Time series-based detection and impact analysis of firmware attacks in microgrids

Distributed generation (DG) and microgrids (MG) are critical components of future power systems. However, the reliance of DGs and MG on resource-constrained embedded controllers for their operation renders them potential cyberattack targets. In this paper, we analyze the adversarial objectives of attackers attempting switching and control input modification attacks by manipulating controller firmware. We demonstrate the attack impact in the simulated Canadian urban distribution feeder system consisting of four DGs. To detect malicious firmware within the inverter controllers, we propose utilizing custom-built Hardware Performance Counters (HPCs) in conjunction with Time Series Classifiers (TSCs). TSCs respect the sequential order and attributes of the utilized custom-built HPCs sampling the controller’s firmware. Our experimental results demonstrate that malicious firmware can be successfully identified with 97.22% accuracy using a TSC trained on a single custom-built HPC. © 2022TheAuthor(s).PublishedbyElsevierLtd.ThisisanopenaccessarticleundertheCCBYlicense (http://creativecommons.org/licenses/by/4.0/).


Introduction
Electric power systems are transitioning from unidirectional power flow architectures of the past -supported by bulk generation facilities -to distributed networks that facilitate bidirectional power flows. The growing penetration of DG improves the system resilience (i.e., through resource redundancy), but also introduces some unique challenges. The 'active' DG resources typically connect to the main grid utilizing voltage converters. These voltage converters operate fundamentally differently from synchronous machines, which were the focal point of traditional power system design. As a result, power system deployments need to be revised to account for the behavior of such low-inertia systems under accidental faults, i.e., factoring the inverter-based DG transient behavior, as well as malicious cyberattacks (Markovic et al., 2021).
Safeguarding inverter-based DGs against cyberattacks is critical to ensure the secure operation of future microgrid (MG) and smart grid setups. Researchers have tried to enumerate the vulnerabilities of inverter-based systems and propose attack detection and mitigation methods (Zografopoulos et al., 2022;Sebastian et al., 2019;Ye et al., 2021). However, challenges * Corresponding author.
E-mail address: zografop@gmail.com (I. Zografopoulos). 1 Equal contribution. remain to be addressed (Youssef, 2021;Xenofontos et al., 2021), e.g., (i) the diversity of embedded systems utilized in inverter controllers provided by different vendors, and (ii) retrofitting security mechanisms to already deployed and legacy devices. Malicious firmware modifications (targeting the controllers) can have significant consequences ranging from inefficiencies in power generation (within DG systems) to grid failures. Hardware-based Detectors (HDs) are a prominent solution for the detection of malicious firmware (Malone et al., 2011;Ozsoy et al., 2016). Hardware Performance Counters (HPCs), a subclass of HDs, are dedicated registers that monitor low-level microarchitectural events such as the number of bus-cycles, branch instructions, and cache misses. The HPCs collected from the execution of a program enable obtaining a unique hardware footprint that can be utilized to train Machine Learning (ML) classifiers for malicious firmware detection (Sayadi et al., 2019;Wang et al., 2016).
In many cases, securing power systems with HPC-based detectors is challenging, since grid controllers utilize microcontrollerbased solutions, due to their low cost and power consumption, which lack HPC support. To ameliorate this challenge, we have previously proposed the use of custom-built HPCs that keep track of assembly instruction sequences within the inverter's firmware (Kuruvila et al., 2021b). Subsequently, ML can be applied to these custom-built HPCs for the classification and detection of malicious firmware. However, traditional ML models do not respect the sequential order of custom-built HPCs since the classifier will test each individual sample independently. Therefore, they still yield false positives because malicious firmware can incorporate benign instructions that result in similar custom-built HPC counts (Pan et al., 2020).
Assessing the impact of a compromised grid controller independently is the first step when designing cyberattack detection mechanisms. However, MGs are typically largely interconnected systems and attacks targeting multiple DG nodes simultaneously should be factored in cybersecurity analyses when implementing detection frameworks . Adversaries can exploit DG interdependencies when crafting their attacks, to impact nominally operating grid assets which would attempt to absorb grid anomalies. As a result, undesirable impacts -when a subset of DGs is targeted -can propagate and destabilize the entire MG system, especially in weak grid architectures (as seen in Section 4) (Adib et al., 2018).
To address the aforementioned issues, in this paper, we propose respecting the sequential order of the custom-built HPCs by utilizing Time Series Classifiers (TSCs). TSCs consider both the data at the point at which they are observed and the observations at those points. Consequently, TSCs do not scramble the data because the sequential attributes of a custom-built HPC interval encapsulate better classification information when compared to individual samples. To the best of our knowledge, this is the first work that exploits TSCs in conjunction with custom-built HPCs for malicious firmware detection in a MG architecture involving four inverter-based DGs. Specifically, our contributions are as follows: • We assess the comprehensive impact of switching and control input manipulation attacks targeting a MG with four inverter-enabled DGs.
• We leverage time series classification in conjunction with custom-built HPCs for the detection of malicious firmware in inverter clusters that lack HPC support.
• We assess the time series classification capabilities when utilizing multiple custom-built HPCs for the detection of attacks in DG controllers.
The rest of the paper is organized as follows. Section 2 discusses preliminary power system background information and previous works on cybersecurity and malware detection for securing grid infrastructure. In Section 3, we present our threat model and proposed methodology, while we demonstrate the attack impact and detection results in Section 4. Lastly, Section 5 concludes the paper and discusses future work.

Preliminaries for distributed grid systems and custom-built HPC designs
DG offer a plethora of advantages compared to traditional hierarchical power systems. They can supply flexible and economic power by replacing costly and geographically dispersed bulk generation facilities while eliminating potential transmission losses. Furthermore, DG can maintain power provision to critical loads during emergencies, enhancing power system resiliency to operational disruptions. However, power systems with increased DG also exhibit certain vulnerabilities. For example, voltage, frequency, and active or reactive instabilities happening on the DG-side can propagate to the MG or main grid sides, adversely affecting their operation (Zografopoulos et al., 2021b,a). The introduction of inverter-based DG further aggravates these circumstances, since adversaries can mount stealthy attacks causing varying degrees of damage (from intermittent operation to blackouts, and cascading failures). In this paper, we utilize custom-built HPCs to detect such malicious attacks.
HPCs are special purpose registers that monitor low-level microarchitectural events, such as the number of branch instructions and cache-misses. The number of available HPCs is processor specific, and typically four to six HPCs can be concurrently observed (Demme et al., 2013). Although HPCs were developed for software profiling, previous research has demonstrated the feasibility of employing HPCs in conjunction with ML models for the detection of pernicious programs (Wang and Karri, 2015;Demme et al., 2013). HPCs, have also been used in commercial products such as Intel's HPC-based Threat Detection Technology (TDT), which is utilized by Microsoft Defender for Endpoint . Contrary to most modern processors furnishing HPC support, HPCs are not readily available in microcontroller-based devices such as the Texas Instruments (TI) C2000 microcontroller family, which provides real-time control for industrial, automotive, and electrical applications. Despite the lack of HPC support, many embedded devices utilize microcontrollers given their low power consumption and minimal costs; this is the case with solar inverters in DG nodes. Therefore, it is imperative to identify alternative hardware features to profile benign and malicious firmware (Malinowski and Yu, 2011).
To address the lack of HPC support in microcontroller devices, proposed methodologies extract distinct assembly instructions counts from a program's static disassembly as custom-built HPC features (Rohan et al., 2019;Kuruvila et al., 2021b). Specifically, the assembly instructions profiled could include arithmetic, branch/jump, load, boolean, and store instructions, which we denote as a, b, l, n, and s, respectively. Additionally, custom-built HPCs could also profile possible assembly instruction combinations. As an example, the custom-built HPC ab represents an arithmetic instruction that is followed by a branch/jump instruction. For the generation of custom-built HPCs, the sequence of the aforementioned assembly instructions and combinations would be periodically monitored in the disassembled firmware. To emulate the collection of traditional HPCs, these custom-built HPC values would be reset at a predefined interval. This interval is volatile and depends on the static disassembly, since utilizing a large value results in more information per custom-built HPC, at the cost of fewer samples furnished. In contrast, a smaller interval engenders more samples at the price of less information present per custom-built HPC. To further bolster the detection efficacy of custom-built HPCs, we use them in conjunction with TSCs that respect the sequential trace order. An overview of the HPC-based detection methodology is depicted in Fig. 1.

Related work
In the domain of identifying and defending against malicious firmware, various prior works have been proposed. GoodUSB, a technique that implements a regulating architecture in the Linux USB stack for defending against malicious firmware attacks compromising traditional USB devices that inject malevolent scripts, was presented in Tian et al. (2015). This technique involves a mediator module that permits or inhibits driver access based on the user's expectations of the device's functionality. Consequently, compromised USB devices are unable to execute their payload, as GoodUSB obstructs the permissions that would normally be granted. An approach that embedded light-weight intrusion checkers within a device's firmware was proposed in Shila et al. (2016). This method involved utilizing source code instrumentation to detect anomalous activity by analyzing the current and previous recurrent operations for any deviations that would subsequently be flagged. For securing a computer mouse from the installation of pernicious firmware, a bootloader employing a signature verification code methodology was proposed in Maskiewicz et al. (2014). Additionally, VIPER, a software-based attestation technique that validates the authenticity of peripheral firmware but assumes the operating system and CPU have not been tampered with, was presented in Li et al. (2011).
In this paper, we employ HDs for detecting pernicious firmware modifications in DG nodes, i.e., inverter controllers, using a HPC-based approach. The advent of employing HPCs for identifying malicious applications was first proposed by Malone et al. (2011). However, this work was considerably ameliorated by utilizing the HPCs in conjunction with ML models for classifying programs (Demme et al., 2013). To detect kernel-level rootkits, HPC data was used to train a Support Vector Machine (SVM) classifier that was able to identify both encountered and novel rootkits in Singh et al. (2017). Furthermore, RAPPER, a ransomware detection technique that utilizes an Autoencoder to learn the HPC characteristics of benign behavior for identifying anomalous deviations, was introduced in Alam et al. (2020). An ensemble-based approach utilizing two to four HPCs per classifier for Malware detection was presented in Sayadi et al. (2018). Feature selection was utilized to identify a smaller subset of HPCs that, when used in an ensemble, would furnish results consistent with models utilizing a larger set of HPC features. Finally, ConFirm, an HPC-based comparison technique, was developed for identifying firmware modifications in Wang et al. (2016). With respect to the domain of time series-based Malware detection, an analysis using a multivariate time-series autoregressive moving average model that compares data for detecting Android Malware was presented in Kim and Choi (2015). Additionally, a shapelet TSC that extracts discriminative features from an entropy time series-based signal for determining Malware in executable files was proposed in Patri et al. (2017). Moreover, an autogregressive model employing background network noise for detecting intrusions in network traffic was established in Bahaa-Eldin (2011).
While most modern processors have integrated HPCs into the architecture, microcontroller-based systems still lack adequate HPC support. Consequently, a plethora of techniques have been presented for detecting malware through the utilization of alternative HPCs. Researchers have defined and explored detecting malicious applications through ML models trained on sub-semantic features (Ozsoy et al., 2015(Ozsoy et al., , 2016. On the other hand, custom-built HPCs that count the ordering of specific instructions at the assembly level were used to train ML classifiers for detecting malware (Rohan et al., 2019). This work was extended to incorporate additional assembly instructions for detecting malicious firmware attacks in MGs, including Denialof-Service (DoS) and Maximum Power Point Tracking (MPPT) modification threats (Kuruvila et al., 2021b). However, the domain of utilizing time series classification in conjunction with custom-built HPCs has yet to be explored. In this paper, we demonstrate how respecting the sequential characteristics of the custom-built HPC data is beneficial for ML models to differentiate between benign and malicious firmware.

Methodology
In this section, we discuss the threat model assumed in this work and provide the firmware attack design specifics. Then, we introduce our custom-built HPC-based time series attack classification methodology which is utilized for the identification of different types of firmware attacks on the DGs' inverters.

Threat model for firmware attacks
The complex nature of distribution systems, given their interconnections between assets, i.e., DG resources, in addition to their cyber and physical counterparts, necessitates comprehensive threat modeling. We utilize the threat model methodology presented in Zografopoulos et al. (2021b) -conforming with the MITRE ATT&CK for Industrial Control Systems design and philosophy (MITRE, 2020a) -to outline the security assumptions made for the attacker capabilities and cyberattacks aiming to compromise the discussed MG architecture. We distinguish between the adversary model and the attack model, since the security implications are contingent upon the attacker capabilities, intentions and objectives as well as the attack specifics (e.g., reproducibility, functional level of the targeted asset, attack techniques and tactics used, etc.). These adversary and attack model details are also critical when performing cyberattack risk assessments, aiding the quantitative calculation of risk scores (factoring plausibility of threats) and the resource allocation prioritization dealing with malicious events.
We assume an oblivious adversary with restricted observability over the MG topology, and who could have direct access to a subset of DG inverter controllers. Our assumption is driven by the fact that the widespread decentralized deployment and control of commercial and consumer-level DERs (e.g., rooftop PVs, battery storage, etc.) expands the threat landscape. In such DER deployments, end-users are responsible for securing their assets, which in most cases are internet-connected and feature remote control and firmware update capabilities (Johnson, 2017). As a result, attackers could either be the end-users of inverter assets (i.e., possession) or could exploit existing vulnerabilities and/or zero-days in the remote functions of such assets (e.g. over-the-air firmware updates of programmable controllers) (Bettayeb et al., 2019;Sapir et al., 2022). The adversarial specificity, is presumed to be a non-targeted attack, i.e., any firmware modification that results in converter malfunctioning is favorable for our threat actor, while the adversarial resource requirements can vary from minimum (Class I adversaries) to state-funded criminals (Class II).
Regarding the attack model, we assume that to maximize the impact, attacks need to occur iteratively and must be performed multiple times. The asset under attack is the DG inverter controller, thus the attack level is Level 1. The attack technique exploits control logic code modifications (MITRE, 2020b), however other attack techniques have been utilized by adversaries in the past achieving similar results, e.g., modify controller tasking (MITRE, 2020c), modify parameters (MITRE, 2020d), modify program (MITRE, 2020e), etc. In our case, the attack premise targets the programmable controller of the inverter (Sapir et al., 2022). The attack model aims to compromise the inverter's power conversion operation and efficiency -directly affecting the DG's power output -by tampering with the control setpoints, and maliciously managing critical inverter submodules (e.g., gate driver modulation, output power stage switching, etc.). More details on the threat modeling terminology and the defined distinctions between the adversary and the attack model characteristics can be found in Zografopoulos et al. (2021b) and MITRE (2020a).
The objective of the proposed methodology is to detect malicious firmware before it can be uploaded to microcontrollerenabled devices; in our case, an inverter controller. The motivation comes from the fact that many industrial facilities rely on legacy embedded devices and controllers. According to IMS research, almost 85% of industrial devices are legacy systems with limited resources and security capabilities (Intel, 2015). Granted the lack of hardware malware detectors in many industrial controllers, we opt for a tailor-made HPC and time series-based detection method that can effectively enhance their security without any specific resource requirements (e.g., CPU, memory, etc.) or impact on their performance (e.g., computational latency, etc.). It should be noted that the presented detection scheme could be adapted for embedded devices supporting in-built HPCs, where it would not only be possible to detect malicious firmware versions before updates (in a secure update fashion), but also detect real-time anomalies via constantly monitoring HPC and time series events, at the expense of some additional computations.

Firmware attack design considerations
In this section, we will present two attack scenarios that adversaries can utilize to destabilize the DG nodes, causing anomalous behavior or total collapse. Specifically, we will focus on how attackers, by deliberately manipulating the inverter firmware functions (controlling the inverter conversion process) and strategically timing their attacks, can degrade the whole MG system operation and potentially damage critical grid assets. In Fig. 2 we demonstrate the inverter control loops, i.e., DC-DC and DC-AC conversion, that will be manipulated in the following attack models.

Switching attacks
Switching attacks target the system availability by disabling the underlined power generating assets within the DG (e.g., solar inverters). For example, denial-of-service (DoS) attacks are a form of switching attacks where the output of DG inverter can either be disabled by switching off its output stage, deactivating the inverter's power control module (e.g. PWM block, transistor gate drivers), or by deactivating the whole inverter device (via remote commands). By manipulating the DG inverter timer and sensor measurements, we can craft such DoS switching attacks causing the inverter to operate intermittently. In Eq. (1) we demonstrate a simplified state space representation of the DC-DC control stage of the inverter. The current reference value provided by the MPPT control block will define the PWM duty cycle operating the flyback boost converter. If the real-time sensed measurementsessential for the MPPT block to calculate the PWM reference -are maliciously compromised (e.g., by altering their sensor filter gains -C a ), the inverter will operate abnormally. We will emulate the scenario where the photovoltaic power is not sufficient to initiate the inverter operation. In more detail, we can successfully compromise the inverter's availability using switching attacks that trigger the aforementioned asset on or off at 0.1 s intervals causing significant voltage and frequency fluctuations, harmonics, etc.
Switching Attack : where,ẋ DC is the state variable vector that includes the DC voltage and current measurements from the PV, A, B, and u DC are the system, input matrices, and the control input vector, respectively. y a represents the compromised sensor measurement vector as a result of the manipulated sensor gains included in output matrix C a .

Control input attacks
The inverter controller is critical for the DG's operation for a plethora of reasons. Inverter controllers regulate voltage and current outputs under varying solar insolation profiles, maximizing the power transfer from the solar panels to the DG system (e.g., maximum power point tracking algorithms) (Kuruvila et al., 2021b). Additionally, they can enhance grid stability via their inbuilt smart inverter volt-var and volt-watt functions, compensating reactive power injections and improving the power quality (i.e., rejecting harmonics). Given the importance of the inverter controller for the nominal DG operation, we have implemented attacks that manipulate the controller (DC-AC) inputs to destabilize its operation and cause the aforementioned unwanted events. Eq. (2) describes the control input attack model where optimal control decisions are manipulated by the malicious firmware (g a (u AC )). We achieve that by periodically spoofing the controller inputs, leveraging the inverter's timer, and by modifying the controller gains and reference setpoints with arbitrary values.
Control Input Attack : where,ẋ AC is the state variable vector that includes the DC bus voltage and the grid's AC voltage and current measurements.   (mean, std, slope) arr_vals ← empty Array loop + = val end A, and B, are the system and input matrices. The term g a (u AC ) models the compromised control input vector, while y and C represent the sensor measurement vector and output matrix, respectively.

Time series-based classification
In order to detect the aforementioned malicious firmware attacks in Section 3.2, we utilize custom-built HPCs (Kuruvila et al., 2021b) as shown in Fig. 3. As previously explained in Section 2.1, custom-built HPCs profile distinct assembly instructions within a firmware's static disassembly. Consequently, custom-built HPCs are dependent on the procurement of assembly instructions from the program running on the device to be secured. However, we note that many embedded systems and real-time applications utilize compiled languages like C/C++ because of their speed and resource management capabilities. Therefore, this enables the feasibility of a controller to generate the tailor-made HPC values from the dissembled firmware. In this paper, we monitor arithmetic, branch/jump, load, boolean, and store instruction, since they encompass a majority of the assembly instructions present in assembly code. Furthermore, we also monitor all possible custom-built HPCs assembly instruction combinations. Specifically, not only do we profile an instruction succeeded by another, we also consider an instruction that is succeeded by itself. Therefore, we have 30 custom-built HPCs in our feature vector, as we have five individual instructions, a, b, l, n, and s, as well as 25 different assembly instruction combinations. We note that custom-built HPCs are not limited to just individual and combinational pairs. It is feasible to extend this technique to include custom-built HPCs that monitor three or more consecutive assembly instructions. However, for our work in this paper, we did not require extending our feature vector to include these additional features. With our feature vector established, we can utilize our custom-built HPCs in conjunction with TSCs for determining the malicious firmware attack.
We leveraged time series classification with custom-built HPCs because traditional detection techniques have no regard for the temporal order of custom-built HPC data, i.e., the ML is trained on non-sequential data and inferences on individual samples, thereby disregarding any recognition of the sequential attributes. Disregarding the transient sequence of custom-built HPCs can result in erroneous classifications between firmware that share similar behaviors (Pan et al., 2020). Specifically, Time Series Classifiers (TSCs) consider both the data at the point at which it was observed and their respective values at those temporal periods. This is notionally represented as x(t 1 ), x(t 2 ), x(t 3 ), . . . , x(t T ) for observations at t 1 , t 2 , t 3 ,. . . t T (Löning et al., 2019).
For our experimental results in Section 4, we employ the Time Series Forest (TSF) for all our time series classification experiments. We selected this classifier as prior works have shown that they are computational more efficient while furnishing better classification metrics than other time series classifiers because of their ensemble nature (Deng et al., 2013). Specifically, the TSF is an interval-based model that extracts and incorporates information from different intervals of an input series (Bagnall et al., 2017). Algorithm 1 provides an overview on the operational steps of the model. First, the classifier operates by taking input data and splitting it into user-specified intervals. This step is imperative as separating the data into intervals instead of individual samples ensures the sequential properties of the data are respected. From the divided intervals, the TSF will extract different features such as the mean, standard deviation, and slope. Subsequently, the model is then trained on these extracted features (Amidon, 2020). The interval features of mean (f 1 ), standard deviation (f 2 ), and slope (f 3 ) for given intervals t 1 and t 2 and values at specific times v i are defined as follows: whereβ is the least squares regression line (Deng et al., 2013). Furthermore, the TSF model's inherent interval-based capabilities provide robustness because the features that are computed from the interval enable capturing and profiling the sequential characteristics of an application.
Since the custom-built HPCs are able to profile a device's firmware, as explained in Section 2.1, any malevolent attempt to obfuscate the firmware, e.g., by inserting instructions at the code level, would result in firmware digression from its ''golden trace''. HPCs have been proven an effective indicator of compromised firmware, however, we aim to enhance malware detection accuracy leveraging TSF analysis (SANS Institute, 2022; Kuruvila et al., 2021b). The TSF respects the sequential order of the custombuilt HPC data by extracting the mean, standard deviation, and slope at different intervals as explained in Section 3.3. Therefore, during the TSF prediction, the interval features extracted from the manipulated data would differ from the expected values. Consequently, our proposed methodology is robust against attackers because the custom-built HPCs provide the granularity needed to profile the firmware. Subsequently, the TSCs can extract the sequential attributes from custom-built HPC data during training to furnish more accurate predictions than traditional models. We note that in our proposed methodology, the custom-built HPCs are hardcoded into the hardware for collection and do not require any upgrades. However, the selection of which custom-built HPCs are employed can be modified. Specifically, at any time, a subset of these 30 custom-built HPCs can be dynamically selected for utilization. The user is free to select only a couple or even all custom-built HPCs for employment.
To demonstrate the capability of our proposed methodology, in this paper, we utilize a Piccolo TMS320F28035 Isolated Con-trolCARD, which is part of TI's C2000 ware microcontrollers, for controlling a commercially available solar microinverter (Texas Instruments, 2020). We note that our presented technique is not limited to electric grid controllers, as it is applicable for other embedded components. Since we are profiling the assembly instructions, our method is agnostic of the device being secured. We do not incorporate any measurements from the grid regarding power, current, or frequency. Therefore, if the assembly code of the firmware is procurable through a disassembler, TSC can be applied to the generated custom-built HPCs. However, the number of custom-built HPCs that can be profiled may be limited based on the assembly instructions present in the disassembly.

Combining custom-built HPCs
While time series classification provides many beneficial properties by accounting for and respecting the sequential attributes of the custom-built HPC order, it is not ideal to utilize all 30 features concurrently. As the number of employed features is increased, additional overhead is incurred to support monitoring all of these different events. Since these micro-controllers, such as TI's C2000 ware series, consists of limited HPCs, it is ideal to add minimal primitives, to reduce the hardware overhead. While our feature vector consists of a plethora of different custom-built HPCs, we should ideally utilize the smallest possible amount (i.e., one to two HPCs) that enables detecting the malicious firmware attacks, thereby ensuring the required overhead is constrained. The difficulty with only employing a single custom-built HPC is that the TSF is limited in the information that can be extracted. Although the TSF's sequential properties enable providing improved classification metrics of malicious firmware, false positives can still occur. Scenarios can arise where the custom-built HPC being used has synonymous instruction counts between the benign and malicious firmware. Therefore, while employing a single custom-built HPC furnishes a low overhead solution, additional features should be considered for ensuring robustness.
To address the aforementioned issue, we consider evaluating multi-feature utilization in conjunction with TSCs. Specifically, employing more than one custom-built HPC can bolster the classification metrics of the TSC because there is more information present to ensure robustness. Moreover, when we examine the quantity of the number of sequential series interval segments that are present within a custom-built HPC trace of a program, this quantity will always be smaller when compared to the count of traditional ML samples. Since regular ML models scramble the data, each unit is analyzed individually instead of jointly within a single series. Consequently, the amount of information each sample inherently contains is limited in traditional ML models. However, time series segment samples exhibit more beneficial classification information, since the longer trace allows for extracting more relevant sequential characteristics. Therefore, it becomes only natural to consider the effects of employing more than one custom-built HPC to bolster our utilized TSC's accuracy. Multi-feature employment engenders additional time series segments for our TSC to learn and extract patterns from. Since prior work has already shown that HPC data has a positive correlation when jointly utilized, incorporating multiple custom-built HPCs concurrently will ideally provide an increase in detection accuracy (Kuruvila et al., 2021a).

Impact analysis
In this section, we demonstrate the impacts of different attacks on the DG nodes. We have selected attack scenarios where the attacker aims to affect the grid operation through inverter firmware modifications. For instance, the inverter firmware could be manipulated to (i) arbitrarily switch on/off the DG's inverter output stage, curtailing the generated power (switching/DoS attacks), or (ii) send malicious inputs to the inverter controller causing abnormal system behavior (control input attacks). The attack impact is first examined from the system operator perspective, by observing the per unit (p.u.) voltage and angle measurement perturbations in the presence of diverse attack classes targeting the inverter-based DGs. Then, we assess the corresponding impact of such attack classes from the DG perspective and provide the voltage, current and total harmonic distortion (THD) measurements of the DG nodes during attacks scenarios including switching, control input tampering, as well as combination of the aforementioned attacks in standalone and cascading scenarios.

DG system model
The MATLAB/Simulink software environment is used for the offline simulation of the Canadian distribution system model consisting of four inverter-based DGs, as described in Fig. 4. More extensive distribution system models, incorporating multiple feeders, node, and DGs, could also be used, without affecting our detection methodology. However, we opted for the Canadian urban distribution model because the impact of switching and control input attacks can be immediately observed (i.e., less interdependencies with neighboring nodes). For our worst-case scenario analysis, MATLAB/Simulink is sufficient to illustrate the adverse attack impacts, although there exist specialized software packages (e.g., ETAP, OpenDSS, GridLAB-D, etc.) that can reproduce and assess the results of firmware modifications on distributed system operations with high fidelity. The utility source point of connection of the Canadian urban model is assumed as an infinite bus for our simulations and operates at 120 kV while being connected to a 120 kV/12.5 kV step-down transformer. The remaining grid assets are coupled to the substation transformer through a circuit breaker, while a 2.75 MVar capacitor bank is also connected to the substation bus. The DG nodes under test operate at the 208 V level and are distributed along the feeder. The DGs are interfaced to the feeder (operating at 12.5 kV level) via 12.5 kV/208 V step-down transformers. Per Fig. 4 description,  Fig. 4. Canadian urban benchmark distribution system feeder with 4 inverter-based DGs (Wang et al., 2009). the DG-connected loads are configured at 2 MVA with a power factor of 0.95 (Wang et al., 2009).
The DG inverter controllers utilize: (i) a phase-locked loop subsystem to assist the automatic gain control and track the operating frequency, and (ii) a discrete proportional-integral (PI) controller tracking the DG-generated peak voltage used to control the pulse-width-modulation input supplied to the inverter's gate drivers. Additionally, every DG can trigger its islanding mechanisms to preemptively disconnect from the main MG if abnormal conditions are encountered, e.g., frequency and/or voltage violations.

Attack impact analysis
Following the Canadian distribution system model architecture presented in Fig. 4, we have reported that all four DGs can operate in either a fully connected, where power is shared between the DGs and the main distribution system feeder, or an autonomous mode. The autonomous or islanded mode can be initiated by the system operators if abnormal conditions, e.g., frequency or voltage fluctuations, are encountered to protect the DG assets (i.e., customers and loads) and avoid damage or loss of operation.
Notably, by triggering the DG's islanding mechanism, the damage arising from either the transmission or the distribution system side can be self-contained. However, once a DG is decoupled from the main system, it should be able to cover its respective power demands arising from the inherent loads, such as industrial and residential customers, or perform load shedding by prioritizing any critical loads whose operation needs to be sustained. In Fig. 5, we present the base case of our system where all DGs are operating nominally; this fact is supported by both the DG and feeder voltages, which immediately stabilize to 1 p.u., as well as the voltage angles which decay to 0 degrees immediately after the system simulation start.
According to our threat model description from Section 3.1, we assume sophisticated attackers, who aim to maximize their attack impact by meticulously orchestrating their attacks. In more detail, we consider attack scenarios which involve: (i) switching/DoS attacks targeting the DG's inverter operation, (ii) input-tampering attacks directed at the DG's inverter controller compromising the power conversion process, and (iii) combinations of the two previously mentioned attack types leading to more complex malicious scenarios. In the aforementioned attack scenarios, the severe voltage fluctuations cause the immediate islanding of the DG nodes from the main MG (when the DG voltage drops below 0.98 p.u.). In Fig. 6, we present the voltage and angle measurement behaviors under three different compound attack classes. Significant voltage and angle deviations are shown when compared to the base case scenario (Fig. 5).
Specifically, in Fig. 6, we assume that the attacker is performing a two-step attack which aims to first isolate the DGs from the main feeder (triggering the islanding mechanism) and then spoof the DGs' inverter controller to cause further damage to the DGs' contained assets (e.g., consumers and loads). In Fig. 6(a), the switching/DoS attack targeting DG node #1 is initiated at 0.1 s causing the defensive islanding of the targeted DG and immediately after (at 0.2 s) the input-tampering attack is ensued compromising the inverter controller. The impacts of the aforementioned on both the voltage and phasor angles are demonstrated in Fig. 6(a). The results of similar attacks are depicted in Figs. 6(b) and 6(c), where in Fig. 6(b), both DG nodes #1 and #3 are targeted by the adversary, while in Fig. 6(c), all DGs are compromised in a cascading fashion (one after the other).
Apart from the ''macroscopic'' attack impact of malicious attacks as can be seen by system operators having access to voltage and angle measurements (Fig. 6), it is also worth investigating the impact of such attacks within the DG systems. In Fig. 7, we demonstrate how the three-phase voltage, current, and total harmonic distortion (THD) properties of the DGs are impacted during switching control-input tampering attacks. Notably, in Fig. 7(a), we depict the voltage, current, and THD values of any DG operating in the attack-free scenario, while Figs. 7(b), 7(c), 7(d) and 7(e) outline the detailed DG node when subjected to different attack scenarios.
In Figs. 7(b), 7(c), and 7(d), we observe the impact of a combined switching and control input attack targeting DG nodes #1, #2, and #3 correspondingly. All three attacks begin by maliciously manipulating the islanding mechanism of the DGs. As can be seen in the figures, the voltage and current values denoting inverter-based power generation fluctuate (from zero power (i.e., no generation) to some generation) when the DGs are connected and then disconnected from the feeder. Furthermore, apart from the switching attack, a control-input attack is superimposed on these attack use cases adversely affecting DG inverter power conversion profiles. In Fig. 7(b), this control input attack starts at 0.2 s, while the attack on DG nodes #2, and #3 are initiated at 0.25 s, and 0.3 s, as depicted in Figs. 7(c) and 7(d).
In Fig. 7 the attack impacts on neighboring DGs cannot be observed since we focus only on the local DG measurements (e.g., voltage, current, THD). However, Fig. 6(c) explicitly demonstrates how attack orchestration can degrade voltage stability as seen from the distribution system operator perspective. In such scenarios, where all DGs have been compromised (Fig. 6(c)), defensive islanding and load curtailment are enforced as remedial actions to secure both the generation resources and their associated consumers and loads. In our case, such remedial actions would cause the brownout of the DGs since they have already been disconnected from the main grid, and they rely on their inverter-based resources to meet their load demands.
The THD values should also be monitored while these attack scenarios are in effect. The demonstrated rapid fluctuations of the THD indicate significant degradation in the power quality of the underlined DG system, and increased harmonic frequencies, which could potential lead to damaging the contained assets or would require extensive frequency compensation schemes to negate their effects and bring the THD values to acceptable levels.
Contrary to the attacks demonstrated in Figs. 7(b), 7(c), and 7(d), in Fig. 7(e), we illustrate the impact of a 'solely' switching attack on DG node #4. Evidently, the power generation profile of DG #4 inverter is affected when the DG node is intermittently connected to the feeder, enabling the bidirectional flow of power.
The THD values are also affected by the switching attack, however in this use-case we can observe first that the amplitude of the distortion is significantly smaller when compared to the previous three scenarios and it is closely following the switching pattern introduced by the sectionalizations. Although, the severity of this attack should not be overseen, the corresponding impact on the DG operation is notably less pronounced when compared to the compound attack cases. Thus, the simulation results of the attack examples mentioned earlier in this section validate our assumption that sophisticated adversaries by thoughtfully orchestrating their attacks could cause a significantly greater impact on the overall system, even when parts of it operate in a distributed fashion.

Attack detection results
The objective of our methodology is to detect malicious firmware versions before they are uploaded to resource-constrained embedded devices (e.g., lacking hardware-based malware detectors). To assess and validate the capabilities of our proposed methodology in defending against the malicious firmware attack ramifications shown in Section 4.1.2, we evaluate our technique using a real-world commercially available firmware for a microinverter system. Specifically, we employ TI's solar microinverter that utilizes a F2803x microcontroller, which is used for both the testing and evaluation of the attacks (Texas Instruments, 2020). We have generated four malicious firmware versions, in accordance with the attack scenarios described in Section 3.2, by introducing modifications to the solar microinverter code. Namely, the scenarios involve a switching attack disabling a whole DG node, a targeted switching attack on the MPPT functionality of the DG, and two MPPT control input attacks that introduce inefficiencies within the solar power conversion process. The malicious firmware versions materializing the aforementioned attacks were ported to the Piccolo TMS320F28035 Isolated ControlCARD that uses a DIMM100 Docking Station Baseboard for supplying the board-specified power and JTAG capabilities.
To obtain the static disassembly instructions from the flashed firmware, we utilized TI's dis2000 dissembler. We selected this dissembler as this tool was specifically created by TI for dissembling firmware for their C2000WARE microcontrollers. We employ the custom-built HPCs presented in Section 2.1 for profiling the flashed benign and malevolent firmwares. To generate these custom-built HPCs, we incorporate a Python script that iteratively parses the assembly instructions and computes the number of each distinct custom-built HPC in the dissembled firmware executable. Since HPCs are counted periodically, i.e., at fixed intervals, our Python script collects the total number of each custom-built HPC every 50 assembly instructions. This sampling rate is utilized as it is large enough to capture relevant information about the structure of the program, but diminutive enough to furnish an adequate amount of samples (Kuruvila et al., 2021b). We balanced the samples in our dataset to remove any unwanted bias from skewing our results. Specifically, we utilized an 80:20 split where our model is trained on 80% of the dataset and tested on the remaining 20%. We aggregate samples from all the switching control input attacks as well as the ''golden'' basecase firmware. Once the custom-built HPCs have been generated, we subsequently train the TSF classifier that was developed in Python using the sktime library (Löning et al., 2019). For the TSF model, we employed a time series interval length of five to ensure the model had a reasonable amount of samples to extract sequential attributes from. Other time series lengths could have been employed, albeit with a difference in model performance.

Time series-based detection with custom-built HPCs
To evaluate the effectiveness of utilizing TSCs in conjunction with custom-built HPCs for detecting malicious firmware attacks, we analyzed the classification metrics furnished when utilizing each unique assembly instruction. Since we want to minimize the amount of features that are employed, analyzing the efficacy of our proposed technique when utilizing a single feature is important. In Fig. 8(a), we present the results when utilizing different traditional ML models including Random Forest (RF), K-Nearest Neighbor (KNN), Support Vector Machine (SVM), and Neural Network (NN) on custom-built HPC data for detecting the attacks from Sections 3.2.1 and 3.2.2. We determined the accuracy when utilizing each of the main assembly instructions, arithmetic a, branch/jump b, store s, load l, and boolean n, as explained in Section 2.1. From our results, the RF model furnished the highest accuracy of all classifiers for each employed custom-built HPC with a total average of 52.89%. In Fig. 8(b), we present the accuracy, precision, and recall when the TSF is trained on these individual assembly instructions. The average furnished accuracy was 91.97%, which is an increase of 39.08% when compared to the traditional results of the RF. Our best results were furnished when the TSF was trained using custom-built HPC ''s''. Specifically, we obtained an accuracy of 97.22% and recall of 93.33%. Moreover, the precision was 100% which is imperative as we did not incur any false positives and demonstrates the benefits of utilizing sequential attributes when employing a single feature.

Robustness to imbalanced data
Our results in Section 4.3 utilized a balanced dataset to ensure a fair evaluation of the performance metrics. Specifically, we were primarily focused on ensuring the false positive rate was minimized. An imbalanced dataset can lead to a biased ratio of false positives and false negatives. Consequently, to demonstrate the robustness of time series classification, we utilize our dataset without balancing the samples and retrained the TSF. Therefore, the employed dataset will possess more malicious samples, because we designed and collected custom-built HPCs for four attacks while having one golden benign firmware collection. Our results are shown in Fig. 9. Even with the biased dataset, the TSF still furnished an average accuracy of 84.54%, which is only 7.43% less than the results in Fig. 8(b). For the average precision, we obtained 89.41% which is only 5.15% less than the 94.56% furnished from the balanced dataset. This is noteworthy, as it is critical to minimize the false positive rate. Consequently, our experimental results verify the strength of time series classification, as it was robust to the type of data employed.

Custom-built combinations with time series classification
In Fig. 10, we evaluate a traditional RF model and the TSF when utilizing different custom-built HPC combinations. We only assess the RF model because our results from Fig. 8(a) demonstrate that the RF had the highest furnished accuracy among all traditional models. Fig. 10(a) shows our results for all possible assembly pairs when using the RF model. The average furnished accuracy, precision, and recall was 64.85%, 58.47%, and 65.81%, respectively. Our best results were obtained when using custombuilt HPC b and l, where the model furnished 71.58% accuracy, which is an 18.69% increase over the average accuracy from Fig. 8(a). However, while utilizing additional custom-built HPCs   improved the RF's classification metrics, they are still insufficient for incorporating in protection schemes. There would still be a plethora of erroneous furnished predictions, i.e. the false positive rate is major detriment. In Fig. 10(b), we provide our results when evaluating the effectiveness of utilizing different custom-built HPCs together in conjunction with the TSF. The average furnished accuracy was 96.75%, which is a 25.17% increase over the best result of the traditional RF model. Moreover, when employing custom-built HPCs ''b'' and ''l'' together, our TSF furnished 100% for all three performance metrics. This attests to the efficacy and benefits of time series classification that is able to extract more detailed characteristics than traditional HPC-based techniques. Consequently, these results indicate that respecting the sequential order of the data ensures that the TSF model can accurately distinguish between the attacks and benign behavior when using custom-built HPCs. Furthermore, they corroborate that only a limited number of custom-built HPCs are necessary for effective malicious firmware detection. While our feature vector consists of 30 custom-built HPCs, implementing an effective detection scheme would only incur overhead for monitoring two of these features.

Detection of unknown attacks
Our previous results demonstrated the beneficial advantages of time series detection over traditional ML models when using a single and multiple HPCs. To validate that the model was not overfitted, we now evaluate the efficacy of the TSF trained on custom-built HPCs for classifying unknown attacks. As explained in Section 4.2, we developed four different malicious firmware modifications involving two attacks that utilize DoS properties and two modifications that induce erroneous MPPT input. Our previous experiments trained the TSF on all of these attacks using 80% of the data for training and 20% for testing. In this experiment, we purposefully omit one attack from the training data and utilize the corresponding model to predict this unseen attack.
Our experimental results are presented in Fig. 11. Similar to our previous experiments, we evaluate the accuracy when using just a single custom-built HPC, i.e., the basic assembly instructions. When analyzing our results, we observe that, for all the omitted attacks, there was at least one custom-built HPC that furnished a minimum of 86.36% accuracy. Furthermore, when employing custom-built HPC ''n'', we achieved over 90% accuracy for three of the four attacks. As previously explained in Section 3.3, any pernicious attempts to modify the firmware will result in different custom-built HPC counts, thereby deviating from the ''golden trace''. Furthermore, when the TSF evaluates the data, the extracted interval features from the compromised data will also differ. Therefore, utilizing the TSF in conjunction with custom-built HPCs ensures a robust solution that can detect novel threats. Consequently, these results further bolster our conjecture of the advantages and benefits of time series detection.

Concluding remarks and future challenges
This paper analyzes firmware modification attacks targeting MG system with inverter-based DG. We illustrate the comprehensive impact of DoS and control input modification attacks leveraging the Canadian distribution feeder model. Furthermore, we utilize custom-built HPCs and time series analysis to identify malicious instructions and counterfeit firmware within the inverter controller. Our methodology can be implemented in zero-trust applications to support and safeguard devices with constrained computational resources lacking sophisticated security mechanisms (HPC support, secure boot, firmware signatures, etc.). Our proof-of-concept HPC-based malware detection method can be used to distinguish benign and malicious firmware before they can be uploaded to embedded controllers, mitigating potential unexpected consequences. Specifically, we port our tailor-made security primitive to TI's F2803x microcontroller which does not natively support HPCs. Our experimental results indicate that (i) stealthy adversaries, by strategically constructing their attacks, can maximize their impact on the MG, leading to defensive islanding, load-sheddings, and power quality degradation jeopardizing the DG assets, and (ii) time series analysis on custom-built HPC data can efficiently classify firmware-based attacks within the inverter firmware with limited resources, even when dealing with unbalanced datasets.
Our future work will focus on deploying the proposed time series enabled classification framework leveraging HPCs in diverse embedded architectures -encountered in smart DG deployments -to circumvent adversarial behavior. We will also evaluate the real-time performance of our detection framework leveraging CPS testbeds and hardware-in-the-loop experiments, where commercial inverter systems will be interfaced with emulated large-scale DG power system topologies. In such experimental setups, we will assess the impact of diverse cyberattacks with high fidelity as well as implement and examine automated response and self-healing resilience mechanisms.
Although the presented HPC-based detection framework can effectively detect malicious firmware with minimal performance overheads, it should not be considered a ''be-all and end-all'' solution. Challenges exist on the device, vendor, and policy levels. On the device-level, for instance, lack of HPC support is an obvious disadvantage that we overcome with our custom-HPC solution. However, it still inhibits the online analysis and endpoint detection of malicious firmware binaries within embedded controllers. Vendors, on the other hand, might not prioritize the security of their offered devices over their performance (securityperformance trade-off). The procurement of embedded devices with more computational resources (e.g., HPC support), in addition to increasing manufacturing expenses, will also introduce implementation and unit testing costs. Even if some vendors are willing to invest their resources towards securing their devices, legacy devices as well as the heterogeneity of already deployed devices in power systems, e.g., different vendors, instruction set architectures, etc., still creates a big treat surface. Furthermore, governments and legislative organizations should provide security conformance standards to enforce stringent computational and security requirements (device future-proofing) given the influx of connected devices expected to be deployed in power systems (inverter-based resources, electric vehicles, battery storage, etc.). Policies and best practices should also be implemented to harden devices that cannot support contemporary security schemes or operate in untrusted environments (e.g., residential PV inverter controllers).

Declaration of competing interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Data availability
Data will be made available on request.