Co-Simulation Framework For Network Attack Generation and Monitoring

Resilience assessment is a critical requirement of a power grid to maintain high availability, security, and quality of service. Most grid research work that is currently pursued does not have the capability to have hardware testbeds. Additionally, with the integration of distributed energy resources, the attack surface of the grid is increasing. This increases the need for reliable and realistic modeling techniques that are usable by the wider research community. Therefore, simulation testbeds have been used to model a real-world power grid topology and measure the impact of various perturbations. Existing co-simulation platforms for powergrid focus on a limited components of the overall system, such as focusing only on the dynamics of the physical layer. Additionally a significant number of existing platforms need specialized hardware that may be too expensive for most researchers. Finally, not many platforms support realistic modeling of the communication layer, which requires use of Supervisory Control and Data Acquisition communication protocol such as DNP3 while modeling cybersecurity scenarios. We present Network Attack Testbed in [Power] Grid (NATI[P]G), (pronounced natig), a standalone, containerized, and reusable environment to enable cyber analysts and researchers to run different cybersecurity and performance scenarios on powergrid. Our tool combines GridLAB-D, a grid simulator, HELICS, a co-simulation framework, and NS-3, a network simulator, to create an end-to-end simulation environment for the power grid. We demonstrate use cases by generating a library of datasets for several scenarios. These datasets can be used to detect cyberattacks at the cyber layer, and develop counter measures to these adverse scenarios.