Interest in adding renewable energy sources to the power grid has risen substantially in recent years. As a response to this growing interest, the deployment of microgrids capable of integrating renewable energy has become more widespread. Microgrids are independent power systems that deliver power from different kinds of Distributed Energy Resources (DERs) to local energy consumers
more efficiently than the conventional power grid. The microgrid leverages advanced information and communication technologies for vital protection, monitoring, and control operations as well as for energy management. With the use of information technology comes the need to protect the microgrid information layer from cyberattacks that can impact critical microgrid power operations. In this research, a security monitoring system to detect cyberattacks against the microgrid, in near-real time, is designed and implemented. To achieve this, the system applies Network and System Management (NSM) for microgrid security monitoring, as specified by the IEC 62351-7 security standard for power systems. The specific contributions of this research are (i) an investigation on the suitability of NSM for microgrid security monitoring; (ii) the design and implementation of an NSM platform; (iii) the design and implementation of a security analytics framework for NSM based on deep learning models; (iv) the elaboration of a comprehensive microgrid simulation model deployed on a Hardware in the Loop (HIL) co-simulation framework; and (v) an experimental evaluation
on the effectiveness and scalability of the NSM security monitoring platform for detection against microgrid attack scenarios, with a methodology being used to systematically generate the scenarios. The experimental results validate the usefulness of NSM in detecting attacks against the microgrid
