Key points are not available for this paper at this time.
With increasing adoption of renewable generation, virtual power plants (VPPs) enhance the coupling between distributed energy resources (DERs) and demand, improving flexibility and market participation. However, the same connectivity that enables VPPs also enlarges their cyberattack surface. This paper proposes a virtual private power plant (VPPP) architecture that overlays a VPP with virtual private network (VPN) based segmentation, security-aware DER gateways, and a lightweight trust and sanitisation layer, forming a layered cyber-physical defence that can extend from local portfolios to regional and national scales. The VPPP concept is evaluated on Oman’s main interconnected system (MIS), where photovoltaic (PV) plants, wind farms, and a battery energy storage system (BESS) are aggregated at a single grid connection. A unified cyberattack model injects four representative threats: false data injection (FDI), malicious curtailment (CURT), time synchronisation attack (TSA), and denial of service (DoS) into telemetry and control streams. One-year simulations at 15-minute resolution compare a baseline VPP and the VPPP using technical, economic, environmental, and social metrics. Results show that the VPPP limits attack-induced state-of-charge excursions and excess imports by about 60%–70%, reduces additional operating costs by roughly 0.5–0.8 million OMR per incident, and avoids around 70% of the CO2 associated with renewable spillage (from about 4.7 to 1.3 kt CO2). The recovered clean energy secures the daily demand of roughly 25000–100000 households per scenario, and the framework provides a reproducible protocol for assessing cyber-physical resilience in renewable-rich power systems.
Sawilam et al. (Fri,) studied this question.