Using the IEEE C37.118 Protocol to Add Hardware in the Loop to the CYPRES Testbed
Abstract
The Cyber Physical Resilient Energy Systems (CYPRES) project at Texas A&M University
aims to create a next generation of energy management systems (EMS) using a secure cyberphysical systems (CPS) modeling foundation. The CYPRES research team has created the Resilient Energy Systems Lab (RESLab) cyber-physical testbed. Our primary contribution to this
project was to implement Hardware-in-the-Loop (HIL) to create a full end-to-end testing ground
for the RESLab testbed. This HIL would be capable of taking in voltage and current phasor measurement data inputs from a power grid simulator using the IEEE C37.118 industry standard protocol and output actual voltage signals to a relay protection system. In this way, the relay can
be tested and perform actions as if it were connected to a full-scale power grid network. This
was accomplished by utilizing PowerWorld Dynamic Studio (PWDS) for the power grid simulator, National Instruments’ (NI) CompactRIO platform for the voltage generator, and a Schweitzer
Engineering Laboratories (SEL) Protection Relay for detecting the voltages.
Another major contribution of this work was designing and testing false data and command
injection cyber attacks on the IEEE C37.118 protocol and testing different machine learning (ML)
classifiers to determine their level of accuracy in effectively detecting the cyber attack on this
industrial protocol. This was completed by using PowerWorld Dynamic Studio (PWDS) power
simulator to generate the C37.118 traffic and Common Open Research Emulator (CORE) to emulate the network where the C37.118 packets are transmitted. The attack scripts were written using
Python programming language network packet dissector called Scapy. The three different machine
learning classifiers evaluated were k-Nearest Neighbor, Decision Tree, and Naïve Bayes.
Finally, our HIL implementation can also help answer the research question of what constitutes
a relay misconfiguration and how this misconfiguration can be detected. The misconfiguration can
be caused by human error or a malicious user trying to perform a cyber attack on the grid.
Subject
Hardware-in-the-Loopsynchrophasor
power grid
cybersecurity
machine learning
LabView
FPGA
PowerWorld
C37.118
PMU
Citation
Knesek, Kolten C (2021). Using the IEEE C37.118 Protocol to Add Hardware in the Loop to the CYPRES Testbed. Master's thesis, Texas A&M University. Available electronically from https : / /hdl .handle .net /1969 .1 /196123.