MaDIoT 3.0: Assessment of Attacks to Distributed Energy Resources and Demand in a Power System

IF 3.2 Q3 ENERGY & FUELS

IEEE Open Access Journal of Power and Energy Pub Date : 2025-08-04 DOI:10.1109/OAJPE.2025.3595631

Néstor Rodríguez-Pérez;Javier Matanza;Lukas Sigrist;José Rueda Torres;Gregorio López

{"title":"MaDIoT 3.0: Assessment of Attacks to Distributed Energy Resources and Demand in a Power System","authors":"Néstor Rodríguez-Pérez;Javier Matanza;Lukas Sigrist;José Rueda Torres;Gregorio López","doi":"10.1109/OAJPE.2025.3595631","DOIUrl":null,"url":null,"abstract":"The increasing penetration of Distributed Energy Resources (DER) expands the cyberattack surface of power systems. This paper analyses, using PowerFactory, the impact and success of MaDIoT 3.0 attacks in the PST-16 model, a simplified model of the European system. MaDIoT 3.0 attacks are a novel type of attack that manage to compromise both high-wattage IoT demand devices and DER devices at the same time. The results indicate that the inclusion of distributed solar PV generation in the PST-16 system reduces the success ratio and impact of load-altering MaDIoT attacks when compared to the same system without DER, mainly due to an increment of the initial voltages. For MaDIoT 3.0 attacks, the demand had a more significant influence on the attack’s success than DER in the PST-16 system. Distributing the attacked demand across more buses or targeting the demand from other areas would decrease the success ratio of the attack. Therefore, the local scalability and replicability of vulnerable high-wattage demand devices in the analysed system become more critical than their distributed deployment in larger areas.","PeriodicalId":56187,"journal":{"name":"IEEE Open Access Journal of Power and Energy","volume":"12 ","pages":"552-563"},"PeriodicalIF":3.2000,"publicationDate":"2025-08-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=11112612","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Open Access Journal of Power and Energy","FirstCategoryId":"1085","ListUrlMain":"https://ieeexplore.ieee.org/document/11112612/","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ENERGY & FUELS","Score":null,"Total":0}

引用次数: 0

Abstract

The increasing penetration of Distributed Energy Resources (DER) expands the cyberattack surface of power systems. This paper analyses, using PowerFactory, the impact and success of MaDIoT 3.0 attacks in the PST-16 model, a simplified model of the European system. MaDIoT 3.0 attacks are a novel type of attack that manage to compromise both high-wattage IoT demand devices and DER devices at the same time. The results indicate that the inclusion of distributed solar PV generation in the PST-16 system reduces the success ratio and impact of load-altering MaDIoT attacks when compared to the same system without DER, mainly due to an increment of the initial voltages. For MaDIoT 3.0 attacks, the demand had a more significant influence on the attack’s success than DER in the PST-16 system. Distributing the attacked demand across more buses or targeting the demand from other areas would decrease the success ratio of the attack. Therefore, the local scalability and replicability of vulnerable high-wattage demand devices in the analysed system become more critical than their distributed deployment in larger areas.

查看原文本刊更多论文

MaDIoT 3.0：对电力系统中分布式能源和需求的攻击评估

分布式能源的日益普及扩大了电力系统的网络攻击面。本文利用PowerFactory分析了欧洲系统的简化模型PST-16模型中MaDIoT 3.0攻击的影响和成功。MaDIoT 3.0攻击是一种新型攻击，能够同时破坏高瓦数物联网需求设备和DER设备。结果表明，与没有DER的相同系统相比，在PST-16系统中包含分布式太阳能光伏发电降低了改变负载的MaDIoT攻击的成功率和影响，主要是由于初始电压的增加。对于MaDIoT 3.0攻击，需求对攻击成功的影响比PST-16系统中的DER更显著。将受攻击的需求分布在更多的总线上，或者以来自其他区域的需求为目标，会降低攻击的成功率。因此，分析系统中脆弱的高功率需求设备的局部可扩展性和可复制性变得比它们在更大范围内的分布式部署更为重要。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊