ABSTRACT Grid‐connected microgrids enhance reliability by enabling islanded operation and integrating distributed energy resources, including solar and battery storage. The microgrid central controller (MGCC) optimises energy use and reduces costs, but its effectiveness depends on the underlying cyber‐physical system (CPS). Many microgrids are located in remote, lightly monitored areas and often utilise insecure DER communication protocols, such as DNP3 and SunSpec Modbus. This allows adversaries to tamper with signals such as state of charge, , or control commands, , disrupting MGCC optimisation and increasing grid power usage and operational costs. Therefore, understanding the cyber‐physical microgrid (CPM) architecture is crucial for developing effective detection and mitigation strategies. The main contributions of this paper are: (1) characterisation of the cost impact of cyberattacks on CPM aligned with NESCOR DER failure scenarios; (2) development of an online LSTM‐based multiclass anomaly detection system (LSTM‐ADS); and (3) integration of heuristic‐based mitigation mechanisms into an attack‐resilient control architecture. The proposed anomaly detection and mitigation system (ADMS) operates alongside the MGCC's optimisation logic to maintain near‐optimal performance during stealthy cyberattacks. A hardware‐in‐the‐loop (HIL) CPS testbed was utilised to evaluate ADMS, incorporating realistic DER protocols and a client‐server architecture that represent an actual microgrid deployment. The ADS achieved 99.97% detection accuracy in real time. Once an anomaly is detected, the mitigation approach maintains operational cost close to the optimal by tuning the control signal using heuristic estimates rather than compromised real‐time values confirming the framework's practical viability.
Saqib et al. (Thu,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: