SlideShare a Scribd company logo

Cyber-security of smart grids

H
Hamza AlBzoor

in general

Engineering
1 of 42
Download to read offline
CYBER-SECURITY OF SMART GRIDS Presented by Hamza Al-Bzour
CONTENTS Introduction What is Smart Grid Why Smart Grid Cyber Security of Smart Grid Security requirements and objectives Security Challenges and attacks Solutions and attack detection Conclusion
INTRODUCTION ⚫ Nations across the world face the challenge of increasing power production while reducing the carbon footprint. They need to minimize power loss and downtime, harness alternative power sources, and so on. ⚫ The numerous challenges facing them have one solution – smart grids. ⚫ While smart grid bring improvements in cost and performance, the security of the power grids becomes more complex and riskier, calling for a comprehensive and integrated solution.
WHAT IS SMART GRID • A smart grid uses digital technology to improve reliability, security and efficiency (both economic and energy) of the electric system from large generation, through the delivery system to electricity consumers and a growing number of distributed generation and storage resources. SMART GRID = POWER GRID + ICT • Understanding Smart Grid: ⚫ System (G,T,D) with an advanced two-way communication system ⚫ Enables real-time monitoring and control ⚫ Consequently, enablescost reduction and efficiency improvement
INFORMATIONAND COMMUNICATION TECHNOLOGY ⚫ ICT are core of successful smart grid implementation. ⚫ Systems (G,T,D) , consumption, marketing, retailing etc are heavily based on ICT infrastructures. ⚫ Using ICT, the smart grid becomes more reliability, security and efficiency.
FUNCTIONS OF ICT’S IN G,T,D ⚫ IN ‘G’Domain ✓ Automation of bulk generation and DER operations. ✓ Synchronizing and adjusting the voltage levels. ⚫ IN ‘T’Domain ✓ Automation of the transmission power grid (SCADA/EMS) ⚫ IN ‘D’Domain ✓ DMS improves classical outage management systems (OMS) by automation ✓ Real-time adjustmentsbyAdvanced DistributionAutomation
WHY SMART GRID? The traditional power system : • The present infrastructure is overstrained and inter region bulk transfer is limited • Cannot fully support the integration of renewable energy • Low reliability of power – outage • Low efficiency
WHAT SMART GRID DOES? • Decentralization of generating resources • Integration of all sources of energy, mainly renewable • Continuous monitoring and feedback from the network • Anticipation of faults and helps in fault prevention • Two way communication between the utilities and the consumers • Reduces the stress on the power system infrastructure • Continuous self learning
COMPARISON Conventional Grid Smart Grid Electromechanical Digital One way communication Two way communication Centralized generation Distributed generation Manual monitoring Self monitoring Manual restoration Self healing
SMART GRID CONCEPTUAL MODEL
CYBER-SECURITY OF SMART GRIDS ⚫ IT technologies can make the grid smart ✓ Real time monitoring (PMUs, Smart meters) ✓ Advanced information analysis (Big data) ✓ Automated control (Self-healing, Smart actuators)
SECURITY REQUIREMENTS OF SMART GRIDS 1. Confidentiality: the confidentiality criterion requires protecting both personal privacy and proprietary information from being accessed or disclosed by unauthorized entities, individuals, or processes. For instance, information such as control of a meter,metering usage,and billing information that is sent between a customer and various entities must be confidential and protected;otherwise the customer’s information could be manipulated,modified, or used for other
SECURITY REQUIREMENTS OF SMART GRIDS 2. Availability : Availability is defined as ensuring timely and reliable access to and use of information. It is considered the most important security criterion in smart grid because the loss of availability means disruption of access to information in a smart grid For example,loss of availability can disturb the operation of the control system by blocking the information’s flow through the network, and therefore denying the network’s availability to control the system’s operators.
SECURITY REQUIREMENTS OF SMART GRIDS 3. Integrity : Integrity in smart grid means protecting against improper modification or destruction of the information. For example,power injection is a malicious attack launched by an adversary who intelligently modifies the measurements and relays them from the power injection meters and power flow to the state estimator
SMART GRID ATTACKS
SMART GRID ATTACKS
RECONNAISSANCE Includes: 1. Social Engineering : Social engineering (SE), relies on social skills and human interaction rather than technical skills. An attacker uses communication and persuasion to win the trust of a legitimate user and get credential and confidential information such as passwords or PIN number to log on into a particular system 2. Traffic Attacks: The traffic analysis attack is used to listen to the traffic and analyze it in order to determine the devices and the hosts connected to the network along with their IP addresses Social engineering and traffic analysis compromise mainly the confidentiality of the information.
SCANNING • Scanning attack is the next step used to discover all the devices and the hosts alive on the network. There are four types of scans:IPs, ports, services, and vulnerabilities • Generally, an attacker starts with an IPs scan to identify all the hosts connected in the network along with their IP addresses. Next, he or she goes deeper by scanning the ports in order to determine which port is open. This scan is executed on each discovered host on the network. The attacker then moves on to the service scan in order to find out the service or system running behind each opened port. • The final step, vulnerabilities scan, aims to identify the weaknesses and vulnerabilities related to each service on the target machine to exploit it afterward. • These attacks target mainly the confidentiality of the smart grid.
EXPLOITATION This is the next step and it includes: • Viruses, Worms and Trojan horses: A virus is a program used to infect a specific device or a system in smart grid. A worm is self-replicating program.It uses the network to spread,to copy itself,and to infect other devices and systems. A Trojan horse is a program that appears to perform a legitimate task on the target system. However,it runs a malicious code in the background.An attacker uses this type of malware to upload a virus or worm on the target system.
EXPLOITATION • Denial of service (DOS) attacks Several methods are used : 1. SYN (flood) Attacks : Exploits the three-way handshake (SYN,SYN-ACK,ACK) used to establish a TCP session.The attacker floods a target systemwith connection requests without responding to the replays,forcing the systemto crash.The Modbus/TCP protocol is vulnerable to these attacks since it operates over TCP 2. Buffer overflow : In buffer overflow,the attacker sends a huge amount of data to a specific system,thereby exhausting its resources. For example,the ping-of-deathis considered as a buffer overflow attack as it exploits the internet control message protocol (ICMP) by sending more that 65K octets of data.It then makes the systemcrash.
EXPLOITATION • Denial of service (DOS) attacks 3. Teardrop attack: An attacker alters and modifies the length and the fragmentation offset fields in sequential IP packets. Once the target system receives these packets, it crashes because the instructions on how the fragments are offset within these packets are contradictory. 4. Smurf attack: The attacker targets not only a specific system, but it can saturate and congest the traffic of an entire network. It consists of three elements: the source site, the bounce site, and the target site. For source site, the adversary sends a spoofed packet to the broadcast address of the bounce site.These packets contain the IP address of the target system. Once the bounce site receives the forged packets, it broadcasts them to all hosts connected to the network and then causes these hosts to replay,saturating the target system.
EXPLOITATION • Denial of service (DOS) attacks 5. Puppet attack : Targets the advanced metering infrastructure (AMI) network by exploiting a vulnerability in dynamic source routing (DSR) protocol and then exhausting the communication network bandwidth. Due to this attack, the packet delivery drops between 10% and 20% 6. The time-delay-switch (TDS) attack: consists of introducing a delay in control system creating instability in the smart grid system. 7. The time synchronization (TSA) attack: targets mainly the timing information in smart grid.Because power grid operations such as fault detection and event location estimation depend highly on precise time information, and also most of the measurement devices in smart grid are equipped with global positioning system (GPS),attack such as TSA, which spoof the GPS information, could have a high impact on the system
EXPLOITATION • Denial of service (DOS) attack DOS represents a significant threat to the smart grid system because communication and control messages in such a system are time critical, and a delay of few seconds could compromise the system availability.
EXPLOITATION • The man-in-the-middle (MITM) attack: Performed when an attacker inserts itself between two legitimate devices and listens, performs an injection,or intercepts the traffic between them.The attacker is connected to both devices and relays the traffic between them.These legitimate devices appear to communicate directlywhen in fact they are communicating via a third-device [1].For example,an attacker could conduct a MITM,by placing himself on an Ethernet network to alter or misrepresent I/O values to the human machine interface (HMI) and programmable logic controllers (PLC). The MITM could also be used to interceptTCP/IP communicationbetween the substation gatewayand the transmission SCADA server
EXPLOITATION • Replay Attack: an attacker could maliciously capture packets,inject a specific packet,and replay them to the legitimate destinations,compromising then the communication’s integrity. Intelligent electronic device (IED),which is a device designed for controlling and communicating with the SCADA system,could be targeted by replay attacks so that false measurements are injected in a specific register. Replay attack could also be used to alter the behavior the programmable logic controllers (PLC)
EXPLOITATION • Jamming channel attack: an adversary exploits the shared nature of the wireless network and sends a random or continuous flow of packets in order to keep the channel busy and then prevents legitimate devices from communicating and exchanging data. • Popping the HMI: an attack that exploits a known device’s vulnerability, especially device’s software or OS vulnerabilities, and then installs a remote shell, allowing the attacker to connect remotely to the server from his computer to get unauthorized access in order to monitor and control the compromised system.
EXPLOITATION • Masquerade attack: a malicious person may pretend to be a legitimate user in order to gain access to a system or gain greater privileges to perform unauthorized actions. • Integrity violation attack: Integrity violation attacks aim to violate the integrity and/or the accountability of the smart grid by altering intentionally or unintentionally the data stored in a given device in the network. For instance, a customer could perform this attack to alter the smart meter data in order to reduce his electricity bill. • Privacy violation attack: Privacy violation attack aims to violate privacy by collecting private information about customers [28].For example, as smart meters collect electricity usage many times per hour, information about the user electricity’s consumption could be obtained. Thus, if a meter does not show electricity usage for a period of time, that commonly indicates that the house is empty. This information could then be used to conduct a physical attack like burglary.
MAINTAINING ACCESS • The final step! • The attacker uses a special type of attack to gain permanent access to the target, especially backdoors, viruses, and Trojan horses. • A backdoor is an undetectable program, stealthy installed on the target to get back later easily and quickly. • If the attacker succeeds in embedding a backdoor into the servers of the control center of the SCADA, he or she can launch several attacks against the system which can cause a severe impact on the power system
DETECTION AND COUNTERMEASURES
DETECTION AND COUNTERMEASURES • A number of attack detection and countermeasure techniques are proposed in the literature to counter cyber attacks. For instance, Özçelik I. et al in [3] proposed a solution for distributed denial of service (DDos). In [4],Lu Z. et al. proposed a technique to detect jamming channel attacks. Though these security solutions contribute to the smart grid’s security, they are insufficient to face sophisticated and blended attacks. Moreover, Stuxnet [5] showed that strategy like “Defense indepth” or “security by obscurity” are no longer considered as valid solutions. We believe that security cannot be achieved through one specific solution, but by deploying several techniques incorporated into a global strategy. In this section, and as Fig. 5 shows, proposed a cyber security strategy composed of three phases: pre-attack, under attack, and postattack. As follows, and for each phase,relevant published solutions in terms of security protocols, security technology, cryptography, and other cyber-attack countermeasures are described.
DETECTION AND COUNTERMEASURES < PRE-ATTACK > • During this first phase, pre-attack, various published solutions are recommended to enhance the smart grid’s security and to be prepared for any potential attack. • Security countermeasures commonly fall into three categories: network security, cryptography, and device security. • There is technologies and secure protocols such as IDS, SIEM, DLP and secure DNP3 for the network security. • Encryption, authentication, and key management for the data security. • Finally, Host IDS, compliance checks, and diversity technique for the device security.
PRE-ATTACK (NETWORK SECURITY) • The network is the backboneof a smart grid. So,network security plays a significant role in securing the entire system. • Using firewalls supplemented with other monitoring and inspection technologies is recommended to secure the smart grid network. • A firewall is intended to allow or deny network connections based on specific rules and policies.But an unknownor an advancedattack technique can easily bypass many firewall techniques. • Therefore,firewalls should be associated with other security technologies such as intrusion detection system (IDS),security information and event management systems (SIEM), and network data loss prevention (DLP)
PRE-ATTACK (NETWORK SECURITY) • IDS is a system developed for detecting malicious activity either on a network or on a specific host. • SIEMS are information management systems that collect and gather information such as operating system logs, application logs, and network flow from all devices in the network. Then the collected information will be analyzed and processed by a centralized server in order to detect any potential threat or a malicious activity in the network. • Network DLP is a system responsible for preventing the loss or the theft of the data across the network
PRE-ATTACK (NETWORK SECURITY) • In addition to these security systems, secure network protocols such as IPsec, transport layer security (TLS), secure sockets layer (SSL), secure DNP3 can also be used to enhance security in the network. DNP3 is an industrial protocol widely used in smart gird. • In recent years, the increased number of cyberattacks targeting industrial and power system has attracted the attention of a number of researchers in both industry and academia. • Secured variation of DNP3 protocols has been released named secure DNP3.This secured version added a secure layer for encryption and authentication between the TCP/IP and application layer. Using such a protocol, several attacks can be avoided
PRE-ATTACK (CRYPTOGRAPHY FOR DATA SECURITY) • Encryption mechanisms aim to ensure data’s confidentiality,integrity,and nonrepudiation. • There are two types of key encryptions:symmetric and asymmetric. • In symmetric key encryption,or single-key encryption,one key is used to encrypt and to decrypt data. Asymmetric key encryption,on the other hand,uses two keys to encrypt and decrypt data: private key and public key. • In smart grid,various components with different computational capabilities co-exist. Therefore,both symmetric and asymmetric key encryption can be used,and the selection depends on several factors,including data criticality,time constraints,and computational resources
PRE-ATTACK (CRYPTOGRAPHY FOR DATA SECURITY) • Authentication is defined as the act of verifying that an object’s identity is valid,such as the use of a password. An object could be a user, a smart device,or any component connected to the smart grid network. Multicast authentication is a particular type of authentication and its applications are widely used in smart grid. • Key management is a crucial approach for encryption and authentication. Public key management (PKI), or shared secret key management, can be used to ensure authenticity for communication across networks. In PKI infrastructure, the identities of two parties is verified by a certificate delivered from a third party called the certificate authority (CA). This mechanism is done before establishing any connection between the two parties
PRE-ATTACK )DEVICE SECURITY ( • Device protection is the third crucial element in the supply chain of smart grid security. Many research papers and recommendation reports have been published contributing to security assurance for endpoints.
UNDER ATTCK • This step is divided into two tasks:attack detection and attack mitigation.Several approaches and technologies can be used during each task,to detect the malicious activity,and then deploy the appropriate countermeasures.. • During the attack detection,all the deployed security technologiesare recommended, including SIEMS,DLP,and IDS • But,some of these solutions have a number of limitations and need improvements, particularlyIDS.IDS is a widely used security system in IT network,and it is also used in smart grid network;but,it has many performance limitations specially reporting high rate of false positive. • Thus,many research papers were published to improve the IDS performancein the smart context
POST-ATTACK • When an attack is not detected,the post-attack period is an important step. • First, it is critical to identify the entity involved in the attack. • Then, the IDS signature, anti-virus database and security policies must be kept up to date by learning from attacks and to protect the smart grid against future similar attacks. • Forensic analysis is the primary technique used during the post-attack.Smart grid forensic studies collect, analyze, and intercept digital data in order to identify the entity involved in the event
CONCLUSION ⚫ Cyber security in the smart grid is still under research and needs more investigation to overcome the vulnerabilities and threats. ⚫ Cyber security in the smart grid is a critical issue that received attention of researchers and industry professionals. ⚫ Cyber-physical system security demands additional security requirementssuch as continuity of power delivery and other features.
REFERENCES 1. Cyber-Security in Smart Grid: Survey and Challenges, Computer and Electrical Engineering, V.67, Elsevier, 2018 2. Salsabeel, Fatma, Raafat (2015) ‘Smart grid cyber security: challenges and solutions’ 3. İ. Özçelik and R. R. Brooks, “Cusum - entropy: an efficient method for DDoS attack detection,” in 4th International Istanbul Smart Grid Congress and Fair (ICSG), 2016, pp.1–5. 4. Z. Lu, W.Wang, and C.Wang,“From jammer to gambler: Modeling and detection of jamming attacks against time-critical traffic,”in Proceedings IEEE INFOCOM, 2011,pp. 1871–1879 5. D. Kushner,“The real story of stuxnet,” IEEE Spectrum, vol. 50, no. 3, pp.48–53, Mar.2013.
THANK YOU

Recommended

Smart grid
Smart gridSmart grid
Smart gridyas_ta
 
Smart grid the future grid
Smart grid the future gridSmart grid the future grid
Smart grid the future gridsubhankar Dash
 
Smart Grid
Smart GridSmart Grid
Smart GridMohamed Abuella
 
Power qualty conditioners
Power qualty conditionersPower qualty conditioners
Power qualty conditionersSudhanshu Goel
 
Smart Grid Technology
Smart Grid TechnologySmart Grid Technology
Smart Grid TechnologyAditya Jalan
 
Smart grid security
Smart grid securitySmart grid security
Smart grid securityAhmadreza Ghaznavi
 
Smart grid challenge
Smart grid challengeSmart grid challenge
Smart grid challengeAbhishek Kumar
 
Smart power grid
Smart power gridSmart power grid
Smart power gridk shiva
 

Recommended

Smart grid
Smart gridSmart grid
Smart gridyas_ta
 
Smart grid the future grid
Smart grid the future gridSmart grid the future grid
Smart grid the future gridsubhankar Dash
 
Smart Grid
Smart GridSmart Grid
Smart GridMohamed Abuella
 
Power qualty conditioners
Power qualty conditionersPower qualty conditioners
Power qualty conditionersSudhanshu Goel
 
Smart Grid Technology
Smart Grid TechnologySmart Grid Technology
Smart Grid TechnologyAditya Jalan
 
Smart grid security
Smart grid securitySmart grid security
Smart grid securityAhmadreza Ghaznavi
 
Smart grid challenge
Smart grid challengeSmart grid challenge
Smart grid challengeAbhishek Kumar
 
Smart power grid
Smart power gridSmart power grid
Smart power gridk shiva
 
Presentation on Smart Grid
Presentation on Smart GridPresentation on Smart Grid
Presentation on Smart Gridtanzir3
 
Smart grid
Smart gridSmart grid
Smart gridAbhishek Kumar
 
Cyber Security in Power Systems
Cyber Security in Power SystemsCyber Security in Power Systems
Cyber Security in Power SystemsPower System Operation
 
The Smart Grid
The Smart GridThe Smart Grid
The Smart GridAbhishek Anand
 
SMART GRID TECHNOLOGY
SMART GRID TECHNOLOGYSMART GRID TECHNOLOGY
SMART GRID TECHNOLOGYasegekar18
 
Smart Grid Technology
Smart Grid TechnologySmart Grid Technology
Smart Grid TechnologyShriramGokhale
 
CYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDCYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDSiva Sasthri
 
Smart grid
Smart gridSmart grid
Smart gridPraneeth Reddy
 
Wireless power / Wireless Electricity
Wireless power / Wireless ElectricityWireless power / Wireless Electricity
Wireless power / Wireless ElectricityMuhammad Umair Iqbal
 
Smart Grid : A state of art
Smart Grid : A state of artSmart Grid : A state of art
Smart Grid : A state of artJitendra kapoor
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber SecurityJAZEEL K T
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid systemamaljose949563
 
Smart grid technology
Smart grid technologySmart grid technology
Smart grid technologyAng Sovann
 
Smart Grid ppt
Smart Grid pptSmart Grid ppt
Smart Grid pptOECLIB Odisha Electronics Control Library
 
Web based power quality monitoring system
Web based power quality monitoring systemWeb based power quality monitoring system
Web based power quality monitoring systemVikram Purohit
 
Real Time Pricing Simulator for Smart Grids
Real Time Pricing Simulator for Smart GridsReal Time Pricing Simulator for Smart Grids
Real Time Pricing Simulator for Smart GridsSwantika Dhundia
 
Phasor Measurement Unit (PMU)
Phasor Measurement Unit (PMU) Phasor Measurement Unit (PMU)
Phasor Measurement Unit (PMU)Siksha 'O' Anusandhan (Deemed to be University )
 
Smart grid technology
Smart grid technologySmart grid technology
Smart grid technologyEklavya Sharma
 
Smart grid
Smart gridSmart grid
Smart gridsohan prajapati
 
Smartgrid
SmartgridSmartgrid
SmartgridRakesh Gothwal
 
Smart Grid Systems Based Survey on Cyber Security Issues
Smart Grid Systems Based Survey on Cyber Security IssuesSmart Grid Systems Based Survey on Cyber Security Issues
Smart Grid Systems Based Survey on Cyber Security IssuesjournalBEEI
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733SIVA SASTHRI
 

More Related Content

What's hot

Presentation on Smart Grid
Presentation on Smart GridPresentation on Smart Grid
Presentation on Smart Gridtanzir3
 
SMART GRID TECHNOLOGY
SMART GRID TECHNOLOGYSMART GRID TECHNOLOGY
SMART GRID TECHNOLOGYasegekar18
 
CYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDCYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDSiva Sasthri
 
Wireless power / Wireless Electricity
Wireless power / Wireless ElectricityWireless power / Wireless Electricity
Wireless power / Wireless ElectricityMuhammad Umair Iqbal
 
Smart Grid : A state of art
Smart Grid : A state of artSmart Grid : A state of art
Smart Grid : A state of artJitendra kapoor
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber SecurityJAZEEL K T
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid systemamaljose949563
 
Smart grid technology
Smart grid technologySmart grid technology
Smart grid technologyAng Sovann
 
Web based power quality monitoring system
Web based power quality monitoring systemWeb based power quality monitoring system
Web based power quality monitoring systemVikram Purohit
 
Real Time Pricing Simulator for Smart Grids
Real Time Pricing Simulator for Smart GridsReal Time Pricing Simulator for Smart Grids
Real Time Pricing Simulator for Smart GridsSwantika Dhundia
 

What's hot (20)

Presentation on Smart Grid
Presentation on Smart GridPresentation on Smart Grid
Presentation on Smart Grid
 
Smart grid
Smart gridSmart grid
Smart grid
 
Cyber Security in Power Systems
Cyber Security in Power SystemsCyber Security in Power Systems
Cyber Security in Power Systems
 
The Smart Grid
The Smart GridThe Smart Grid
The Smart Grid
 
SMART GRID TECHNOLOGY
SMART GRID TECHNOLOGYSMART GRID TECHNOLOGY
SMART GRID TECHNOLOGY
 
Smart Grid Technology
Smart Grid TechnologySmart Grid Technology
Smart Grid Technology
 
CYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRIDCYBER SECURITY IN THE SMART GRID
CYBER SECURITY IN THE SMART GRID
 
Smart grid
Smart gridSmart grid
Smart grid
 
Wireless power / Wireless Electricity
Wireless power / Wireless ElectricityWireless power / Wireless Electricity
Wireless power / Wireless Electricity
 
Smart Grid : A state of art
Smart Grid : A state of artSmart Grid : A state of art
Smart Grid : A state of art
 
Smart Grid Cyber Security
Smart Grid Cyber SecuritySmart Grid Cyber Security
Smart Grid Cyber Security
 
Cyber security in Smart grid system
Cyber security in Smart grid systemCyber security in Smart grid system
Cyber security in Smart grid system
 
Smart grid technology
Smart grid technologySmart grid technology
Smart grid technology
 
Smart Grid ppt
Smart Grid pptSmart Grid ppt
Smart Grid ppt
 
Web based power quality monitoring system
Web based power quality monitoring systemWeb based power quality monitoring system
Web based power quality monitoring system
 
Real Time Pricing Simulator for Smart Grids
Real Time Pricing Simulator for Smart GridsReal Time Pricing Simulator for Smart Grids
Real Time Pricing Simulator for Smart Grids
 
Phasor Measurement Unit (PMU)
Phasor Measurement Unit (PMU) Phasor Measurement Unit (PMU)
Phasor Measurement Unit (PMU)
 
Smart grid technology
Smart grid technologySmart grid technology
Smart grid technology
 
Smart grid
Smart gridSmart grid
Smart grid
 
Smartgrid
SmartgridSmartgrid
Smartgrid
 

Similar to Cyber-security of smart grids

Smart Grid Systems Based Survey on Cyber Security Issues
Smart Grid Systems Based Survey on Cyber Security IssuesSmart Grid Systems Based Survey on Cyber Security Issues
Smart Grid Systems Based Survey on Cyber Security IssuesjournalBEEI
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733SIVA SASTHRI
 
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsDetecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsCSCJournals
 
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSCYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSGeorge Wainblat
 
Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Eng. Mohammed Ahmed Siddiqui
 
Advanced Metering Infrastructure Security Test.pptx
Advanced Metering Infrastructure Security Test.pptxAdvanced Metering Infrastructure Security Test.pptx
Advanced Metering Infrastructure Security Test.pptxFrancesco Faenzi
 
3778975074 january march 2015 1
3778975074 january march 2015 13778975074 january march 2015 1
3778975074 january march 2015 1nicfs
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA NetworksIJRES Journal
 
Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...SyvilMaeTapinit
 
Prevention based mechanism for attacks in Network Security
Prevention based mechanism for attacks in Network SecurityPrevention based mechanism for attacks in Network Security
Prevention based mechanism for attacks in Network SecurityEditor IJMTER
 
CYBER ATTACKS ON INTRUSION DETECTION SYSTEM
CYBER ATTACKS ON INTRUSION DETECTION SYSTEMCYBER ATTACKS ON INTRUSION DETECTION SYSTEM
CYBER ATTACKS ON INTRUSION DETECTION SYSTEMijistjournal
 
Smart metering and control of transmission system
Smart metering and control of transmission systemSmart metering and control of transmission system
Smart metering and control of transmission systemDurgarao Gundu
 

Similar to Cyber-security of smart grids (20)

Smart Grid Systems Based Survey on Cyber Security Issues
Smart Grid Systems Based Survey on Cyber Security IssuesSmart Grid Systems Based Survey on Cyber Security Issues
Smart Grid Systems Based Survey on Cyber Security Issues
 
Presentation1 160729072733
Presentation1 160729072733Presentation1 160729072733
Presentation1 160729072733
 
Authentication in Smart Grid
Authentication in Smart GridAuthentication in Smart Grid
Authentication in Smart Grid
 
smart grid
smart gridsmart grid
smart grid
 
1678 1683
1678 16831678 1683
1678 1683
 
1678 1683
1678 16831678 1683
1678 1683
 
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection SystemsDetecting and Preventing Attacks Using Network Intrusion Detection Systems
Detecting and Preventing Attacks Using Network Intrusion Detection Systems
 
Utilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA NetworksUtilization of Encryption for Security in SCADA Networks
Utilization of Encryption for Security in SCADA Networks
 
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSCYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMS
 
Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...Intrusion detection and prevention system for network using Honey pots and Ho...
Intrusion detection and prevention system for network using Honey pots and Ho...
 
Advanced Metering Infrastructure Security Test.pptx
Advanced Metering Infrastructure Security Test.pptxAdvanced Metering Infrastructure Security Test.pptx
Advanced Metering Infrastructure Security Test.pptx
 
3778975074 january march 2015 1
3778975074 january march 2015 13778975074 january march 2015 1
3778975074 january march 2015 1
 
Encryption Security in SCADA Networks
Encryption Security in SCADA NetworksEncryption Security in SCADA Networks
Encryption Security in SCADA Networks
 
Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...Network Attacks - (Information Assurance and Security)BS in Information Techn...
Network Attacks - (Information Assurance and Security)BS in Information Techn...
 
Prevention based mechanism for attacks in Network Security
Prevention based mechanism for attacks in Network SecurityPrevention based mechanism for attacks in Network Security
Prevention based mechanism for attacks in Network Security
 
CYBER ATTACKS ON INTRUSION DETECTION SYSTEM
CYBER ATTACKS ON INTRUSION DETECTION SYSTEMCYBER ATTACKS ON INTRUSION DETECTION SYSTEM
CYBER ATTACKS ON INTRUSION DETECTION SYSTEM
 
Smart metering and control of transmission system
Smart metering and control of transmission systemSmart metering and control of transmission system
Smart metering and control of transmission system
 
DDoS.ppt
DDoS.pptDDoS.ppt
DDoS.ppt
 
50120140507012
5012014050701250120140507012
50120140507012
 
50120140507012
5012014050701250120140507012
50120140507012
 

Recently uploaded

VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAbhinavSharma374939
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...ranjana rawat
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidNikhilNagaraju
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSKurinjimalarL3
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 

Recently uploaded (20)

VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog Converter
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
main PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfidmain PPT.pptx of girls hostel security using rfid
main PPT.pptx of girls hostel security using rfid
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICSAPPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
APPLICATIONS-AC/DC DRIVES-OPERATING CHARACTERISTICS
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 

Cyber-security of smart grids

  • 2. CONTENTS Introduction What is Smart Grid Why Smart Grid Cyber Security of Smart Grid Security requirements and objectives Security Challenges and attacks Solutions and attack detection Conclusion
  • 3. INTRODUCTION ⚫ Nations across the world face the challenge of increasing power production while reducing the carbon footprint. They need to minimize power loss and downtime, harness alternative power sources, and so on. ⚫ The numerous challenges facing them have one solution – smart grids. ⚫ While smart grid bring improvements in cost and performance, the security of the power grids becomes more complex and riskier, calling for a comprehensive and integrated solution.
  • 4. WHAT IS SMART GRID • A smart grid uses digital technology to improve reliability, security and efficiency (both economic and energy) of the electric system from large generation, through the delivery system to electricity consumers and a growing number of distributed generation and storage resources. SMART GRID = POWER GRID + ICT • Understanding Smart Grid: ⚫ System (G,T,D) with an advanced two-way communication system ⚫ Enables real-time monitoring and control ⚫ Consequently, enablescost reduction and efficiency improvement
  • 5. INFORMATIONAND COMMUNICATION TECHNOLOGY ⚫ ICT are core of successful smart grid implementation. ⚫ Systems (G,T,D) , consumption, marketing, retailing etc are heavily based on ICT infrastructures. ⚫ Using ICT, the smart grid becomes more reliability, security and efficiency.
  • 6. FUNCTIONS OF ICT’S IN G,T,D ⚫ IN ‘G’Domain ✓ Automation of bulk generation and DER operations. ✓ Synchronizing and adjusting the voltage levels. ⚫ IN ‘T’Domain ✓ Automation of the transmission power grid (SCADA/EMS) ⚫ IN ‘D’Domain ✓ DMS improves classical outage management systems (OMS) by automation ✓ Real-time adjustmentsbyAdvanced DistributionAutomation
  • 7. WHY SMART GRID? The traditional power system : • The present infrastructure is overstrained and inter region bulk transfer is limited • Cannot fully support the integration of renewable energy • Low reliability of power – outage • Low efficiency
  • 8. WHAT SMART GRID DOES? • Decentralization of generating resources • Integration of all sources of energy, mainly renewable • Continuous monitoring and feedback from the network • Anticipation of faults and helps in fault prevention • Two way communication between the utilities and the consumers • Reduces the stress on the power system infrastructure • Continuous self learning
  • 9. COMPARISON Conventional Grid Smart Grid Electromechanical Digital One way communication Two way communication Centralized generation Distributed generation Manual monitoring Self monitoring Manual restoration Self healing
  • 11. CYBER-SECURITY OF SMART GRIDS ⚫ IT technologies can make the grid smart ✓ Real time monitoring (PMUs, Smart meters) ✓ Advanced information analysis (Big data) ✓ Automated control (Self-healing, Smart actuators)
  • 12. SECURITY REQUIREMENTS OF SMART GRIDS 1. Confidentiality: the confidentiality criterion requires protecting both personal privacy and proprietary information from being accessed or disclosed by unauthorized entities, individuals, or processes. For instance, information such as control of a meter,metering usage,and billing information that is sent between a customer and various entities must be confidential and protected;otherwise the customer’s information could be manipulated,modified, or used for other
  • 13. SECURITY REQUIREMENTS OF SMART GRIDS 2. Availability : Availability is defined as ensuring timely and reliable access to and use of information. It is considered the most important security criterion in smart grid because the loss of availability means disruption of access to information in a smart grid For example,loss of availability can disturb the operation of the control system by blocking the information’s flow through the network, and therefore denying the network’s availability to control the system’s operators.
  • 14. SECURITY REQUIREMENTS OF SMART GRIDS 3. Integrity : Integrity in smart grid means protecting against improper modification or destruction of the information. For example,power injection is a malicious attack launched by an adversary who intelligently modifies the measurements and relays them from the power injection meters and power flow to the state estimator
  • 17. RECONNAISSANCE Includes: 1. Social Engineering : Social engineering (SE), relies on social skills and human interaction rather than technical skills. An attacker uses communication and persuasion to win the trust of a legitimate user and get credential and confidential information such as passwords or PIN number to log on into a particular system 2. Traffic Attacks: The traffic analysis attack is used to listen to the traffic and analyze it in order to determine the devices and the hosts connected to the network along with their IP addresses Social engineering and traffic analysis compromise mainly the confidentiality of the information.
  • 18. SCANNING • Scanning attack is the next step used to discover all the devices and the hosts alive on the network. There are four types of scans:IPs, ports, services, and vulnerabilities • Generally, an attacker starts with an IPs scan to identify all the hosts connected in the network along with their IP addresses. Next, he or she goes deeper by scanning the ports in order to determine which port is open. This scan is executed on each discovered host on the network. The attacker then moves on to the service scan in order to find out the service or system running behind each opened port. • The final step, vulnerabilities scan, aims to identify the weaknesses and vulnerabilities related to each service on the target machine to exploit it afterward. • These attacks target mainly the confidentiality of the smart grid.
  • 19. EXPLOITATION This is the next step and it includes: • Viruses, Worms and Trojan horses: A virus is a program used to infect a specific device or a system in smart grid. A worm is self-replicating program.It uses the network to spread,to copy itself,and to infect other devices and systems. A Trojan horse is a program that appears to perform a legitimate task on the target system. However,it runs a malicious code in the background.An attacker uses this type of malware to upload a virus or worm on the target system.
  • 20. EXPLOITATION • Denial of service (DOS) attacks Several methods are used : 1. SYN (flood) Attacks : Exploits the three-way handshake (SYN,SYN-ACK,ACK) used to establish a TCP session.The attacker floods a target systemwith connection requests without responding to the replays,forcing the systemto crash.The Modbus/TCP protocol is vulnerable to these attacks since it operates over TCP 2. Buffer overflow : In buffer overflow,the attacker sends a huge amount of data to a specific system,thereby exhausting its resources. For example,the ping-of-deathis considered as a buffer overflow attack as it exploits the internet control message protocol (ICMP) by sending more that 65K octets of data.It then makes the systemcrash.
  • 21. EXPLOITATION • Denial of service (DOS) attacks 3. Teardrop attack: An attacker alters and modifies the length and the fragmentation offset fields in sequential IP packets. Once the target system receives these packets, it crashes because the instructions on how the fragments are offset within these packets are contradictory. 4. Smurf attack: The attacker targets not only a specific system, but it can saturate and congest the traffic of an entire network. It consists of three elements: the source site, the bounce site, and the target site. For source site, the adversary sends a spoofed packet to the broadcast address of the bounce site.These packets contain the IP address of the target system. Once the bounce site receives the forged packets, it broadcasts them to all hosts connected to the network and then causes these hosts to replay,saturating the target system.
  • 22. EXPLOITATION • Denial of service (DOS) attacks 5. Puppet attack : Targets the advanced metering infrastructure (AMI) network by exploiting a vulnerability in dynamic source routing (DSR) protocol and then exhausting the communication network bandwidth. Due to this attack, the packet delivery drops between 10% and 20% 6. The time-delay-switch (TDS) attack: consists of introducing a delay in control system creating instability in the smart grid system. 7. The time synchronization (TSA) attack: targets mainly the timing information in smart grid.Because power grid operations such as fault detection and event location estimation depend highly on precise time information, and also most of the measurement devices in smart grid are equipped with global positioning system (GPS),attack such as TSA, which spoof the GPS information, could have a high impact on the system
  • 23. EXPLOITATION • Denial of service (DOS) attack DOS represents a significant threat to the smart grid system because communication and control messages in such a system are time critical, and a delay of few seconds could compromise the system availability.
  • 24. EXPLOITATION • The man-in-the-middle (MITM) attack: Performed when an attacker inserts itself between two legitimate devices and listens, performs an injection,or intercepts the traffic between them.The attacker is connected to both devices and relays the traffic between them.These legitimate devices appear to communicate directlywhen in fact they are communicating via a third-device [1].For example,an attacker could conduct a MITM,by placing himself on an Ethernet network to alter or misrepresent I/O values to the human machine interface (HMI) and programmable logic controllers (PLC). The MITM could also be used to interceptTCP/IP communicationbetween the substation gatewayand the transmission SCADA server
  • 25. EXPLOITATION • Replay Attack: an attacker could maliciously capture packets,inject a specific packet,and replay them to the legitimate destinations,compromising then the communication’s integrity. Intelligent electronic device (IED),which is a device designed for controlling and communicating with the SCADA system,could be targeted by replay attacks so that false measurements are injected in a specific register. Replay attack could also be used to alter the behavior the programmable logic controllers (PLC)
  • 26. EXPLOITATION • Jamming channel attack: an adversary exploits the shared nature of the wireless network and sends a random or continuous flow of packets in order to keep the channel busy and then prevents legitimate devices from communicating and exchanging data. • Popping the HMI: an attack that exploits a known device’s vulnerability, especially device’s software or OS vulnerabilities, and then installs a remote shell, allowing the attacker to connect remotely to the server from his computer to get unauthorized access in order to monitor and control the compromised system.
  • 27. EXPLOITATION • Masquerade attack: a malicious person may pretend to be a legitimate user in order to gain access to a system or gain greater privileges to perform unauthorized actions. • Integrity violation attack: Integrity violation attacks aim to violate the integrity and/or the accountability of the smart grid by altering intentionally or unintentionally the data stored in a given device in the network. For instance, a customer could perform this attack to alter the smart meter data in order to reduce his electricity bill. • Privacy violation attack: Privacy violation attack aims to violate privacy by collecting private information about customers [28].For example, as smart meters collect electricity usage many times per hour, information about the user electricity’s consumption could be obtained. Thus, if a meter does not show electricity usage for a period of time, that commonly indicates that the house is empty. This information could then be used to conduct a physical attack like burglary.
  • 28. MAINTAINING ACCESS • The final step! • The attacker uses a special type of attack to gain permanent access to the target, especially backdoors, viruses, and Trojan horses. • A backdoor is an undetectable program, stealthy installed on the target to get back later easily and quickly. • If the attacker succeeds in embedding a backdoor into the servers of the control center of the SCADA, he or she can launch several attacks against the system which can cause a severe impact on the power system
  • 30. DETECTION AND COUNTERMEASURES • A number of attack detection and countermeasure techniques are proposed in the literature to counter cyber attacks. For instance, Özçelik I. et al in [3] proposed a solution for distributed denial of service (DDos). In [4],Lu Z. et al. proposed a technique to detect jamming channel attacks. Though these security solutions contribute to the smart grid’s security, they are insufficient to face sophisticated and blended attacks. Moreover, Stuxnet [5] showed that strategy like “Defense indepth” or “security by obscurity” are no longer considered as valid solutions. We believe that security cannot be achieved through one specific solution, but by deploying several techniques incorporated into a global strategy. In this section, and as Fig. 5 shows, proposed a cyber security strategy composed of three phases: pre-attack, under attack, and postattack. As follows, and for each phase,relevant published solutions in terms of security protocols, security technology, cryptography, and other cyber-attack countermeasures are described.
  • 31. DETECTION AND COUNTERMEASURES < PRE-ATTACK > • During this first phase, pre-attack, various published solutions are recommended to enhance the smart grid’s security and to be prepared for any potential attack. • Security countermeasures commonly fall into three categories: network security, cryptography, and device security. • There is technologies and secure protocols such as IDS, SIEM, DLP and secure DNP3 for the network security. • Encryption, authentication, and key management for the data security. • Finally, Host IDS, compliance checks, and diversity technique for the device security.
  • 32. PRE-ATTACK (NETWORK SECURITY) • The network is the backboneof a smart grid. So,network security plays a significant role in securing the entire system. • Using firewalls supplemented with other monitoring and inspection technologies is recommended to secure the smart grid network. • A firewall is intended to allow or deny network connections based on specific rules and policies.But an unknownor an advancedattack technique can easily bypass many firewall techniques. • Therefore,firewalls should be associated with other security technologies such as intrusion detection system (IDS),security information and event management systems (SIEM), and network data loss prevention (DLP)
  • 33. PRE-ATTACK (NETWORK SECURITY) • IDS is a system developed for detecting malicious activity either on a network or on a specific host. • SIEMS are information management systems that collect and gather information such as operating system logs, application logs, and network flow from all devices in the network. Then the collected information will be analyzed and processed by a centralized server in order to detect any potential threat or a malicious activity in the network. • Network DLP is a system responsible for preventing the loss or the theft of the data across the network
  • 34. PRE-ATTACK (NETWORK SECURITY) • In addition to these security systems, secure network protocols such as IPsec, transport layer security (TLS), secure sockets layer (SSL), secure DNP3 can also be used to enhance security in the network. DNP3 is an industrial protocol widely used in smart gird. • In recent years, the increased number of cyberattacks targeting industrial and power system has attracted the attention of a number of researchers in both industry and academia. • Secured variation of DNP3 protocols has been released named secure DNP3.This secured version added a secure layer for encryption and authentication between the TCP/IP and application layer. Using such a protocol, several attacks can be avoided
  • 35. PRE-ATTACK (CRYPTOGRAPHY FOR DATA SECURITY) • Encryption mechanisms aim to ensure data’s confidentiality,integrity,and nonrepudiation. • There are two types of key encryptions:symmetric and asymmetric. • In symmetric key encryption,or single-key encryption,one key is used to encrypt and to decrypt data. Asymmetric key encryption,on the other hand,uses two keys to encrypt and decrypt data: private key and public key. • In smart grid,various components with different computational capabilities co-exist. Therefore,both symmetric and asymmetric key encryption can be used,and the selection depends on several factors,including data criticality,time constraints,and computational resources
  • 36. PRE-ATTACK (CRYPTOGRAPHY FOR DATA SECURITY) • Authentication is defined as the act of verifying that an object’s identity is valid,such as the use of a password. An object could be a user, a smart device,or any component connected to the smart grid network. Multicast authentication is a particular type of authentication and its applications are widely used in smart grid. • Key management is a crucial approach for encryption and authentication. Public key management (PKI), or shared secret key management, can be used to ensure authenticity for communication across networks. In PKI infrastructure, the identities of two parties is verified by a certificate delivered from a third party called the certificate authority (CA). This mechanism is done before establishing any connection between the two parties
  • 37. PRE-ATTACK )DEVICE SECURITY ( • Device protection is the third crucial element in the supply chain of smart grid security. Many research papers and recommendation reports have been published contributing to security assurance for endpoints.
  • 38. UNDER ATTCK • This step is divided into two tasks:attack detection and attack mitigation.Several approaches and technologies can be used during each task,to detect the malicious activity,and then deploy the appropriate countermeasures.. • During the attack detection,all the deployed security technologiesare recommended, including SIEMS,DLP,and IDS • But,some of these solutions have a number of limitations and need improvements, particularlyIDS.IDS is a widely used security system in IT network,and it is also used in smart grid network;but,it has many performance limitations specially reporting high rate of false positive. • Thus,many research papers were published to improve the IDS performancein the smart context
  • 39. POST-ATTACK • When an attack is not detected,the post-attack period is an important step. • First, it is critical to identify the entity involved in the attack. • Then, the IDS signature, anti-virus database and security policies must be kept up to date by learning from attacks and to protect the smart grid against future similar attacks. • Forensic analysis is the primary technique used during the post-attack.Smart grid forensic studies collect, analyze, and intercept digital data in order to identify the entity involved in the event
  • 40. CONCLUSION ⚫ Cyber security in the smart grid is still under research and needs more investigation to overcome the vulnerabilities and threats. ⚫ Cyber security in the smart grid is a critical issue that received attention of researchers and industry professionals. ⚫ Cyber-physical system security demands additional security requirementssuch as continuity of power delivery and other features.
  • 41. REFERENCES 1. Cyber-Security in Smart Grid: Survey and Challenges, Computer and Electrical Engineering, V.67, Elsevier, 2018 2. Salsabeel, Fatma, Raafat (2015) ‘Smart grid cyber security: challenges and solutions’ 3. İ. Özçelik and R. R. Brooks, “Cusum - entropy: an efficient method for DDoS attack detection,” in 4th International Istanbul Smart Grid Congress and Fair (ICSG), 2016, pp.1–5. 4. Z. Lu, W.Wang, and C.Wang,“From jammer to gambler: Modeling and detection of jamming attacks against time-critical traffic,”in Proceedings IEEE INFOCOM, 2011,pp. 1871–1879 5. D. Kushner,“The real story of stuxnet,” IEEE Spectrum, vol. 50, no. 3, pp.48–53, Mar.2013.