This work presents our Resilient Energy Systems Laboratory (RESLab) testbed that forms an environment for researchers and stakeholders to understand the impact of cyberattacks and validate their defences. One way to generate those real-time datasets is to mimic those attacks and detect them using data-centric Intrusion Detection Systems (IDS) solutions using a testbed. These techniques are data-intensive, as more data provides a better solution. Machine learning, including deep learning or even artificial intelligence, offers advantages that can aid cyber and physical attack detection and localisation. Hence, we need to employ the latest tools and techniques to make solutions that are more intelligent and capable of detecting complex attacks. The use of firewalls, intrusion detection systems, and intrusion prevention systems is important, but these tools may not work efficiently on stealthy coordinated attacks. It is necessary to propose defence mechanisms for such zero-day attacks. Attacks like Pivnichna caused a power outage, while Stuxnet allowed control of programmable logic controllers (PLCs), by overspeeding the centrifuges in a nuclear plant. Other attacks are also widely known such as the Ukraine attacks, where an attacker targeted three distribution units to cause a power outage after intruding into the Supervisory Control and Data Acquisition (SCADA) system. Earlier this year, an unidentified threat successfully compromised the administrative systems of the European Network of Transmission System Operators for Electricity (ENTSO-E), with the potential to compromise 42 transmission system operators (TSOs) across 35 member states in Europe. Cyber adversaries can modify or create data that can impact the grid's normal operation and potentially destabilise its operating point causing cascading failures. With advanced computing and communications, cyber-security has proven to be a critical issue in power transmission, generation, and distribution systems. The electric grid is transitioning to a smarter grid that employs advanced communication technologies. This work presents four case studies on cyberattack and defence using RESLab, where we demonstrate false data and command injection using Man-in-the-Middle and Denial of Service attacks and validate them on a large-scale synthetic electric grid. Then, the design is exemplified and the tools are validated. Distributed Network Protocol 3 (DNP3) is used to monitor and control the grid. The protection components are modelled with both PWDS and physical devices including the SEL Real-Time Automation Controller (RTAC). The physical grid is simulated in the dynamic time frame using Power World Dynamic Studio (PWDS). The cyber network is emulated using Common Open Research Emulator (CORE), which acts as a gateway for the physical and protection devices to communicate. RESLab is architected to be a fundamental platform for studying and improving the resilience of complex CPPS to cyber threats. To achieve this, the design and evaluation of a cyber-physical power system (CPPS) testbed called Resilient Energy Systems Lab (RESLab) are presented to capture realistic cyber, physical, and protection system features. A major challenge is to model, analyse and visualise the communication backbone of the power systems concerning cyber threats. IET Generation, Transmission & DistributionĪ power system is a complex cyber-physical system whose security is critical to its function.IET Electrical Systems in Transportation.IET Cyber-Physical Systems: Theory & Applications.IET Collaborative Intelligent Manufacturing.CAAI Transactions on Intelligence Technology.