|Abstract:||The growing penetration of distributed energy resources (DERs) together with communication and computer processing technologies are drivers in changing the paradigm of power system operation and control. The provision of services provided by DERs requires coordination among many agents, and at many different levels. One strategy has been to segment existing power systems into microgrids (MG), which include controllable loads and DERs operated under a single entity. Since MGs cover a smaller footprint and utilize new control approaches, they are emerging as an important strategy to advance the resiliency of modern electric power systems. However, the increasing connectivity of devices for monitoring and control of MGs serves to also increase the attack surface for a malicious cyber actor. This thesis presents two contributions to this problem. The first is an explicit characterization of the cyber threats that a MG control system, using the IEC 61850 standard as its communication architecture, can be susceptible to. Power system applications can be formally verified through use of object models, common data classes, and message classes. The IEC 61850-7-420 DER extension further defines object classes for assets such as types of DERs, DER unit controllers, and other DER-associated devices (e.g., inverters). These object classes describe asset-specific attributes such as state of charge, capacity limits, and ramp rate. Attributes can be fixed (rated capacity of the device), dynamic (state of charge), or binary (on or off, dispatched or off-line, operational or fault state). An ontology based on the 61850 and 61850-7-420 DER object classes is developed to model threats against a MG. This thesis considers threats against the measurements on which the control loop is based, as well as attacks against the control directives and the communication infrastructure. The ontology is used to build a threat model using the ADversary VIew Security Evaluation (ADVISE) framework, which enables identification of attack paths based on adversary objectives (for example, destabilize the entire MG by reconnecting to the utility without synchronization) and helps identify defender strategies. The second contribution is the development of a control and mitigation method for DER integration. A robust decentralized secondary frequency control design for islanded MGs is developed to enable resilient coordination and integration of DERs. We cast the control problem centrally under steady state and adopt the feedback-based Alternating Direction Method of Multipliers (ADMM) algorithm for solving the decentralized control updates. The ADMM algorithm uses measurements at various points in the system to solve for control signals. Measurements and control commands are sent over communication networks such as Ethernet-based local area networks in the IEC 61850 standard. To enhance the robustness to cyber intrusions, we modify the ADMM algorithm using the Round-Robin technique to detect malicious control signals on and from DERs. As a complementary defense, an agreement algorithm based on fast computation of Kirchhoff’s laws is implemented for continuously detecting false measurements. The results are demonstrated through simulation for a representative MG topology.