Attack and Defense Strategy of Distribution Network Cyber-Physical System Considering EV Source-Charge Bidirectionality

Abstract

In the last few years, there has been an exponential increase in the penetration of electric vehicles (EVs) due to their eco-friendly nature and ability to support bidirectional energy exchanges with the power cyber-physical system. However, the existing research only proposes energy management in terms of vehicle-to-grid (V2G) support using fleets of EVs, which lacks research on EV attacks. Motivated by these facts, this paper first introduces a new data integrity attack strategy for a consistent energy management algorithm which considers electric vehicles as energy storage. In particular, we consider EV aggregators as energy storage with source-charge bidirectional characteristics. The attacker carefully constructs false information to manipulate aggregators to participate in scheduling and obtaining additional benefits on the premise of meeting the constraints of microgrid and various devices by attacking the consistent algorithm. Then, we propose a disturbance rejection control strategy combining privacy protection protocols and an isolation mechanism. We analyze the effectiveness of the proposed encryption mechanism and verify the feasibility of the isolation control algorithm by simulation and comparison.

1. Introduction

Facing the pressure of environmental protection and the shortage of fossil energy, electric vehicles have developed rapidly in recent years. Their electricity consumption behavior has caused certain changes in load, such as load volatility, increased randomness, and increased load peak–valley difference. The changes in the power grid have brought a certain impact to the operation of the power grid, so domestic and foreign scholars have carried out related research. Ref. [1] proposed a hierarchical and distributed optimization framework, which makes the electric vehicle management system (EVMS) a part of the distribution network management system, communicating with the electric vehicle aggregator that controls the electric vehicle charging load of the distribution network feeder, so that the grid load variance is minimized. Refs. [2,3,4,5] use electric vehicles as an aggregator [6] to participate in grid peak shaving, time-varying delay frequency modulation, charging planning, and optimal scheduling based on distributed location marginal pricing. Ref. [7] proposed an “aggregator-based hierarchical control mechanism” for secondary frequency regulation (SFR) using a fleet of EVs. EVs’ scheduling problem has been formulated to provide optimal SFR, while satisfying EVs’ energy demands under battery degradation constraints. However, there is no research from the perspective of attacking electric vehicle aggregators.

At the same time, with the widespread access to distributed power sources (including distributed generators (DG) and distributed energy stores (DES)) and the continuous development of smart grid construction, the distribution network has gradually become a kind of active, controllable and flexible active distribution network cyber-physical system (CPS) [8,9]. The development of active distribution network CPS’ not only improves the control ability of the power grid system, but also provides conditions for power infrastructure construction [10,11]. However, the perception and control layer constructed by smart devices is at a higher risk of network attacks [12,13], and distributed power sources (power generation and energy storage devices) used for economic dispatch and energy management will also be affected by the network. Attacks affect the stable operation of the system. Therefore, it is necessary to conduct research on offensive and defensive strategies for distributed power sources in the distribution network CPS to ensure system stability and enhance robustness. In particular, the data integrity attacks attempt to inject or modify data in network communications, thereby misleading the smart grid towards making wrong decisions. At this stage, there is research on data integrity attacks based on consensus algorithms, among which [14,15] introduced data integrity attacks on consensus-based economic scheduling algorithms. However, the attacks proposed above do not consider concealment to satisfy the balance of supply and demand, and are easy to detect.

Recently, the consensus algorithm has been used to solve the problems of the smart grid, such as load loss [16], economic dispatch, demand response, and plug-in electric vehicle charging planning [17]. The common purpose of these algorithms is to ensure that grid information is shared in a distributed manner through a consensus algorithm. Compared with the centralized control framework, the distributed control based on consistency has more development prospects when solving large-scale coordination. Figure 1 shows a smart grid architecture with an electric vehicle aggregator and consistency-based applications from a network-physical perspective. However, the existing consensus-based distributed control assumes honest communication between neighbors, and such assumptions are not completely consistent with practical applications.

In this article, we propose a distributed energy management model for distribution networks that considers the bidirectionality of the source and load of electric vehicles, and solve it based on a consensus algorithm. The attacker destroys the consistency algorithm by attacking EVs, which act as energy storage units. This type of attack increases the self-interest of the attacker while satisfying the constraints of the physical layer of the power grid by injecting false data into the electric vehicle aggregator [18]. Then, we propose a defense strategy for such collusion attacks. For such attacks, the traditional attack detection mechanism cannot effectively identify covert attacks [19]. What’s more, some scholars have presented a fog computing-enabled robust scheme to achieve smarter, secure, and stabilized energy management and defense against collusion attacks, using consensus and random encryption keys [20]. However, the communication cost is not considered, which is not in line with reality.

Therefore, in this article, we propose an isolation mechanism that joins the communication encryption protocol, through the system’s own communication encryption protection, to identify attacks and isolate them, and finally achieve the purpose of resisting non-collusive concealed network attacks. Figure 2 describes the overall process of the method.

The structure of this paper is as follows: Section 2 briefly describes the derivation process of the consensus algorithm. The new network attack for electric vehicles and the isolation control algorithm based on an encrypted communication protocol proposed by us are explained in Section 3 and Section 4 present the results and conclusions, respectively.

2. Methods

2.1. Consistency-Based Energy Management Algorithm

2.1.1. Problem Planning

Energy management is one of the most basic problems of the power system, which determines the stable operation point of the power grid and minimizes the cost of a certain condition (generation cost or energy loss). In this paper, we consider a microgrid consisting of a set of distributed generators denoted by $G\stackrel{\Delta }{=}\left\{g_1,g_2,\cdots g_g\right\}$, storage devices denoted by $B\stackrel{\Delta }{=}\left\{b_1,b_2,\cdots b_b\right\}$, and loads denoted by $L\stackrel{\Delta }{=}\left\{l_1,l_2,\cdots l_l\right\}$. The energy management problem is formulated as an offline optimization problem, to minimize the generation cost over the time horizon.

$$\min C(P_g(t),P_b(t))=\min {\displaystyle \sum _{t=1}^T(f(P_g(t))+g(P_b(t)))}$$

(1)

where $P_g(t)$ is the generation power of distributed generators at time step t, $P_b(t)$ is the exchange power of distributed energy storage equipment at time step t, $f(P_g(t))$ is the generation cost of distributed generators at time t, and $f(P_b(t))$ is the power exchange cost of distributed energy storage at time step t.

The specific form of the cost function is as follows:

$$f(P_g(t))=\rho (t)(\alpha P_g^2(t)+\beta P_g)$$

(2)

where $\alpha , \beta$ are the power generation cost parameters, $\rho (t)$ is the energy price at time step t.

$$g(P_b(t))=a\rho (t){(P_b^{}(t)+b)}^2$$

(3)

where $a,b$ are the energy storage power exchange cost parameters, $\rho (t)$ is the energy price at time step t. The constraints are as follows.

$$\forall t\in T,{\displaystyle \sum _{g\in G}{P}_g(t)}+{\displaystyle \sum _{b\in B}{P}_b(t)}=P_L$$

(4)

$$\forall t\in T,g\in G:P_{g,\min }(t)\le P_g(t)\le P_{g,\max }(t)$$

(5)

$$\forall t\in T,b\in B:-P_{ch,\max }^{}(t)\le P_b(t)\le P_{ds,\max }(t)$$

(6)

$$\begin{array}{l}\forall t\in T,b\in B:\\ E_b^{ini}-E_{b,\max }\le {\displaystyle \sum _{s=1}^t({\varsigma }^{ch}{\xi }_{t-1}^{ch}+\frac{1}{{\varsigma }^{ds}}{\xi }_{t-1}^{ds})P_b(s)\Delta t}\le E_b^{ini}-E_{b,\min }\end{array}$$

(7)

$$h(E_b^{ave})\le \rho {\displaystyle \sum _{\mathrm{g}\in \mathrm{G}}{\mathrm{P}}_{\mathrm{g}}}(t)$$

(8)

$${\xi }_{t-1}^{ch}+{\xi }_{t-1}^{ds}\le 1$$

(9)

Constraints include power balance constraints. Equation (4) states that at every time step, the power generation and load should be balanced, where $P_L$ is the given load of the grid; Generation power constraints, Equation (6) states that at every time step, the power/load commands should be within maximum and minimum limits defined by the device characteristics where $P_{g,\min }(t),P_{g,\max }(t)$ are the power limit of the generator, $P_{ch,\min },P_{ch,\max }$ are the maximum charging and discharging power of the energy storage device; energy capacity constraint (7) states that at every time step, the energy stored in the storage device should be within the maximum capacity limit $E_{b,\max }$ and minimum capacity limit $E_{b,\min }$ where ${\varsigma }^{\mathrm{ch}},{\varsigma }^{\mathrm{ds}}$ are the charge and discharge coefficient of energy storage equipment [21]; EV aggregator capacity constraints (8) states that the variable capacity of the whole EV aggregator is affected by the power commands where $h(E_b^{ave})$ is the continuous function with the capacity of a single EV as its independent variable, $\rho$ is the power proportion that the EV aggregator receives from the entire power grid; EV operating status constraint (9) states that the running states of the energy storage device at the corresponding time within the scheduling range are ${\varsigma }_{t-1}^{ch},{\varsigma }_{t-1}^{ds}\in \{0,1\}$.

Remark 1.

The capacity constraint (7) can be derived from the dynamic characteristics of energy storage equipment.

2.1.2. Distributed Algorithm Based on Consistency

Each distributed controller in Figure 1 continuously iterates its own state based on the consensus algorithm. In each iteration, the first distributed controller mainly performs the three functions shown in Figure 3 [22,23].

In order to solve the problems of distributed energy management (1)–(9), DDCA, a typical distributed method proposed in literature [23], is adopted in this paper to realize distributed energy connection management and optimal control of multiple agents in the form of complete distribution. The core idea is to design two sets of consistent protocols, one of which is used to update the estimated value of local power adaptation to balance supply and demand, and the other is used to update the incremental cost of the system to adjust the power generation of energy equipment. The consistency algorithm is as follows.

$${\lambda }_i^{k+1}(t)=M{\lambda }_i^k(t)+\eta \Delta P_i^k(t)$$

(10)

where $\lambda$ is the incremental cost vector of each energy equipment, $M$ is the random update matrix for rows, $\eta$ is the learning gain, used to adjust the convergence rate of the distributed algorithm.

$$P_i^{k+1}(t)=Z{\lambda }_i^{k+1}(t)+B{\mathrm{P}}_i^k(t)$$

(11)

where $P$ is the power generation vector of each energy equipment, $Z$ is the diagonal matrix composed of partial cost coefficients, $P$ is the partial derivative of the Lagrange function of Formulas (1)–(9).

$$\Delta P_i^{k+1}(t)=N\Delta P_i^k(t)-(P_i^{k+1}(t)-P_i^k(t))$$

(12)

where $\Delta P$ is the vector of the estimate of the local power adaptation, $N$ is the random update matrix of columns.

Remark 2

. By using the eigenvalue perturbation method, it has been proved that the distributed algorithm (10)–(12) based on consistency will converge to the optimal value.

$$\forall t\in T:\underset{k\to \infty }{\lim }{\lambda }_i^k(t)=={\lambda }^{*}(t),\underset{k\to \infty }{\lim }\Delta P_i^k(t)=0,\underset{k\to \infty }{\lim }\Delta P_i^k(t)=P_i^{*}(t)$$

(13)

2.1.3. Data Integrity Attack

In this paper, it is assumed that the attacker attacks the intelligent agent composed of electric vehicle aggregators in the communication network, so that maximizing the electricity profit of attacker U by charging and discharging during particular time steps while considering its physical limits realizes the maximum cost of the system.

$$\max {\displaystyle \sum _{t=1}^{T}a\rho (t){(P_{U,u}(t)+b)}^2}$$

(14)

$$\begin{array}{l}s.t.\forall t\in T,b\in B:\\ E_U^{ini}-E_{U,\max }\le \\ {\displaystyle \sum _{s=1}^t({\varsigma }^{ch}{\xi }_{t-1}^{ch}+\frac{1}{{\varsigma }^{ds}}{\xi }_{t-1}^{ds})P_{U,u}(s)\Delta t}\\ \le E_U^{ini}-E_{U,\min }\end{array}$$

(15)

$$\forall t\in T:P_{U,\min }\le P_{U,u}(t)\le P_{U,\max }$$

(16)

Remark 3.

From Equations (14)–(16), it can be seen that the attacker only needs to obtain the local information from neighbor agent of the target to achieve the attack, such as local capacity limitation and local power limitation. ($P_{U,u}(t)$ is the energy yield tampered by the attacker).

Considering the data integrity attack, the consistency algorithm is redefined as follows

$${\lambda }_i^{k+1}(t)=M{\lambda }_i^k(t)+\eta \Delta P_i^k(t)+{\mu }_i^{\lambda }(t)$$

(17)

$$P_i^{k+1}(t)={\mu }_i^x(t)$$

(18)

$$\Delta P_i^{k+1}(t)=N\Delta P_i^k(t)-(P_i^{k+1}(t)-P_i^k(t))+{\mu }_i^y(t)$$

(19)

where ${\mu }_i^x(t),{\mu }_i^y(t)\in N.$ This is especially so when the attack storage device i, ${\mu }_i^x(t)\equiv 0$.

Meanwhile, Formulaes (17)–(19) are redefined as follows

$$\left[\begin{array}{l}\lambda (k+1)\\ \\ \Delta P(k+1)\end{array}\right]=\left[\begin{array}{cc}M& \eta I\\ Z(I-M)& N-\eta Z\end{array}\right]\left[\begin{array}{l}\lambda (k)\\ \\ \Delta P(k)\end{array}\right]-\left[\begin{array}{l}0\\ \\ \Delta B(k)\end{array}\right]+\left[\begin{array}{l}{\mu }^{\lambda }(k)\\ \\ {\mu }^p(k)\end{array}\right]$$

(20)

where ${\mu }^{\lambda }$ is the false data vector injected by the attacker into the incremental cost of each node, and ${\mu }^p$ false data vector injected by the attacker to the estimate of local power deviation of each node.

The new data integrity attack proposed in this paper realizes a concealment attack by breaking two functions of a distributed controller. The attack process is shown in Figure 4.

As shown in Figure 4, the attacker injects a false attack vector to make the energy storage device in the system violate the iteration rule (10)–(12) and the attacked EV aggregator does not participate in grid dispatch. There are two main reasons why this new type of data integrity attack will not attract the attention of neighbors.

One reason is that $P_{U,u}(t)=0$ is reasonable for the distributed energy storage device being attacked, because when charging reaches the maximum, the energy storage device no longer participates in the power exchange of the grid. Secondly, the local decision information is only transmitted within the distributed controller and not disclosed to the neighbors, so that the neighbors do not notice the changes of $\Delta P_i^k$ and ${\lambda }_i^k$.

What’s more, because of ${\mu }_i^x(t),{\mu }_i^y(t)\in N$ attacker U could choose to limit the attacking magnitude by splitting the attacking effect into multiple iterations:

$$\begin{array}{l}\forall t\in T,k\in \Gamma ,\left|\Delta P_{U,u}^k(t)-\Delta P_M^k(t)\right|\le \epsilon \\ {\displaystyle \sum _{k\in \Gamma }{\displaystyle \sum _{j=1}^{N_M}{\omega }_{Mj}(\Delta P_{U,u}^k(t)-\Delta P_M^k(t))}}=P_{U,u}(t)\end{array}$$

(21)

where $\Gamma$ is a set of attacking iterations and $M$ stands for energy storage device. In each iteration, the false information is defined as

$$\forall t\in T,k\in \Gamma ,\Delta P_{U,u}^k(t)=\frac{P_{U,u}(t)}{\left|\Gamma \right|\cdot N_M\cdot {\omega }_{Mj}}+\Delta P_M^k(t)$$

(22)

When the injection attack is successful, the algorithm (13) converges to a stable point, but it is not optimal at this point. The convergence result is as follows:

$$\forall t\in T:\underset{k\to \infty }{\lim }{\lambda }_i^k(t)==\stackrel{\neg }{\lambda }(t),\underset{k\to \infty }{\lim }\Delta P_i^k(t)=0,\underset{k\to \infty }{\lim }{P}_i^k(t)=\stackrel{\neg }{P_i^{}}(t)$$

(23)

where ${\lambda }^{*}\ne \stackrel{\neg }{\lambda },P^{*}\ne \stackrel{\neg }{P}$, respectively represent the incremental cost corresponding to the algorithm convergence point and the unit generation under data integrity attack. In this case, the solution of the energy management problem does not correspond to the minimum operating cost of the system. The attack vector constructed by the attacker needs to satisfy Theorem 1, which is proved in Appendix A.

Theorem 1.

If there is a constant $\tau$ that satisfies the following conditions:

$${\displaystyle \sum _{k=0}^{\infty }\left|\stackrel{\neg }{{\mu }_i^{\lambda }}(k)\right|}\le \tau ,{\displaystyle \sum _{k=0}^{\infty }\left|\stackrel{\neg }{{\mu }_i^p}(k)\right|}\le \tau ,\forall i\in V$$

(24)

then economic dispatch (13) can achieve gradual convergence:

$$\forall t\in T:\underset{k\to \infty }{\lim }{\lambda }_i^k(t)==\stackrel{\neg }{\lambda }(t),\underset{k\to \infty }{\lim }\Delta P_i^k(t)=0,\underset{k\to \infty }{\lim }{P}_i^k(t)=\stackrel{\neg }{P_i^{}}(t)$$

(25)

2.2. Isolation Control Strategy Based on Privacy Protection Protocol

2.2.1. Privacy Protection Agreement

Since the execution of the energy management algorithm requires frequent exchange of updated information between various agents in the communication network, this will further increase the vulnerability of the system. On the other hand, the transmission of information in the network is usually unprotected, so the execution of distributed algorithms may also increase the risk of private information leakage (the communication between agents, as $\Delta P_i^k,{\lambda }_i^k$ shown in Figure 4). To solve this problem, we propose a privacy protection protocol as the first line of defense against attacks. We introduce noise items in distributed economic scheduling to cover up the iterative information transmitted between agents, so that attackers cannot directly obtain the true value of key information that affects economic scheduling.

Set the time-varying noise term vector $r^{\lambda }(k)$ and $r^p(k)$, and embed it in the distributed energy management algorithm, and rewrite it as follows:

$$\left[\begin{array}{l}\lambda (k+1)\\ \\ \Delta P(k+1)\end{array}\right]=\left[\begin{array}{cc}M& \eta I\\ Z(I-M)& N-\eta Z\end{array}\right]\left[\begin{array}{l}\lambda (k)\\ \\ \Delta P(k)\end{array}\right]-\left[\begin{array}{l}0\\ \\ \Delta B(k)\end{array}\right]+\left[\begin{array}{l}{r}^{\lambda }(k)\\ \\ r^p(k)\end{array}\right]$$

(26)

In fact, the embedded privacy protection protocol proposed here is essentially a special network attack; the difference is that the noise term proposed here comes from the inside of the system, which actively adds disturbance to the transmitted iterative information. Similar to (22), the disturbance vector here also needs to meet the following conditions:

$${\displaystyle \sum _{k=0}^{\infty }\left|\stackrel{}{r_i^{\lambda }}(k)\right|}\le \tau ,{\displaystyle \sum _{k=0}^{\infty }\left|\stackrel{}{r_i^p}(k)\right|}\le \tau ,{\displaystyle {\sum }_{j=0}^k{\displaystyle {\sum }_{i\in V}\stackrel{}{r_i^p}(j)=0}}$$

(27)

Theorem 2.

If there is a constant a that satisfies the condition (20), and the communication ology of the multi-agent maintains normal communication, the learning gain $\tau$ is small enough and each initial value satisfies ${\displaystyle {\sum }_{i\in v}\Delta P_i+P_i-P_{Li}}=0$, the algorithm converges to a stable point, and the convergence result satisfies the KKT condition, corresponding to the optimal solution of economic dispatch, which is ${\lambda }^k(t)\to {\lambda }^{*},P^k(t)\to P^{*},\Delta P^k(t)\to 0,where\begin{array}{c}\end{array}k\to \infty$.

Assume 1.

In addition to the noise item of the agent itself, the noise item of the neighbor is written into the memory of each agent. In a communication network, two agents are paired and the noise terms are negative of each other. To prevent protocol content from being stolen by attackers, the system periodically reallocates noise items. By combining with the robust control strategy below, the sum of all unit noise items of the system is 0 under any communication condition.

2.2.2. Attack Detection Algorithm

The detection of network attacks requires the introduction of the concept of observation of the sub-network. Inspired by the neighbor supervision mechanism in the literature [24], the observation sub-network is established on the basis of the communication network, which is essentially a derivative sub-network of the communication network. It is worth noting that the communication network further participates in economic dispatch by transmitting updated information during the execution of the distributed economic dispatch algorithm. Observations from the network are only used to transmit the detection results of network attacks and monitor the behavior of neighboring units. In short, the observed sub-network does not participate in the economic scheduling process. Figure 5 shows the observation subnet.

This article uses graph theory $G^{\prime }=\{V,E^{\prime }\}$ to model the topological structure of the observed network, where $E^{\prime }$ is the edge set representing the connected information in the observed network topology, which is determined by the connected information of the communication network topology. The specific definition of graph theory is as follows:

$$E^{\prime }=\{(i,j)\left|\forall j\in N_v^{-},\forall i\in N_v^{+},\forall v\in V\right.\}$$

(28)

where agent is represented as $v$, which represents any node in the communication network, $i$ is the inner neighbor of agent $v$, $j$ is the outer neighbor of agent $v$, the edge $(i,j)$ means that the agent $i$ and $j$ are connected and $j$ transmits information to $i$, which means that the outer neighbors of agent $v$ can directly exchange information with the inner neighbors.

For convenience, this article assumes $(i,i)\notin E^{\prime }$.

Take the agents $i,j,v$ as examples to describe the specific process of attack detection based on neighbor observation proposed in this article. The estimation rules are as follows:

$$\Delta P_v^{up}(k+1)={\displaystyle \sum _{l\in N_v^{+}}{Y}^{+}(\Delta P_i^{}(k))+\gamma (k,R)}$$

(29)

$$\Delta P_v^{low}(k+1)={\displaystyle \sum _{l\in N_v^{+}}{Y}^{-}(\Delta P_i^{}(k))-\gamma (k,R)}$$

(30)

Equations (29) and (30) represents the upper and lower bounds of the two estimated values of the local power adaptation of the agent $v$ at the next iteration, where $\gamma (k,R)$ is the set detection threshold function, which is determined by the number of iterations $k$ and parameter $R$, which represents the maximum value of the ramp rate of each capacity equipment in the network [24,25]. The threshold detection function satisfies $\gamma (k,R)\ge 0,l\underset{k\to \infty }{im}(k,R)=0$.

$${\lambda }_v^{up}(k+1)=\sigma {\displaystyle \sum _{l\in N_v^{+}-l_v^{\max }(k)}{\lambda }_l(k)}+\left[1-\sigma (\left|N_v^{+}\right|-\left|L_v^{\max }(k)\right|)\right]{\lambda }_v^{\max }(k)+\eta \Delta P_v(k)$$

(31)

$${\lambda }_v^{low}(k+1)=\sigma {\displaystyle \sum _{l\in N_v^{-}-l_v^{\min }(k)}{\lambda }_l(k)}+\left[1-\sigma (\left|N_v^{-}\right|-\left|L_v^{\min }(k)\right|)\right]{\lambda }_v^{\min }(k)+\eta \Delta P_v(k)$$

(32)

Equations (31) and (32) represents the upper and lower bounds of the cost increment of agent $v$ at the next iteration, where ${\lambda }_v^{\max }(k)=\max \{{\lambda }_l(k)\left|\forall l\in N_v^{+}\right.\}$,${\lambda }_v^{\min }(k)=\min \{{\lambda }_l(k)\left|\forall l\in N_v^{+}\right.\}$ and $L_v^{\max }(k)=\left\{l\left|{\lambda }_l(k)={\lambda }_v^{\max }(k)\right.\right\}$, $L_v^{\min }(k)=\left\{l\left|{\lambda }_l(k)={\lambda }_v^{\min }(k)\right.\right\}$. On the basis of the foregoing, the overall idea of the attack detection process is shown in Figure 6.

Remark 4.

In view of the computational burden and safety problems caused by the normal range of the calculated variables during the detection process, we have added a condition discrimination mechanism in the detection process. Equations (27) and (28) are satisfied and the test is normal before calculations (31) and (32).

2.2.3. Attack Isolation Algorithm

Different from non-collusion attacks, the data integrity attack proposed in this paper is a collusion attack mode. The detected anomalous agents are “infected” into the detected normal agents through some special protocols to ensure that these agents cannot be simply isolated. Obviously, such collusion attacks are more difficult to defend, and further isolation operations are required. The attack process is shown in Figure 7.

The attacked agent v sends a collusion request to its neighbor agent c, and the normal agents c and v form a collusive agent. At this time, even if c detects the abnormality of v, the corresponding isolation process will not be activated, as shown in Figure 7a. If the abnormal agent is always connected with the colluding agent, the wrong update information will spread throughout the network and disrupt the normal operation of the system. In response to this situation, we propose an isolation algorithm for collusion attacks as follows.

Define a counting rule to record the number of times the correct information is transmitted on the communication link $(v,i)$, the initial value is set to 0.

$$T_{iv}(k)=\left\{\begin{array}{l}{T}_{iv}(k-1)+1,d_v(k)=1,\\ T_{iv}(k-1)\begin{array}{c}\end{array},d_v(k)=0,\end{array}\right.$$

(33)

Define a reputation value auxiliary variable $re{p}_{iv}(k)$ to adapt to the distributed economic dispatch system; the calculation rules are as follows [20]:

$$re{p}_{iv}(k)=\frac{{\omega }_k{T}_{iv}(k)+1}{{\omega }_{k}k+1}$$

(34)

where ${\omega }_k$ is a time-varying reputation parameter, used to dynamically adjust the rate of adaptation, the reputation value is between [0, 1].

If an agent has been behaving normally, the reputation value will be 1; otherwise, the reputation value will drop from 1. The elements in the consistent update weight matrix M and N are related to the connection information of the edges in the communication network topology. It is assumed that the existence of a communication link in the communication network depends on the reputation value. Therefore, the change law of the elements in the M matrix is as follows:

$$m_{iv}(k)=\frac{{\left[re{p}_{iv}(k)\right]}_{re{p}_{iv}^{\prime }}^{+}}{{\displaystyle \sum _{l\in N_l^{+}}{\left[re{p}_{il}(k)\right]}_{re{p}_{iv}^{\prime }}^{+}}}$$

(35)

where $re{p}_{iv}^{\prime }$ is the threshold of reputation value $re{p}_{iv}(k)$, which is proportional to the weight of the edge in the communication network topology and satisfies the condition $\sigma (\left|N_i^{+}\right|-1)/(1-\sigma )\le re{p}_{iv}^{\prime }\le 1$.

Similarly, the changing law of elements in matrix N is as follows:

$$n_{vj}(k)=\frac{{\left[re{p}_{vj}(k)\right]}_{re{p}_{vj}^{\prime }}^{+}}{{\displaystyle \sum _{l\in N_j^{-}}{\left[re{p}_{lj}(k)\right]}_{re{p}_{lj}^{\prime }}^{-}}}$$

(36)

where $re{p}_{vj}^{\prime }$ is the threshold of reputation value $re{p}_{vj}(k)$, which is proportional to the weight of the edge in the communication network topology and satisfies the condition $\max \left\{{\rho }_{\min }(\left|N_j^{-}\right|-1)/(1-{\rho }_{\min }),(1-{\rho }_{\max })/{\rho }_{\max }(\left|N_j^{-}\right|-1)\right\}\le re{p}_{vj}^{\prime }\le 1$. The function ${\left[a\right]}_b^{+}$ is defined as follows:

$${\left[a\right]}_b^{+}=\left\{\begin{array}{l}a,\begin{array}{cc}& a\ge b,\end{array}\\ 0,\begin{array}{cc}& a<b,\end{array}\end{array}\right.$$

(37)

Define matrix $F(k)={\left[f_{ij}(k)\right]}^{n\times n}$ to record the topological connection information in the observation sub-network, and the new rules are as follows:

$$f_{ij}=\left\{\begin{array}{l}1,\begin{array}{cc}& (j,i)\in E^{\prime },\end{array}\\ 0,\begin{array}{cc}& (j,i)\notin E^{\prime },\end{array}\end{array}\right.$$

(38)

The specific isolation steps are shown in Figure 8.

3. Results

3.1. Economic Dispatch of Normal Communication

This article uses IEEE-39 nodes for case simulation, builds a simulation test platform in a Matlab environment, and analyzes it on a computer with 64 GB memory in Intel Xeon E-2186M (6 core Xeon 2.90 GHz, 4.80 GHz Turbo, 12 MB 45 W). The configuration and communication topology of the 39-node distributed microgrid is shown in Figure 9. The communication mode is point-to-point mode, and multiple communication protocols can be used, such as Ethernet TCP/IP, ZigBee based on IEEE 802.15.4, etc.

In Figure 9, the test system is a 39-bus power information physical system, which includes four communication network systems corresponding to generator sets (smarts 1–4) and three electric vehicle aggregators (smarts 5–7). The distributed energy sources of the test system communicate through the communication network. The detailed parameters are shown in

Table 1. Generator operating cost function parameters and output upper and lower limits.

Generator	${\mathit{\alpha }}_{\mathit{i}}$	${\mathit{\beta }}_{\mathit{i}}$	${\underset{—}{\mathit{p}}}_{\mathit{i},\mathit{l}}^{\mathit{p}}/\mathit{K}\mathit{W}$	${\stackrel{—}{\underset{}{\mathit{p}}}}_{\mathit{i},\mathit{l}}^{\mathit{p}}/\mathit{K}\mathit{W}$	${\mathit{p}}_{\mathit{i},\mathit{r}\mathit{a}\mathit{m}\mathit{p}}/\mathit{K}\mathit{W}$
1	0.0533	23.45	50	250	40
2	0.0735	18.66	45	210	35
3	0.06	20.3	50	200	37
4	0.0675	19.1	48	220	38

and

Table 2. Generator operating cost function parameters and output upper and lower limits.

EV Aggregator	$\mathit{a}$	$\mathit{b}$	${\mathit{\varsigma }}^{\mathit{c}\mathit{h}}$	${\mathit{\varsigma }}^{\mathit{d}\mathit{s}}$	$—{\mathit{p}}_{\mathit{c}\mathit{h},\mathbf{max}}$	${\mathit{p}}_{\mathit{d}\mathit{s},\mathbf{max}}$
5	0.028	535	0.98	0.98	−90	90
6	0.025	600	0.97	0.97	−100	100
7	0.021	721	0.95	0.95	−120	120

. The learning gain in Formula (10) is 0.005.

When the economic dispatch algorithm is executed in an ideal communication environment, the power output, incremental cost, and total system power output of each energy unit are shown in Figure 10. The simulation results show that the optimal output values of all energy units are within their operational range, the estimated value of local power mismatch converges to 0, and the incremental cost a finally converges to the same, ${\lambda }^{*}=33.7240 \$/\mathrm{k} \mathrm{Wh}$; The system operates at the lowest cost point, the balance of energy supply and demand is satisfied, and the stability of system operation is guaranteed. This simulation result is used as a comparison of the effect of subsequent network attacks.

3.2. Economic Dispatch of Conspiracy Attacks

This section studies the economic scheduling problem under the collusion attack. Assuming that at the iteration time k = 20, Agent 3 is attacked by data integrity, and at the same time Agent 3 and its outer neighbor Agent 2 collude. The attack effect is shown in Figure 11.

The above figure shows that the abnormal Agent 3 cannot be completely isolated from the communication network, as shown in Figure 11c. At the iteration time k = 40, the agent 3 only cuts off part of the communication, and the attack still passes and no abnormality is detected. The colluding Agent 2 spreads to the communication network. The final convergence results are shown in Figure 11b,c. The incremental cost cannot converge to the same value, and the estimated value of the local power mismatch cannot converge to 0, which leads to the destruction of the supply and demand balance of the energy management system.

3.3. Economic Dispatch with Robust Isolation

This section presents the convergence results of the energy management system after adopting the robust privacy protection encryption isolation strategy proposed earlier, as shown in Figure 12.

In the above figure, it is not difficult to see that the abnormal Agent 3 was partially isolated at iteration time k = 40, that is, only its neighbors other than the colluding agent disconnected; at iteration time k = 50, the abnormal agents, both 3 and 2, are completely isolated from the communication network, and their local power mismatch estimates are set to 0, while other well-behaved agents re-estimate the power mismatch in certain areas, as shown in Figure 12c. The final convergence result of the incremental cost is shown in Figure 12b. The incremental cost of the good-performing agent finally converges to ${\lambda }^{*}=34.1700 \$/\mathrm{k} \mathrm{Wh}$. In addition, as shown in Figure 12a, the balance of system supply and demand is satisfied, which means that the adverse effects of collusion attacks on the economy and stability of the energy management system have been reduced, and through this distributed robust strategy, an acceptable sub-optimal solution is obtained.

4. Discussion

First, we introduced the concept of a distribution network cyber-physical system (CPS), the application prospects of distributed energy management in the power grid, and the special scenario of electric vehicles under the background of “new infrastructure”; we also explained the problems in distributed systems. Then, the electric vehicle aggregator (EV aggregator) was considered as a variable-capacity distributed energy storage device, which proves that an attacker can manipulate the scheduling results by sharing false data with neighbors to achieve the attack target.

Secondly, from the perspective of system defense, we proposed a distributed robust economic dispatch strategy to defend against such collusion attacks: embed a privacy protection protocol to conceal the true value of important update information between each agent, and on this basis, combine the detection algorithm based on the condition discrimination mechanism and the isolation algorithm based on reputation value to achieve effective defense against network attacks.

This paper conducts simulation verification on Matlab 2014b to test the quantitative impact of the proposed attack. It proves the feasibility and harmfulness of the proposed new type of concealed attack for energy storage, and provides a new offensive and defensive scenario for the cyber-physical system (CPS) of the distribution network. In future work, it is interesting to consider the non-convex and other more physical constraints in economic scheduling problems and the encryption defense strategy for network attacks in multiple scenarios.