This document discusses cyber security measures for protecting digital systems and information. It covers authentication methods, types of attackers and cyber attacks, and possible solutions. Encryption techniques like substitution and transposition ciphers are explained. Digital signatures are described as a way to authenticate senders and protect against modification or repudiation of messages. Common types of attackers and categories of attacks are listed. Standards for cyber security in smart grids and substation automation are also outlined.

1. CYBER SECURITY
J.JAYAKUMAR

2. Contents
• Cyber security measures
• Authentication
• Attackers
• Types of Attacks
• Possible solutions to this attacks
• Digital Signature
• Smart Meters

3. Security measures
• Privacy : only the sender and intended receiver(s)
can understand the content of a message.
• Integrity : The message arrives in time at the
receiver in exactly the same way it was sent.
• Message authentication : The receiver can be sure
of the sender’s identity and that the message
does not come from an imposter.
• Non-repudiation A receiver is able to prove that a
message came from a specific sender and the
sender is unable to deny sending the message.

4. Encryption and decryption

5. Types of Encryption
• Symmetric key encryption
- Substitution cipher
- Transposition cipher
- One-time pad
• Public key encryption

6. Substitution cipher
• In this process each character is replaced by
another character.
• An example of a mapping in a substitution
cipher system is shown below:
• HELLO THERE will produce KQSSZ JKQFQ as
Cipher text

7. Transposition cipher

8. Data encryption standard

9. Digital signatures
• A digital signature allows the signing of digital messages by
the Sender in such a way that:
• 1. The Receiver can verify the claimed identity of the Sender
(authentication).
• 2. The Receiver can prove and the Sender cannot deny that
the message has been sent by the
• specific user (non-repudiation).
• 3. The Receiver cannot modify the message and claim that the
modified message is the one that was received from the
Sender.
Types of digitally signing messages
secret Key signature,
public Key signature and the message digest.

10. Authentication based on shared secret key

11. Authentication based on shared secret key
a) A indicates to B that it wishes to communicate with B and sends his identity
with a large random number (NA) in Plain text.
b) B encrypts NA using a secret Key known to A and B and sends
Cipher text (EKAB (NA)) together with another large random number (NB) to A
as Plain text.
c) A decrypts the Cipher text received to check whether it gets the same
number (NA) that he sent to B and encrypts the number NB using a shared
secret Key and sends the Cipher text to B.
d) B decrypts the received Cipher text using a shared secret Key and checks
whether he gets the same number (NB) as that he sent.

12. Authentication based on shared secret key

13. Attackers & Types of Attack
Attackers
• script kiddies
• elite hackers
• Terrorists
• employees, competitors, or customers

14. Categories of Attacks
• Component-wise
• protocol-wise
• topology-wise.

15. Classification of Attacks
1) Malware spreading
2) Access through database links
3) Compromising communication equipment:
4) Injecting false information
5) Network Availability
6) Eavesdropping and traffic analysis
7) Modbus security issue

16. Possible solution
1) Identity should be verified through strong
authentication mechanisms.
2) Malware protection on both Embedded and
General purpose systems.
3) Network Intrusion Prevention System (IPS)
and Network Intrusion Detection System (IDS)
defences to protect the system from outside
and inside attacks.
4) Vulnerability assessments

17. 5) To educate the network users about security best
practices
6) Devices must know the sources and destinations
they communicate with.
7) Devices should support Virtual Private Network
(VPN) architectures for secure communication.
8) Devices must use Public key Infrastructure (PKI)
to secure communication
• From the huge amount of transferred data,
utilities should only collect the data needed to
achieve their goals.
• Control system and IT security engineers should
be equally involved in securing the smart grid
network.

18. © ABB Group
December 8, 2022 | Slide 18
Cyber Security standards
Standard Main Focus Status
NIST SGIP-CSWG Smart Grid Interoperability Panel – Cyber Security
Working Group
On-going *
NERC CIP NERC CIP Cyber Security regulation for North
American power utilities
Released,
On-going *
IEC 62351 Data and Communications Security Partly released,
On-going *
IEEE PSRC/H13 &
SUB/C10
Cyber Security Requirements for Substation
Automation, Protection and Control Systems
On-going*
IEEE 1686 IEEE Standard for Substation Intelligent Electronic
Devices (IEDs) Cyber Security Capabilities
Finalized
ISA S99 Industrial Automation and Control System Security Partly released,
On-going *

19. • Graphical representation of
scope and completeness of
Cyber Security for Substation
Automation
Standards and their scope

20. Cyber Security for Substation
Automation
Relevant standards – NERC-CIP
CIP 002 - Critical Cyber Asset Identification
CIP 003 - Security Management Controls
CIP 004 - Personnel and Training
CIP 005 - Electronic Security Perimeter(s)
CIP 006 - Physical Security of Critical Cyber Assets
CIP 007 - Systems Security Management
CIP 008 - Incident Reporting and Response Planning
CIP 009 - Recovery Plans for Critical Cyber Asset