Securing the Smart Grid A Comprehensive Compilation of

Securing The Smart Grid A Comprehensive Compilation Of-Free PDF

  • Date:03 Jun 2020
  • Views:37
  • Downloads:0
  • Pages:26
  • Size:9.23 MB

Share Pdf : Securing The Smart Grid A Comprehensive Compilation Of

Download and Preview : Securing The Smart Grid A Comprehensive Compilation Of


Report CopyRight/DMCA Form For : Securing The Smart Grid A Comprehensive Compilation Of


Transcription:

P I Radoglou Grammatikis P G Sarigiannidis Securing the SG Comprehensive Compilation of IDPSs. in this paper for referring to both previous terms In gen. eral the rapid progress of computer networks necessitated. the development of appropriate mechanisms that have the. ability to automate the process of detecting or and preventing. possible security violations The presence of these systems. in SG is required since the security policy violations in this. ecosystem may cause dangerous situations and disastrous. accidents A significant advantage of the specific systems is. that they possess the ability to recognize zero day attacks by. using artificial intelligence mechanisms Therefore in this. paper we provide an analysis of 37 cases of IDPS systems. devoted to SG by evaluating and comparing the cyberattacks. that they are able to detect their methodology the detec. tion performance and finally the consumption of computing. resources Based on this analysis we specify the limitations. FIGURE 1 An abstract architecture model of the SG 1 and shortcomings that characterize these systems and provide. research directions for future work, In particular the rest of this paper is organized as fol. networks 7 such as Internet of Things IoT 8 11 lows Section II discusses the related surveys in the liter. devices industrial devices 12 wireless components and ature and provides the motivation and contributions of our. Wireless Sensor Networks WSNs 13 characterized by var study Sections III and IV introduce an overview of SG and. ious security threats 14 15 In addition the integration IDPS systems respectively Section V presents and explains. of smart devices such as smart meters that communicate the requirements that should characterize these systems. with each other without human intervention induces more Section VI provides an analysis of 37 IDPS cases by inves. security concerns Furthermore the necessary existence of tigating their main characteristics Section VII interprets. legacy technologies such as conventional Supervisory Con evaluates and compares the results exported from the previous. trol and Data Acquisition SCADA systems increase the analysis Finally Section VIII provides trends and research. potential risks since these systems may not integrate modern directions concerning the security of SG focusing on IDPS. ized security solutions The security breaches in SG mainly systems while section IX presents the concluding remarks of. target on the availability integrity and confidentiality of indi this study. vidual entities 14 15 In more detail the different kinds. of Denial of Service DoS attacks aim to disrupt the net II MOTIVATION AND CONTRIBUTION. work services and cause significant damages such as a power Although SG can provide multiple benefits like better energy. outage 16 18 A characteristic example was the cyberat management and improved reliability its independent and. tack against a Ukrainian substation resulting in the power interconnected nature generates at the same time critical. outage for more than 225 000 people 19 On the other hand cybersecurity vulnerabilities that in turn can lead to a wide. the false data injection attacks 20 23 can modify the data range of consequences such as power outage brownout. of smart meters in order to succeed in more economical pric energy theft energy consumer privacy breach In particular. ing Finally various types of Man in the Middle MiTM can most of the communication protocols adopted by SG are. violate the privacy of the systems 24 25 Furthermore characterized by severe security gaps since do not comprise. a remarkable and more dangerous category of cyberattacks authentication and access control mechanisms thus enabling. which threatens the SG architecture is the Advanced Persis possible adversaries to launch various cyber physical attacks. tent Threat APT This term specifies a set of organized and Fig 2 depicts a pictorial view of such attacks against SG. long duration attacks by security specialists against a partic A characteristic example of cyberattacks against a critical. ular target such as politicians and industries Examples of infrastructure was the Stuxnet worm 26 which exploited. these attacks are Stuxnet 26 Duqu 27 Flame 27 and four zero days vulnerabilities Furthermore the diversity and. Gauss 27 complexity of communications that take place in SG as well. An Intrusion Detection System IDS and even its evo as the huge volume of data generated by the various subsys. lution the Intrusion Prevention System IPS can operate tems hinder the adoption of conventional security measures. as a second line of defense in a communication network Therefore it is clear that the presence of IDPS systems is vital. by enhancing the operation of the encryption and authoriza for the entire operation of SG and mainly for ensuring the. tion mechanisms For instance if a cyberattack bypasses the essential security requirements Confidentiality Integrity and. encryption and authorization mechanisms the IDS or IPS can Availability CIA. timely inform the security administrator or perform appropri Several studies have examined the security issues in the. ate preventive countermeasures The term Intrusion Detection SG paradigm by analyzing security challenges threats and. and Prevention System IDPS will be used from now on corresponding countermeasures Some of these are listed. 2 VOLUME 7 2019, P I Radoglou Grammatikis P G Sarigiannidis Securing the SG Comprehensive Compilation of IDPSs. detected the resources consumption performance the uti. lized datasets and the software packages In conclusion. the desired purpose of this paper is to constitute a stopping. point for the interested parties that intend to work with the. IDPS systems for SG The contribution of our work is sum. marized in the following sentences, Identifying the requirements for effective IDPS sys. tems devoted to protecting the SG components Since. SG consists of several and heterogeneous technologies. components and communication interfaces the conven. FIGURE 2 SG cyberattacks tional IDPS systems coming from computer networks. cannot meet the security requirements of SG In this. in 8 14 15 28 38 Since that the nature and means paper we identify these requirements that subsequently. of cyberthreats evolve rapidly the creation of corresponding are utilized to evaluate the various relevant IDPS found. surveys and review papers is quite crucial as they present in the literature. state of the art and identify possible challenges security gaps Providing a comprehensive and comparative anal. and research directions Other works follow a more precise ysis of IDPS systems devoted to protecting SG In. approach by examining the security issues regarding partic particular we investigate thoroughly 37 IDPSs capable. ular protocols that are commonly utilized in the SG com of detecting cyberattacks against either the entire SG. munications Concretely in 39 40 the authors examined ecosystem AMI SCADA substations and synchropha. the security issues of IPv6 over Low Power Wireless Per sors. sonal Area Networks 6LoWPAN and IEC 61850 41 42 Identifying existing weaknesses of the current IDPS. standards respectively Similarly in 43 the authors investi systems for SG Based on our analysis and taking into. gate various encryption and authentication protocols for SG account the requirements of IDPS systems for the SG. Nevertheless only a few studies have examined the contri paradigm we identify the weaknesses of the existing. bution of the IDPS systems for the contemporary electrical IDPSs found in the literature. grid Specifically in 44 the authors provided an exten Identifying the appropriate IDPS for the entire SG. sive study and comparison of multiple IDPSs devoted to ecosystem Accordingly based on our analysis and. the Cyber Physical Systems CPSs such as SG Similarly after identifying the weaknesses of the existing IDPS. in 45 46 the authors investigated various IDPS instances we specify the appropriate IDPS for SG as well as its. concerning the protection of IoT SG is considered as the type and attributes. largest use case of IoT 47 On the contrary to the pre Determining the current research trends and provid. vious studies the papers 48 49 follow a more specific ing directions for future work in this field Finally. approach and examine the IDPS systems devoted to the we present the ongoing trends in this field by identifying. protection of the Advanced Metering Infrastructure AMI possible directions and technologies for future research. Finally the work 50 evaluates three open source Security work. Information and Event Management SIEM systems for SG. In particular the platforms studied are a the AlienVault III SMART GRID PARADIGM. OSSIM 51 b the Cyberoam iView 52 and c the Prelude Many organizations such as the Electric Power Research. SIEM 53 According to the authors evaluation criteria Institute ERPI the Department of Energy DoE and the. AlienVault OSSIM and Prelude SIEM present the best per European Commission Task Force for Smart Grid have been. formance involved in the definition of the SG paradigm The term of. Based on the previous description only two studies 48 SG is defined as the connection of the current electrical grid. 49 focus exclusively on the examination of the IDPS sys with ICT services by ensuring the corresponding sustain. tems for SG however they are limited only to protecting ability and allowing the remote control of all processes from. the AMI domain In the light of the aforementioned results generation to distribution the bidirectional communication. this work is motivated by the importance of the security between consumers and utilities the distributed production. issues in SG providing a comprehensive survey of the IDPS storage and smart measurement of electricity In this section. systems which discusses critical topics such as the detec we provide an overview of the SG paradigm by analyzing its. tion methodology limitations shortcomings and the ongo components and the corresponding communications. ing security requirements Moreover this survey examines. not only IDPSs that monitor and control the AMI compo A SMART GRID COMPONENTS. nents but also SCADA systems substations and synchropha The SG paradigm combines various kinds of systems. sors Furthermore contrary to previous works we analyze technologies and infrastructures such as microgrids AMI. thoroughly each case by investigating its architecture the substations synchrophasor systems SCADA systems and. detection technique the kinds of cyberattacks that are electric vehicles 14 54 From these technologies AMI. VOLUME 7 2019 3, P I Radoglou Grammatikis P G Sarigiannidis Securing the SG Comprehensive Compilation of IDPSs. and SCADA systems are the most critical and vulnerable to tion and control the power increase 54 They can include. cyberattacks and for this reason most of the IDPS systems various devices and software components such as Intelligent. analyzed below focus on these technologies Furthermore Electronic Devices IEDs RTUs HMI and Global Position. substations and synchrophasor systems are also an attracted ing System GPS. target for cyberattackers since they are crucial for the normal A synchrophasor system constitutes an emerging technol. functionality of SG In addition a remarkable attribute of SG ogy which is necessary for the operations of the modern elec. is its ability to form microgrids whose operation is based on trical grid Mainly it consists of Phasor Measurement Units. renewable energy resources Nevertheless such microgrids PMUs Phasor Data Concentrators PDCs a communica. infrastructures characterized by special features may exhibit tion network and a Graphical User Interface GUI software. different kinds of vulnerability Subsequently we provide a A PMU is a device which executes various measurements. brief overview of these technologies More information about from current voltage waveforms such as frequency phase. the components of SG is provided in 54 angle active power and reactive power A PDC undertakes. The AMI provides all operations that are necessitated to aggregate the information of PMUs and transform them. for the bidirectional data exchange between the end users into a single flow The communication between PMUs and. and utility companies In particular AMI consists of three PDCs is usually carried out through IEEE C37 118 2 and. kinds of components a smart meters b data collectors and IEC 61850 41 42 standards Finally the GUI application. c AMI headend Smart meters undertake to monitor the is responsible for visualizing appropriately the various data. power consumption and other measurements of the electrical from PDCs. appliances Data collectors are responsible for storing the A special characteristic of SG is its ability to form isolated. information provided by multiple smart meters that belong microgrids that can operate either with the support of the main. in a specific geographic area Finally the AMI headend is a electrical grid or independently Microgrids usually employ. central server of the utility company which receives stores renewable energy resources such as solar energy wind energy. and manages the information of the data collectors Based and hydroelectric energy At this point it should be noted that. on the information aggregated on the AMI headend the util based on the existing literature we could not find any IDPS. ity company is able to take the right decisions concerning system which focuses on protecting mic. The Smart Grid SG constitutes a technological evolution of the traditional electrical grid by introducing Information and Communications Technology ICT services The func tionality of a typical electrical grid is mainly based on the energy generation transmission and distribution processes More concretely it includes power plants step

Related Books