I Introduction
Securing data transmission in microgrid is crucial for maintaining normal grid operations and achieving desirable benefits, e.g., fast recovery during a main grid blackout, improved system reliability and resilience, and economic power supply to customers [10, 22]. Existing methods on this topic largely rely on cryptographic systems such as the Advanced Encryption Standard (AES) [25]. AES and similar methods use a key for all encryptions within a given time period [3]. It therefore requires that the key, which is preshared by two parties, has to be kept secret. This secure key distribution process is mostly achieved by publickey cryptographic methods such as the DiffieHellman key exchange (DH) [16] and RivestShamirAdleman (RSA) [7].
However, the security of all classical public key systems is only guaranteed based on the assumed limits on an adversary’s power. For instance, some mathematical problems such as the discrete logarithm problem [17] or the factoring problem [23] cannot be effectively solved even by the fastest modern computers using any existing algorithms [27]. These assumptions however are still unproven, and if proven false, the current cryptographic systems will no longer be secure [14].
Further, even if these assumptions remain true, the development of quantum computers will lead to security breaks [9, 26]. Quantum computing promises to efficiently solve mathematical problems by using quantummechanical phenomena such as superposition [13] and entanglement [4]. Note that although today’s quantum computers are still noisy and their advent on a scale large enough to break current cryptographic systems is perhaps still decades away, their sudden appearance will leave microgrid stakeholders little time to adapt.
A potent solution to tackle this quantumera challenge is the use of quantum key distribution (QKD) [20]. It uses laws of quantum mechanics to securely generate keys for two parties. Because those laws have been fairly heavily tested, they provide a more solid foundation than computational assumptions. However, although QKD has been widely applied in such areas like computer networks [12], online banking [2], and ATM transactions [6], the microgrid community is unfortunately largely silent on the topic of developing a quantumsecure microgrid. Part of the reason for this stems from the fact that the existing QKD systems cannot be directly applied in microgrid. With multiple communication channels and different transmission requirements existing in microgrid, it was unclear how QKD performs and whether it is applicable under various circumstances. A realtime QKDintegrated microgrid simulation testbed for evaluating the performance of the QKDbased microgrid is essential but does not yet exist.
Further, the key generation speed in a QKD system is affected by a number of variables like the distance between two communicating parties and the noise, which can be either natural or caused by an adversary, on quantum optic equipment. A large distance or a strong attack on the QKD equipment can reduce this speed, detrimentally causing keys to be exhausted. A proper strategy is significantly needed to enhance the cyberattack resilience for the system.
To bridge the gaps, in this paper, we develop a QKDintegrated microgrid testbed in Real Time Digital Simulator (RTDS). Key components like hardware connection, communication network, and QKD integration are designed and presented in detail. This is an important step towards constructing a realistic QKDenabled microgrid in practice. The realtime communication between the RTDS simulator and a remote server enabled by the QKD algorithm is the salilent feature of this testbed. Main contributions of this paper are fourfold:

A novel QKDenabled communication architecture is devised for microgrids.

A QKDintegrated microgrid testbed is built in RTDS. Key components like hardware connection, communication network, and QKD integration are presented.

A key pool sharing (KPS) strategy is designed to further enhance the system’s resilience to cyberattacks.

The impacts of critical QKD parameters like quantum fiber length, data transmission speed, attack level, and detection efficiency are evaluated with the testbed.
The rest of this paper is organized as follows: Section II describes quantum communication, and presents the design of the QKDbased microgrid architecture and KPS strategy. Section III elaborates the testbed design. Our evaluation results are reported in Section IV, and Section V concludes the paper.
Ii QuantumSecure Microgrid Enabled by QKD
In this section, we first briefly introduce the topic of quantum communication, including the quantum states, the general setting of a QKD system, and a practical QKD protocol. We then present the benefits of using QKD for microgrids and propose a QKDbased microgrid communication architecture. At the end, we present our novel KPS strategy for improving the system’s cyberattack resilience.
Iia Quantum Communication
Unlike classical secure key distribution systems that rely on mathematical assumptions, quantum communication utilizes a radically different foundation: the uncertainty principle of quantum physics. In this subsection, a brief overview of quantum communication is presented, including an introduction to quantum states, the general setting of a QKD system, and the practical QKD protocol used in this paper.
IiA1 Quantum States
Instead of using binary bits to encode information as in classical communication systems, quantum communication utilizes quantum states, or “qubits”. A qubit is a twostate quantummechanical system, whose state is commonly represented by the spin of an electron or the polarization of a photon. Unlike a binary bit, which has to be in one state or the other, a qubit can be in a coherent superposition of both states
[24]. For QKD systems, photons are the primary practical implementation of qubits. For the QKD system we consider, the polarization of the photon will be used to encode a quantum state. We will consider two Bases, namely horizontal polarization (denoted the basis later) and diagonal polarization (denoted the basis later). If a source and its receiver both operate in the same basis, information can be transmitted deterministically; however, if different bases are used, the information received will be uncorrelated with the transmitted information. The security of a QKD protocol, in a way, takes advantage of this: by encoding a classical bit string using different, randomlychosen bases, an adversary who is unaware of the basis choice can never be truly certain of the information being transmitted. Furthermore, any attempt to actually learn this information causes noise in the quantum channel which may be detected by the users later.IiA2 General Setting
The general setting of a QKDbased communication system consists of a quantum channel and a classical one. The quantum channel allows two parties to share quantum signals for creating a secure and secret key. With the created key, the information to be transmitted is encrypted and later decrypted over the classical channel. The key generation rate of a QKD protocol is an important statistic and is affected by numerous parameters, most importantly the noise in the quantum channel (caused, perhaps, by an adversary or natural noise) and the distance between the two parties.
An important and unique property of QKD is that the two parties can detect when an eavesdropper is trying to gain knowledge of the key. This is due to the quantummechanical property that measuring an unknown quantum state will, in general, change that state. This ensures that a nonsecret key will never be used, making QKDbased encryption and authentication theoretically secure. It is worth noting that QKD is only used to generate the key in the quantum channel; the message data is still transmitted using classical encryption methods over the classical channel. In reality, QKD can be associated with either onetime pad (OTP) or symmetric key algorithms such as AES.
IiA3 Practical QKD Protocol
Different protocols have been proposed to implement QKD such as the wellknown BB84, decoystate, sixstate, Ekert91, and BBM92. In this paper, we consider a practical decoystate QKD protocol [21, 15]. This protocol has been one of the most widely used schemes in the QKD community because of its ability to tolerate high channel loss and to operate robustly even with today’s hardware. Its security and feasibility have been welldemonstrated by several experimental groups, and theoretical security analyses including the evaluation of concise and tight finitekey security bounds have also been provided.
The idea of this protocol is as follows: The information is encoded into qubits and then sent out by one party, commonly named Alice, using weak coherent laser pulses. With today’s technology, the production of a single qubit is not practical; instead, weak coherent laser pulses are used. However, these pulses contain, with nonzero probability, multiple qubit signals that would cause a break in security. To tackle this challenge, the decoystate protocol varies the intensity of each laser pulse randomly using one of three intensities
, and , which are the intensities of the signal state, decoy state and vacuum state, respectively. Two bases and are selected with probabilities and , respectively. Recall that these bases refer to the polarization setting of the qubit. The other party, named Bob, measures the qubits by randomly selecting bases from and . If Alice and Bob choose the same basis, they share information since sending and receiving qubits in the same basis, as mentioned, leads to a deterministic outcome; otherwise, the iteration is discarded. By repeating this numerous times, the two parties share a socalled rawkey, which is partially correlated and partially secret. Error correction is then performed (leaking additional information to the adversary which must be taken into account) followed by privacy amplification, yielding a secret key of size . One is often interested in the key generation rate , where is the number of signals needed to produce a rawkey of sufficient size for generating the secret key of size .Specifically, the procedures of this protocol are described below [15]:

Step 1: Preparation. Alice selects a bit value from 0 and 1 uniformly at random; a basis from and with probabilities and , respectively; and an intensity from , and with probabilities , and , respectively. Based on the selected values, Alice prepares a laser pulse and sends it to Bob through the quantum channel. Note that Alice sends Bob the information qubit by qubit.

Step 2: Measurement. When Bob receives the qubits from Alice, for each qubit he randomly selects a basis from and with probabilities and , respectively. He then decodes the qubit using the selected basis.

Step 3: Basis reconciliation. Alice announces the basis and intensity choices, and Bob announces the basis choices. Note that, this is done after the qubits are received by Bob. Due to the nocloning theorem [18], this information is no longer helpful to the eavesdropper as she could not copy the originallysent qubits to measure now. The rawkey bits are extracted from the events where Alice and Bob both select the basis.

Step 4: Generation of the raw key and the error estimation. Alice and Bob generate a raw key pair (
) by using all events where they chose the basis. Events from the basis are used for quantum error estimation. 
Step 5: Postprocessing. Alice and Bob execute an error correction algorithm trying to correct for a predetermined error rate. To ensure that the error correction has been successful and that they have shared identical keys, they perform an error verification using hash functions. Finally, they perform a privacy amplification to extract a secret key pair.
Once all the postprocessing procedures have been successfully completed, the key is established and can be used by Alice and Bob. The length of the extracted secret key can be obtained in the following way [15]:
(1) 
where is the binary entropy function. , , and are the number of vacuum events, the number of singlephoton events, and the phase error rate associated with the singlephoton events in , respectively. is the probability that the keys extracted by the two parties are not identical, and is the userspecified maximum failure probability. specifies how much information leaked during error correction. It is set to , where is the size of the raw key , and is the errorcorrection efficiency.
The above parameters cannot be directly observed; however, by using the decoystate protocol, they can be bounded. Let be the number of signals received using intensity . Then, of course, , the size of the raw key, is simply the sum of all over all the intensities used. Basically, the number of vacuum events in , , satisfies
(2) 
where is the probability that Alice sends a
photon state. This value, using a weakcoherent laser, follows a Poisson distribution and is found to be:
(3) 
and
(4) 
The number of singlephoton events in , , satisfies
(5) 
Similarly, by using (2)(5) with statistics from the basis , the number of vacuum events in , , and the number of singlephoton events in , , can also be obtained.
The phase error rate of the singlephoton events in , , satisfies [11],
(6) 
where
(7) 
and is the number of bit errors of the singlephoton events in . It is given by
(8) 
where
(9) 
and . Here, is the number of error events in the basis. For more details on how the size of the secret key is computed through the above equations, readers are referred to [15].
The above equations are general for any observations. For our simulation, we will assume a standard fiber channel and practical settings for devices. In this case, the probability of having a bit error for intensity , , is as follows [8]:
(10) 
where and are the dark count probability and the afterpulse probability, respectively. is the error rate due to optical errors. is the transmittance that is related to the fiber length as follows:
(11) 
where the fibers are assumed to have an attenuation coefficient of 0.2 dB/km. In (10), is the expected detection rate (excluding afterpulse contributions), and can be calculated as follows:
(12) 
where is Bob’s detection efficiency.
0.4  0.1  0.007  1/3  1/3  1/3 
10  0.8  610  410  0.1  510 
(km)  
5  1.16  10  10 
IiB Benefits of Using QKD for Microgrids
QKD has been envisioned as one of the most secure and practical instances of quantum cryptography. Specifically, using QKD provides the following benefits for microgrid:

The key generated by QKD in microgrid is almost impossible to steal even in the face of an adversary with infinite supplies of time and processing power.

QKD is a particularly good method for producing a long random key, which makes the OTP much more realistic in practice. When QKD is combined with onetime pads (OTPs), both the key generation and the encryption processes are unconditionally secure.

A QKDenabled microgrid is able to detect the presence of an eavesdropper trying to gain knowledge of the key, whereas existing communication systems without this ability will inevitably require extra detection mechanisms.

QKD systems have the advantage of being automatic compared with manually distributing keys in microgrid.
IiC QuantumSecure Microgrid Communication Architecture
Given the great benefits described above, we present a QKDbased communication architecture for microgrids. As illustrated in Fig. 1, the microgrid control center (MGCC) collects data from different loads and sends control signals to local controllers. As building a quantum channel is really costly, it is practical and reasonable to implement QKD for only those critical communication channels in microgrid. In this study, without loss of generality, a QKDbased quantum channel is built between the MGCC and the local controller for a battery’s storage. This battery uses a PQ control to adjust its power output based on real and reactive power references received from the MGCC. It is worth noting that, QKD is only used for generating keys for two parties in an unconditional secure way; the data encryption process is still achieved using classical cryptographic methods such as AES or OTP. Using AES to encrypt data is considered quantumsecure, as long as the key used for this process is secure [5]. OTP is even more secure (or more accurately, unconditionally secure), because it uses a random key only once and then discards the key. But this requires that the key be as long as the plaintext. Keys generated by a QKD link are stored in a key pool, and when there is a need to transfer data, a certain number of key bits are extracted for encryption and decryption purposes.
To properly integrate QKD into microgrid, a critical concern is key generation speed in a QKD system. It has to be larger than the frequency of data transmission to guarantee there are always enough keys in the key pool. Critical QKD parameters that affect the key generation speed include quantum fiber length, attack level, and receiver’s detection efficiency.
Different with other applications where there is no strict requirement on the frequency of data transmission, microgrid often needs a high frequency of continuous data transmission to accommodate fast and dynamic changes typically caused by customers or various distributed energy resources (DERs). Thus, before constructing a real QKD system in microgrid, building a realtime simulation testbed to evaluate the performance of the QKDenabled microgrid under different circumstances is an important step. In this paper, we show in detail how to build a QKDintegrated microgrid testbed in RTDS, a realtime power system simulator. To maintain normal operations of the QKDenabled microgrid when the key bits in a key pool are used up (this may be caused by increased data transmission frequency or a strong attack), we further develop a key pool sharing (KPS) strategy.
IiD The KPS Strategy
The idea of this strategy is as follows: The MGCC establishes multiple quantum channels with local controllers and uses separate key pools to store keys. Key pools can share keys with each other, meaning that, when the number of key bits in one key pool is below a predetermined threshold, a certain number of key bits can be shared from other key pools.
An example of the KPS strategy is illustrated in Fig. 2, where two quantum channels are established between the MGCC and two local controllers. When the number of key bits in key pool #1 is lower than a threshold, for instance, a string of key bits is extracted from key pool #2 by the MGCC (represented in in Fig. 2). This key bit string is then used as plaintext (represented in in Fig. 2), encrypted by the MGCC via a key extracted from key pool #1 (note that there are still some key bits left in key pool #1), and sent to local controller #1. Local controller #1 uses the same key from key pool #1 to decrypt the received message and obtains the key bit string (represented in in Fig. 2). In this way, a string of key bits is transferred from key pool #2 and is securely shared between the MGCC and local controller #1. Although this distribution of keys through AES loses informationtheoretic security, it is still better than relying on public key systems, because, as mentioned, AES is considered quantumsecure as long as the key used for the encryption is secure [5]. Note that, unlike an alternative approach employing AES keys for actual data transmission (changing the key every seconds), our KPS system has the advantage that information theoretic OTP may be used up until the last or bits are available maximizing security of the overal system (switching to computational security only as a lastresort).
Overhead analysis: The communication and computation overheads of our KPS strategy are negligible. Assuming the microgrid control signals with a total size of 200k bits that need to be transmitted within 20 seconds, then 200k bits of quantum keys are used to encrypt the data. The required bandwidth for transmitting those key bits from the MGCC to a local controller is therefore only 10 Kbps, which is far less than the link capacity of a common switch (i.e., 1 Gbps). On the other hand, practical encryption schemes such as 128bit AES can be utilized to transmit quantum keys, where only a few key bits are consumed for encrypting a large number of bits (e.g., 128 bits for a 1500byte packet). The processing time of the 128bit AES encryption with the current computing hardware is small. A commercial server with four cores could process AES data with a speed up to 2,804 MB/s [1].
Iii QuantumSecure Microgrid Test Environment
Iiia HighLevel Design
The test environment is illustrated in Fig. 3. Specifically, the microgrid model is developed and compiled in RSCAD, a power system simulation software designed to interact with the RTDS simulation hardware. The RTDS in our testbed consists of three racks, which can be either used separately for smallscale power systems or combined together to provide more cores for a largescale system. In our simulation, rack 2 is utilized to simulate the microgrid model in realtime, where the four cores in that rack (running at 3.5 GHz) are sufficient to provide high fidelity for test results in this paper.
The measurements from the RTDS simulator are transmitted through a GTNETx2 card and sent to the MGCC via a communication network. The GTNETx2 card can either receive data from the RTDS and send it to external equipment, or it can receive data from the network and send it back to the RTDS, depending on whether the GTNETx2 card was designed to be in sending or receiving mode. The MGCC runs on a remote server, which can receive load measurements from and send signals back to RTDS with a 1 Gbps Ethernet connection.
The highlevel design of the testbed is illustrated in Fig. 4. Two GENETx2 cards are utilized for the purpose of network communication. It should be noted that, although only one quantum channel is established in this case, the principle can be easily extended to cases with multiple quantum channels. GTNETx2 card #2 is used to transmit data from the RTDS to the MGCC, which models the classical communication (represented in in Fig. 4) in realtime, i.e., collecting load measurements to MGCC as shown in Fig. 1. When the data is received by the MGCC, an analysis of the data is conducted, and proper control signals are sent to the local controller. Before a control signal is sent out, a key with the same length is extracted from the key pool. This process (represented in in Fig. 4) succeeds only when there are enough key bits in the key pool.
GTNETx2 card #1 is utilized to receive signals from the MGCC (represented in in Fig. 4) and transfer them to the RTDS. The simulation results with the updated control signals are demonstrated in RSCAD. Note that the QKD system is modeled through an algorithm formulated from (1)(12). Keys are continuously generated by the QKD algorithm, and are stored in a key pool. This realtime communication between the RTDS microgrid simulator and the MGCC using the QKD algorithm is the salient feature of this testbed.
IiiB QKDBased Microgrid Communication Network
The network connection of key components in the RTDS simulator and a flow chart of the algorithm running in the MGCC are illustrated in Fig. 5. As shown on the left side of Fig. 5, each RTDS rack is connected to one or more GTNETx2 cards using fiber optic cables. All the GTNETx2 cards are connected with an edge switch through Ethernet cables to transmit and receive data over the network. The User Datagram Protocol (UDP) is used in our simulation.
From the MGCC side, as shown on the right side of Fig. 5, the server enters the mode after being connected to the simulator. At this stage, the server is receiving any UDP packet whose destination IP and port match those of the server, respectively. Once a packet arrives, a quantum key with the same length of the received data, i.e., 64 bits in this paper, is extracted from the key pool, and corresponding control signals are generated. The server then enters the mode and starts to send out control signals whose destination IP and port are the IP and port of GTNETx2 card #1 in the RTDS simulator (see Fig. 4), respectively. After controller signals are sent out, the server goes back to the mode.
IiiC Microgrid Modeling and Simulation
A typical microgrid system shown in Fig. 6 is used to evaluate the performance of the QKDenabled quantumsecure microgrid in this study. This system is based on a mediumvoltage microgrid from [19] with a battery and communication channels added. The buses within the microgrid are rated at 13.2 kV, and the microgrid is connected to the 138 kV main grid through a 138/13.2 kV transformer and a circuit breaker. The microgrid can operate either in islanded mode or in gridconnected mode depending on the state of the circuit breaker. The transformer is connected and rated at 25 MVA with a 8% impedance.
The DERs in the microgrid include a 5.5 MVA diesel generator, a 1.74 MW PV system, and a 2 MW doublyfed induction generator wind turbine system. The diesel generator uses the droop control to regulate the microgrid frequency in islanded operation and to provide real and reactive powers in both gridconnected and islanded modes. The PV system and wind turbine both use the MPPT control to maximize their power outputs. Three switched capacitors are connected at bus 1 to facilitate voltage synchronization in the microgrid.
A lithiumion battery storage is further connected at bus 2 to provide a backup power supply and store extra energy when the microgrid is in islanded operation. The battery model consists of 250 stacks connected in parallel with each one having 250 cells in series. A single cell has a capacity of 0.85 AH, and the initial state of charge in a single cell is set at 85%. A PQ control is designed to regulate the output power of the battery, the value of which is determined by the real and reactive power references transferred from the MGCC via a communication channel. The initial values of the real and reactive power references are both set at zero.
Iv Experimental Results
In this section, we evaluate the performance of the QKDbased microgrid communication with our hardware testbed. The results include 1) a comparison of the performance with different data transmission speeds, 2) the impact of cyberattacks on the microgrid, 3) an evaluation of the key generation speed under different fiber lengths and noise levels, 4) the impact of receiver’s detection efficiency, and 5) an evaluation of the KPS’s performance.
Iva Effect of Data Transmission Speed
Data transmission speed is a critical statistic in a QKDbased microgrid. A speed larger than the key generation speed can result in the exhaustion of key bits in a key pool, eventually causing the failure of data communication.
We used Wireshark, a free and opensource packet analyzer, to monitor traffic in the system. Specifically, two types of packets were captured: the packets sent from the RTDS (GTNETx2 #2) to the MGCC and from the MGCC to the RTDS (GTNETx2 #1). The transmission speed of the two types of packets were set as the same. Namely, once there was a packet received by the MGCC, a packet was sent out from the MGCC.
The impact of the data transmission speed is illustrated in Fig. 7, where the fiber length (between the MGCC and the local controller) is set at 50 km. The other parameters are the same as those in Table I. Each packet sent from the MGCC to the RTDS consists of 64 binary bits, meaning that 64 key bits are consumed from the key pool when a packet is sent out.
From Fig. 7, it can be observed that:

The data transmission speed has a large impact on the QKDbased microgrid. With the setting in Fig. 7, a speed larger than 20 packets/second will lead to the exhaustion of key bits in the key pool.

The larger the data transmission speed, the sooner the quantum bits will be consumed. With the setting in Fig. 7, for a speed of 40 packets/second, the exhaustion lasts around 100 seconds within the key generation period. This long shortage can cause serious damage to microgrid operations, as there is no key in the key pool for the encryption and authentication of data messages.
IvB Impact of Cyberattacks on the Microgrid
For either a classical communication or a quantum communication system during the exhaustion of key bits, the security of the system can be easily broken by an adversary using quantum computers, leading to insecurity in both the encryption and authentication of data messages. The data messages sent from the MGCC to local controllers can thus be intercepted, decrypted, falsified, reencrypted, and resent to local controllers by an adversary without being detected.
To test the impact of a malicious control signal on the microgrid system, the real power reference of the PQ control for the battery is changed from the initial value, 0, to 6 MW at time s during the islanded mode. The voltage response of bus 1 before and after the attack is illustrated in Fig. 8 (a). It shows that, 1) the magnitude of voltage gradually decreases; 2) the frequency also decreases; and 3) at time s, the system eventually collapses. However, if QKD is employed and there are enough key bits in the key pool, it will be impossible to break the encryption or authentication due to the unconditional security of QKD, and thus no malicious data can be injected. The normal voltage response of bus 1 in a QKDbased microgrid is illustrated in Fig. 8 (b).
IvC Evaluation of Key Generation Speed under Different Fiber Lengths and Noise Levels
The speed of quantum key generation determines the maximum data transmission speed in a QKDbased microgrid. The larger the key generation speed, the higher the maximum data transmission speed. However, it was unclear which levels of key generation speed the QKD system could provide for the microgrid under different conditions. In this subsection, an evaluation of key generation speed under different fiber lengths s and noise levels s, is provided. The noise can be either natural or caused by an adversary. A strong attack on the quantum optic equipment leads to a large .
The realtime simulation results are given in Fig. 9, where is set from 1 km to 80 km, is set from 510 to 910 with a step of 110, and each packet consists of 64 binary bits. The other parameters are the same as those in Table I. Key generation speed is calculated as the fraction of the generated key’s size (see (1)) and the time required.
It can be observed that:

A small exhibits great superiority over a large under the same , which gives valuable insights that the MGCC and the local controller should be close to each other in a QKDbased microgrid.

The key generation speed is sufficient with a small and a small . But, it decreases dramatically when increases. A proper strategy therefore has to be carried out to improve the system’s cyberattack resilience.

Importantly, Fig. 9 gives valuable resources on which levels the data transmission speed should be set at under different s and s. With the setting in Fig. 9, any data transmission speed that is below the corresponding curve (with regards to a certain ) in Fig. 9, will have sufficient key bits in the key pool under that .
IvD The Impact of Receiver’s Detection Efficiency
The detection efficiency of the receiver, , is critical in a QKD system. Detection efficiency refers to the probability that the receiver can successfully detect the photons, which is largely determined by the quality of the detection devices.
The impact of is evaluated in our realtime testbed. The results are illustrated in Fig. 10, where is set at 5 km, 10 km, and 20 km, respectively; is set at 610, 710, and 810, respectively; and is from 10% to 50% with a step of 5%. The other parameters are the same as in Table I.
It can be seen that has a significant impact on key generation speed. With a given and a given , a small increase of results in a great improvement of the speed. This indicates that it is worth improving the quality of detection devices in a QKDbased microgrid.
IvE Evaluation of KPS Performance
The performance of the presented KPS strategy is evaluated in our testbed. In this test case, two key pools are established in the quantum algorithm, and each stores its quantum key bits separately. The QKD parameters for the two key pools are set as the same except that for key pool #1 is 810 to simulate a strong attack, while for key pool #2 is 510 for a weak attack. The data transmission speed is set at 100 packets/second, where each packet consists of 64 bits.
For the KPS strategy, the threshold is set at 5,000 bits for key pool #1, meaning that once the number of key bits in key pool #1 is lower than 5,000, a given number (which is set at 20,000) of key bits will be shared from key pool #2.
The comparison results of the numbers of key bits in key pools #1 and #2 with and without KPS are illustrated in Fig. 11. It can be observed that:

Without KPS, there is a shortage of key bits in key pool #1. For instance, at time s, the key bits in key pool #1 are used up (see the black dashed line in Fig. 11 (a)), and the shortage lasts around 10.5 s until a certain number of key bits are generated. Meanwhile, the key bits in key pool #2 do not have shortage issues (see the black dashed line in Fig. 11 (b)).

With KPS, the shortage issues of key pool #1 are well addressed. At time s, the number of key bits in key pool #1 is below the threshold, and immediately 20,000 key bits are added (see the red solid line in Fig. 11 (a)). Meanwhile, 20,000 key bits are deducted from key pool #2 (see the red solid line in Fig. 11 (b)). But this does not affect the normal operation of key pool #2, as the minimum number of key bits in key pool #2 is still above the threshold.
V Conclusion
This paper presents a realtime QKDenabled microgrid testbed implemented in RTDS. This testbed provides a realistic cyberphysical testing environment in real time with a simulated QKD algorithm integrated. This is an important step towards constructing a real QKD system in microgrid in practice. With this testbed, more research work could be done in the future. Some examples include exploiting the feasibility of more advanced and practical QKD protocols for microgrids, evaluating the QKDenabled microgrid’s performance under more scenarios, and developing methods to further enhance the cyberattack resilience of the QKDenabled microgrid.
References
 [1] ([Online available]: https://calomel.org/aesni_ssl_performance.html) AESNI SSL Performance: A study of AESNI acceleration using LibreSSL, OpenSSL. Cited by: §IID.
 [2] (2019) Online authentication methods used in banks and attacks against these methods. Procedia Computer Science 151, pp. 1052–1059. Cited by: §I.
 [3] (2019) Compact circuits for combined AES encryption/decryption. Journal of Cryptographic Engineering 9 (1), pp. 69–83. Cited by: §I.
 [4] (2017) Geometry of quantum states: An introduction to quantum entanglement. Cambridge university press. Cited by: §I.
 [5] (2016) Report on postquantum cryptography. US Department of Commerce, National Institute of Standards and Technology. Cited by: §IIC, §IID.
 [6] (2011) Quantum key distribution protocols and applications. Surrey TW20 0EX, England. Cited by: §I.
 [7] (1999) The mathematics of ciphers: number theory and RSA cryptography. AK Peters/CRC Press. Cited by: §I.
 [8] (2010) Quantum key distribution and 1 Gbps data encryption over a single fibre. New Journal of Physics 12 (6), pp. 063027. Cited by: §IIA3.
 [9] (2019) Quantum chemistry on a quantum computer. In Mathematical Physics in Theoretical Chemistry, pp. 377–400. Cited by: §I.
 [10] (2019) Microgrid stability definitions, analysis, and examples. IEEE Transactions on Power Systems. Cited by: §I.
 [11] (2010) Practical issues in quantumkeydistribution postprocessing. Physical Review A 81 (1), pp. 012318. Cited by: §IIA3.
 [12] (2020) Quantum digital signature in a network. Quantum Information Processing 19 (1), pp. 18. Cited by: §I.
 [13] (2015) Quantum superposition at the halfmetre scale. Nature 528 (7583), pp. 530. Cited by: §I.
 [14] (2019) Trends on computer security: Cryptography, user authentication, denial of service and intrusion detection. arXiv preprint arXiv:1903.08052. Cited by: §I.
 [15] (2014) Concise security bounds for practical decoystate quantum key distribution. Physical Review A 89 (2), pp. 022307. Cited by: §IIA3, §IIA3, §IIA3, §IIA3.
 [16] (2019) Enrichbyneed protocol analysis for DiffieHellman. In Foundations of Security, Protocols, and Equational Reasoning, pp. 135–155. Cited by: §I.
 [17] (1990) The discrete logarithm problem. In AMS Proc. Symp. Appl. Math, Vol. 42, pp. 49–74. Cited by: §I.
 [18] (2019) Nocloning theorem, KochenSpecker theorem, and quantum measurement theories. International Journal of Theoretical Physics 58 (6), pp. 1845–1853. Cited by: 3rd item.
 [19] (2015) Real time simulation of a microgrid system with distributed energy resources. Cited by: §IIIC, §IIIC.
 [20] (2019) Quantum computing for finance: Overview and prospects. Reviews in Physics, pp. 100028. Cited by: §I.
 [21] (2019) Advances in quantum cryptography. arXiv preprint arXiv:1906.01645. Cited by: §IIA3.
 [22] (2016) Enabling resilient microgrid through programmable network. IEEE Transactions on Smart Grid 8 (6), pp. 2826–2836. Cited by: §I.
 [23] (1994) Algorithms for quantum computation: Discrete logarithms and factoring. In Proceedings 35th annual symposium on foundations of computer science, pp. 124–134. Cited by: §I.
 [24] (2007) Spin qubits in graphene quantum dots. Nature Physics 3 (3), pp. 192. Cited by: §IIA1.
 [25] (2014) Quantum networking. John Wiley & Sons. Cited by: §I.
 [26] (2019) Benchmarking an 11qubit quantum computer. arXiv preprint arXiv:1903.08181. Cited by: §I.
 [27] (2019) Logarithm based cryptography. In Cybercryptography: Applicable Cryptography for Cyberspace Security, pp. 287–341. Cited by: §I.
Comments
There are no comments yet.