Resilient Distributed Secondary Control Strategy for Polymorphic Seaport Microgrid against Estimation-Dependent FDI Attacks

Abstract

This paper investigates the resilient distributed secondary control problem against FDI attacks for the seaport microgrid with a high proportion of renewable energy. Firstly, the polymorphic seaport microgrid containing a power layer, a control layer, a data layer and a service layer is constructed. It can achieve a software-defined function for control strategies based on a layered network and allows heterogeneous distributed generators (DGs) to exchange various types of data packets. Secondly, considering the unbounded attack generated by stolen estimator parameters can rapidly cause a large-scale power outage of the seaport microgrid, an estimation-dependent attack is designed from the perspective of attackers. Furthermore, a resilient distributed secondary control strategy using the virtual network is proposed to defend against the estimation-dependent attack. The virtual layer interconnects with the original control layer in the polymorphic network to generate an attack compensation vector, which can suppress the attack in the control layer. Furthermore, the stability analysis is completed by using the Lyapunov theory. Finally, the effectiveness of the proposed strategy is validated by a seaport microgrid test model with six DGs.

1. Introduction

The increasing logistics demand of the world maritime industry has led to higher energy consumption and carbon emissions [1]. To reduce carbon emissions, the proportion of clean energy of the maritime industry is increasing. As an important part of the maritime industry, the seaport microgrid undertakes the task of shaping the green and low-carbon maritime transportation. A seaport microgrid has a higher proportion of renewable energy compared with a conventional microgrid [2], which easily causes voltage and frequency deviations due to a strong randomness. Therefore, it is essential to investigate the distributed secondary control problem for a seaport microgrid to maintain its stability [3].

A seaport microgrid is actually a multiagent system (MAS) [4]. The distributed secondary control of the seaport microgrid relies on the communication network between the DGs. However, the traditional single-IP carrier communication network cannot support various types of data packets exchange between the heterogeneous DGs from different manufacturers. A polymorphic network [5] can support the coexistence and collaboration of multiple communication modes by programmable hardware, which can break the restraint of an IP network for information exchange between the heterogeneous DGs. Therefore, how to construct a seaport microgrid under a polymorphic environment is crucial to the distributed secondary control for the heterogeneous DGs. As a crucial node in the port’s Internet of things (IoT) [6,7,8], the seaport microgrid attracts potential adversaries because of its public network. When the attacks are launched into the communication network, the consensus performance of the DGs is destroyed. The seaport microgrid faces the risk of a power outage [9,10]. Once a power outage occurs, the electric-driven devices (such as cranes, handing machines and belt-conveying machines) are not able to maintain normal operation, causing huge economic losses. Therefore, how to defend against potential attacks on the seaport microgrid has been widely focused on.

The false data injection (FDI) attack [11] on the microgrid is noteworthy; it destroys the consensus performance of the DGs by tampering with the neighboring information. The existing methods to defend against FDI attacks include two categories, one is to use detection and isolation algorithms to check whether the communication channels are attacked, and the other one is to use resilient control strategies to suppress attacks. The detection algorithms [12,13,14] generally need enough time to check each node in the communication network due to limited computing resources. That is, these detection methods cannot guarantee the stability of seaport microgrids during the detection process. As a result, researchers have developed resilient control strategies by using the virtual layer to suppress attacks [15,16,17,18,19]. Ref. [15] used a virtual network to interconnect with the original one to defend against linear dynamics FDI attacks. Ref. [16] proposed a resilient strategy in the case of directed graphs. For the microgrid, a resilient strategy makes the number of DGs under FDI attacks unlimited [17,18,19]. Ref. [17] designed the resilient strategy to defend against time-dependent and state-dependent FDI attacks on the multiple communication components. Ref. [18] indicated a resilient strategy could resist not only FDI attacks, but also DoS attacks by using the virtual layer. Ref. [19] proposed a resilient distributed method against unbounded time-dependent attacks for MASs. The above-mentioned attack types are time-dependent and state-dependent. For a seaport microgrid, the state estimator is applied to improve the measurement accuracy in complex weather environment [20]. The potential adversaries can choose to steal the state estimator parameters to design estimation-dependent attacks rather than time-dependent and state-dependent attacks [21]. It is noteworthy that compared with other FDI attacks, estimation-dependent attacks can change with the estimation results dynamically rather than with a fixed growth trajectory. The estimation-dependent attacks can destroy the state estimator function for making control decisions, causing a large-scale power outage of the seaport microgrid.

In conclusion, to defend against an estimation-dependent attack, this paper proposes a resilient distributed secondary control strategy for a polymorphic seaport microgrid. The contributions of this paper are as follows:

(1) The polymorphic seaport microgrid is constructed including a power layer, a data layer, a control layer and a service layer. The heterogeneous DGs can exchange information through the data layer. Furthermore, software-defined functions can be achieved by the control layer.

(2) A unbounded estimation-dependent attack from the perspective of attackers is designed. It can be generated by stolen estimator parameters of the seaport microgrid to cause a large-scale power outage due to the error estimation results. Furthermore, the characteristics of the estimation-dependent attack is analyzed to model the attack launched on the seaport microgrid.

(3) A resilient distributed secondary control strategy is proposed to defend against the estimation-dependent attack for the seaport microgrid. The virtual layer is used to interconnect with the control layer to generate an attack compensation vector, which can suppress the attack injected into the control layer.

The rest of this paper is organized as follows. Section 2 establishes a polymorphic seaport microgrid. Section 3 proposes a resilient distributed secondary strategy to suppress the estimation-dependent attack and completes a stability analysis. Section 4 gives simulation cases to validate the effectiveness of the proposed strategy. Finally, Section 5 summarizes this paper.

2. Framework of the Polymorphic Seaport Microgrid

The structure [22,23,24] of a seaport microgrid consists of DGs, power loads and control systems, as shown in Figure 1. To reduce carbon emissions, various renewable energy devices (such as wind turbines, photovoltaic panels, etc.) are integrated into the seaport microgrid. Since the seaport is an important link between the sea and the land, the power loads generally contain land-based electrical equipment (electric vehicles, port cranes, etc.) and cold ironing facilities providing power to the ships. In addition, the seaport microgrid is equipped with control systems to analyze data and make decisions. The SCADA system is responsible for collecting the measurement results uploaded by sensors in the channels between the DGs. The state estimator using the measurement results provides estimation results to the EMS.

To break the restraint of traditional IP carrier network, a polymorphic seaport microgrid is established to exchange information between the heterogeneous DGs from different manufacturers in Figure 2. The manager-oriented service layer contains the state estimator and the EMS. That is, the control systems of the seaport microgrid shown in Figure 1 are included into the service layer. The control layer ensures the software-defined functions are compatible with various control strategies. Furthermore, the data layer configures the polymorphic identification table to exchange various types of data packets between the neighboring DGs through different transmission channels (such as FPGA, etc.). The power layer contains the whole DGs and loads, from which all the measurements are obtained. Thus, the polymorphic seaport microgrid can not only exchange information between the heterogeneous DGs, but also design and implement a resilient strategy using the virtual layer against estimation-dependent attacks.

3. Resilient Distributed Secondary Control Strategy for the Seaport Microgrid

In this section, the impact of an estimation-dependent attack on the seaport microgrid is analyzed, and a resilient distributed secondary control strategy is proposed to defend against the estimation-dependent attack.

3.1. Graph Theory

The communication topology of the seaport microgrid considered is a directed graph $\varsigma$ containing a leader and N followers. The weighted adjacency matrix of $\varsigma$ can be described as $A=\left[a_{ij}\right]\in R^{N\times N}$, where $a_{ij}$ is the weight between nodes. If $a_{ij}>0$, the agent i can receive neighboring information from agent j, otherwise, $a_{ij}=0$. The in-degree matrix of $\varsigma$ can be described as $D=diag\left(d_i\right)\in R^{N\times N}$, and $d_i={\displaystyle \sum _{j=1}^N}{a}_{ij}$. The Laplace matrix of $\varsigma$ can be described as $L=D-A$. In addition, $G_l=diag\left(g_{li}\right)\in R^{N\times N}$ is the matrix of gains from the leader to the ith follower. For a better expression, the notations involved in this paper are shown in Notations.

3.2. Problem Formulation

The droop mechanisms of the ith DG in the seaport microgrid can be shown as

$${\omega }_i={\omega }_{ni}-m_i{P}_i$$

(1)

$$V_i=V_{ni}-n_i{Q}_i$$

(2)

where ${\omega }_i$ is the angular frequency of the ith DG, $V_i$ is the output voltage of the ith DG, ${\omega }_{ni}$ and $V_{ni}$ are the set points for the droop mechanisms, $m_i$ and $n_i$ are droop coefficients chosen according to the power rating of the ith DG and $P_i$ and $Q_i$ are the active and reactive output power of the ith DG, respectively.

To maintain the consensus performance of the DGs, ${\omega }_{ni}$ and $V_{ni}$ are exchanged between the neighboring DGs. Differentiating (1) and (2) yields

$${\dot{\omega }}_{ni}={\dot{\omega }}_i+m_i{\dot{P}}_i=u_{wi}$$

(3)

$${\dot{V}}_{ni}={\dot{V}}_i+n_i{\dot{Q}}_i=u_{vi}$$

(4)

where $u_{wi}$ and $u_{vi}$ are auxiliary control inputs.

Based on the leader–follower information, $u_{wi}$ and $u_{vi}$ at each DG can be shown as

$${\dot{\omega }}_{ni}=u_{wi}=\sum _{j=1}^N{a}_{ij}({\omega }_j-{\omega }_i)+g_{li}({\omega }_{ref}-{\omega }_i)+\sum _{j=1}^N{a}_{ij}(m_j{P}_j-m_i{P}_i)$$

(5)

$${\dot{V}}_{ni}=u_{vi}=\sum _{j=1}^N{a}_{ij}(V_j-V_i)+g_{li}(V_{ref}-V_i)+\sum _{j=1}^N{a}_{ij}(n_j{Q}_j-n_i{Q}_i)$$

(6)

where ${\omega }_{ref}$ and $V_{ref}$ are the frequency and voltage reference information, respectively. Then, (5) and (6) can be reformulated as

$$\begin{array}{ccc}\hfill {\dot{\omega }}_{ni}=u_{wi}& =& \sum _{j=1}^N{a}_{ij}(({\omega }_j+m_j{P}_j)-({\omega }_i+m_i{P}_i))\hfill \\ \hfill & & +g_{li}(({\omega }_{ref}+m_i{P}_i)-({\omega }_i+m_i{P}_i))\hfill \\ \hfill & =& \sum _{j=1}^N{a}_{ij}({\omega }_{nj}-{\omega }_{ni})+g_{li}({\omega }_{nref}-{\omega }_{ni})\hfill \end{array}$$

(7)

$$\begin{array}{ccc}\hfill {\dot{V}}_{ni}=u_{vi}& =& \sum _{j=1}^N{a}_{ij}((V_j+n_j{Q}_j)-(V_i+n_i{Q}_i))\hfill \\ \hfill & & +g_{li}((V_{ref}+n_i{Q}_i)-(V_i+n_i{Q}_i))\hfill \\ \hfill & & \sum _{j=1}^N{a}_{ij}(V_{nj}-V_{ni})+g_{li}(V_{nref}-V_{ni})\hfill \end{array}$$

(8)

where ${\omega }_{nref}={\omega }_{ref}+m_i{P}_i$, $V_{nref}=V_{ref}+n_i{Q}_i$ and the power sharing mechanisms $m_i{P}_i$ and $n_i{Q}_i$ are included in the distributed secondary control laws (7) and (8).

The frequency and the voltage of each DG can converge steadily due to the relationship between the active power/reactive power of each DG and its angular frequency/output voltage [25]. That is, to synchronize ${\omega }_i$ and $m_i{P}_i$ / $V_i$ and $n_i{Q}_i$, we can directly synchronize ${\omega }_{ni}$/$V_{ni}$. For convenience, ${\omega }_i$/$V_i$ is used to denote ${\omega }_{ni}$/$V_{ni}$. We consider the local form of discrete-time distributed secondary control laws as

$$\begin{array}{c}\frac{{\omega }_i(k+1)-{\omega }_i\left(k\right)}{T}={\displaystyle \sum _{j=1}^N}{a}_{ij}({\omega }_j\left(k\right)-{\omega }_i\left(k\right))+g_{li}({\omega }_{ref}-{\omega }_i\left(k\right))\end{array}$$

(9)

$$\begin{array}{c}\frac{V_i(k+1)-V_i\left(k\right)}{T}={\displaystyle \sum _{j=1}^N}{a}_{ij}(V_j\left(k\right)-V_i\left(k\right))+g_{li}(V_{ref}-V_i\left(k\right))\end{array}$$

(10)

The compact form combining (9) and (10) is shown as

$$\begin{array}{c}\frac{{\mathit{v}}_{\mathit{i}}(\mathit{k}+\mathbf{1})-{\mathit{v}}_{\mathit{i}}\left(\mathit{k}\right)}{T}={\displaystyle \sum _{j=1}^N}{a}_{ij}({\mathit{v}}_{\mathit{j}}\left(\mathit{k}\right)-{\mathit{v}}_{\mathit{i}}\left(\mathit{k}\right))+g_{li}({\mathit{v}}_{\mathit{l}}\left(\mathit{k}\right)-{\mathit{v}}_{\mathit{i}}\left(\mathit{k}\right))\end{array}$$

(11)

where ${\mathit{v}}_{\mathit{i}}\left(\mathit{k}\right)={[V_i\left(k\right),{\omega }_i\left(k\right)]}^T$ is the voltage and frequency of the ith DG and ${\mathit{v}}_{\mathit{l}}\left(\mathit{k}\right)={[V_{ref},{\omega }_{ref}]}^T$ is the reference voltage and frequency of each DG. T is the sample time of the seaport microgrid. Then, the global form of (11) can be shown as

$$\begin{array}{c}\mathit{v}(\mathit{k}+\mathbf{1})=(-T({\beta }_l\otimes I_e))\mathit{v}\left(\mathit{k}\right)+T({\beta }_l\otimes I_e){\mathit{v}}_{\mathit{wef}}\end{array}$$

(12)

where ${\mathit{v}}_{\mathit{wef}}={\mathbf{1}}_{\mathit{N}}\otimes {\mathit{v}}_{\mathit{l}}$, ${\beta }_l=L+G_l$, and $I_e=diag(1,1)$. In addition, to improve the measurement accuracy of the seaport microgrid, the state estimator is proposed as

$$\left\{\begin{array}{c}\widehat{\mathit{v}}(\mathit{k}+\mathbf{1})=(-T({\beta }_l\otimes I_e))\widehat{\mathit{v}}\left(\mathit{k}\right)+T({\beta }_l\otimes I_e){\mathit{v}}_{\mathit{wef}}+K\mathit{r}(\mathit{k}+\mathbf{1})\hfill \\ \mathit{r}(\mathit{k}+\mathbf{1})=\mathit{y}(\mathit{k}+\mathbf{1})-C(-T({\beta }_l\otimes I_e))\widehat{\mathit{v}}\left(\mathit{k}\right)\hfill \end{array}\right.$$

(13)

where $\widehat{\mathit{v}}(\mathit{k}+\mathbf{1})$ is the estimation result at time $k+1$, $\mathit{y}(\mathit{k}+\mathbf{1})$ is the measurement vector, C is a $2N$-dimensional identity observation matrix. Define $\mathit{r}\left(\mathit{k}\right)$ as the estimation residual, which aims to measure whether FDI attacks can be detected by the ${\chi }^2$ detector. K is the Kalman gain, which can reach the steady state at an exponential speed from any original state [26]. Therefore, K can be solved by (14) and (15)

$$\begin{array}{ccc}\hfill P& =& -T({\beta }_l\otimes I_e)P{(-T({\beta }_l\otimes I_e))}^T+Q\hfill \\ \hfill & & +T({\beta }_l\otimes I_e)P{C}^T{(CP{C}^T+R)}^{-1}CP(-T({\beta }_l\otimes I_e))\hfill \end{array}$$

(14)

$$K=P{C}^T{(CP{C}^T+R)}^{-1}$$

(15)

where Q and R are both $2N$-dimensional positive definite matrices. They represent the covariance of the noise in the seaport microgrid, which can also be used for designing a control strategy without considering noise factors [27].

The strategy shown in (12) can keep the stability of the seaport microgrid. However, considering potential attacks, the strategy changes from (12) to (16):

$${\mathit{v}}^{\mathit{a}}(\mathit{k}+\mathbf{1})=(-T({\beta }_l\otimes I_e)){\mathit{v}}^{\mathit{a}}\left(\mathit{k}\right)+T(({\beta }_l\otimes I_e){\mathit{v}}_{\mathit{wef}}+\delta \left(\mathit{k}\right))$$

(16)

where ${\mathit{v}}^{\mathit{a}}(\mathit{k}+\mathbf{1})$ is the voltage and frequency of DGs under FDI attacks. $\mathit{\delta }\left(\mathit{k}\right)$ is the FDI attack vector. Accordingly, the dynamic expression of the state estimator (13) under FDI attacks is shown as

$$\left\{\begin{array}{c}{\widehat{\mathit{v}}}^{\mathit{a}}(\mathit{k}+\mathbf{1})=(-T({\beta }_l\otimes I_e)){\widehat{\mathit{v}}}^{\mathit{a}}\left(\mathit{k}\right)+T({\beta }_l\otimes I_e){\mathit{v}}_{\mathit{wef}}+K{\mathit{r}}^{\mathit{a}}(\mathit{k}+\mathbf{1})\hfill \\ {\mathit{r}}^{\mathit{a}}(\mathit{k}+\mathbf{1})={\mathit{y}}^{\mathit{a}}(\mathit{k}+\mathbf{1})-C(-T({\beta }_l\otimes I_e)){\widehat{\mathit{v}}}^{\mathit{a}}\left(\mathit{k}\right)\hfill \end{array}\right.$$

(17)

where ${\widehat{\mathit{v}}}^{\mathit{a}}(\mathit{k}+\mathbf{1})$ is the estimation result under FDI attacks, ${\mathit{y}}^{\mathit{a}}(\mathit{k}+\mathbf{1})$ is the measurement vector under FDI attacks and ${\mathit{r}}^{\mathit{a}}\left(\mathit{k}\right)$ is the estimation residual under FDI attacks. From (17), the estimation results will deviate from the ones under normal operation under attacks. In order to reflect the deviation more clearly, we define $\Delta \widehat{\mathit{v}}(\mathit{k}+\mathbf{1})$ and $\Delta \mathit{r}(\mathit{k}+\mathbf{1})$ as the estimation difference and the residual difference, respectively. Combining with (12), (13), (16) and (17), the expression of (17) can be given as

$$\begin{array}{ccc}\hfill \Delta \widehat{\mathit{v}}(\mathit{k}+\mathbf{1})& =& {\widehat{\mathit{v}}}^{\mathit{a}}(\mathit{k}+\mathbf{1})-\widehat{\mathit{v}}(\mathit{k}+\mathbf{1})\hfill \\ \hfill & =& -KC(-T({\beta }_l\otimes I_e))\Delta \widehat{\mathit{x}}\left(\mathit{k}\right)+KC({\mathit{v}}^{\mathit{a}}(\mathit{k}+\mathbf{1})-\mathit{v}(\mathit{k}+\mathbf{1}))\hfill \end{array}$$

(18)

$$\begin{array}{ccc}\hfill \Delta \mathit{r}(\mathit{k}+\mathbf{1})& =& {\mathit{r}}^{\mathit{a}}(\mathit{k}+\mathbf{1})-\mathit{r}(\mathit{k}+\mathbf{1})\hfill \\ \hfill & =& -C(-T({\beta }_l\otimes I_e))\Delta \widehat{\mathit{v}}\left(\mathit{k}\right)+C({\mathit{v}}^{\mathit{a}}(\mathit{k}+\mathbf{1})-\mathit{v}(\mathit{k}+\mathbf{1}))\hfill \end{array}$$

(19)

where ${\mathit{v}}^{\mathit{a}}(\mathit{k}+\mathbf{1})-\mathit{v}(\mathit{k}+\mathbf{1})$ reflects the impact on the voltage and frequency of DGs caused by FDI attacks.

3.3. The Estimation-Dependent FDI Attack on the Seaport Microgrid

In existing works, potential FDI attacks on the microgrid are usually modeled as time-dependent sinusoidal and proportional functions, such as $\mathit{\delta }\left(\mathit{k}\right)=f+bsin\left(ck\right)$. f and b are both constants, and c is a positive integer. Obviously, there exists a arbitrary constant $Con$ which can achieve $∥\mathit{\delta }\left(\mathit{k}\right)∥\le Con$. Specially, if the FDI attack is modeled as $\mathit{\delta }\left(\mathit{k}\right)=f+bk$, it becomes an unbounded attack. Such time-dependent attack modeling methods are indeed reasonable. However, potential adversaries can choose to steal the state estimator parameters to design estimation-dependent attacks. To illustrate the impact of estimation-dependent attack, this subsection designs an algorithm to generate an estimation-dependent FDI attack from the perspective of adversaries, as shown in Algorithm 1. It should be noted that Algorithm 1 needs to satisfy the following assumptions.

Algorithm 1 The estimation-dependent attack for the seaport microgrid

Initialization parameters:

Define $\Delta \widehat{\mathit{x}}\left(\mathbf{0}\right)={\widehat{\mathit{x}}}^{\mathit{a}}\left(\mathbf{0}\right)-\widehat{\mathit{x}}\left(\mathbf{0}\right)$.

Choose an arbitrary $\varphi \in (0,1)$ and a detection threshold $M=2$.

while $k\ge 0$ do

Set $\Delta \widehat{\mathit{x}}\left(\mathbf{0}\right)=0$, $\varphi \left(0\right)=0$;

Calculate $\mathit{\delta }\left(\mathit{k}\right)=\frac{1}{T}[(-T({\beta }_l\otimes I_e))\Delta \widehat{\mathit{x}}\left(\mathit{k}\right)+\varphi \left(k\right)M{\mathit{I}}_{\mathbf{2}\mathit{N}}^{\mathit{s}}]$;

Calculate $\Delta \widehat{\mathit{v}}(\mathit{k}+\mathbf{1})=-KC(-T({\beta }_l\otimes I_e))\Delta \widehat{\mathit{v}}\left(\mathit{k}\right)$

$\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}+KC({\mathit{v}}^{\mathit{a}}(\mathit{k}+\mathbf{1})-\mathit{v}(\mathit{k}+\mathbf{1}))]$;

$\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}k=k+1$;

$\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\varphi \left(k\right)=0.1$;

end while

Assumption 1. 

Attackers have perfect knowledge of the communication topology inside the seaport microgrid.

It should be noted that attackers cannot change the attack abruptly during the generation process due to limited resources [28]. In this case, it is reasonable to consider that $\mathit{\delta }\left(\mathit{k}\right)$ is energy-bounded. That is, the attack grows at a steady or decaying rate. In existing works, the attack is believed to be proportional to the time or the state of the system [19,21,29]. Obviously, unbounded attacks [19,21,29] satisfy the nonstrict convexity. Therefore, we propose Assumption 2 to describe the general characteristic of unbounded attacks.

Assumption 2. 

The estimation-dependent attack satisfies the nonstrictly convex function characteristic $2\mathit{\delta }(\mathit{k}+\mathbf{1})\le \mathit{\delta }\left(\mathit{k}\right)+\mathit{\delta }(\mathit{k}+\mathbf{2})$ after several steps of initialization.

Algorithm 1 generates the estimation-dependent attack as

$$\mathit{\delta }\left(\mathit{k}\right)=\frac{1}{T}[(-T({\beta }_l\otimes I_e))\Delta \widehat{\mathit{v}}\left(\mathit{k}\right)+\varphi \left(k\right)M{\mathit{I}}_{\mathbf{2}\mathit{N}}^{\mathit{s}}]$$

(20)

where ${\mathit{I}}_{\mathbf{2}\mathit{N}}^{\mathit{s}}$ is the sth column of a $2N$-dimensional identity matrix. To be more precise, the selection principle of s is given by [21]. As Algorithm 1 shows, the estimation difference of voltage and frequency is set to zero at $k=0$. Since $\varphi \left(k\right)M{\mathit{I}}_{\mathbf{2}\mathit{N}}^{\mathit{s}}\ne 0$, $\mathit{\delta }\left(\mathit{k}\right)$ will be a nonzero vector in the iterative process, which indicates $\mathit{\delta }\left(\mathit{k}\right)$ can affect the seaport microgrid all the time. When the stability of the seaport microgrid is destroyed, ${\mathit{v}}^{\mathit{a}}(\mathit{k}+\mathbf{1})-\mathit{v}(\mathit{k}+\mathbf{1})$ has a nonzero value, which leads to the divergence of $\Delta \widehat{\mathit{v}}(\mathit{k}+\mathbf{1})$. The diverging $\Delta \widehat{\mathit{v}}(\mathit{k}+\mathbf{1})$ will generate $\mathit{\delta }(\mathit{k}+\mathbf{1})$ at the next time k, which leads to the divergence of $\mathit{\delta }(\mathit{k}+\mathbf{1})$. Thus, both $\mathit{\delta }\left(\mathit{k}\right)$ and $\Delta \widehat{\mathit{v}}\left(\mathit{k}\right)$ will diverge to ∞ eventually.

In fact, when $\Delta \widehat{\mathit{v}}\left(\mathit{k}\right)$ diverges to a certain degree, the seaport microgrid manager will make an outage decision to avoid causing great economic losses. Therefore, to defend against the estimation-dependent attack illustrated in Algorithm 1, a resilient strategy should be proposed.

3.4. Resilient Distributed Secondary Control Strategy Based on a Layered Network

This subsection introduces a virtual network ${\mathsf{\Sigma }}_h$, which interconnects with the original network ${\mathsf{\Sigma }}_c$ to defend against an estimation-dependent attack. Since the virtual network ${\mathsf{\Sigma }}_h$ has no physical meanings, it has a pretty high level of security. The attackers can achieve the goal of destabilizing the seaport microgrid only by injecting limited resources. Therefore, a resilient distributed secondary control strategy using a virtual network is proposed to defend against an estimation-dependent attack on ${\mathsf{\Sigma }}_c$.

As shown in Figure 3, both networks have the same number of nodes, and these nodes can accept reference information. The resilient strategy (21)–(23) is proposed to suppress the estimation-dependent attack launched on the original network ${\mathsf{\Sigma }}_c$.

$${\mathit{v}}^{\mathit{a}}(\mathit{k}+\mathbf{1})=-T({\beta }_l\otimes I_e){\mathit{v}}^{\mathit{a}}\left(\mathit{k}\right)+T(({\beta }_l\otimes I_e){\mathit{v}}_{\mathit{wef}}+\mathit{\delta }\left(\mathit{k}\right)-\widehat{\mathit{\delta }}\left(\mathit{k}\right))$$

(21)

$$\mathit{\phi }(\mathit{k}+\mathbf{1})=-T({\beta }_l\otimes I_e)\mathit{\phi }\left(\mathit{k}\right)+T({\beta }_l\otimes I_e){\mathit{v}}_{\mathit{wef}}$$

(22)

$$\widehat{\mathit{\delta }}(\mathit{k}+\mathbf{1})=T(({\beta }_l\otimes I_e)\mathit{d}\left(\mathit{k}\right)+\widehat{\mathit{\delta }}\left(\mathit{k}\right))$$

(23)

where $\mathit{\phi }\left(\mathit{k}\right)={[{\phi }_1^T\left(k\right),{\phi }_2^T\left(k\right),...,{\phi }_{2N}^T\left(k\right)]}^T$ is the state vector of ${\mathsf{\Sigma }}_h$, $\mathit{d}\left(\mathit{k}\right)={\mathit{v}}^{\mathit{a}}\left(\mathit{k}\right)-\mathit{\phi }\left(\mathit{k}\right)$ is the difference of the state vectors between ${\mathsf{\Sigma }}_c$ and ${\mathsf{\Sigma }}_h$ and $\widehat{\mathit{\delta }}\left(\mathit{k}\right)$ is the attack-compensation vector generated by (21) and (22). Define the error between ${\mathit{v}}^{\mathit{a}}\left(\mathit{k}\right)$ in ${\mathsf{\Sigma }}_c$ and the reference information ${\mathit{x}}_{\mathit{wef}}$ as ${\mathit{d}}_{\mathbf{1}}\left(\mathit{k}\right)$, and the error between $\mathit{\phi }\left(\mathit{k}\right)$ in ${\mathsf{\Sigma }}_h$ and the reference information ${\mathit{x}}_{\mathit{wef}}$ as ${\mathit{d}}_{\mathbf{2}}\left(\mathit{k}\right)$.

$${\mathit{d}}_{\mathbf{1}}\left(\mathit{k}\right)={\mathit{v}}^{\mathit{a}}\left(\mathit{k}\right)-{\mathit{x}}_{\mathit{wef}}$$

(24)

$${\mathit{d}}_{\mathbf{2}}\left(\mathit{k}\right)=\mathit{\phi }\left(\mathit{k}\right)-{\mathit{x}}_{\mathit{wef}}$$

(25)

Assumption 3. 

If there is a path to each other node, the direct graph ς has a spanning tree.

Lemma 1 

(see [30]). Suppose Assumption 3 holds, ${\beta }_l$ is a positive-definite and nonsingular matrix.

Lemma 2 

(see [19]). If $X\in R^{N\times N}$ is a Hurwitz matrix, then $\left[\begin{array}{cc}X& I_N\\ X& 0_N\end{array}\right]\in R^{2N\times 2N}$ is also Hurwitz.

Theorem 1. 

Suppose the estimation-dependent attack (20) satisfying Assumption 1 and Assumption 2, and Assumption 3 holds. The synchronization of DGs under the estimation-dependent attack (20) can be maintained by using the proposed resilient distributed secondary control strategy (21)–(23).

Proof of Theorem 1. 

For the resilient distributed secondary control strategy (21)–(23) against the estimation-dependent attack in Algorithm 1, the stability of the original control layer ${\mathsf{\Sigma }}_c$ (21) should be proven. Since ${\mathit{d}}_{\mathbf{1}}\left(\mathit{k}\right)=\mathit{d}\left(\mathit{k}\right)+{\mathit{d}}_{\mathbf{2}}\left(\mathit{k}\right)$, we prove the stability of $\mathit{d}\left(\mathit{k}\right)$ and ${\mathit{d}}_{\mathbf{2}}\left(\mathit{k}\right)$ in two steps and finally show the stability of the original control layer ${\mathsf{\Sigma }}_c$.

Step 1: From Assumption 1, the estimation-dependent attack can be generated by Algorithm 1. Define $\tilde{\mathit{\delta }}\left(\mathit{k}\right)=\mathit{\delta }\left(\mathit{k}\right)-\widehat{\delta }\left(\mathit{k}\right)={[{\tilde{\delta }}_1^T\left(k\right),{\tilde{\delta }}_2^T\left(k\right),...,{\tilde{\delta }}_{2N}^T\left(k\right)]}^T$, which is the difference between the estimation-dependent attack vector and the attack-compensation vector (23). Then, the expression of $\mathit{d}(\mathit{k}+\mathbf{1})$ can be obtained from (21) and (22) as

$$\mathit{d}(\mathit{k}+\mathbf{1})=-T({\beta }_l\otimes I_e)\mathit{d}\left(\mathit{k}\right)+T\tilde{\mathit{\delta }}\left(\mathit{k}\right)$$

(26)

From (23), the differential relationship between $\tilde{\mathit{\delta }}(\mathit{k}+\mathbf{1})$ and $\tilde{\mathit{\delta }}\left(\mathit{k}\right)$ is

$$\tilde{\mathit{\delta }}(\mathit{k}+\mathbf{1})-\tilde{\mathit{\delta }}\left(\mathit{k}\right)=-T({\beta }_l\otimes I_e)\mathit{d}\left(\mathit{k}\right)+T(\mathit{\delta }(\mathit{k}+\mathbf{1})-\mathit{\delta }\left(\mathit{k}\right))$$

(27)

To be more convenient, integrate (26) and (27) into a compact matrix form as

$$\left[\begin{array}{c}\mathit{d}(\mathit{k}+\mathbf{1})\hfill \\ \tilde{\mathit{\delta }}(\mathit{k}+\mathbf{1})\hfill \end{array}\right]=\left[\begin{array}{cc}-T({\beta }_l\otimes I_e)& I_{2N}\\ -T({\beta }_l\otimes I_e)& 0_{2N}\end{array}\right]\left[\begin{array}{c}\mathit{d}\left(\mathit{k}\right)\hfill \\ \tilde{\mathit{\delta }}\left(\mathit{k}\right)\hfill \end{array}\right]+\left[\begin{array}{c}{0}_{2N}\hfill \\ T\left(\mathit{\delta }\right(\mathit{k}+\mathbf{1})-\mathit{\delta }(\mathit{k}\left)\right)\hfill \end{array}\right]$$

(28)

Define $\mathit{r}\left(\mathit{k}\right)={[{\tilde{\delta }}^T\left(k\right),d^T\left(k\right)]}^T$. The relationship between $\mathit{r}(\mathit{k}+\mathbf{1})$ and $\mathit{r}\left(\mathit{k}\right)$ is $\mathit{r}(\mathit{k}+\mathbf{1})=\mathsf{\Phi }\mathit{r}\left(\mathit{k}\right)+\left[\begin{array}{c}{0}_{2N}\hfill \\ T\left(\mathit{\delta }\right(\mathit{k}+\mathbf{1})-\mathit{\delta }(\mathit{k}\left)\right)\hfill \end{array}\right]$, where $\mathsf{\Phi }=\left[\begin{array}{cc}-T({\beta }_l\otimes I_e)& I_{2N}\\ -T({\beta }_l\otimes I_e)& 0_{2N}\end{array}\right]$. A Lyapunov function is chosen as

$$V_1\left(k\right)={\left[T(\mathit{\delta }(\mathit{k}+\mathbf{1})-\mathit{\delta }\left(\mathit{k}\right))\right]}^T\left[T(\mathit{\delta }(\mathit{k}+\mathbf{1})-\mathit{\delta }\left(\mathit{k}\right))\right]$$

(29)

From Assumption 2, $\Delta V_1={∥\mathit{\delta }(\mathit{k}+\mathbf{2})-\mathit{\delta }(\mathit{k}+\mathbf{1})∥}^2-{∥\mathit{\delta }(\mathit{k}+\mathbf{1})-\mathit{\delta }\left(\mathit{k}\right)∥}^2\le 0$. A Lyapunov function is chosen as

$$V_2\left(k\right)={\mathit{r}}^{\mathit{T}}\left(\mathit{k}\right)P_s\mathit{r}\left(\mathit{k}\right)+V_1\left(k\right)$$

(30)

where $P_s>0$ is a symmetric matrix. The differential form of (30) is shown as

$$\begin{array}{ccc}\hfill V_2(k+1)-V_2\left(k\right)& = & {\mathit{r}}^{\mathit{T}}(\mathit{k}+\mathbf{1})P_s\mathit{r}(\mathit{k}+\mathbf{1})-{\mathit{r}}^{\mathit{T}}\left(\mathit{k}\right)P_s\mathit{r}\left(\mathit{k}\right)+V_1(k+1)-V_1\left(k\right)\hfill \\ \hfill & = & \left(\mathsf{\Phi }\mathit{r}\left(\mathit{k}\right){)}^T{P}_s\right(\mathsf{\Phi }\mathit{r}\left(\mathit{k}\right))-{\mathit{r}}^{\mathit{T}}\left(\mathit{k}\right)P_s\mathit{r}\left(\mathit{k}\right)\hfill \\ \hfill & & +T^2{∥\delta (k+2)-\delta (k+1)∥}^2-T^2{∥\delta (k+1)-\delta \left(k\right)∥}^2\hfill \\ \hfill & = & {\mathit{r}}^{\mathit{T}}\left(\mathit{k}\right)({\mathsf{\Phi }}^T{P}_s\mathsf{\Phi }-P_s)\mathit{r}\left(\mathit{k}\right)\hfill \\ \hfill & & +T^2{∥\delta (k+2)-\delta (k+1)∥}^2-T^2{∥\delta (k+1)-\delta \left(k\right)∥}^2\hfill \\ \hfill & = & -{\mathit{r}}^{\mathit{T}}\left(\mathit{k}\right)Q_s\mathit{r}\left(\mathit{k}\right)\hfill \\ \hfill & & +T^2({∥\delta (k+2)-\delta (k+1)∥}^2-{∥\delta (k+1)-\delta \left(k\right)∥}^2)\hfill \end{array}$$

(31)

From Assumption 3 and Lemma 1, since ${\beta }_l$ is positive-definite, $-T({\beta }_l\otimes I_e)$ is Hurwitz. From Lemma 2, $\mathsf{\Phi }=\left[\begin{array}{cc}-T({\beta }_l\otimes I_e)& I_{2N}\\ -T({\beta }_l\otimes I_e)& 0_{2N}\end{array}\right]$ is also Hurwitz. Thus, there exists a symmetric positive matrix $P_s$, which makes ${\mathsf{\Phi }}^T{P}_s\mathsf{\Phi }-P_s=-Q_s<0$ for any symmetric positive matrix $Q_s$. From Assumption 2, ${∥\mathit{\delta }(\mathit{k}+\mathbf{2})-\mathit{\delta }(\mathit{k}+\mathbf{1})∥}^2-{∥\mathit{\delta }(\mathit{k}+\mathbf{1})-\mathit{\delta }\left(\mathit{k}\right)∥}^2\le 0$. Therefore, $\Delta V_2<0$ can be given after the initial time.

Step 2: To prove the stability of the virtual layer ${\mathsf{\Sigma }}_v$ (22), the differential form of ${\mathit{d}}_{\mathbf{2}}\left(\mathit{k}\right)$ can be written as ${\mathit{d}}_{\mathbf{2}}(\mathit{k}+\mathbf{1})=-T({\beta }_l\otimes I_e){\mathit{d}}_{\mathbf{2}}\left(\mathit{k}\right)$. Let $V\left(k\right)={\mathit{d}}_{\mathbf{2}}^{\mathit{T}}\left(\mathit{k}\right)P_h{\mathit{d}}_{\mathbf{2}}\left(\mathit{k}\right)$, and the differential form is shown as

$$\begin{array}{ccc}\hfill \Delta V& = & {\mathit{d}}_{\mathbf{2}}^{\mathit{T}}(\mathit{k}+\mathbf{1})P_h{\mathit{d}}_{\mathbf{2}}(\mathit{k}+\mathbf{1})-{\mathit{d}}_{\mathbf{2}}^{\mathit{T}}\left(\mathit{k}\right)P_h{\mathit{d}}_{\mathbf{2}}\left(\mathit{k}\right)\hfill \\ \hfill & = & {\mathit{d}}_{\mathbf{2}}^{\mathit{T}}\left(\mathit{k}\right){(-T({\beta }_l\otimes I_e))}^T{P}_h(-T({\beta }_l\otimes I_e)){\mathit{d}}_{\mathbf{2}}\left(\mathit{k}\right)\hfill \\ \hfill & & -{\mathit{d}}_{\mathbf{2}}^{\mathit{T}}\left(\mathit{k}\right)P_h{\mathit{d}}_{\mathbf{2}}\left(\mathit{k}\right)\hfill \\ \hfill & = & {\mathit{d}}_{\mathbf{2}}^{\mathit{T}}\left(\mathit{k}\right)({(-T({\beta }_l\otimes I_e))}^T{P}_h(-T({\beta }_l\otimes I_e))-P_h){\mathit{d}}_{\mathbf{2}}\left(\mathit{k}\right)\hfill \\ \hfill & = & -{\mathit{d}}_{\mathbf{2}}^{\mathit{T}}\left(\mathit{k}\right)Q_h{\mathit{d}}_{\mathbf{2}}\left(\mathit{k}\right)\hfill \end{array}$$

(32)

Since $-T({\beta }_l\otimes I_e)$ is Hurwitz, the positive symmetric matrix $P_h$ can achieve $-Q_h<0$. As a result, $\Delta V<0$. The stability of the virtual layer ${\mathsf{\Sigma }}_h$ can be proven.

Step 1 and Step 2 show that the original control layer ${\mathsf{\Sigma }}_c$ (21) and the virtual layer ${\mathsf{\Sigma }}_h$ (22) are both stable under the estimation-dependent attack. Thus, the resilient strategy (21)–(23) can defend against the estimation-dependent attack effectively. This completes the proof of Theorem 1. □

4. Case Study

The test seaport microgrid with six DGs and loads in Figure 4 was used to validate the effectiveness of the proposed resilient strategy to suppress attacks. The transmission lines between the inverter-based DGs were considered to be inductive, and the loads connected to the seaport microgrid through the AC bus. The DGs exchanged neighboring information through communication networks, and the relationship between the layered network and attackers is shown in Figure 4. The rated parameters of the test microgrid were the parameters in [23], as shown in

Table 1. Setting of the test seaport microgrid and Algorithm 1.

Symbol	Parameters
DG1,DG2,DG3	9 kVA
DG4,DG5,DG6	7 kVA
Lines	$R=0.23\mathrm{\Omega },L=318$$\mathsf{\mu }$H
Loads	$R=3\mathrm{\Omega },L=0.0064$ H
T	$0.001$ s
N	6
M	2
$\sigma$	$0.1$
$a_{ij}$	10
$g_{li}$	1
$I_{2N}^s$	${[0,0,1,0,0,0,0,0,0,0,0,0]}^T$
$v_{wef}$	[380 V, 50 Hz]${}^T$
C	$I_{12}$
Q	$diag(0.001,0.001,0.001,0.01,0.01,0.01,0.001,0.001,0.001,0.01,0.01,0.01)$
R	$diag(0.1,0.1,0.1,0.2,0.2,0.2,0.1,0.1,0.1,0.2,0.2,0.2)$

.

4.1. Case 1: The Effectiveness of the Proposed Strategy under Load Disturbance and No Attacks

This case study provides simulation cases to illustrate the applicability of the proposed strategy when there exists a load disturbance and no attacks. As shown in Figure 4, loads 1–5 of the seaport microgrid are connected to the seaport microgrid at the initial time, while load 6 is disconnected. When $k=20$, load 6 is connected to the seaport microgrid, and load 5 is disconnected from the seaport microgrid when $k=60$. The voltage performance of each DG during this period is shown in Figure 5. From the simulation results, it can be seen that the proposed strategy can maintain the voltage stability after a short period of fluctuation, regardless of whether the load is connected or disconnected. Obviously, it shows that the proposed strategy is also applicable under the normal operation of load disturbance and no attacks.

4.2. Case 2: The Impact of Designed Estimation-Dependent Attack

This case study provides simulation cases to show the impact of an estimation-dependent attack on the seaport microgrid using the state-of-art resilient strategy in [17]. For this purpose, the generation process of the designed estimation-dependent attack is shown in Figure 6. It can be observed that the unbounded attack initializes at $k=20$ and then diverges to ∞ rapidly.

Before the estimation-dependent attack is launched on the control layer, the voltage trajectories converge to the reference voltage of 380 V. When the estimation-dependent attack initializes in the control layer at $k=20$, the voltage trajectories diverge to 400 V gradually, as shown in Figure 7. Obviously, the voltage amplitude exceeds the allowable range 380 V $\times (1\pm 5\%)$. This implies the estimation-dependent attack launched on the control layer destroys the consensus performance of DGs, and the resilient strategy in [17] cannot suppress the impact caused by the attack.

Furthermore, it can be observed from Figure 8 that the voltage estimation difference also diverges to ∞ with increasing iterations due to the abnormal consensus performance shown in Figure 7. This is because $v^a\left(k\right)-v\left(k\right)\ne 0$ in (18) makes the iteration process of $\Delta \widehat{v}\left(k\right)$ diverge.

The diverged voltage estimation at time k accelerates the divergence of the estimation-dependent attack at time $k+1$. Then, the diverged estimation-dependent attack at time $k+1$ accelerates the divergence of $\Delta \widehat{v}\left(k\right)$ at time $k+2$. In this way, both the estimation-dependent attack and $\Delta \widehat{v}\left(k\right)$ diverge to ∞ with the increasing number of iterations.

The results show that the estimation-dependent attack can be generated dynamically by the diverging voltage estimation difference, which has a stronger destructiveness compared with time-dependent and state-dependent attacks. Furthermore, the strategy in [17] cannot maintain the consensus performance of the DGs under the estimation-dependent attack.

4.3. Case 3: The Effectiveness of Proposed Strategy against the Estimation-Dependent Attack

This case study prefers to focus on the effectiveness of the proposed strategy (21)–(23) against the estimation-dependent attack. As shown in Figure 9, the voltage of each DG still converges to 380 V under the estimation-dependent attack by using the proposed strategy. Compared with the strategy in [17], this shows the proposed strategy can suppress the impact caused by the estimation-dependent attack.

Furthermore, since $v^a(k+1)-v(k+1)$ in (18) is close to zero after the estimation-dependent attack initializes at $k=20$, the estimation difference $\Delta \widehat{v}\left(k\right)$ can be suppressed greatly during the iterative process in Figure 10. This implies that the proposed strategy can not only suppress the impact of the estimation-dependent attack on the consensus performance, but also protect the state estimator in the seaport microgrid.

In addition, Figure 11 shows both the amplitude and divergence speed of the unbounded estimation-dependent attack are greatly suppressed. This is because the estimation difference $\Delta \widehat{v}\left(k\right)$ is suppressed greatly by using the proposed strategy.

As a result, the proposed strategy can maintain the consensus performance of the DGs. Then, the estimation function of the state estimator is guaranteed due to the normal consensus performance. Finally, the estimation-dependent attack generated by estimation difference $\Delta \widehat{v}\left(k\right)$ is greatly suppressed.

4.4. Case 4: The Effectiveness of the Proposed Strategy under a Time-Dependent Attack

To validate the generality of the proposed strategy against FDI attacks, this case study takes a time-dependent attack as an example. The time-dependent attack can be modeled as

$$\mathit{\theta }\left(\mathit{k}\right)=[{20\sin \left(2\mathrm{k}\right),0,20\sin \left(\mathrm{k}\right),0,20\sin \left(\mathrm{k}\right),0,20\sin \left(\mathrm{k}\right),0,20\sin \left(2\mathrm{k}\right),0,20\sin \left(\mathrm{k}\right),0]}^T$$

(33)

When large enough bounded time-dependent attacks initialize in the control layer at $k=20$ using the strategy in [17], the additional sinusoidal attack signal is reflected in the voltage performance of the DGs shown in Figure 12A, which makes the voltage amplitude close to 400 V beyond the allowable fluctuation range 380 V $\times (1\pm 5\%)$.

When using the proposed strategy, the voltage can be maintained within the allowable fluctuation range 380 V $\times (1\pm 5\%)$, as shown in Figure 12B. Compare with the strategy in [17], the proposed strategy is superior to defend against the large-enough bounded time-dependent attack, which can suppress the voltage fluctuation in the allowed range.

Accordingly, when using the strategy in [17], the estimation results under the bounded time-dependent attack deviate from the normal results by nearly 20 V, as shown in Figure 13A. Furthermore, the deviations using the proposed strategy can be suppressed to nearly 0.02 V, as shown in Figure 13B. Since the strategy in [17] cannot defend against the impact of bounded time-dependent attacks on the state estimator, it directly provides a vulnerability for attackers to design estimation-dependent attacks.

In conclusion, all the simulation cases validated that the proposed strategy had better performance than the one in [17] when facing with estimation-dependent and time-dependent FDI attacks. Compared with the strategy in [17], the proposed strategy could maintain the seaport microgrid’s stability under an estimation-dependent attack and suppress the voltage fluctuation within the rated range under a time-dependent attack. That is, the proposed strategy had a general ability to defend against various FDI attacks.

5. Conclusions

This paper proposed a distributed resilient secondary control strategy against estimation-dependent FDI attacks on a seaport microgrid. A polymorphic seaport microgrid was established to exchange various types of data packets for the heterogeneous DGs. Considering that the state estimator was essential to improve the measurement accuracy for the seaport microgrid under complex weather environment, an estimation-dependent attack generated by stolen estimator parameters was designed from the perspective of attackers. To defend against an estimation-dependent attack dynamically changing with the estimation results, the proposed strategy made the control layer interconnect with the virtual layer to generate an attack compensation vector. The proposed resilient strategy could make the tracking error ${\mathit{d}}_{\mathbf{1}}\left(\mathit{k}\right)$ asymptotically stable under the estimation-dependent attack. Finally, simulation cases were used to validate the effectiveness of the proposed strategy compared with the strategy in [17].