Nonlinear Controller-Based Mitigation of Adverse Effects of Cyber-Attacks on the DC Microgrid System

Abstract

Cyber-attacks have adverse impacts on DC microgrid systems. Existing literature shows plenty of attack detection methods but lacks appropriate mitigation and prevention approaches for cyber-attacks in DC microgrids. To overcome this limitation, this paper proposes a novel solution based on a nonlinear controller to mitigate the adverse effects of various cyber-attacks, such as distributed denial of service attacks and false data injection attacks, on various components of a DC microgrid system consisting of a photovoltaic power source, a permanent magnet synchronous generator-based variable speed wind generator, a fuel cell, battery energy storage, and loads. To demonstrate the effectiveness of the proposed solution, single and repetitive cyber-attacks on specific components of the microgrid have been considered. An index-based quantitative improvement analysis for the proposed control method has been made. Extensive simulations have been performed by the MATLAB/Simulink V9 software. Simulation results demonstrate the effectiveness of the proposed nonlinear controller-based method in mitigating the adverse effects of cyber-attacks. Moreover, the performance of the proposed method is better than that of the proportional-integral controller. Due to the simplicity of the proposed solution, it can easily be implemented in real practice.

1. Introduction

The microgrid (MG) power system concept has gained wider popularity in recent times due to its localized, autonomous, and resilient power supply [1,2,3,4,5,6,7]. Besides the increasing demand for direct current loads (DC-loads), the simplified interface with renewable power generation, the reduction of usage and losses associated with power converters, and the perception that DC microgrid (DC MG) could be a cheaper and more efficient alternative for power supply in small-scale areas like residential areas, university campuses, offices, shopping malls, military bases, aircraft, etc.

Again, the entire DC MG can be monitored by the supervisory control and data acquisition (SCADA) system that stores, monitors, and processes all the data related to the power network, which necessitates multilevel controls for providing reliability and dynamic response for the DC MG system. This multilevel monitoring and control requires two-way communication among the main grid, DC MG, and the SCADA system, which eventually makes the total structure a cyber-physical system. By introducing communication channels with a computerized control system, the functionality and efficiency of the smart power network can be enhanced with a dynamic demand management system. But, this potentiality can introduce the security vulnerability of such a cyber-physical system.

Recently, lots of research has been conducted on detecting and managing the risk of cyber-attacks in power systems [8,9,10,11]. The work in [6] describes the security vulnerabilities of smart power systems, especially the DC MG, and discusses some possible forms of attacks such as masquerading, message reply attacks, eavesdropping, false data injection (FDI), distributed denial-of-service (DDoS), and privacy leakage on the smart meters. Beg et al. propose a method of FDI attack detection in the DC MG system [12]. Likewise, a data-driven approach to distinguishing between cyber-attacks and physical faults using a sequential minimal optimization-based support vector machine has been used in [13]. For FDI attacks, different dynamic state estimation-based detection methods have been broadly discussed in several literatures using deep learning [14], phasor measurement unit data [15], the Chi-square method and Euclidean distance detector [16], the Markov model for determining the state space decision [17], the anomaly detection algorithm [18], and the harmony search algorithm using the K-nearest neighbor [19]. Some other techniques, such as the Diagnostic Robust Generalized Potential technique [20], distributed block chain-based protection framework against DDOS attack through the communicating channel [21], and a parametric feedback linearization-based control scheme for delay minimization due to DDoS attack [22], show effective responses for the power grids.

From the thorough literature search, it appears that the appropriate techniques to mitigate the adverse effects of cyber-attacks on the DC MG are lacking. Moreover, till now, the cyber-attacks that occur only once in a system have been discussed. However, there can be repetitive attacks as well. That means, once an attack has been mitigated, another attack can affect the system one more time. It can continue for a long time, and the whole power system may exhaust and fail.

Based on the above background, this paper proposes new and effective control means in the form of a nonlinear controller to mitigate the adverse effects of cyber-attacks on various components of the DC MG. A DC MG model consisting of a photovoltaic (PV) system, fuel cell, battery energy storage, and a permanent magnet synchronous generator (PMSG)-based variable-speed wind generator system has been developed. Two types of cyber-attacks have been considered in this work, i.e., the DDoS attack, which exhausts system resources by sending flood requests to prevent legitimate users from accessing the system, and the FDI attack, where an intruder aims to attack any data as long as it can result in a wrong estimation for the state variables of a system [23,24,25,26,27]. The reason to choose these two specific cyber-attacks is that, in a recent study [28], it is mentioned that the DDoS attacks affect 80% of the electrical enterprises [29] in 14 countries and thus are one of the most severe attacks [30]. Moreover, the work in [31] states that the FDI is a threatening attack that may cause energy theft by end users, false dispatch on the distribution process, and device breakdown during power generation.

Four parameters, such as the duty cycle of the DC-DC boost converter of the PV system, the reference value of the firing-angle controller of the AC-DC inverter of the PMSG-based wind generator, the reference value of the battery energy management system controller, and the load profile, have been chosen as the cyber-attack points. To demonstrate the effectiveness of the proposed solution in more detail, the mentioned two cyber-attacks in the form of single and repetitive attacks at specific components of the microgrid have been considered. Extensive simulations have been performed by the MATLAB/Simulink V9 software.

The novelty and main contributions of this paper can be summarized as follows:

(i)

Development of a new nonlinear controller to mitigate the adverse effects of cyber-attacks on the DC microgrid system.

(ii)

Consideration of both single and repetitive attacks on the microgrid system.

(iii)

Performance comparison between the proposed nonlinear controller and a proportional-integral (PI) controller for cyber-attack mitigation.

The organization of the paper is as follows: Section 2 describes the cyberphysical modeling of the DC MG system to analyze the cybersecurity issues and solution techniques. Also, this section explains the cybersecurity aspects of the DC MG system. Moreover, a detailed description of the proposed controller and control algorithm for cyber-attack mitigation has been provided in this section. Section 3 shows and describes the simulation results and the effectiveness of the proposed mitigation technique. Finally, Section 4 provides some conclusions for the proposed work.

2. Materials and Methods

2.1. Cyberphysical Modeling of a DC Microgrid System

For the simulation, the system as shown in Figure 1 has been considered, where there is a solar panel with the Perturb and Observatory-based Maximum Power Point Tracking (MPPT) system [32] that produces the duty cycle for the boost converter and provides power to the DC grid. A battery energy storage system (BESS) is also equipped to minimize power fluctuation due to temperature and solar irradiation change [33]. Moreover, a proton exchange membrane-based fuel cell (FC) [34] connected with a DC-DC converter, a PMSG-based variable-speed wind power system (WPS) [35] equipped with an AC-DC inverter, and a DC load are connected with the DC bus that consumes 5.12 MW of power at 400 V. The power capacities of the PV, FC, and WG are 3 MW, 112.5 KW, and 2 MW, respectively. The designed DC bus is connected to the main grid via an inverter through a switching mechanism that ensures bidirectional power flow to and from both grids. The whole DC MG is controlled and monitored through the centralized control system, i.e., the SCADA, in different layers. Cyber-attacks may happen at any point of supervisory control.

2.2. Possible Cyber Threats in the DC Microgrid System

As shown in Figure 1, the DC MG is connected to the main grid system, and the total cyberphysical system is being monitored by the SCADA system in different layers. As all the controller set points are handled through the SCADA, it is possible to tamper with any kinds of data from there or destroy the interface with the grid, which may result in an unexpected and unbalanced situation. For example, an intruder can change the value of the duty cycle, which is the input to the boost converter of the PV system, abruptly to any value. Information on the duty cycle can be missing from the boost converter. Again, an attacker can attack the load profile, which will cause a change in the load value at the SCADA, whereas the physical load value will remain unchanged. In all of these cases, the physical system will receive misleading information from the SCADA, which will result in a deviation of the PV array terminal voltage and the voltage and power at the DC MG terminal.

Moreover, since every controller has some reference values, an intruder can easily change that set point, which can hamper the performance of the controller. For example, in the BESS, an intruder can change the reference value of the power. In that case, the controller will not be able to provide the optimum power required for the system at that moment, and that will hamper the performance of the power system, and the consumers will also be affected by the high or low voltage caused by the variable nature of the solar or wind. If such a situation continues for a longer time, the equipment attached to the power system will be damaged, and the whole system may be shut down.

Table 1. Potential cyber threat and its impact on the DC microgrid.

Type of Attack	Nature of the Attack	Device Affected by the Attack	Effect on the Device	Overall Consequence on the Microgrid
FDI	Intruder manipulates the controller parameters	Inverter, Converter, Thyristor controller, and MPPT controller	Changes in voltage and power cause cascading effects on other devices.	System shutdown and may cause equipment damage as well. Results in an overall socio-economic imbalance.
	Intruder tampers with the load profile	Load
DDoS	Disrupts the normal data flow, resulting in delays in the system	Inverter, Converter, Thyristor controller, and MPPT controller

shows the potential cyber threat and its impact on the overall DC microgrid system.

2.3. Distinguishing Cyber-Attacks from Other Disturbances

As already mentioned, to consider the cyber-attack scenario, in this work four parameters have been chosen, i.e., the duty cycle of the PV system, the reference value of the firing-angle controller of the PMSG-based wind generator, the reference value of the BESS control scheme, and the load profile. All these quantities are independent of the fault or any other transient instability scenario on the grid. The duty cycle usually varies with the change in solar irradiance and the temperature to obtain the maximum power point in the case of the PV system or with the fuel cell dynamics in the case of the FC system. This type of variation is time-dependent and does not change instantly or abruptly. Again, during a fault condition, the reference values of the controller never change unless those are manipulated intentionally. Similarly, in the case of a load, its value never varies with the fault. The only parameter that can vary is the voltage, which may go very low, and the current, which may become very high during the fault. The value of the load may vary with respect to the demand throughout the day, but this will not happen abruptly or enormously, as the load profile is always maintained and monitored according to the grid code by the SCADA. Whereas in the case of an FDI cyber-attack, the parameters can be changed to very sudden and unusual values, or in the case of a DDoS attack, due to the flood of data, some delayed response may occur. Therefore, by recognizing the pattern of the duty cycle and load profile along with monitoring the reference values of each controller at the SCADA, the cyber-attack scenarios can possibly be recognized.

2.4. Modeling of Cyber-Attacks

As already mentioned, this work has considered two types of cyber-attacks, such as FDI and DDoS attacks. A detailed description of the attacks and their modeling are discussed below.

2.4.1. False Data Injection (FDI) Attack Model

FDI attack refers to adding an attack vector (c) to the control vector (z), resulting in a manipulated control vector ($z_c$), as shown in Equation (1).

$$z_c=z+c$$

(1)

The FDI detection problem can be thought of as a binary classification problem from a machine-learning standpoint. Let samples with M characteristics from either c (negative class) or ca be the measurement data (positive class). The definition of the matching class labels, y, is given in Equation (2):

$$y=\left\{\begin{array}{c}+1;ifc\ne 0\\ -1;ifc=0\end{array}\right.$$

(2)

The distance between two arbitrary samples, $s_i$ and $s_j$, without losing generality, is provided by Equations (3)–(5) [36]:

$${‖s_i-s_j‖}_2=\left\{\begin{array}{}\mathrm{(3)}\hfill & {‖z_i-z_j+c_i-c_j‖}_2;if{c}_i{,c}_j\ne 0\mathrm{(4)}& {‖z_i-z_j+c_i‖}_2;if{c}_i\ne 0,c_j=0\mathrm{(5)}& {‖z_i-z_j‖}_2;if{c}_i{,c}_j=0\end{array}\right.$$

FDI attacks can result in a change in the duty cycle of the PV boost converter and the load profile, which can impact the overall power system.

2.4.2. Distributed Denial of Service (DDoS) Attack Model

In DDoS attacks, the attacker targets the communication links of the system and makes them jammed. As a result, communication becomes slow or completely stopped. Since the communication network is of extreme significance in the PV system, DDoS attacks have a very disruptive impact on the system. Equations (6) and (7) present the original control signal and delayed signal, respectively, if the communication delay in the network produced by a DDoS attack is N₀ [37].

$$x_{original}\left(t\right)=x\left(t\right)=\sum _{i=0}^N{x}_i$$

(6)

$$x_{delay}\left(t\right)=x\left(t-N_o\right)=\sum _{i=-N_o}^{{N-N}_o}{x}_i$$

(7)

Equation (8) illustrates that adding N₀ sample time to the current timestep x_delay is needed to obtain the same sample from the original control signal x_original.

$$x_{delay}\left(t+N_0\right)=x_{original}\left(t\right)$$

(8)

This is what the DDoS attack sequence looks like: (a) According to (9a), the PV system functions normally, that is, it communicates with remote SCADA and other controllers in a normal manner. (b) Suddenly, at sample time t₁ ≥ 0 and continuing until t₂ = t₁ + N₀ ≤ N, where N₀ is the delay that varies depending on the intensity of the DDoS attack. According to (9b), the signal is completely lost during this time, or zero. (c) The signal should maintain the t₁ + 1 signal sample as in (9c) in post-attack because DDoS should not jeopardize the signal’s integrity. The composite control signal that reaches the PV controller can be expressed as (9).

$$x(t)=\left\{\begin{array}{}\mathrm{(9a)}& x_{original}\left(t\right)if0\le t<t_1,preattack\mathrm{(9b)}& 0if{t}_1<t<t_2,attack\mathrm{(9c)}& x_{delay}\left(t\right)if{t}_2<t<N,postattack\end{array}\right.$$

2.5. Proposed Nonlinear Control Methodology for Cyber-Attack Mitigation

In this work, a nonlinear controller-based approach has been used to mitigate the adverse effects of cyber-attacks on the performance of the microgrid system. The control algorithm and the controller description are provided in the following:

2.5.1. Control Algorithm

All kinds of vulnerabilities in a power system have a direct impact on the terminal voltage. Therefore, the main objective is to regain the voltage at its required level within the shortest possible time. Thus, the DC link voltage (V_DC) has been used as the controller input. This voltage is compared with the reference voltage of V_DC (400 V) to obtain the error function ∆V_DC. Figure 2 shows the flowchart of the basic algorithm of the proposed cyber-attack mitigation techniques.

In a normal situation, the error value is zero. The controller continuously monitors the voltage deviation on the DC bus. In case of any deviation in ∆V_DC, the controller will first check all the set point values to determine whether there is any cyber-attack or any other disturbances in the system. If the set point values are unchanged, then this will indicate the occurrence of other disturbances, and accordingly, a suitable controller will be activated. But, if any of the set point values is changed, then this will ensure the occurrence of a cyber-attack. In this work, as the main focus is to mitigate the adverse effects of cyber-attacks, the control algorithm will check for the location of the cyber-attack depending upon the manipulated parameter. This can be detected by monitoring the performances of the individual distributed energy resources (DER), because the cyber-attack impact will be higher on that specific DER where the attack has occurred. Again, if there is any deviation in the load value, R, then the controller for the R value correction will be enabled and will ensure the voltage deviation is zero. When the system becomes stable, the controller will be disconnected immediately, and the system will resume its original status.

2.5.2. Nonlinear Controller

As the power grid is highly nonlinear, the application of nonlinear controllers is highly preferred. This control action can be governed by any nonlinear differential equation or any other mathematical model. In this work, an exponential equation has been used as the nonlinear controller function, as shown in the following:

$$D/R=1-K_2{e}^{-|∆V_{DC}|K_1}$$

(10)

where K₁ and K₂ are the constant values, and ∆V_DC and D/R are the input and output variables of the controller, respectively. Equation (10) is used for cyber-attack mitigation in the case of the load (resistance value, R) and duty cycle, D, of the PV system. By tuning the values of K₁ and K₂, the required controlled values of the manipulated signal are obtained. The parameters have been set in such a way that the controller can handle any kind of voltage deviation, from very high to very low. The parameters of the controller have been shown in

Table 2. Parameter values of the controllers.

Attack Point	Nonlinear Controller		PI Controller
	K1	K2	Kp	Ki
D of PV	0.735	0.5	0.9972	0.896
R	0.0215	0.9468	0.34	0.09

.

2.6. PI Controller for Cyber-Attack Mitigation

In this work, the performance of the proposed nonlinear controller-based attack mitigation approach has been compared with that of a PI-based controller. The PI is one of the popular controllers that is extensively used in industrial control systems. The transfer function that has been used for the PI controller in Laplace domain (s) is as follows:

$$D/R=|{∆V}_{DC}|\left[K_p+\frac{1}{s}{K}_i\right]$$

(11)

where K_p and K_i are the proportional and integral gains of the PI controller, respectively. ∆V_DC and D/R are the input and output variables of the controller, respectively, and bear the same meaning as mentioned in the previous subsection. The values of the parameters K_p and K_i are shown in Table 2. These values have been obtained by trial and error, and they can handle any abrupt change in the input from high to low values. For tuning these K₁, K₂, K_p, and K_i parameters using the trial-and-error method, we experimented with a range of values from 0 to 1 with an interval of 0.0001 and observed the performance. Hence, the values mentioned in Table 2 gave us the best and most consistent results for the system.

3. Results and Discussion

In this section, the effectiveness of the proposed controller in the DC microgrid system has been evaluated. The evaluation has been shown through some graphical images obtained from the real-time simulation and also mathematically by calculating the percentage improvement from the voltage index value. The details are described in the following subsections:

3.1. Simulation Condition

The simulations are performed through the MATLAB/Simulink software. In the simulation study, we’ve considered constant irradiance and temperature in the PV system and constant wind speed in the wind power system, as these parameters vary gradually with time and any cyber-attack may happen within a few seconds, so these changes will not impact much. In all cyber-attack cases, we have activated the mitigation controller after 0.1 s of the occurrence of the attack. This 0.1 s time has been considered a time delay to allow the sensor to choose the right type of controller based on the location of the attack to mitigate the adverse effects of cyber-attacks. The time step of the simulation is 5 µs for all cases. The scenarios that have been considered in this work are briefly listed in the following

Table 3. Cyber-attack scenario.

Case of Study	Scenario	Pattern of Attack	Type of Attack	Location of Attack
Case-I Attack on PV System	1	Single Attack	FDI	Duty Cycle of the PV Boost Converter
	2		DDoS
	3	Random Attack	FDI
Case-II Attack on Load Profile	1	Single Attack	FDI	Load Profile

based on the pattern, type, and location of the attack.

3.2. Analysis of Cyber Security Issues and Solutions for DC Microgrid Systems

3.2.1. Cyber-Attack on the PV System

CASE-I, SCENARIO-1 (Effects and Solution of the FDI Attack on the Duty Cycle of the PV Boost Converter)

In the case of the false data injection attack scenario, it has been considered that, at 0.5 s of simulation, the intruder attacks the duty cycle at the input of the DC-DC boost converter. Figure 3, Figure 4, Figure 5 and Figure 6 show the responses of four parameters, such as the duty cycle, PV array voltage, DC grid voltage, and output power, respectively. As shown from the responses, the duty cycle increases to its 90% value, which is a very high value as its range typically may vary from 0 to 1. Also, the terminal voltage of the PV array goes close to zero, and the DC grid voltage and the power at the grid become very low.

In that situation, to recover the steadiness of the grid, the controller has been activated at 0.6 s. For the PI controller case, the duty cycle comes back to 0.5 within almost 6 s, compared to that in the case of the nonlinear controller, where the duty cycle comes back to the desired value immediately, within 1 s. As the D value is recovered, both the voltages at the terminal of the PV array and the DC grid gradually come back to the 400 V level. Following the voltage, the output power is also improved. It is quite certain that in all four cases, the performance of the nonlinear controller is much better than that of the PI controller.

CASE-I, SCENARIO-2 (Effects and Solution of the DDOS Attack on the Duty Cycle of the PV Boost Converter)

The DDoS is another very frequent type of cyber-attack. It causes floods of data that prohibit normal data flow through the communication channel. Therefore, the system will receive no signal for a few moments or a longer period of time. In the case of the DDoS attack, the scenario has been simulated as the intruder attacks the duty cycle by making it zero in the boost converter input at 0.5 s. Figure 7, Figure 8, Figure 9 and Figure 10 show the responses of the duty cycle, voltage at both the terminal of the PV array and the DC grid, and load power, respectively. From these figures, it is clear that the sudden absence of duty cycle in the DC-DC Boost converter makes the system vulnerable, as the DC grid voltage and PV array terminal have been activated to handle such a situation. The controller has been activated at 0.6 s, and both controllers attempt to make the duty cycle value at 0.5 at the terminal of the boost converter.

From Figure 7, Figure 8, Figure 9 and Figure 10, it is evident that the performance of the nonlinear controller and the PI controller is significantly different. For every case, the nonlinear controller performs almost instantly after the activation and helps the duty cycle and DC grid voltage come back instantly at their rated values of 0.5 and 400 V, respectively. But, in the case of the PI controller, the duty cycle value was restored almost after 7 s, and the PV array voltage took a long time to become stable, although the DC grid terminal voltage and the output power came back after 5 s.

CASE-I, SCENARIO-3 (Effects and Solution of Random FDI Attack on Duty Cycle of the PV Boost Converter)

In the case of the random false data injection attack scenario, it has been considered that, at 0.5 s of simulation, the intruder attacks with a random change in value of the duty cycle at the input of the DC-DC boost converter of the PV system. Figure 11, Figure 12, Figure 13 and Figure 14 show the responses of four parameters, such as the duty cycle, PV array voltage, DC grid voltage, and output power. As shown from the responses, the duty cycle varies randomly within a 10–90% value range. Also, the terminal voltage of the PV array, the DC grid voltage, and the power at the grid vary randomly from very low to very high values in an inversely proportional manner with the duty cycle change.

In that situation, to recover the stability of the grid, the controller has been activated at 0.6 s. For the PI controller case, the duty cycle comes back to 0.5 within almost 6 s, compared to that in the case of the nonlinear (N-L) controller, where the duty cycle comes back to the desired value immediately, within 1 s. As the D value is recovered, both the voltages at the terminal of the PV array and the DC grid gradually come back to the 400 V level. Following the voltage, the output power is also improved. It is quite certain that in all four cases, the performance of the nonlinear (N-L) controller is much better than that of the PI controller. This proves the robustness of the controllers, which means they can handle any abrupt changes properly within a very short period of time.

3.2.2. Cyber-Attack on Load Profile

CASE-II, SCENARIO-1 (Effects and Solution of FDI Attack on Load)

In this case, the attack has been simulated in such a way that at 0.5 s, the intruder changes the value of the load from the original set value of 0.0533 Ω to a high value of 0.3 Ω. For such a high load value, the terminal voltage of the DC grid rises to 558.4 V. As a result, the maximum power point condition becomes diverged, and the power goes very low. And the system becomes unstable. In this situation, at 0.6 s, the controllers have been activated to stabilize the system by setting back the load. Figure 15, Figure 16, Figure 17 and Figure 18 show the responses of the duty cycle, voltage at both the terminal of the PV array and the DC grid, and load power, respectively.

3.2.3. Index-Based Performance Evaluation of the Proposed Controllers

The performance of the proposed cyber security mitigation techniques has been evaluated through the voltage index calculation using the following equation [38]:

$$VoltageIndex={\int }_0^T\left|{∆V}_{DC}\right|dt$$

(12)

where T is the simulation time for different cases. The lower the value of the voltage index, the better the system’s performance. In other words, the lower the deviation of the DC grid terminal voltage with respect to time, the greater the system’s stability. For an obvious understanding of the controller performance, we have calculated the percentage improvement following the equation below:

$$\frac{{V_{index}}_{Nocontroller}-{V_{index}}_{Withcontroller}}{{V_{index}}_{Nocontroller}}\times 100$$

(13)

Table 4. Voltage index values for various controllers.

Attack Scenario	Voltage Index
	No Controller	Proposed Nonlinear Based Controller		PI Controller
	Index	Index	Percentage Improvement (%)	Index	Percentage Improvement (%)
Case-I Scenario 1	7.442	0.1104	98.517	0.1518	96.96
Scenario 2	3.927	0.0517	98.684	0.1511	96.15
Scenario 3	4.398	0.1140	97.41	0.1518	96.55
Case-II Scenario 1	3.763	0.0534	98.58	0.3772	89.98

shows the voltage index values for all the scenarios that have been considered in this study. From these index values, it is evident that the cyber-attack makes the PV-connected DC microgrid very insecure, as the voltage index value without the controller is huge. Using the proposed controllers, the system’s performance improved greatly. However, in all cases, it is clearly apparent from the percentage improvement data that the nonlinear controller is slightly better than the PI controller. For all the scenarios in Case-I, the proposed nonlinear controller demonstrated an average 2% improvement compared to the PI controller. Again, on the same comparison basis, a significant improvement of around 10% is evident for Case-II using the nonlinear controller. In both cases, the percentage improvements are statistically significant.

4. Conclusions

This work proposes a novel solution based on a nonlinear controller to mitigate the adverse effects of cyber-attacks on various components of a DC microgrid system. Two types of cyber-attacks, i.e., distributed denial of service and false data injection, in the form of single and repetitive attacks on specific components of the microgrid system, have been considered. An index-based quantitative analysis for the proposed control method has been made. Based on the obtained simulation results, the following conclusions can be drawn:

(i)

The proposed nonlinear controller-based method is effective in mitigating the adverse effects of cyber-attacks on the DC microgrid system.

(ii)

The performance of the proposed controller is better than that of the PI controller.

(iii)

Due to the simplicity of the proposed solution, it can easily be implemented in real practice.

It is important to note here that the proposed controller is designed for the particular power system arrangement shown in Figure 1. However, the controller is scalable and can be effective for different power systems just by re-tuning the control parameters.

To the best of our knowledge, there is no work available yet in the literature for cyber-attack mitigation in the power grid system. Hence, we approached a simplistic method of mitigation using a nonlinear controller, considering the above-mentioned advantages. In the near future, we will be more open to exploring and experimenting with other novel solutions, including artificial intelligence-based control and mitigation methods.