The distributed control-based DC microgrid relies on communication networks for information exchange, rendering it susceptible to cyber-attacks and intrusions. Attack detection is crucial to ensure the safety of microgrids. However, it remains a challenge for existing detection methods to distinguish state changes caused by load changes or attacks. To address the issue, this paper proposes a distributed attack detection method that combines consistency and stationarity features to assist a resilient recovery strategy. Firstly, the layered architecture of an interconnected DC microgrid is introduced, and the impact of false data injection attacks on microgrids is analyzed. Then, the attack detection is decomposed into two phases, anomaly detection and attack identification. In the first phase, consistency and stationarity features are extracted to indicate whether the microgrid is abnormal. In the second phase, the correlation between voltage and current characteristics is analyzed to determine the attack types. Furthermore, an event-triggered resilient recovery learning control protocol is proposed, which estimates the normal states and reconstructs normal control inputs through two trained neural networks to ensure the operation safety of the DC microgrid. The experimental results validate the effectiveness of the proposed attack detection and resilient recovery strategy.
Read full abstract