Introduction

Internet of things (IoT) by propagation of electronic devices and internet facilities via communications is one of the main reasons for attackers to send malwares to control signals derived via control loops and also, measurement data in cyber physical microgrids (MGs) [1, 2]. In the other words, cyber attacks could affect on sensors and actuators [3]. The destructive effects cause by cyber attacks directly threaten cyber security, meanwhile the mitigation methods must be proposed to solve this problem, effectively. In MGs as the cyber physical systems (CPSs), improving cyber security is indispensable. As the important kinds of attacks, false data injection attacks (FDIAs) [4] are the prevalent cyber attacks which influence in MGs by injecting false data including constant values, periodic and noisy values to healthy data. The other important attack which would be able to cause malicious effects is known as denial of service (DoS) [5], by disconnecting the service of the attacked signal or data and enforcing problems on availability. In the other kind of attacks similar to FDIA, different false data are completely replaced by the healthy data [6] which cause the corruption of confidentiality. It must to be mentioned cyber attack and cyber security investigation are mainly considered in the secondary level of hierarchical control in MGs [7, 8].

Various researches are carried out about cyber attack subjects in wind power generation [9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26]. However, the relative literatures specialized in the field of cyber attack detection and mitigation in wind power plants in the view point of power studies and power management system are limited [18,19,20,21,22,23,24,25,26].

In Refs. [9, 10], the main goals are on the reliability assessment and evaluation incorporating the wind farm cyber security. In these articles, the kind of important attacks such as FDIA and/or DoS are not discussed; hence, the reliability indices are considered. The article [11] is merely devoted to the control strategy of wind turbine (WT) considering the time delay attacks by flooding the communication link between the rotor speed sensor and the relative controller. The suggested control method is based on the adaptive observer using the one mass mechanical model. The wind speed regime is chosen in the range of [4.5 6.5] m/s which could not support the higher speeds to validate the performance of the method, well. Generalities discussions of cyber attacks for the cyber physical model of WTs without expressing the kinds of attacks, is the main issue in [12]. This is done by focusing on the supervisory control and data acquisition (SCADA) system model for monitoring the wind farm. The authors of Ref. [15] proposed an anomaly detection mechanism for FDIA according to the combination of physics and machine learning approaches for WT. The principles of this method are based applying observation, preprocessing, feature engineering, physics-based model and also, iForest model. Limited results without monitoring the important parameters including power, frequency and voltage are shown in this article. Ref. [14] just presented an analysis about cyber attacks in wind energy based power system. In this regard, the FDIA is considered without noticing the kind of generators in the wind farm. Also, the obtained results are limited. The research study in [15] is about the issue of cyber attacks against wind farm sensor systems. An observer based on the adaptive control is defined; hence, the adequate results are not shown to complete this research. A virtualized cyber physical wind energy site for studying the impact of cyber security and resiliency, is the objective of [16]. In this regard, the WT generators are simulated by a single wind generator in the original ACTIVSg2000 model. The kinds of attacks are as manipulation of control, DoS and adversary performance of wind site reconnaissance. The experimental results are obtained via the tables for the cost–benefit analysis and cyber hardening technology impact on the load and remote chains. Finally, in the point of view of SCADA system in wind farm, an analysis on cyber security regard to the market research and computer crime is carried out in [17].

Based on Ref. [18], the robust method using the linear matrix inequality (LMI) is presented to mitigate the destructive effects of FDIA for the doubly fed induction generators (DFIGs) in the wind park composed of 266 generators. The attacks are categorized into two groups including the internal and external cyber attacks. The static subsynchronous damping controller (SSDC) is applied for the both inner and outer attacks. Moreover, to recognize the cyber conditions, the residues definition is used and thresholds are defined as the detection scheme. More than one hundred WT generators are considered in [19] to investigate a remedial action against the FDI and DoS attacks by solving the LMI conditions. Hence, the recognition tool is based on using the observers in combination with the fuzzy control. The results are obtained via EMPT software and a co-simulation platform. Another work [20] for WT DFIGs in a 400 MW wind park, is devoted to the kinds of FDIAs and HjAs. To suppress the cyber effects, the conventional droop control is expressed. Moreover, for the detection scheme of the attacks, the firewall approach is suggested. The results for validation are just shown for the frequency and rotor speed profiles in MATLAB/Simulink. Badihi, et al., proposed an adaptive control approach according to the fuzzy reference model in order to reduce the FDIA effects on the active power profile in a wind farm without noticing the kind of generators. Moreover, the detection scheme in this article is realized by in line monitoring and firewall [21]. The impact of manipulating parameters in the offshore wind farm comprised the squirrel cage induction generators is the research objective of [22]. In this test system, the array of WT generators is connected to the grid via two connection links. First link is connected by the AC subsea export cable and the other one is formed via the DC subsea cable, AC/DC and DC/AC converters. The pertinent results are demonstrated for the active/reactive power, rotor speed, pitch angle and DC link voltage profiles. Resilient load frequency control for the islanded ACMG which is built by the single DGs such as solar cell, WT, fixed capacitor and diesel generator is suggested against the DoS attack [23]. According to this method, the robust \({H}_{\infty }\) based on the variable Lyapunov analysis is presented. Furthermore, the detecting approach is done by applying the piecewise observer and linearizing the state space model. In the experimental work related to the FDIA in an ACMG composed of WT, solar cell, battery and super capacitor [24], the mitigation scheme is realized by minimizing the cost function of the active power for all the distributed generators (DGs) in the MG. Meanwhile, the estimator error is used as the weighted matrix for the hidden layers of the neural network to diagnose the FDIA conditions. In the research presented by the authors of [25], a detection approach for the wind farm connected to the grid against the FDIA is discussed. The detecting process is based on the margin setting algorithm (MSA). The validation setup is constructed in MATLAB considering a wind farm with the rated power of 24 kW and the experimental data sets are also collected to complete the verification process. In [26], the identification of FDIA considering the impact of wind generation is carried out. The proposed algorithm is based on calculating the variance index in addition to a fuzzy c-means clustering scheme. Simulations are done in the IEEE 34-bus system with 18 MW wind farm, without noticing the kind of WT generators. In the references addressed in this paragraph, the majority of research studies have concentrated on the just FDIA or FDIA and DoS attacks, except than Ref. [20] which considered FDIA and HjA. Meanwhile, in Refs. [20] and [25], the detection methods are suggested; hence, in [22], there is not any solution for detection or mitigation of cyber attacks. In our study, three kinds of attacks including FDIA, HjA and DoS are paid attention and the new detection and nonlinear mitigation methods are expressed.

Widespread application of DFIGs [27] in wind power plants due to its high controllability is a good reason for investigating cyber attacks effects and remedial actions in sustainable energy production based on applying DFIGs. In this regard and because of research gaps in cyber security enhancement in DFIGs, we have motivated to concentrate on the cyber attacks problems in this kind of generator in the viewpoint of power studies and to suggest an effective solution while the targets of attacks are on the active power and rotor speed profiles. Following this goal, a solution is based on applying the virtual inertia concept considering the two mass mechanical model to mitigate the destructive effects of various important cyber attacks. Hence, because of appearing the nonlinear behavior which would be caused during the cyber conditions in the generator parameters, the proposed virtual inertia control (VIC) is improved by the nonlinear backstepping control scheme in the rotor side converter (RSC). This paper aims to contribute the following items:

  1. 1)

    Proposing an advantageous detection scheme by applying the ISE criterion.

  2. 2)

    Broadening a nonlinear backstepping based on VIC.

  3. 3)

    Ability to develop the proposed method for the other kinds of ACMGs such as inverter-based MGs, type 4 wind turbine generators MG and hybrid MGs.

The organization of this paper is as follows: Section 2 is devoted to the principles of the proposed method. The verification based on the obtained results via MATLAB/Simulink software is done in Section 3 and finally, the conclusions from this research are collected in Section 4.

Mitigation of Cyber Attacks Using Nonlinear Virtual Inertia Control

FDIA, DoS and HjA Mathematical Models

In the first step and before presenting the principles of the proposed method, the useful mathematical model of various cyber attacks applied in MGs are introduced, here [28,29,30]:

$$\begin{array}{c}FDIA:{x}^{att}=x+\alpha \Delta \\ DoS:{x}^{att}=(1-\alpha )x\\ HjA:{x}^{att}=(1-\alpha )x+\alpha \Delta \end{array}$$
(1)

In which, \({x}^{att}\), x, \(\alpha\) are the attacked signal/data, healthy signal/data attack and the flag to identify the initiation of attacks. By \(\alpha\)=1, the attack is launched and \(\alpha\)=0 means there is not attacks. HjA is a combination of FDIA and denial of service (DoS) attack which has similarities to FDIA and DoS in the modeling. However, realization of FDIA seems to be simpler than HjA. Equation (1) expresses the important cyber attacks harm the integrity, availability and also, confidentiality of the target signals.

Introduction to Backstepping Control

One of the powerful nonlinear control methods so called backstepping is introduced in 1990 to design stable controls for a class of nonlinear dynamic systems. This method is recursive to stabilize the origin of the system using a strict feedback form. Therefore, backstepping approach determines how to stabilize the subsystems modeled by the states and in the presence of changes in variables. Moreover, backstepping control links the Lyapunov based stability benchmark with the feedback controller thus, the guarantee of global asymptotic stability is reached. This method is flexible to realize for a two dimension linear system to a three dimension jerk chaotic system [31]. Suppose the nonlinear system described by Eq. (2):

$$\begin{array}{cc}\dot{e}={e}^{4}+{\text{sin}}\left(e\right)+\eta & \dot{\eta }=u\end{array}$$
(2)

where, e and \(\eta\) are the states and u is a backstepping control to be designed. Let's call \(\eta\) the virtual control. To find the stabilizing control law, a choice is:

$$\begin{array}{cc}\eta =-{e}^{4}-{\text{sin}}\left(e\right)-ke& k\succ 0\end{array}$$
(3)

Substituting (2) in (1):

$$\stackrel{.}{e}=ke$$
(4)

Then, the Lyapunov function is selected by

$$v={~}^{1}\!\left/ \!{~}_{2}\right.{e}^{2}$$
(5)

To prove the stability, the derivative of v must be globally negative definite on \({R}^{2}\). According to Eq. (6) the stability is reached.

$$\stackrel{.}{v}=e\stackrel{.}{e}=-k{e}^{2}\prec 0$$
(6)

Virtual Inertia Strategy

In recent years, applying VIC method is broadened in MGs [32,33,34]. The concept of VIC is utilized in low inertia systems such as MGs to improve the inertia level. Moreover, this method is a supplementary control to release or absorb kinetic energy of rotary elements by changing frequency. As an important result, VIC can improve the frequency stability and transient response characteristic of DFIGs. In [32], the VIC for the DFIG is suggested by:

$${P}_{stotal}^{*}={P}_{s}^{*}+{k}_{p}({f}_{sys}^{*}-{f}_{sys})-{k}_{d}\stackrel{.}{{f}_{s}}$$
(7)

Here, \({P}_{stotal}^{*}\), \({P}_{s}^{*}\), \({f}_{sys}^{*}\), \({f}_{sys}\), \({k}_{p}\) and \({k}_{d}\) are respectively the total stator reference active power, the stator reference active power derived via the conventional control loop, the reference system frequency, the system frequency and the fixed gains. The technique for VIC approach in [33] is based on Eq. (8):

$$\begin{array}{cc}{P}^{*}={P}_{MPP}+{P}_{vir}& {P}_{vir}=-{k}_{1}\Delta \omega -{k}_{2}\stackrel{.}{\Delta \omega }\end{array}$$
(8)

In which, \({P}^{*}\), \({P}_{MPP}\), \({P}_{vir}\) and \(\Delta \omega\) are the total reference active power, the reference active power extracted via the conventional maximum power point tracking (MPPT) operation, the virtual active power and the difference between the reference and actual angular speed. \({k}_{1}\) and \({k}_{2}\) are the gains to be designed. The pertinent technique in the Laplace domain is expressed by [34]:

$$\Delta {P}_{vir}=\frac{k}{1+sT}s\Delta f$$
(9)

In the above equation, k and T denote the gain and the time constant. To mitigate the effects of cyber attacks on the frequency stability for islanded ACMG, a VIC scheme is proposed in [35] according to (10) in the Laplace domain:

$$\Delta P=\frac{1}{1+sT}\Delta f(ks+{k}_{1})$$
(10)

Here, \(\Delta P\) and \(\Delta f\) are the virtual active power and the deviation of the frequency. However, this research work is limited to investigate the contribution of VIC via the obtained results. In [36], the proposed VIC is implemented by:

$${P}_{vir}^{*}=\frac{ks}{1+sT}({V}^{*}-V)$$
(11)

\({V}^{*}\) and \(V\) are the reference and measured voltage. It is worth mentioning that in the low inertia power systems such as MGs, the relation between active power-voltage could be considerable. It could be a reason that is why in (11) the relation between the voltage and active power is used for the VIC scheme.

Detection Approach

To activate the VIC approach in the active power control loop, first the cyber conditions caused by the attackers must be recognized, precisely. To do this task, the combined integral square error (ISE) of the active power and rotor speed as Eq. (12) is proposed.

$$\begin{array}{c}SE={\int }_{0}^{t}[{k}_{1}{(}{{\omega }_{r}^{*}}-{\omega}_{r})^{2}+{k}_{2}{(}{{P}_{s}^{*}}-{P}_{s})^{2}]{\begin{array}{cc}dt,& \qquad k\end{array}}_{1},{k}_{2}\succ 0\\ \Delta ISE(t+\tau )={k}_{3}\left|ISE(t+\tau )-ISE(t)\right|,\begin{array}{cc}& {k}_{3}\end{array}\succ 0\end{array}$$
(12)

Here, \({\omega }_{r}^{*}\) is the reference rotor speed extracted via the lookup table to reach the MPPT mode. \(\tau\) is the time constant for calculating the value of \(\Delta ISE\) in the short time intervals for the accuracy of the detecting method. Thus, this parameter is set to 0.000001 in the simulation process. Choosing a too low value of this time interval would be a proper guarantee for the accurate execution of the detection scheme. Moreover, if failing in some samples of the detection signals be probably happened, it would not cause malfunction of the discrete detection procedure. If the values of \(\Delta ISE\) are out of the defined thresholds (healthy band), the cyber conditions are diagnosed. In Fig. 1, the profile of this benchmark considering the cyber attacks on the reference active power (\({P}_{s}^{*}\)), measured active power \(\left({P}_{s}\right)\) and rotor speed \(\left({\omega }_{r}\right)\) during t = 1.5 s to 3 s in the test system is depicted as the samples. As can be seen the suitability of the proposed detection index is verified.

Fig. 1
figure 1

Profile of the proposed detection index considering cyber attacks; (Blue: Attack on the reference active power, Green: Attack on the measured active power, Red: Attack on the rotor speed), Attack duration = [1.5 3] s, A: FDIA, B: HjA, C: DoS, k1 = 100, k2 = 1 and k3 = 1e8

Full size image

Why Proposing the Nonlinear Method?

To control active/reactive power of DFIG, RSC control loops must be carefully designed. The conventional control method is based on applying the PI controllers according to the stator voltage or flux orientation vector control [37]. Thus, designing two internal control loops of the rotor current components in the d and q axes is necessary. If the stator voltage orientation (SVO) is used, then the external control loop in the d axis is designed to control the active power. Hence, the other outer control loop in the q axis is specialized for the reactive power control. Instead, according to the stator flux orientation (SFO) approach, these duties are vice versa for the external control loops. Here, the problem for power control of DFIG is analytically considered via the following equations in per unit form [37]:

$$\begin{array}{c}{P}_{s}=Re({V}_{sdq}{I}_{sdq}^{*})={V}_{sd}{I}_{sd}+{V}_{sq}{I}_{sq}\\ \begin{array}{cc}& {V}_{sdq}\end{array}={V}_{sd}+j{V}_{sq}\begin{array}{cc}& {I}_{sdq}={I}_{sd}+j{I}_{sq}\end{array}\\ SVO\Rightarrow {P}_{s}=\left|{V}_{s}\right|{I}_{sd}\Rightarrow {P}_{s-inject}=-\left|{V}_{s}\right|{I}_{sd},\begin{array}{cc}& \left|{V}_{s}\right|\end{array}=1\begin{array}{cc}& \end{array}p.u.\end{array}$$
(13)
$$\begin{array}{c}SVO\Rightarrow {V}_{sq}=0\Rightarrow {\psi }_{sd}\approx 0\Rightarrow {I}_{sd}=-\frac{{L}_{m}}{{L}_{s}}{I}_{rd},\frac{{L}_{m}}{{L}_{s}}\approx 1p.u.\Rightarrow \\ {P}_{s-inject}\approx {I}_{rd}\end{array}$$
(14)

Here, P, V, I, R, L and ψ are respectively the active power, voltage, current, resistance, inductance and electromagnetic flux. The subscript of s, r, d and q denote, stator, rotor, d axis and q axis component. Equation (14) clearly expresses that the injected active by the DFIG is directly related to the rotor current. Hence, the rotor current components in the both axes have a direct relation with the rotor voltage components based on the next question in Laplace domain:

$$\begin{array}{c}{V}_{rd}(s)={R}_{r}{'}{I}_{rd}(s)+\frac{{L}_{r}{'}}{{\omega }_{b}}S{I}_{rd}(s)-{\omega }_{2}{L}_{r}{'}{I}_{rq}(s)+{E}_{rd}(s)\\ {V}_{rq}(s)={R}_{r}{'}{I}_{rq}(s)+\frac{{L}_{r}{'}}{{\omega }_{b}}S{I}_{rq}(s)+{\omega }_{2}{L}_{r}{'}{I}_{rd}(s)+{E}_{rd}(s)\\ {R}_{r}{'}\approx {R}_{r}+{R}_{s},{L}_{r}{'}\approx {L}_{r}-{L}_{m},{\omega }_{2}={\omega }_{s}-{\omega }_{r},{E}_{rd}(s)\approx \\ S{V}_{sd}=S\left|{V}_{s}\right|,{E}_{rq}(s)\approx S{V}_{sq}=0\end{array}$$
(15)

where, Erd and Erq are the disturbances which would be negligible in the steady state mode and \({\omega }_{2}{L}_{r}{'}{I}_{rd}\) and \({\omega }_{2}{L}_{r}{'}{I}_{rq}\) are the cross coupling terms with the low values which would be compensated by the feed forward terms. Accordingly, the transfer function of the inner control loops as \({TF}_{d}\left(s\right)=\frac{{V}_{rd}\left(s\right)}{{I}_{rd}\left(s\right)}\) and \({TF}_{q}\left(s\right)=\frac{{V}_{rd}\left(s\right)}{{I}_{rd}\left(s\right)}\) are similarly equal to \(\frac{1}{\frac{{{L}{'}}_{r}}{{\omega }_{b}}s+{{R}{'}}_{r}}\) for the both axes. by manipulating the measurement active power, reference active power or rotor speed via cyber attacks, unpredictable changes would directly be effective on the rotor current components and consequently, on the rotor voltage reference components which are sent to the pulse width modulation (PWM) commands of the RSC. For example by injecting a periodic sinusoidal FDIA to the active power value, the additional term of \(\frac{K\omega }{{s}^{2}+{\omega }^{2}}\) is appeared on the active power profile during the cyber attack which directly affects the rotor current components and consequently the rotor reference voltage components. Thus, the nonlinear behavior during the attacks would be expected. The samples of the irregular and nonlinear behaviors caused by various attacks are shown in Fig. 2.

Fig. 2
figure 2

Samples of nonlinear behavior caused by the FDIA (blue), DoS (red), HjA (green) in the WT DFIG for t = [2 5] s

Full size image

Realization of the Proposed Method in the RSC

It is inferred in the general form of the VIC, the additional term of the reference active power is as a function of the frequency or angular frequency. This compensatory term is helpful in the cyber conditions, where the power and also, the energy level of the plant are disturbed by the cyber attacks. Therefore, by designing a suitable VIC scheme, certainly the malicious effects of attacks would be alleviated. In [35], applying the VIC for the impact assessment and mitigation of time delay in the measurement systems as the cyber attacks is proposed. However, the obtained results are shown, incompletely without the sufficient discussions.

In nonlinear backstepping approach for DFIG, the appropriate error signals must be chosen [38]. For realizing the backstepping VIC to effectively suppress the destructive effects of various cyber attacks, happening with \({P}_{s}^{*}\), \({P}_{s}\) and \({\omega }_{r}\), first the suitable error signal by Eq. (16) must be defined.

$${e}_{\omega }={\omega }_{r}^{*}-{\omega }_{r}$$
(16)

After defining the error signal, the Lyapunov candidate function is chosen to \({v}_{f}={~}^{1}\!\left/ \!{~}_{2}\right.{e}_{f}^{2}\), therefore:

$$\begin{array}{cc}\stackrel{.}{v}={e}_{\omega }\stackrel{.}{{e}_{\omega }}\equiv -{k}_{\omega }{e}_{\omega }^{2}& {k}_{\omega }\succ 0\Rightarrow \stackrel{.}{{e}_{\omega }}=-{k}_{\omega }{e}_{\omega }\prec 0\end{array}$$
(17)

Considering (4) as the main rule of backstepping control and using (16), results in (18).

$$\stackrel{.}{{\omega }_{r}^{*}}-\stackrel{.}{{\omega }_{r}}=-{k}_{\omega }({\omega }_{r}^{*}-{\omega }_{r})\Rightarrow \stackrel{.}{{\omega }_{r}}+{k}_{\omega }{\omega }_{r}=\stackrel{.}{{\omega }_{r}^{*}}+{k}_{\omega }{\omega }_{r}^{*}$$
(18)

In the normal operating conditions, the electrical parameters such as the rotor speed follow their references, therefore Eq. (18) is logical. Calculating the rotor speed via (18) is expressed in (19).

$$\begin{array}{cc}{\omega }_{r}=\frac{{f}_{\omega }({\omega }_{r}^{*})-\stackrel{.}{{\omega }_{r}}}{{k}_{\omega }}& {f}_{\omega }\left({\omega }_{r}^{*}\right)=\stackrel{.}{{\omega }_{r}^{*}}+{k}_{\omega }{\omega }_{r}^{*}\end{array}$$
(19)

The mechanical model relates the mechanical and the electrical torques. By applying soft turbine shafts between turbine and generator, the two mass model has higher accuracy in comparison with the one mass model. The two mass model is realized by Eq. (20) [37].

$$\begin{array}{c}2{H}_{g}\stackrel{.}{{\omega }_{r}}=-{T}_{e}+{D}_{tg}({\omega }_{t}-{\omega }_{r})+{k}_{seq}{\theta }_{sh}\\ 2{H}_{t}\stackrel{.}{{\omega }_{t}}={T}_{m}-{D}_{tg}({\omega }_{t}-{\omega }_{r})-{k}_{seq}{\theta }_{sh}\\ \stackrel{.}{{\theta }_{sh}}={\omega }_{b}({\omega }_{t}-{\omega }_{r})\end{array}$$
(20)

\({H}_{g}\), \({H}_{t}\), \({T}_{e}\), \({T}_{m}\), \({\omega }_{t}\), \({\omega }_{b}\), \({D}_{tg}\) and \({k}_{seq}\) are respectively the generator and turbine inertia constant, the generator and turbine torque, the turbine speed, the base angular speed, the equivalent torsial damping and the torsial spring constant. Based on (20), Eq. (21) is established.

$$2{H}_{g}\stackrel{.}{{\omega }_{r}}=-{T}_{e}+{T}_{m}-2{H}_{t}\stackrel{.}{{\omega }_{t}}\begin{array}{cc}& \Delta T={T}_{m}\end{array}-{T}_{e}$$
(21)

The relation between the mechanical and electrical speed considering the two mass model is extracted by (22):

$${\omega }_{t}=\frac{\stackrel{.}{{\theta }_{sh}}}{{\omega }_{b}}+{\omega }_{r}$$
(22)

Substituting (22) in (21):

$$\begin{array}{c}{\dot{\omega }}_{r}=\frac{\Delta T-\frac{2{H}_{t}{\ddot{\theta }}_{sh}}{{\omega }_{b}}}{2H}\\ H={H}_{g}+{H}_{t}\\ \Delta T={T}_{m}-{T}_{e}\end{array}$$
(23)

Now, we use the extracted \({\dot{\omega }}_{r}\) via the two mass model to the backstepping equation in (19).

$${\omega }_{r}=\frac{2H{f}_{\omega }({\omega }_{r}^{*})-\stackrel{.}{\Delta T+\frac{2{H}_{t}\stackrel{..}{{\theta }_{sh}}}{{\omega }_{b}}}}{2H{k}_{\omega }}$$
(24)

Finally, the proposed higher order backstepping VIC is realized by applying (24) in (25).

$${P}_{svir}^{*}={k}_{p}{e}_{\omega }+{k}_{d}\stackrel{.}{{e}_{\omega }}+{k}_{d1}\stackrel{..}{{e}_{\omega }}={k}_{p}{\omega }_{r}^{*}-{k}_{p}{\omega }_{r}-{k}_{d}\stackrel{.}{{\omega }_{r}}-{k}_{d1}\stackrel{..}{{\omega }_{r}}$$
(25)

Simulation Results

The Test Platform

The simulation platform for our study is including the three WT DFIGs connected via the transmission lines of 7 km from the 690 V bus to the 20 kV bus, ending to the weak grid as the sustainable energy production. The transformer of 690 V: 20 kV is provided to adjust the voltage level. More details are available in our previous work [37]. Single line diagram of the test system is depicted in Fig. 3. The final block diagram to realize the proposed method during the cyber conditions in the RSC is shown in Fig. 4. The following results are shown in the two case studies, without applying VIC in the blue dotted curves and with applying VIC based on the proposed detection and mitigation approaches in the red solid curves. The attacks are considered for all the DFIGs in the test system.

Fig. 3
figure 3

Single line diagram of the sustainable energy production test system

Full size image
Fig. 4
figure 4

Block diagram of the RSC control loops in the d axis considering the proposed VIC method

Full size image

Scenario 1: Evaluation of the Proposed Method in the MPPT Mode

MPPT mode is as a suitable benchmark to evaluate the performance of DFIG. By the mean wind speed of about 12 m/s, the MPPT could be reached. Hence, a variable wind speed profile of 12 m/s with about 25% turbulence, shown in Fig. 5 is applied in the simulation process.

Fig. 5
figure 5

Applied wind speed profile in the simulation process

Full size image

Forcing a periodic FDIA including \({\text{sin}}(40\pi t)\) during 8 s, launching at t = 2 s on \({P}_{s}\) in the RSC is our first contingency. In Figs. 6 and 7, the DFIG active power and network frequency profile are depicted. From the both figures, it is inferred the improvement of the active power and frequency profiles while using the nonlinear VIC in the active power control loop of the RSC during the cyber occurrence.

Fig. 6
figure 6

DFIG active power profile considering the FDIA on the active power

Full size image
Fig. 7
figure 7

Network frequency profile considering the FDIA on the active power

Full size image

The next attack as the DoS is considered for the rotor speed profile in the time interval of [4 8] s which the relative results are demonstrated via Figs. 8 and 9. As can be observed in Fig. 8, the severe oscillations up to 2.5 pu are suppressed in the red curve. Simultaneously, the significant improvement in the frequency profile during the DoS attack is confirmed according to Fig. 9.

Fig. 8
figure 8

DFIG active power profile considering the DoS on the rotor speed

Full size image
Fig. 9
figure 9

Network frequency profile considering the DoS on the rotor speed

Full size image

In the next case, a hybrid HjA composed of a noisy HjA enforced on the reference active power, starting at the fifth s which is lasted until the ninth s. Meanwhile, the other HjA is the constant value of 0.3 pu on the rotor speed profile in the time domain of 3 to 12 s. The results for the active power and frequency profiles are illustrated in Figs. 10 and 11. Smoothing the DFIG active power and network frequency profiles by happening the HjAs as the superiority of the performance of the nonlinear control method is obvious in these figures which means the VIC would be an appropriate remedial action to enhance the cyber security of the test ACMG.

Fig. 10
figure 10

DFIG active power profile considering the hybrid HjA on the reference active power and the rotor speed

Full size image
Fig. 11
figure 11

Network frequency profile considering the hybrid HjA on the reference active power and the rotor speed

Full size image

Scenario 2: Considering Uncertainties

Considering uncertainties is the suitable benchmark to evaluate the proposed method. In this regard, the first contingency is carried out by 50% reduction in the grid short circuit capacity (SCC) which means weakening the grid, significantly. A cascade cyber scenario including the DoS from t = 6 to 12 s and a fixed FDIA of -0.8 pu on \({P}_{s}^{*}\) in the time domain of [12 14] s is considered. The relative obtained results are shown in Figs. 12 and 13. The pulsations of the active power profile bounded in the domain of [0 1.6] pu as the destructive effects of the attacks are highly damped out by activating the suggested VIC in the control loop which is shown in Fig. 12. Moreover, in the presence of the DoS and FDIA, the oscillations of frequency profile between 49.7 Hz to 50.35 Hz are remarkably suppressed, to reach a fairly flat profile according to Fig. 13.

Fig. 12
figure 12

DFIG active power profile considering the cascade DoS and FDIA on the reference active power and reducing the grid SCC

Full size image
Fig. 13
figure 13

Network frequency profile considering the cascade DoS and FDIA on the reference active power and reducing the grid SCC

Full size image

Now, the X/R ratio of the grid is reduced to 2 as the other uncertainty in the grid parameters and a FDIA equal to \(2{\text{sin}}(2\pi t)\) as the pu value is forced to the rotor speed, launching at t = 10 s, ending after 7 s. Similar to the previous figures, the results are drawn via Figs. 14 and 15. As shown in Fig. 14, the oscillations of DFIG active power during the cyber conditions are varied from -1.3 pu to 4.5 pu by applying the conventional control without activating the VIC. These variations are severely mitigated by using the nonlinear VIC. Moreover, the frequency profile in Fig. 15 is improved as well in the red curve. Finally, a combined cyber attack composed of the DoS on \({\omega }_{r}\) during t = 7 to 10 s and the sinusoidal HjA of \(0.65{\text{sin}}(10\pi t)\) on \({P}_{s}\) for 3 s, launching at the 5th s is the last case study. In this regard, the stator and rotor resistances and inductances are increased as 30%. The results are presented via Figs. 16 and 17. As can be seen from Fig. 16, the unacceptable oscillations caused by these attacks are reduced on the active power profile when performing the VIC scheme. Also, about 1 pu reduction in the upper and lower pulsations is visible. Due to the direct relation of DFIG active power and the stator frequency, by enhancing the active power control loop via the nonlinear VIC during the cyber conditions, the frequency profile is improved as well which is verified in Fig. 17.

Fig. 14
figure 14

DFIG active power profile considering the FDIA on the rotor speed and reducing the grid X/R ratio

Full size image
Fig. 15
figure 15

Network frequency profile considering the FDIA on the rotor speed and reducing the grid X/R ratio

Full size image
Fig. 16
figure 16

DFIG active power profile considering the HjA on the active power and the DoS on the rotor speed and increasing the stator and rotor parameters

Full size image
Fig. 17
figure 17

Network frequency profile considering the HjA on the active power and the DoS on the rotor speed and increasing the stator and rotor parameters

Full size image

Conclusion

This paper has investigated the application of the nonlinear virtual inertia approach in the active power control loops of the DFIGs in an AC sustainable energy production under cyber attacks. The attacks are including FDIA, HjA and DoS which caused the destructive effects on the DFIG parameters such as the active power and frequency profiles. In this regard and by proposing a detection scheme based on the combined ISE, the proposed higher order backstepping VIC method is activated during the cyber conditions. By realizing the new control scheme, it is shown the remarkable performance of the method during the various contingencies. The verification in the weak grid connected operation mode via MATLAB/Simulink software is precisely carried out. The scenarios are including various single and multi-cyber attacks; hence, the uncertainties in the grid and generator parameters are considered to evaluate the performance of the nonlinear VIC. It must to be noticed that this method would be broadened for the other test MGs such as hybrid MGs including DFIGs and full converter synchronous generators with wind and marine current turbines.