Microgrid Communication and Security: State-Of- The-Art and Future Directions

The microgrid communication network with proper connectivity among microgrid resources is play important role to maintain a stability and reliability of the microgrid. Application of suitable communication network and protocol and highlighted the best security measurement is one of the elements to achieve those broad objectives. The communication network and protocol that has been implemented in existing microgrid has different types and objective which is depend on specific application. To secure the communication network and protocol, many security approaches is proposed. In this paper, a review of microgrid communication and its security is shown and future direction of communication network and protocol with its security also provided. This is an open-access article under the CC BY-SA license

A DC bus collects the DC power supplied from a battery bank and a DC/AC power converter connects the whole system to the AC-50 Hz micro grid. This power converter is the same. Each power converter includes two data loggers outfitted with a variety of sensors for measuring the values of a variety of engine operating parameters that can be used to characterize the operation state of internal combustion engines and generate control signals [1]. Simulink was used to model the behaviour of the microgrid as delays increased. The severity of the problem varies depending on the MG's unpredictable operational conditions, the design of the MG converters (e.g., inductors and switches), and the length of the expected delay intervals associated with the ICT used within the MG [3]. There are two primary obstacles in developing a communication architecture for a multi-layer based smart microgrid system. The communication and system control coordination are the first challenge. The coordination of communication between several tiers is the second challenge [10] [11].
In fact, Microgrid communications provides a means of communication amongst its many pieces in order to be able to function properly and integrate them with main grid stations. The following requirements must be met by such a communication network: (i) Ensure real-time performance (ii) Ensure worst-case performance (iii) Ensure dependable and secure communication to ensure confidentiality and integrity (iv) Ensure access and availability However, while high bandwidth communication lines might reduce propagation delays, the delays produced by control elements, which are the primary source of communication messages, are outside the control of the communication network. This is due to the fact that most microgrid control devices (voltage regulators, protection relays, and so on) are equipped with low-cost, low-power processors with limited memory to perform operations. As a result, when creating an efficient security algorithm to assure confidentiality and integrity, the execution time of these devices must be taken into account [12].

COMMUNICATION PROTOCOL IN MICROGRID AND ITS SECURITY
Communication systems architecture, protocols, and tools are essential in microgrid implementation to ensure stable, reliable, and optimal operation. Microgrids components, as well as the other related system, currently work on different communication standards such as IEC 61850, Common Information Model (CIM), Open Platform Communication-Unified Architecture (OPC-UA), Modbus, and Distributed Network Protocol (DNP3) [13,14,15,16]. Therefore, it requires a harmonization system to enable them to communicate each other.
As a platform to transfer data by using aforementioned communication standard, the ethernet and/or Internet Protocol (IP) is incorporated in microgrid communication. It has ability to reduce engineering cost and getting for easier setting of communication configuration. However, data delivery for microgrid communication network via the traditional TCP/IP and protocols is inefficiently performed. During the past three decades, much more information and shared resources have become available and easy over the internet due to wide network interconnectivity.
Traditional internet which is based on TCP/IP protocol is known as the host centric model. Interestingly, this contrary to a study conducted by [17] which concludes that this protocol is impractical for microgrid since the connection involved several components/actors of the microgrid. An efficient content delivery is required since content delivery is more important than the location of data. Therefore, securing the internet demands for new requirements as the TCP/IP networks are presented with new challenges as a result of the widespread use of the Internet of Things (IoT) [18].
For communication between the microgrid controller and IEDs and other microgrid components, most microgrid use of the standard IEC 61850 via the Ethernet using the TCP/IP due to its faster speed, greater reliability and security levels. Data can be transferred from the sensors to the IEDs devices, which then produce commands to Distributed energy resources (DERs), which are the devices for storing energy, loads and interconnecting breakers or smart switches. The IEC 61850 is built with different data attributes and functionalities to ensure interoperability; hence it introduces some latencies in communication. This kind of protocol is more suitable to be applied in a microgrid particularly in distribution automation [19]. Modbus, is one of the communication protocols it also has been applied in microgrid. Reported in [20], Modbus is widely used in microgrid due to its simplicity. It can be transmitted over different physical networks of RS 485, RS 232 and the Ethernet TCP/IP [21]. However, Modbus protocol is inefficient for large data transmission from/to network.
Besides that, DNP3 is a power communication protocol originally developed by General Electric that was made public in 1993 is also has been used in microgrid communication. Usage in supervisory control and data acquisition (SCADA) applications was the initial purpose for the design of DNP3. At present, it is used largely in the oil and gas, security, water infrastructure, electrical and other industries in Asia, North America, South America, Australia and South Africa [22]. The initial design of DNP3 comprises of four layers which are the transport, application, data link, and physical layers [23]. Serial communication protocols such as the Recommended Standard (RS)-232, RS-422, or RS-485 became the basis for the design of the original physical layer. To support the current technologies in communication, the present day DNP3 has been moved over to the TCP/IP layer. It can therefore be considered as a three-layer network protocol which operates upon the TCP/IP layer [22] in supporting end-to-end communication. The slave of DNP3 is able to produce feedback with unsolicited responses to the master. Single DNP3 messages can demonstrate time stamped task and information on data quality and various data types [23].
It should be noted that DNP3 is intended to be replaced by IEC 61850 in substation communications. The general belief is that, in future power systems, IEC 61850 has the potential for usage outside of the substation communication although its usage is presently limited within a power substation [22]. Due to the inexistence of any security mechanism at the initial design of DNP3 and IEC 61850, the microgrid network can easily intercept or falsify the messages sent through them, thus resulting in either incorrect operation of power devices or information leakage. Working in tandem to rectify this problem, the security, power and network communities design microgrid applications with protocols that are secure and dependable.
The protocol that has been used in IEDs is the IEC 61850 that it includes GOOSE and SV and defines multicast message excludes a feature of cyber and information security [24]. The vulnerabilities of the IEC 61850 include packet modification, injection, replay spoofing and generation attack. Although the vulnerabilities of this protocol have been addressed through the improvement made and the employment of the IEC 62351, it still contains some drawbacks [25]. Modification of the GOOSE packets for tripping the circuit breakers has been performed in [26]. The IEC 61850 protocol is also used in the SNAPE architecture for connecting power in which several microgrids coordinate the control and command. It has a strict timeframe for command response messages that implemented by this architecture caused by it takes a few milliseconds in communication process. Besides that, the system can also be affected in the event of additional latency in the communication.
The use of the DNP3 for the intra and inter-substation communications of the US power system is widespread [22]. The initial design of DNP3 was devoid of any security mechanism. However, the impracticality of upgrading all legacy DNP3-based power systems over a short period of time for them to be in line with the security requirements of the Smart Grid has resulted in the necessity for them to be modified or even overhauled to enable them to adopt greater security functionalities. Two major solutions were used as the basis for DNP3 security functionality design by these researchers [27,28,29]. Solutions: (1) the introduction of security mechanisms to the DNP3 stack through the modification of the original protocol, and (2) the insertion of a security layer between the DNP3 protocol stack and the TCP/IP layer.
The provision of suitable security solely for DNP3 is offered by the first solution. Nonetheless, the protocol stack needs to be repetitiously modified, while the communication systems in the power devices requires upgrading. As such, the compatibility of the legacy devices with the smart grid devices can be more desirably achieved through the insertion of a security layer between the DNP3 and TCP/IP. This security layer aims to specifically assist the DNP3 protocol in attaining the primary security requirements for confidentiality and integrity purposes. This is achieved through the interception of the DNP3 packets distributed to the TCP/IP layer by the security layer.
Next, the data that will be encrypted and the encrypted packets are then sent into the TCP/IP layer. All these are performed at the transmitter. Taking place at the receiver, the data packets are then passed to the application layer (DNP3 layers) after they have been decrypted by the security layer. The protection of DNP3 packets' confidentiality and integrity can be achieved either with symmetric or asymmetric algorithms. In [30] for instance, the design and implementation of MAC-based authentication are performed to function as an extension to the security of DNP3-based communication for distribution automation systems.

COMMUNICATION NETWORK IN MICROGRID AND ITS SECURITY
In light of the high penetration of RESs, this research developed a Load Frequency Control (LFC) and digital Over/Under Frequency Relay (OUFR) protection approach for an islanded microgrid system. This coordination technique is presented to ensure frequency stability and safeguard the islanded MG from high-frequency deviations, which have lately increased as a result of increased penetration of (RESs), random load changes, and system uncertainty. These modifications jeopardise the MG dynamic security by causing under/over frequency relaying and disconnecting some loads and generations, which could result in cascade failure and system collapse. The dynamic security problems of MG are shown in Figure 3. Due to the strong integration of RESs, one of these concerns is a lack of system inertia [31].
Currently, studies on the design of microgrid communication network focusing on the interaction between several microgrid components for control and monitoring purposes become an imperative topic is selected. The review shows that numerous types of communication networks are used in microgrid as shown in Table 1. That includes the Global System for Mobile Communications (GSM), Global Positioning System (GPS), optical, wireless, wired, fibers, and their associations [32]. Currently, studies on the design of microgrid communication network focusing on the interaction between several microgrid components for control and monitoring purposes become an imperative topic is selected. The review shows that numerous types of communication networks are used in microgrid as shown in Table 1. That includes the Global System for Mobile Communications (GSM), Global Positioning System (GPS), optical, wireless, wired, fibers, and their associations [32].
Local Area Network (LAN) and Wide Area Networks (WANs) are some of the numerous types of communication networks available. LAN can be employed in any situation [8]. LAN could be expanded to WAN it can be used in managing broadcast/multicast communication architecture case. Both communication network has been implemented in microgrid system. WAN requires for emphasis to be placed on the level of service to all microgrid components including storage communication which has to be secure, reliable, safe, sustainable, and costeffective. To fulfil all these requirements, the application of an internet communication protocol suite such as the Open System Interconnection (OCI) which consists of layered architecture can therefore be considered.
The Open System Interconnection (OSI) model is the benchmark communication architecture and contains 7 layers as seen in Figure 4. More than one protocol is included in each layer with a designated set of functions to be Figure 4performed under the condition of operations. Each layer is assigned a set of functions to perform under operating conditions. The most widely used and available suite is the Transmission Control Protocol/Internet Protocol (TCP/IP). TCP/IP normally has four layers: Application, Transport, Network, and Link layers as shown in Figure 4. Enhanced Performance Architecture (EPA) is often used in Supervisory Control and Data Acquisition (SCADA) systems that use direct communication links (i.e., no internet). This model uses only three of the seven layers defined in the OSI model [33] as depicted in Figure 4. The EPA model requires less overhead than the OSI model, at the expense of reduced functionality.
In microgrid communication, the connection between the internal and external networks, such as the enterprise network and the internet are widely exposed to cyber threats. A cyberattack occurs with the intrusion of the microgrid power enclaves, through the attackers' exploitation of the vulnerabilities at network, system, and/or application level, thus compromising critical operations.
One of the factors of the microgrid vulnerability involves several entities when information is exchanged via WAN [34]. Further exploration on the event of an attack therefore requires for a study on the interaction between the physical system and the cyber system. For certain microgrid architectures, the researchers have chosen to follow the standards, such as NIST 800-53 [35] or IEC 62443 [36]. With lower security internal system design, majority of the systems would therefore depend on perimeter protection. This type of system is developed as part of a closed network. One of the drawbacks of the power network is it being designed without the security of the IEC 61850, which unnaturally supports security features. Owing to that, there is a requirement for the provision of a security mechanism for these protocols. However, this environment tends to offer security vulnerabilities that could be exploited by cyberattacks.
In [37], a study was performed on wired links in a system which manages microgrid energy in comparison to the Wi-Fi based servers. As indicated in the performance analysis, wireless infrastructure for a small sized microgrid control system is dependable, easy to build, and scalable. However, it demonstrated higher delays in communication compared to the wired LAN. It is therefore confirmed through tests data performed on wireless communication that Wi-Fi is a more befitting candidate for the WAN infrastructure [38] [39]. This is because the communication system is slowed down due to the use of padding and wasted bandwidth in the microgrid control system since 1 to 8 bytes are utilised, while packets for the carrier are 64 bytes. However, the license-free condition of this channel increases for cyber security risks since an intruder can legally access the bandwidth. Thus, mechanisms of encryption and authentication are crucial for the integrity and confidentiality of data protection.
On the other hand, microgrid is an example of a real-life application of the WSN. The work of [40] discusses several types of attacks in a WSN system, as well as their counter measures. The work of [41] also studies the general attack on a WSN with the provision of the solutions. The solutions for a basic attack on the WSN are explained in the papers of [42,43,44]. Securing the wireless network through the use of standard protocols such as the IEEE 802.11i is discussed by [45], while for IEEE 802.16e is explained by [46].
Each different wireless protocol has its own security mechanism. Besides that, wired protocols are secured by virtual private networks (VPNs), firewalls, and IPSec technologies. Shell (SSH) and SSL/TLS are higher layer security mechanisms which have been used in [47]. Using secure protocols such as IPSec and SSH has been identified by system designers. However, skip the implementation details associated with establishing security associations between end points of communications. This kind approach in secure management purpose is smart grid communication system that it become complicated and make difficulty to the operations.
The mechanism of these secure protocol is that the customers will have provided with few options of key management, besides regularly have to pre-configuring symmetric keys in manually. In other words, the architects have not developed an essential management scheme which is integrated and comprehensive. Although the system designers may find the approach to be simple, yet the owners of the system find it to be expensive [48].
One of the attackers activities is access the AMI network from several nodes, such as the smart meter and local data collectors, apply the minimum level of cyber security protection. The attack on the AMI network is demonstrated in [49,50,51,52], which includes customer information leakage, false data injection, and energy theft [49,50,51,52]. The solution to overcome this cyber attack issues in microgrid is replacing these risk model with a parameter that is more asset-focused introduced by researchers at Sandia National Laboratories for the modification of the NIST risk model. An asset-focused parameter refers to the degree of difficulty in exploiting a vulnerability, which then causes an impact [53]. As a summary, the occurrence of risks is due to the existence of attack scenarios with difficulties at varying degrees. Each of the attack scenarios would take advantage of one or more vulnerabilities of the Cyber Physical System (CPS), thus resulting in a physical impact which consequently affect the system operation. Another secure framework which does not offer cyber security measures for microgrid-specific threats is OLE for Process Control -Unified Architecture (OPC UA) [54]. This framework is a standard-based communication backbone and has the advantage in larger scale of cyber security threats. The examples of threats include the sensitive control of network exposure, the complexities in achieving cyber security certification and the legacy of component integration.
The paper presented in [55] focuses on three problems. Firstly, several sub-networks created the internal network of a microgrid deployment, such as the microgrid control network and the SCADA network in which maintain the connection to the enterprise network. This interconnected environment can increase the probability of a cyberattack on a microgrid network. Before attempting to create chaos in the operation of other places in the microgrid control network, a malicious can exploit and attack the vector of any one of the breaking subnetworks. Secondly, many legacy devices have been implemented without security mechanisms such as message signing, encryption and message hashing. Thus, having strong and uniformed security police is difficult in the system. Lower-end devices have weaker security which can be compromised by the attackers if the security police are based on the capabilities of the device. Thirdly, in the U.S, the deployment of the Department of Defence installations requires for the certification from the Department of Defence Information Assurance Risk Management Framework (DIARMF). The existence of several sub-networks in a microgrid makes security assessment and certification tasks challenging and complex.
Even though the major reason for power outages is extreme weather events, yet they are also increasingly created and apprehensively caused by cyber-attacks [56]. The microgrid is made up of components such as the distributed energy resources (DER) which conduct transmit the power to the local load devices with also required communication, sensors, actuators, and field devices as an affective operation. Hence, a crucial role is played by methodologies in enhancing the situational awareness of cyber-attacks on the microgrid. Cyber intrusion in Cyber Physical System (CPS) can be categorized into several attacks such as a bias injection attack, replay attack, dynamic false data injection attack, denial of service attack, and eavesdropping attack [57,58,59,60].
Nevertheless, the focus of all these attacks is still on one or more components of the CPS Data Confidentiality Integrity and Availability (CIA) triad, defined in common information security practices [15]. Each attack is launched at its own component based on the CIA-triad. For example, a DoS attack affects data availability, while a covert attack affects data confidentiality and integrity. An attacker has ability to manipulate a system by; 1) having ability to remote access on poorly configured firewall in a LAN network. 2) infecting the field devices [69].
A DoS event attack in microgrid can be recognized by the system operator. One type of attack which is the stealthy false data injection (FDI) is known to be the most severe cyberattack in power system. This attack is able to manipulate and corrupt the control data of the microgrid. The detection of False Data Injection (FDI) is found in [70,71,72,73,74]. The FDI detection that has been studied in microgrids on consensus control with direct current operation in which utilized by unknown input observer [70]. Nonetheless, the model of a microgrid network is defined as quasi-static. The reference work on Metasploit and rootkit in [75] [76], are used in finding the exploits for most vulnerabilities, such as privilege escalation. Rootkits using known exploits easily attract attackers attention, and thus are more likely to be taken advantage. When an embedded rootkit vulnerability is exploited, it is possible to identify if it is caused by a malicious attack or the fault of the system.
The Secure Network of Assured Power Enclaves (SNAPE) architecture which based on network separation strategy was created for a large U.S. Army base where multiple power enclaves with secure communications were envisioned. A deployed microgrid system based on the SNAPE architecture would contribute to the energy security and net-zero goals of the U.S. Department of Defense. This security architecture has been designed for fast, real-time control from network and has advantages in minimization of the control network latency and also control network attack surface. The network segmentation is based on strongly cryptographic separation on hardware devices with also reduces the scope of certification to a subset of a microgrid network for solving burden of cyber security certification. The SNAPE architecture used OLE for Process Control -Unified Architecture (OPC UA) to implement the communications backbone. OPC UA is backward compatible with distributed control system protocols such as IEC 61850. OPC UA provides authentication and authorization services at the application layer.
Additionally, deploying IPv6-based networks potentially opens a number of security holes. If IPv6 and IPv4 are being run simultaneously, then IPv6 should be tunnelled over IPv4 or run independently. In the tunnelling mode, configuration problems can create security holes in the system [77]. If the two protocols are run in parallel, then firewalls have to be configured to filter the IPv6 traffic, which is not very common. A normal firewall does not filter IPv6 traffic; this insecure channel can be leveraged by an attacker to enter the system. Also, administrators must employ new (and better) ways to deploy, configure and monitor networks. Important tasks include troubleshooting networks, configuring firewalls, enforcing secure configurations, monitoring security logs, analyzing real-time behavior and performing network audits. Most intrusion detection/prevention systems are still not very effective at handling IPv6 traffic, which increases the potential of attacks.
The CERTSMicroGrid is a novel approach for integrating distributed energy resources in a microgrid to seamlessly island it from and reconnect it to the power grid [78]. To the control center, all the distributed energy resources appear to be a single entity for coordination and control. The traditional method has been to integrate a small number of distributed energy resources and to shut down the microgrid when problems arise according to the IEEE P1547 standard. However, unlike the SNAPE architecture, the CERTS model does not specifically focus on cyber security for microgrids. The Smart Power Infrastructure Demonstration for Energy Reliability and Security (SPIDERS) Project is conducted jointly by the Department of Energy, Department of Defence and Department of Homeland Security [79] [80]. The project goal is to provide secure control of on-base generation at military base by building secure and robust microgrids that incorporate renewable energy resources. Cyber security is provided by commercially-available technologies, so the technology itself is not novel. Unlike SNAPE, SPIDERS do not provide a comprehensive architecture to address all possible attack vectors. Mueller [81] discusses research undertaken under the NSF ERC FREEDM Project [81]. The project investigates the challenges of the cyber-physical nature of microgrids and highlights novel opportunities for providing selective power delivery during power outages. Mueller recognizes the need to secure microgrids from cyber attacks. However, the FREEDM Project does not propose any security solutions. SNAPE stands out because it recognizes the need to secure microgrids and presents a comprehensive cyber security architecture that adheres to industry standards and satisfies actual microgrid requirements.
Massie [82] presents a distributed control framework for microgrids to enhance coordination, communications and security. The framework, which uses IPv6-based communications, attempts to leverage security from IPv6 and the peer-to-peer distributed model, but it also inherits their problems. SNAPE provides all the security features provided by the framework and introduces many additional security mechanisms.

FUTURE DIRECTION FOR MICROGRID RESEARCH
In this section, we efforts to contribute to discuss and analyse the development of microgrid communication with open issues. In [33] claimed that the main point of communication platform in microgrid is reliability. This study used EPA to decrease transmission delays and complexity. Microgrid architecture and message exchange between components is based on the IEC60870-5-104 standard. The communication role for protecting the microgrid system has attention among researchers caused by produced standalone protection when in proper integration. Thus, IEC 61850 is introduced for a centralized microgrid protection system [83].
More research is needed on relevant technologies to highlight the best applicable communication system for microgrids, targeting overall microgrid operations, including transient response of distributed resources. More research is required for applying a suitably and the best communication for the overall operations of the microgrid. Due to producing better peer-to-peer communications and decentralized controls, extending the IEC 61850 is needed. The aim is to map the data model to traditional protocols such as DNP3. Protection of switches, fault detectors, and protective relays that grouped as sensitive data transmission is needed due to increase reliability and decrease delay. Protection of switches, fault detectors, and protective relays that grouped as sensitive data transmission is needed due to increase reliability and decrease delay. Control system functions such as reactive power control and power quality enhancement control also needed to be improved through optimizing communications technology. Some research has been highlighted to architectures of agent-based communication which is burden of computational is integrated by a few of system components. The structure can accommodate the interconnection and operation of multiple existing legacy systems, and avoid problems associated with centralized system (i.e., single point) failure. The studied by Sandia Lab proposed a microgrid model with feedback control in multilayer environment. The model has two level of agent-based informatics architecture which is higher level consists of an agent-based informatics architecture that takes care of topology formation for the IEDs, while the lower level maintains stability of the topology chosen by the upper level. This agent-based microgrid controls and communication systems were developed and implemented using the JAVA Agent Development (JADE) framework were proposed in [84,85,86,87]. Design of inverter and application of grid-tie agent-based microgrid operation is introduced in [88] [89]. A comparison of Wi-Fi based servers to wired links in a microgrid energy management system was presented in [37]. Analysis results show that wireless infrastructure is easy to build, reliable, and scalable infrastructure for implemented in small sized microgrid control system, and has limitation of communication delays is high than wired LAN. Data from tests conducted on wireless communications proven that the Wi-Fi is a suitable candidate for WAN infrastructure [38] [39]. The microgrid control system uses from 1 to 8 bytes, while packets for the carrier are 64 bytes, which means padding is used and bandwidth is wasted slowing the communication system.

CONCLUSION
Securing the microgrid is important for stability and reliability of the microgrid. Vulnerabilities are increasingly present in the cyber-power system environment due to the growing dependency on computer systems and digital communication. This paper has been surveyed on communication network and protocol and its security. This paper also discussed about future direction of microgrid security. Based on literature, usage of SNAPE techniques in a more aggressive way that has been proposed.
Although several microgrid security approach have been proposed and tested for different sectors of a microgrid, there is no guarantee for the detection rate in practice. Finally, further research on coordinated cyber attacks is much needed. Also, the response of operators should be taken into account in the cyber security studies.