacks with various techniques, and some detection mechanisms are proposed. This article performs a false data injection-based stealth attack on the artificial intelligence-controlled DC-DC converter.

5.1. Proposed Methodology

The criticality and the level of stealthiness of the covert attacks depend on the knowledge of the adversary. If the adversary has complete knowledge and access to the system, the attack is very dangerous, but this is usually not the case. An adversary will have limited knowledge of the system and tries to attack the nodes which are more vulnerable and critical to the system, but not every node. This type of attack is referred to in the literature as local covert attacks. The impact of a local covert attack depends on the amount of stealthiness in the attack.

The proposed DC-DC converter contains an input voltage sensor ($V_{in}$), an output voltage sensor ($V_o$), an input current sensor ($I_{in}$) and the output current sensor ($I_o$). These sensor values are fed to the controller through the communication channel. An adversary who is located in the communication layer tries to gain access to the output variables. As shown in Figure 10, the controller receives the plant input variables ($V_{in}$, $I_{in}$) and plant output variables ($V_o$, $I_o$).

5.1.1. Modelling of Stealth Local Covert Fdi Attack (Slca-Fdia)

Adversary tends to inject FDI attacks on the plant output sensors and finely tune their action, so detecting the attack is difficult for the protection devices. Stealth local covert attack is modelled such that the adversary has partial writing access to the output variables and partial writing access to the control inputs. The adversary designs the plant model $B_a\left(s\right)$ that is similar to the actual plant model $B\left(s\right)$. The modified output vector and the control input vector after the SLCA are shown in (1) and (2).

$$y^{\ast }\left(t\right)=\left[\begin{array}{c}{V}_o\left(t\right)\\ I_o\left(t\right)\end{array}\right]\to \left[\begin{array}{c}{V}_o\left(t\right)-V_a\left(t\right)\\ I_o\left(t\right)\end{array}\right]$$

(1)

$$D^{\ast }=\left[\begin{array}{c}{D}_1\\ D_2\end{array}\right]\to \left[\begin{array}{c}{D}_1+D_a\\ D_2\end{array}\right]$$

(2)

If there is no SLCA on the converter i.e. $D_a$=0 the output vector is given as (3)

$$y^{\ast }\left(t\right)=\left[\begin{array}{cc}{B}_{11}& B_{12}\\ B_{21}& B_{22}\end{array}\right]\left[\begin{array}{c}{D}_1\\ D_2\end{array}\right]$$

(3)

$B_{11}$, $B_{12}$, $B_{21}$ and $B_{22}$ are the plant transfer function matrices If there is SLCA on the converter I.e. $D_a$≠ 0 the output vector is given as (4) and (5).

$$y_s^{\ast }\left(t\right)=\left[\begin{array}{cc}{B}_{11}& B_{12}\\ B_{21}& B_{22}\end{array}\right]\left[\begin{array}{c}{D}_1+D_a\\ D_2\end{array}\right]-\left[\begin{array}{c}{V}_a\left(t\right)\\ 0\end{array}\right]$$

(4)

$$y_s^{\ast }\left(t\right)=\left[\begin{array}{c}{y}^{\ast }\left(t\right)+B_{11}{D}_a-V_a\left(t\right)\\ y^{\ast }\left(t\right)+B_{21}{D}_a\end{array}\right]$$

(5)

For an attack to be completely stealthy

$$\begin{array}{c}{B}_{21}{D}_a=0\\ and{B}_{11}{D}_a=V_a\left(t\right)\end{array}$$

(6)

(6) indicates that the adversary plant design should be such that the attack should not propagate to the controller.

5.1.2. Deep Learning Controller Design

An artificial neural network-based controller using deep learning is designed to control the DC-DC converter and detect and mitigate the SLCA. The proposed SLCA mitigation controller consists of two controllers a voltage controller and a current controller. Voltage Controller is the deep learning controller taking the inputs as $V_{in}$, $V_o$ and $V_{ref}$, giving the output as duty $D_1$. Similarly, the current controller also consists of a deep learning controller with inputs as $I_{in}$ and $I_o$, giving the output as duty $D_2$.

A stepwise detailed explanation of deep learning workflow is given below:

• A set of training examples $d_t$ is collected.
• Design the deep learning model architecture by determining the hyperparameters such as the number of hidden layers, the number of hidden neurons in each layer and the learning rate.
• Initialization of weights and biases.
• Determining the training parameters of the model such as activation function, optimizer and loss function.
• Train the model with training data.
• Evaluate the deep learning model with testing data.
• Deploy the trained deep learning model.

A generalised working model of the deep neural network is explained below. A set of training samples of $d_t$ is considered. After applying the random search algorithm using the Keras tuner, the structure of the neural network with $x_n$ input nodes and 2 hidden layers ${\alpha }_i^1,{\alpha }_i^2$ and output node $\widehat{y}$ is considered. Each hidden layer consists of 10 neurons each, and the learning rate ($\eta$) 0.1 is taken for training the deep learning model. To initialize the weights ad biases, Xavier uniform method is implemented and its mathematical representation is given in (7).

$$w_{i,j}\sim U\left[\frac{-\sqrt{6}}{\sqrt{n_{in}+n_{out}}},\frac{\sqrt{6}}{\sqrt{n_{in}+n_{out}}}\right]$$

(7)

$n_{in}$ are the no.of input connections to the neuron and $n_{out}$ are the no.of output connections of the neuron. Root mean square, as shown in (8), is the evaluation metric considered for model training as well as evaluation.

$$RMSE={\left[\frac{1}{2d_t}\sum _{i=1}^{d_t}{\left|\widehat{y}-y\right|}^2\right]}^{\frac{1}{2}}$$

(8)

Various combinations of training parameters are applied to the deep learning model to finalize the best fit for the model. RMSE is the evaluation metric used for training parameter optimization. The sigmoid activation function with Adam optimizer run for 100 epochs gives the desirable RMSE value. The deep learning model’s training process is shown below in (9)-(11).

$$\begin{array}{c}{\varphi }_1={\omega }^1\ast x+{\beta }^1\\ {\alpha }^1=f\left({\varphi }_1\right)\end{array}$$

(9)

$$\begin{array}{c}{\varphi }_2={\omega }^2\ast {\alpha }^1+{\beta }^2\\ {\alpha }^2=f\left({\varphi }_2\right)\end{array}$$

(10)

$$\begin{array}{c}{\varphi }_3={\omega }^3\ast {\alpha }^2+{\beta }^3\\ {\alpha }^3=f\left({\varphi }_3\right)=\widehat{y}\end{array}$$

(11)

Here $\varphi$ denotes the weighted sum of inputs and bias, $\alpha$ denotes the output of the neuron, f denotes the activation function. The training process continues until the error value converges to the performance goal specified or the model reaches the specified epochs.

In this article, it is considered that the adversary is attacking the duty $D_1$ obtained from the voltage controller, and to make the attack stealthy, the output voltage of the plant is modified to remove the effect of FDI attack on the control input.

5.1.3. Detection and Mitigation of SLCA-FDIA

The decision block is placed before the plant, where it takes the control inputs generated from the controller. If there is no SLCA, the decision block receives D1 and D2. If there is SLCA the decision block recieves $D_1^{\ast }$ and $D_2$. In the decision block, the control logic is built to detect and mitigate the FDI attack. The duty D1 is compared with $D_2$ with some threshold value $\epsilon$, $\epsilon$ value accounts for small noises and errors that occurred controller. It is made sure that the $\epsilon$ value will not destabilize the system. (12) denotes the decision block logic.

$$D_2-ϵ<D_1<D_2+ϵ$$

(12)

During no SLCA $D_1^{\ast }$ = $D_1$ and the condition (12) satisfies if there is SLCA $D_1^{\ast }$ > $D_1$ and the condition (12) fails. If (12) fails it indicates the attack on the voltage controller input, during this case $D_2$ is sent as the control input to the plant. In normal scenarios if (12) satisfies, $D_1$ is considered as the control input.

5.2. Simulation Results

The proposed methodology for detection and mitigation of stealthy local covert FDI attacks is primarily implemented in MATLAB Simulink and further evaluated using a real-time hardware setup. DC-DC buck converter is simulated in MATLAB 2022a, and control logic is designed using a deep learning toolbox. DC-DC converter specifications are given in the Table 1

Deep learning controller taking the plant input variables $V_{in}$ and $I_{in}$, plant output variables $V_o$ and Io as its inputs provides the output $D_1$ and $D_2$. During no attack condition, the DL controller output is shown in Figure 11 , where the input voltage is given as 50 V, and the reference voltage considered as 25 V. Output duty generated by both the voltage controller and the current controller is 0.5.

An FDI attack is performed on the output of the voltage controller before reaching the decision block. False data $D_a$ is injected into the voltage controller output $D_1$. Figure 12 shows the voltage controller output, and current controller output, at 0.25 s false data of 0.2 is injected. It is seen that the output of the current controller is not affected by the FDI attack on the voltage controller output; it is constant at 0.5, whereas the voltage controller output is increased to 0.7.

Figure 13 shows the attack on voltage controller duty, Figure 13(a) indicates voltage controller duty, Figure 13(b) indicates the FDI attack on the duty at 0.25s. Figure 13(c) shows the final duty $D_1^{\ast }$ sent to the decision block.

After performing the FDI attack on the voltage controller output adversary tries to hide the attack by performing a stealth local covert attack and making the controller assume it is a normal operating condition. Figure 14(a) shows the output voltage of the converter at 2.5 s; when the FDI attack is made, an increase in output voltage is observed from 25 V to 35 V. To hide this attack, -10 V, a calculated value from the adversary plant model, is added to the output voltage at 2.5 s, as shown in Figure 14(b). It is observed from Figure 14(c) that the controller receives an unattacked and steady-state reference value of 25 V.

To overcome the SLCA of an FDI attack, the generated control inputs are passed through the decision block. As shown in Figure 15(a), the attacked voltage controller output and current controller output are passed through the decision block. The decision block gives the output of 0.5, as shown in Figure 15(b), the final duty, which is the current controller output that corresponds to the reference voltage. The duty received from the decision block is given to the DC-DC buck converter to obtain the reference value of 25 V.

5.2.1. FDI Attack on Output Voltage Sensor

In this case, the performance of the proposed algorithm is evaluated when there is an FDI attack on the output voltage sensor. Figure 16(a) shows the FDI attack on the output voltage sensor, where the adversary tries to manipulate the sensor data by changing the values from 25 V to 35 V at 0.22 s, 35 V to 40 V at 0.41 s, 40 V to 45 V at 0.62 s, 45 V to 35 V at 0.73 s and back to 25 V at 0.85 s. During all these sensor data manipulations, the actual output voltage of the converter remains stable at the reference value.

5.2.2. FDI Attack on Input Voltage Sensor

FDI attack is performed on the input voltage sensor by injecting the false data into the sensor values. Input voltage is changed from 50 V to 65 V at 0.35s and back to 50 V at 0.7s as shown in Figure 17(a). The designed control scheme efficiently mitigates the attack and maintains the output voltage constant at a reference value of 25 V as shown in Figure 17(b).

5.2.3. FDI Attack on Input Voltage Sensor and Stealth Attack

In this case, a complex scenario, where the adversary tries to perform a stealth FDI attack on the voltage controller output and an FDI attack on the input voltage sensor is considered. The robustness of the designed control mechanism is verified by implementing both attacks simultaneously. From Figure 18(a) it is observed that the $D_1$ is manipulated by injecting false data and changing the value from 0.5 to 0.39 at 0.35 s, 0.39 to 0.6 at 0.5 s and finally settling to 0.7 at 0.7 s. At the same time, the input voltage sensor data is also falsified by changing the value from 50 V to 65 V at 0.35 s and back to 50 V at 0.7 s as shown in Figure 18(b). Figure 18(c) shows the output voltage of the converter which remains unchanged and maintained at a reference level of 25 V. This shows that the designed control scheme is effectively designed to handle multiple attacks with a wide range of false data values.

5.3. Hardware Implementation

To test the applicability and accuracy of the proposed control scheme in real-world scenarios, a real-time hardware setup is built in a laboratory environment as shown in Figure 19

Initially, the designed control scheme’s ability to control the DC-DC buck converter is analysed. The converter’s reference voltage is varied from 25 V to 35 V, Figure 20(a) shows the change in the pulse width corresponding to the change in output of the control algorithm. From Figure 20(b), it is observed that the converter’s output voltage is changing from 25 V to 35 V, and it takes approximately 10 $ms$ for the transition.

Figure 21) gives information on the control inputs generated from the controller and the FDI attack on the voltage controller output. Figure 21(a) shows the pulses generated from the duty obtained from the voltage controller. When the adversary performs the FDI attack on the voltage controller data, the pulse width changes as shown in Figure 21(b), and an attacked duty of 0.2 is injected. Figure 21(c) denotes the duty generated from the current controller; it is observed that the voltage duty and current duty are the same.

The performance of the designed control algorithm during the SLCA of the FDIA attack can be observed in Figure 22. Figure 22(a) gives the output voltage controller duty and Figure 22(b) shows the FDI attack. Even though a stealth attack is performed by manipulating the output voltage sensor before reaching the controller, the proposed technique mitigates the attack. Figure 22(c) shows the output voltage of the converter which Is the desired reference value.

6. Conclusion

In this article, cyber-attacks on cyber-physical systems and their detection and mitigation methods using deep learning are discussed in detail. The importance of cyber security is discussed in the context of cyber warfare, and a brief discussion on cyber warfare methods is performed. Multiple cyber-attacks to which cyber-physical systems are most vulnerable are discussed in detail. Most common defence mechanisms implemented in network security are examined, and their inability to handle present-day cyberattacks is observed. The advanced and new-age detection techniques for cyber security and artificial intelligence-based cyber security are discussed elaborately, and different methods used in detecting the attacks and their success rates towards attack detection are analysed. A real-time case study is implemented on a DC-DC converter using deep learning to detect and mitigate stealthy false data injection attacks. Further, AI techniques can be implemented on the most complicated CPS for mitigating different types of cyber attacks.