MaDIoT 3.0: Assessment of Attacks to Distributed Energy Resources and Demand in a Power System

Abstract

The increasing penetration of Distributed Energy Resources (DER) expands the cyberattack surface of power systems. This paper analyses, using PowerFactory, the impact and success of MaDIoT 3.0 attacks in the PST-16 model, a simplified model of the European system. MaDIoT 3.0 attacks are a novel type of attack that manage to compromise both high-wattage IoT demand devices and DER devices at the same time. The results indicate that the inclusion of distributed solar PV generation in the PST-16 system reduces the success ratio and impact of load-altering MaDIoT attacks when compared to the same system without DER, mainly due to an increment of the initial voltages. For MaDIoT 3.0 attacks, the demand had a more significant influence on the attack’s success than DER in the PST-16 system. Distributing the attacked demand across more buses or targeting the demand from other areas would decrease the success ratio of the attack. Therefore, the local scalability and replicability of vulnerable high-wattage demand devices in the analysed system become more critical than their distributed deployment in larger areas.