Hardware-Assisted Detection of Firmware Attacks in Inverter-Based Cyberphysical Microgrids

The electric grid modernization effort relies on the extensive deployment of microgrid (MG) systems. MGs integrate renewable resources and energy storage systems, allowing to generate economic and zero-carbon footprint electricity, deliver sustainable energy to communities using local energy resources, and enhance grid resilience. MGs as cyberphysical systems include interconnected devices that measure, control, and actuate energy resources and loads. For optimal operation, cyberphysical MGs regulate the onsite energy generation through support functions enabled by smart inverters. Smart inverters, being consumer electronic firmware-based devices, are susceptible to increasing security threats. If inverters are maliciously controlled, they can significantly disrupt MG operation and electricity delivery as well as impact the grid stability. In this paper, we demonstrate the impact of denial-of-service (DoS) as well as controller and setpoint modification attacks on a simulated MG system. Furthermore, we employ custom-built hardware performance counters (HPCs) as design-for-security (DfS) primitives to detect malicious firmware modifications on MG inverters. The proposed HPCs measure periodically the order of various instruction types within the MG inverter's firmware code. Our experiments illustrate that the firmware modifications are successfully identified by our custom-built HPCs utilizing various machine learning-based classifiers.