A Review of Cybersecurity in Grid-Connected Power Electronics Converters: Vulnerabilities, Countermeasures, and Testbeds

With the increasing installations of solar energy, electric vehicles, and other distributed energy resources and the deeper developments of digitalization and standardization, cybersecurity became more and more essential and critical in modern power systems. Unfortunately, most prior research work focuses on the cybersecurity of power transmission and distribution networks other than distributed energy devices and their grid-connected power converters. Focusing on the Grid-Connected Power Electronics Converters (GCPECs), this article does a comprehensive review of existing outcomes from selected references, in the aspects of vulnerabilities, countermeasures, and testbeds. By analyzing the GCPEC's layout and countermeasure candidates, it is found that the vulnerabilities of GCPECs include both cyber and physical layers that are easily accessible to malicious hackers. These vulnerabilities in the two layers must be considered simultaneously and coordinate well with each other. Especially, hardware hardening is an essential approach to enhance cybersecurity within GCPECs. It is also noticed that the detection and mitigation approaches should consider the complexity of algorithms to be applied and assess the limits of computing and data processing capabilities in GCPECs while evaluating the feasibility of countermeasure candidates to cyberattacks in testbeds. In addition, the countermeasures should meet relevant standards, such as IEEE-1547.1, IEEE-2030.5, IEC-61850, and IEC-62351, to ensure the interoperability and cybersecurity of GCPEC devices in smart grids. Finally, based on the review and analysis, four recommendations are raised for future research on GCPEC's cybersecurity and their applications in smart grids.