Addressing cybersecurity threats in prosumer-based nanogrids with MQTT communication

The high price of electricity has given extra impetus to the rapid deployment of solar self-consumption nanogrids, which allow customers to become prosumers. The development of smarter and more efficient nanogrids, “advanced nanogrids”, has been promoted by enabling technologies such as the Internet of things (IoT) and artificial intelligence (AI), along with the bidirectional flow of power between prosumers and the utility. However, advanced nanogrids can be subjected to cyber-attacks which impede the nanogrid operation in terms of economic and physical performance. The aim of this paper is to highlight the vulnerability to attack of the MQTT communication between IoT devices, e.g. a weather station and the advanced nanogrid controller, and to put forward techniques that can be employed to protect it. Data from the weather station is essential to provide predictions which are used, in turn, for making generation/consumption offers. Firstly, a cybersecurity analysis to identify assets, assess threats and quantify risks is performed. Secondly, a penetration test on the MQTT communications is carried out to exemplify the exposed threats. Finally, strategies such a Intrusion Detection, Protection System (IDPS) and communication encryption are implemented.