Assessing the Cyber Threat Landscape for Virtual Power Plants

  • Georgios Gkoktsis Fraunhofer SIT, ATHENE
Keywords: Virtual Power Plants, Cyber-Physical Security, Smart Grid Security


Virtual Power Plants (VPPs) aggregate and coordinate Distributed Energy Resources (DER) as a single entity aiding in decarbonization of the energy generation mix. The infrastructure of VPPs relies heavily on rigorous and accurate exchange of information between the DER and the VPP, as well as other grid entities. This exposes them to possible cyber threats that impede their functions and can have negative impacts on the stability and reliability of the grid. In this paper, the threat landscape is evaluated against threats that affect VPPs. A heuristic method of assessing the impact and likelihood of attacks is constructed based on a) proposed methods in literature, b) standardization bodies, and c) in relation to a VPPs security profile. Our findings indicate that False Data Injection attacks are posing the greatest risk, competing with disruption of their functions due to Denial of Service.



Download data is not yet available.


G. Plancke, K. De Vos, R. Belmans, and A. Delnooz, “Virtual power plants: Definition, applications and barriers to the implementation in the distribution system,” Int. Conf. Eur. Energy Mark. EEM, vol. 2015-Augus, 2015, doi: 10.1109/EEM.2015.7216693.

CEN/CENELEC/ETSI Joint Working Group on Standards for Smart Grids, “CEN-CENELEC-ETSI Smart Grid Coordination Group: Smart Grid Information Security,” no. November, pp. 1–107, 2012, [Online]. Available:

J. Guo, Y. Han, C. Guo, F. Lou, and Y. Wang, “Modeling and vulnerability analysis of cyber-physical power systems considering network topology and power flow properties,” Energies, vol. 10, no. 1, pp. 1–21, 2017, doi: 10.3390/en10010087.

X. Gao, X. Li, and X. Yang, “Robustness assessment of the cyber-physical system against cascading failure in a virtual power plant based on complex network theory,” Int. Trans. Electr. Energy Syst., no. June, pp. 1–27, 2021, doi: 10.1002/2050-7038.13039.

Robert M. Lee, Michael J. Assante, and Tim Conway, “Analysis of the Cyber Attack on the Ukrainian Power Grid Defense Use Case,” Ics.Sans.Org, pp. 2–11, 2016, [Online]. Available:

Dragos Inc., “TRISIS Malware,” pp. 1–19, 2017, [Online]. Available:

O. T. Soyoye and K. C. Stefferud, “Cybersecurity Risk Assessment for California’s Smart Inverter Functions,” 2019 IEEE CyberPELS, CyberPELS 2019, 2019, doi: 10.1109/CyberPELS.2019.8925257.

M. Touhiduzzaman, S. N. G. Gourisetti, C. Eppinger, and A. Somani, “A Review of Cybersecurity Risk and Consequences for Critical Infrastructure,” Proc. - 2019 Resil. Week, RWS 2019, pp. 7–13, 2019, doi: 10.1109/RWS47064.2019.8971975.

L. Marinos, “European Union Agency for Network and Information Security Smart Grid Threat Landscape and Good Practice Guide Smart Grid Threat Landscape and Good Practice Guide About ENISA Smart Grid Threat Landscape and Good Practice Guide,” no. December, 2013.

NESCOR, “Electric Sector Failure Scenarios and Impact Analyses – Version 3.0,” no. December, 2015, [Online]. Available: Failure Scenarios v3 12-11-15.pdf.

E. P. R. I. (EPRI), “Analysis of Selected Electric Sector High Risk Failure Scenarios National Electric Sector Cybersecurity Organization Resource ( NESCOR ) Technical Working Group 1 First Version,” no. September, 2013.

W. G. Temple, Y. Li, B. A. N. Tran, Y. Liu, and B. Chen, “Railway system failure scenario analysis,” Lect. Notes Comput. Sci. (including Subser. Lect. Notes Artif. Intell. Lect. Notes Bioinformatics), vol. 10242 LNCS, pp. 213–225, 2017, doi: 10.1007/978-3-319-71368-7_18.

B. J. Kang et al., “Investigating cyber-physical attacks against IEC 61850 photovoltaic inverter installations,” IEEE Int. Conf. Emerg. Technol. Fact. Autom. ETFA, vol. 2015-Octob, 2015, doi: 10.1109/ETFA.2015.7301457.

S. Jauhar et al., “Model-Based Cybersecurity Assessment with NESCOR Smart Grid Failure Scenarios,” Proc. - 2015 IEEE 21st Pacific Rim Int. Symp. Dependable Comput. PRDC 2015, pp. 319–324, 2016, doi: 10.1109/PRDC.2015.37.

Cyber Trust, “D2 . 1 Threat landscape : trends and methods,” no. 2018, p. 250, 2020.

J. Johnson, J. Flicker, A. Castillo, and C. Hansen, “Design and Implementation of a Secure Virtual Power Plant,” no. September, pp. 243–287, 2017, doi: 10.13140/RG.2.2.36603.62244.

S. M. S. Hussain, T. S. Ustun, and A. Kalam, “A Review of IEC 62351 Security Mechanisms for IEC 61850 Message Exchanges,” IEEE Trans. Ind. Informatics, vol. 16, no. 9, pp. 5643–5654, 2020, doi: 10.1109/TII.2019.2956734.

J. Marron, A. Gopstein, N. Bartol, and V. Feldman, “Cybersecurity framework smart grid profile,” p. 142, 2019, [Online]. Available:

NEMO Commitee, “SDAC report on the ‘partial decoupling’ incident of June 7th 2019,” 2019.

N. Kush, E. Ahmed, M. Branagan, and E. Foo, “Poisoned GOOSE: Exploiting the GOOSE protocol,” Conf. Res. Pract. Inf. Technol. Ser., vol. 149, pp. 17–22, 2014.

S. Amini, H. Mohsenian-Rad, and F. Pasqualetti, “Dynamic load altering attacks in smart grid,” 2015 IEEE Power Energy Soc. Innov. Smart Grid Technol. Conf. ISGT 2015, pp. 1–5, 2015, doi: 10.1109/ISGT.2015.7131791.

T. O. Olowu, S. Dharmasena, H. Jafari, and A. Sarwat, “Investigation of False Data Injection Attacks on Smart Inverter Settings,” 2020 IEEE CyberPELS, CyberPELS 2020, no. January 2021, 2020, doi: 10.1109/CyberPELS49534.2020.9311541.

R. Lin et al., “False Data Injection Attacks against State Estimation in AC-DC Hybrid Power System,” Chinese Control Conf. CCC, vol. 2020-July, pp. 4302–4306, 2020, doi: 10.23919/CCC50068.2020.9189440.

A. Giani, E. Bitar, M. Garcia, M. McQueen, P. Khargonekar, and K. Poolla, “Smart grid data integrity attacks: Characterizations and Countermeasures,” IEEE Trans. Smart Grid, vol. 4, no. 3, pp. 1244–1253, 2013, doi: 10.1109/TSG.2013.2245155.

J. G. Wright and S. D. Wolthusen, “Limitations of IEC62351-3’s public key management,” Proc. - Int. Conf. Netw. Protoc. ICNP, vol. 2016-Decem, no. HotPNS, pp. 1–6, 2016, doi: 10.1109/ICNP.2016.7785322.

A. Vempaty, L. Tong, and P. K. Varshney, “Distributed inference with Byzantine data: State-of-the-art review on data falsification attacks,” IEEE Signal Process. Mag., vol. 30, no. 5, pp. 65–75, 2013, doi: 10.1109/MSP.2013.2262116.

F. Milano and M. Anghel, “Impact of time delays on power system stability,” IEEE Trans. Circuits Syst. I Regul. Pap., vol. 59, no. 4, pp. 889–900, 2012, doi: 10.1109/TCSI.2011.2169744.

M. Elkhatib, J. Johnson, and D. Schoenwald, “Virtual Power Plant Feedback Control Design for Fast and Reliable Energy Market and Contingency Reserve Dispatch,” pp. 2969–2974, 2018, doi: 10.1109/pvsc.2017.8366393.

How to Cite
G. Gkoktsis, “Assessing the Cyber Threat Landscape for Virtual Power Plants”, LAJC, vol. 9, no. 2, pp. 22-35, Jul. 2022.
Research Articles for the Regular Issue