This document discusses cybersecurity threats to smart metering systems. It begins with an overview of smart metering and its benefits, then describes the functional architecture which includes smart meters, communication networks, and interfaces. The document identifies vulnerabilities in smart metering systems like IP misconfiguration, injection attacks, denial of service attacks, and memory corruption. It proposes a taxonomy of threats by matching system vulnerabilities to threat vectors like physical attacks, network attacks, and interface attacks. The document argues that addressing these security issues is important for increasing adoption of smart metering.
Running head: SMART GRID 1
SMART GRID 2
SMART GRID 1
CSIA 459: Evaluating Emerging Technologies
Technology Review #2: Emerging Application of Technology in a Critical Infrastructure
Annotated Bibliography for Smart Grid
11/25/2018
Introduction
The Smart Grid is the evolution of our current electric grid, using new technologies to optimize power conservation and delivery. The “Grid” refers to the electric grid, a network of transmission lines, substations, transformers and more that supply our homes or businesses with electricity from the power plant. The digital technology that enables two - way communication between the utility and its customers and the transmission line sensing is what makes the grid smart. Like the Internet, the Smart Grid consist of controls, computers, automation and new technologies and equipment working together, but in this case, these technologies work with the electrical grid to meet our rapidly changing electrical demand digitally. The Smart Grid is a unique opportunity to transform the energy industry into a new era of efficiency, affordability and reliability that will add value to our society.
Today, the demand for power continues to grow rapidly using more electronic devices than ever before and the current electrical system is outdated and totally depends on equipment nearing the end of its lifetime of use. Smart grids update this infrastructure to ensure that safety issues are addressed, and power is consistently delivered and that the system is managed competently. Without intelligent grid improvements, the old system, which is already close to capacity, will not be able to meet the future challenges. Cybersecurity solutions for critical energy infrastructure are essential in order to deliver reliable energy. In today's increasingly connected world, where cyber threats are highly sophisticated, it is unwise to think that energy supply systems are isolated or immune from compromise, but the Smart grid offers so many fundamental changes in human intelligence, prevention, management and recovery that, despite the introduction of new vulnerabilities, it essentially makes the electrical system safer.
Annotated Bibliography for Smart Grid
1. Pesesky, J. L. (2016). The vulnerabilities of the advanced metering infrastructure in the smart grid (Order No. 10154802). Available from ProQuest Dissertations & Theses Global. (1836799165). Retrieved from http://ezproxy.umuc.edu/login?url=https://search-proquest-com.ezproxy.umuc.edu/docview/1836799165?accountid=14580
Justine Pesesky in his dissertation, talks about how the intelligent grid uses innovative technology to improve the experience of the consumer. The intelligent grid features allow intelligent appliances and smart meters to transmit information wirelessly to electrical utilities, and how the confident.
Smart grid technology (and smart meters in particular) may raise privacy concerns. Learn what are the issues at stake, which approaches are being developed and what is coming next.
Smart Grid Systems Based Survey on Cyber Security IssuesjournalBEEI
The future power system will be an innovative administration of existing power grids, which is called smart grid. Above all, the application of advanced communication and computing tools is going to significantly improve the productivity and consistency of smart grid systems with renewable energy resources. Together with the topographies of the smart grid, cyber security appears as a serious concern since a huge number of automatic devices are linked through communication networks. Cyber attacks on those devices had a direct influence on the reliability of extensive infrastructure of the power system. In this survey, several published works related to smart grid system vulnerabilities, potential intentional attacks, and suggested countermeasures for these threats have been investigated.
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSGeorge Wainblat
SUMMARY - Current power grids increasingly emerging into smart networked grids and are more accessible from the public internet which poses new cyber threats in the grid. More computer based systems are introduced into power networks in order to monitor and control the network. Future model smart grid and micro grid systems will be based on data flows for communication of system status, usage and control throughout the network infrastructure in addition to the power flow. This creates new security threats on the power grid. Instead of relying mainly on power plants for power generation, there will be a combination of multiple generation sources and at the same time wider use of electrical computer based equipment by consumers. Both increase the amount of data flows in the network as well as introduce additional vulnerable spots. Vulnerability of the power grid to cyber-attacks increases even more because of the wide use of SCADA networks. SCADA networks are more accessible to the internet and lack authentication and authorization mechanisms therefore expose the grid to threats such as DDOS, Data interception, Data alteration and additional hacking threats.
The transition from present to future model has already begun and rapidly growing while it already poses new security challenges which must be attended immediately. It is essential to introduce immediately a single comprehensive security solution which will provide fast detection and prevention tools to cope with a variety of threats with different nature and from multiple sources. The solution should not be tightly coupled with each device in the network so it won’t require upgrade of the devices inside the grid.
The Cyber defense solution should be versatile using variety of cyber technologies such as Firewalls, anomaly detection, Big Data analytics, machine learning and more in a network wise combination.
Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings’ facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
Recent changes to the existing power grid are expected to influence the way energy is provided and consumed by customers. Advanced Metering Infrastructure (AMI) is a tool to incorporate these changes for modernizing the electricity grid. Growing energy needs are forcing government agencies and utility companies to move towards AMI systems as part of larger smart grid initiatives. The smart grid promises to enable a more reliable, sustainable, and efficient power grid by taking advantage of information and communication technologies. However, this information-based power grid can reveal sensitive private information from the user’s perspective due to its ability to gather highly granular power consumption data. This has resulted in limited consumer acceptance and proliferation of the smart grid. Hence, it is crucial to design a mechanism to prevent the leakage of such sensitive consumer usage information in
smart grid. Among different solutions for preserving consumer privacy in Smart Grid Network(SGN), private data aggregation techniques have received a tremendous focus from security researchers. Existing privacy-preserving aggregation mechanisms in SGNs utilize cryptographic techniques, specifically homomorphic properties of public-key cryptosystems. Such homomorphic approaches are bandwidthintensive (due to large output blocks they generate), and in most cases, are computationally complex. In this paper, we present a novel and efficient CDMA-based approach to achieve privacy-preserving aggregation in SGNs by utilizing random perturbation of power consumption data and with limited use of traditional cryptography. We evaluate and validate the efficiency and performance of our proposed privacy preserving data aggregation scheme through extensive statistical analyses and simulations.
Running head: SMART GRID 1
SMART GRID 2
SMART GRID 1
CSIA 459: Evaluating Emerging Technologies
Technology Review #2: Emerging Application of Technology in a Critical Infrastructure
Annotated Bibliography for Smart Grid
11/25/2018
Introduction
The Smart Grid is the evolution of our current electric grid, using new technologies to optimize power conservation and delivery. The “Grid” refers to the electric grid, a network of transmission lines, substations, transformers and more that supply our homes or businesses with electricity from the power plant. The digital technology that enables two - way communication between the utility and its customers and the transmission line sensing is what makes the grid smart. Like the Internet, the Smart Grid consist of controls, computers, automation and new technologies and equipment working together, but in this case, these technologies work with the electrical grid to meet our rapidly changing electrical demand digitally. The Smart Grid is a unique opportunity to transform the energy industry into a new era of efficiency, affordability and reliability that will add value to our society.
Today, the demand for power continues to grow rapidly using more electronic devices than ever before and the current electrical system is outdated and totally depends on equipment nearing the end of its lifetime of use. Smart grids update this infrastructure to ensure that safety issues are addressed, and power is consistently delivered and that the system is managed competently. Without intelligent grid improvements, the old system, which is already close to capacity, will not be able to meet the future challenges. Cybersecurity solutions for critical energy infrastructure are essential in order to deliver reliable energy. In today's increasingly connected world, where cyber threats are highly sophisticated, it is unwise to think that energy supply systems are isolated or immune from compromise, but the Smart grid offers so many fundamental changes in human intelligence, prevention, management and recovery that, despite the introduction of new vulnerabilities, it essentially makes the electrical system safer.
Annotated Bibliography for Smart Grid
1. Pesesky, J. L. (2016). The vulnerabilities of the advanced metering infrastructure in the smart grid (Order No. 10154802). Available from ProQuest Dissertations & Theses Global. (1836799165). Retrieved from http://ezproxy.umuc.edu/login?url=https://search-proquest-com.ezproxy.umuc.edu/docview/1836799165?accountid=14580
Justine Pesesky in his dissertation, talks about how the intelligent grid uses innovative technology to improve the experience of the consumer. The intelligent grid features allow intelligent appliances and smart meters to transmit information wirelessly to electrical utilities, and how the confident.
Smart grid technology (and smart meters in particular) may raise privacy concerns. Learn what are the issues at stake, which approaches are being developed and what is coming next.
Smart Grid Systems Based Survey on Cyber Security IssuesjournalBEEI
The future power system will be an innovative administration of existing power grids, which is called smart grid. Above all, the application of advanced communication and computing tools is going to significantly improve the productivity and consistency of smart grid systems with renewable energy resources. Together with the topographies of the smart grid, cyber security appears as a serious concern since a huge number of automatic devices are linked through communication networks. Cyber attacks on those devices had a direct influence on the reliability of extensive infrastructure of the power system. In this survey, several published works related to smart grid system vulnerabilities, potential intentional attacks, and suggested countermeasures for these threats have been investigated.
CYBER SECURITY TRANDS FOR FUTURE SMART GRID SYSTEMSGeorge Wainblat
SUMMARY - Current power grids increasingly emerging into smart networked grids and are more accessible from the public internet which poses new cyber threats in the grid. More computer based systems are introduced into power networks in order to monitor and control the network. Future model smart grid and micro grid systems will be based on data flows for communication of system status, usage and control throughout the network infrastructure in addition to the power flow. This creates new security threats on the power grid. Instead of relying mainly on power plants for power generation, there will be a combination of multiple generation sources and at the same time wider use of electrical computer based equipment by consumers. Both increase the amount of data flows in the network as well as introduce additional vulnerable spots. Vulnerability of the power grid to cyber-attacks increases even more because of the wide use of SCADA networks. SCADA networks are more accessible to the internet and lack authentication and authorization mechanisms therefore expose the grid to threats such as DDOS, Data interception, Data alteration and additional hacking threats.
The transition from present to future model has already begun and rapidly growing while it already poses new security challenges which must be attended immediately. It is essential to introduce immediately a single comprehensive security solution which will provide fast detection and prevention tools to cope with a variety of threats with different nature and from multiple sources. The solution should not be tightly coupled with each device in the network so it won’t require upgrade of the devices inside the grid.
The Cyber defense solution should be versatile using variety of cyber technologies such as Firewalls, anomaly detection, Big Data analytics, machine learning and more in a network wise combination.
Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings’ facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
Recent changes to the existing power grid are expected to influence the way energy is provided and consumed by customers. Advanced Metering Infrastructure (AMI) is a tool to incorporate these changes for modernizing the electricity grid. Growing energy needs are forcing government agencies and utility companies to move towards AMI systems as part of larger smart grid initiatives. The smart grid promises to enable a more reliable, sustainable, and efficient power grid by taking advantage of information and communication technologies. However, this information-based power grid can reveal sensitive private information from the user’s perspective due to its ability to gather highly granular power consumption data. This has resulted in limited consumer acceptance and proliferation of the smart grid. Hence, it is crucial to design a mechanism to prevent the leakage of such sensitive consumer usage information in
smart grid. Among different solutions for preserving consumer privacy in Smart Grid Network(SGN), private data aggregation techniques have received a tremendous focus from security researchers. Existing privacy-preserving aggregation mechanisms in SGNs utilize cryptographic techniques, specifically homomorphic properties of public-key cryptosystems. Such homomorphic approaches are bandwidthintensive (due to large output blocks they generate), and in most cases, are computationally complex. In this paper, we present a novel and efficient CDMA-based approach to achieve privacy-preserving aggregation in SGNs by utilizing random perturbation of power consumption data and with limited use of traditional cryptography. We evaluate and validate the efficiency and performance of our proposed privacy preserving data aggregation scheme through extensive statistical analyses and simulations.
Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings' facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...Power System Operation
The electric power industry has come a long way since the 1900s, with respect to evolving from legacy analog devices to new and advanced digital technologies. “Today, microprocessor devices used by power utilities have advanced into smarter and more intelligent devices, known as intelligent electronic devices (IEDs). These IEDs aid power operators, technicians, and engineers in better decision making, offering more tools for controlling and monitoring power flow that can perform routine maintenance testing via remote control and automated functions. IEDs can detect and protect against various power fault and system disturbance scenarios along with providing power flow waveforms, metering data, and supervisory control and data acquisition (SCADA) functionality.” [1]
As power control systems and operational technology (OT) systems continue to progress so does their dependence on information technology (IT) systems for communications and enterprise network connectivity. The OT world of SCADA and control systems for power substations continues to evolve with more influence, products and services from the IT world. The need for a unified cyber/physical security approach within the smart substation environment that protects the overall goal of safely delivering electric power to customers is not only a laudable goal, but an absolute requirement as the two traditional OT and IT environments start to become a single solution. The OT and IT convergence are a reality due to the integrated and complex computing e.g. networking and communications taking place within OT environments. This paper reviews some of the major security challenges facing OT and IT convergence with power utilities, particularly within smart grid (SG) and smart substation environments. Also, recommendations are provided for implementing and maintaining proper security controls in the new combined OT/IT environment.
Electricity is a necessity in the modern world. In the traditional power system, electricity is being generated and transmitted through a one-way transmission and distribution system called the grid. The smart grid is an intelligent power grid designed to handle distributed resources using communication technology employing smart meters and control system. It promises more efficient, secure and climate friendly power system.
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...Power System Operation
Because of recent cyber-attacks and threats against power utilities, cybersecurity continues to increase in importance and be on the minds of substation design engineers.
One major concern for power distribution utilities is “ensuring that all communication protocols performing control functions and data acquisition for substations are properly secured. With IEC-61850 being one of the most widely used communications protocols by utilities today, particularly in distribution automation (DA),” increases the need for greater security in communication protocols. [1]
IEC-61850 is also becoming the preferred standard for substation design and operations due to the common framework and object-oriented design for point names as well as the increased performance and lower lifecycle cost of SCADA systems utilizing the methodology and protocols. This paper will discuss major vulnerabilities and cybersecurity considerations that require proper analysis when designing and implementing a secure IEC-61850 standard-based SCADA system within a power substation. However, this paper will not discuss implementation methods or provide implementation concepts.
A Review of anomaly detection techniques in advanced metering infrastructurejournalBEEI
Advanced Metering Infrastructure (AMI) is a component of electrical networks that combines the energy and telecommunication infrastructure to collect, measure and analyze consumer energy consumptions. One of the main elements of AMI is a smart meter that used to manage electricity generation and distribution to end-user. The rapid implementation of AMI raises the need to deliver better maintenance performance and monitoring more efficiently while keeping consumers informed on their consumption habits. The convergence from analog to digital has made AMI tend to inherit the current vulnerabilities of digital devices that prone to cyber-attack, where attackers can manipulate the consumer energy consumption for their benefit. A huge amount of data generated in AMI allows attackers to manipulate the consumer energy consumption to their benefit once they manage to hack into the AMI environment. Anomalies detection is a technique can be used to identify any rare event such as data manipulation that happens in AMI based on the data collected from the smart meter. The purpose of this study is to review existing studies on anomalies techniques used to detect data manipulation in AMI and smart grid systems. Furthermore, several measurement methods and approaches used by existing studies will be addressed.
Cyber-Defensive Architecture for Networked Industrial Control SystemsIJEACS
This paper deals with the inevitable consequence of the convenience and efficiency we benefit from the open, networked control system operation of safety-critical applications: vulnerability to such system from cyber-attacks. Even with numerous metrics and methods for intrusion detection and mitigation strategy, a complete detection and deterrence of internal code flaws and outside cyber-attacks has not been found and would not be found anytime soon. Considering the ever incompleteness of detection and prevention and the impact and consequence of mal-functions of the safety-critical operations caused by cyber incidents, this paper proposes a new computer control system architecture which assures resiliency even under compromised situations. The proposed architecture is centered on diversification of hardware systems and unidirectional communication from the proposed system in alerting suspicious activities to upper layers. This paper details the architectural structure of the proposed cyber defensive computer control system architecture for power substation applications and its validation in lab experimentation and on a cybersecurity testbed.
Practical analysis of the cybersecurity of European smart gridsSergey Gordeychik
This paper summarizes the experience gained during a series of
practical cybersecurity assessments of various components of Europe’s
smart electrical grids.
Importance of Measurements in Smart GridIJERD Editor
- The need to get reliable supply, independence from fossil fuels, and capability to provide clean
energy at a fixed and lower cost, the existing power grid structure is transforming into Smart Grid. The
development of a smart energy distribution grid is a current goal of many nations. A Smart Grid should have
new capabilities such as self-healing, high reliability, energy management, and real-time pricing. This new era
of smart future grid will lead to major changes in existing technologies at generation, transmission and
distribution levels. The incorporation of renewable energy resources and distribution generators in the existing
grid will increase the complexity, optimization problems and instability of the system. This will lead to a
paradigm shift in the instrumentation and control requirements for Smart Grids for high quality, stable and
reliable electricity supply of power. The monitoring of the grid system state and stability relies on the
availability of reliable measurement of data. In this paper the measurement areas that highlight new
measurement challenges, development of the Smart Meters and the critical parameters of electric energy to be
monitored for improving the reliability of power systems has been discussed.
Salsa20 based lightweight security scheme for smart meter communication in sm...TELKOMNIKA JOURNAL
The traditional power gird is altering dramatically to a smart power grid with the escalating development of information and communication technology (ICT). Among thousands of electronic devices connected to the grid through communication network, smart meter (SM) is the core networking device. The consolidation of ICT to the electronic devices centered on SM open loophole for the adversaries to launch cyber-attack. Therefore, for protecting the network from the adversaries it is required to design lightweight security mechanism for SM, as conventional cryptography schemes poses extensive computational cost, processing delay and overhead which is not suitable to be used in SM. In this paper, we have proposed a security mechanism consolidating elliptic curve cryptography (ECC) and Salsa20 stream cipher algorithm to ensure security of the network as well as addressing the problem of energy efficiency and lightweight security solution. We have numerically analyzed the performance of our proposed scheme in case of energy efficiency and processing time which reveals that the suggested mechanism is suitable to be used in SM as it consumes less power and requires less processing time to encrypt or decrypt.
An efficient security framework for intrusion detection and prevention in int...IJECEIAES
Over the past few years, the internet of things (IoT) has advanced to connect billions of smart devices to improve quality of life. However, anomalies or malicious intrusions pose several security loopholes, leading to performance degradation and threat to data security in IoT operations. Thereby, IoT security systems must keep an eye on and restrict unwanted events from occurring in the IoT network. Recently, various technical solutions based on machine learning (ML) models have been derived towards identifying and restricting unwanted events in IoT. However, most ML-based approaches are prone to miss-classification due to inappropriate feature selection. Additionally, most ML approaches applied to intrusion detection and prevention consider supervised learning, which requires a large amount of labeled data to be trained. Consequently, such complex datasets are impossible to source in a large network like IoT. To address this problem, this proposed study introduces an efficient learning mechanism to strengthen the IoT security aspects. The proposed algorithm incorporates supervised and unsupervised approaches to improve the learning models for intrusion detection and mitigation. Compared with the related works, the experimental outcome shows that the model performs well in a benchmark dataset. It accomplishes an improved detection accuracy of approximately 99.21%.
Security Attacks and Countermeasures on Cloud Assisted IoT App.docxedgar6wallace88877
Security Attacks and Countermeasures on Cloud Assisted IoT Applications
Asma Alsaidi
The Communication and Information Research Center
Sultan Qaboos University
Muscat, Oman
[email protected]
Firdous Kausar
Electrical and Computer Engineering Department
College of Engineering, Sultan Qaboos University
Muscat, Oman
[email protected]
Abstract— Internet of things is an emerging technology having
the potential to improve the quality of different aspects of
human life. Furthermore, integration of IoT with cloud
computing has accelerated the wide range of applications in
different areas such as commercial, manufacturing,
engineering, supply chains, etc. Currently security threat
obstacles the adoption of IoT technology in many areas. This
paper presents the architecture of cloud assisted IoT
applications for smart cities, telemedicine and intelligent
transportation system. We investigate the security threats and
attacks due to unauthorized access and misuse of information
collected by IoT nodes and device. Further, we describe the
possible countermeasure to these security attacks.
Keywords- IoT; Cloud Computing; Smart cities; Intelligent
transport system; Telemedicine;
I. INTRODUCTION
The Internet of things (IoT) compromises a combination
of different sensors and objects that can collaborate with
each other with no human interference necessary. The
“things” in the IoT comprises objects, such as cars,
microwaves, refrigerators, toaster, air conditions etc, which
collect useful data from its surroundings with the help of
sensors and transmit this to the other connected devices that
take actions/decisions based on it. In other words, it can be
said that IoT is an architecture that encompasses smart
embedded devices that are connected to internet so they can
be controlled and triggered by internet.
It is expected that by the 2020, around 25 billion objects
will become the part of global IoT network [9], which will
pose new challenges in securing IoT systems. It will become
easy target for hackers as these systems are often deployed in
uncontrolled and hostile environment. The main security
challenges in IoT environment are authorization, privacy,
authentication, admission control, system conformation,
storage, and administration [2]. There are security solutions
available already for Internet, which should be equally
applicable to IoT networks as well. However, constrained
resources, different operational environment, and complex
interconnectivity among huge number of devices in IoT
make those security solutions insufficient.
The IoT systems are vulnerable to numerous different
types of security attacks: Denial of Service (DoS), Jamming
attacks, Sybil attacks, blackhole attacks, wormhole attacks,
and malware attacks etc. Even after implementing proper
security solutions in IoT devices, there are still possibilities
of different kind of attacks on the network. Therefore,
proper.
Supervisory control and data acquisition (SCADA) are applications that collect data from a system in order to automate the monitoring and controlling of its activities. Several industrial fields such as, electric utilities, water supplies and buildings' facilities have already adopted SCADA systems to increase the efficiency and reduce cost. However, the IT community is concerned about the level of security that any applied SCADA system provides. This paper concentrates on the major security threats encountered in SCADA systems. In addition, it discusses a new proposed methodology in order to increase the system security with minimal impact on efficiency. The proposed scheme provides several security services which are mutual authentication, confidentiality, data integrity and accountability.
Recommended Solutions to Major Security Challenges Facing OT & IT Personnel w...Power System Operation
The electric power industry has come a long way since the 1900s, with respect to evolving from legacy analog devices to new and advanced digital technologies. “Today, microprocessor devices used by power utilities have advanced into smarter and more intelligent devices, known as intelligent electronic devices (IEDs). These IEDs aid power operators, technicians, and engineers in better decision making, offering more tools for controlling and monitoring power flow that can perform routine maintenance testing via remote control and automated functions. IEDs can detect and protect against various power fault and system disturbance scenarios along with providing power flow waveforms, metering data, and supervisory control and data acquisition (SCADA) functionality.” [1]
As power control systems and operational technology (OT) systems continue to progress so does their dependence on information technology (IT) systems for communications and enterprise network connectivity. The OT world of SCADA and control systems for power substations continues to evolve with more influence, products and services from the IT world. The need for a unified cyber/physical security approach within the smart substation environment that protects the overall goal of safely delivering electric power to customers is not only a laudable goal, but an absolute requirement as the two traditional OT and IT environments start to become a single solution. The OT and IT convergence are a reality due to the integrated and complex computing e.g. networking and communications taking place within OT environments. This paper reviews some of the major security challenges facing OT and IT convergence with power utilities, particularly within smart grid (SG) and smart substation environments. Also, recommendations are provided for implementing and maintaining proper security controls in the new combined OT/IT environment.
Electricity is a necessity in the modern world. In the traditional power system, electricity is being generated and transmitted through a one-way transmission and distribution system called the grid. The smart grid is an intelligent power grid designed to handle distributed resources using communication technology employing smart meters and control system. It promises more efficient, secure and climate friendly power system.
Cybersecurity Considerations for Power Substation SCADA Systems Using IEC 618...Power System Operation
Because of recent cyber-attacks and threats against power utilities, cybersecurity continues to increase in importance and be on the minds of substation design engineers.
One major concern for power distribution utilities is “ensuring that all communication protocols performing control functions and data acquisition for substations are properly secured. With IEC-61850 being one of the most widely used communications protocols by utilities today, particularly in distribution automation (DA),” increases the need for greater security in communication protocols. [1]
IEC-61850 is also becoming the preferred standard for substation design and operations due to the common framework and object-oriented design for point names as well as the increased performance and lower lifecycle cost of SCADA systems utilizing the methodology and protocols. This paper will discuss major vulnerabilities and cybersecurity considerations that require proper analysis when designing and implementing a secure IEC-61850 standard-based SCADA system within a power substation. However, this paper will not discuss implementation methods or provide implementation concepts.
A Review of anomaly detection techniques in advanced metering infrastructurejournalBEEI
Advanced Metering Infrastructure (AMI) is a component of electrical networks that combines the energy and telecommunication infrastructure to collect, measure and analyze consumer energy consumptions. One of the main elements of AMI is a smart meter that used to manage electricity generation and distribution to end-user. The rapid implementation of AMI raises the need to deliver better maintenance performance and monitoring more efficiently while keeping consumers informed on their consumption habits. The convergence from analog to digital has made AMI tend to inherit the current vulnerabilities of digital devices that prone to cyber-attack, where attackers can manipulate the consumer energy consumption for their benefit. A huge amount of data generated in AMI allows attackers to manipulate the consumer energy consumption to their benefit once they manage to hack into the AMI environment. Anomalies detection is a technique can be used to identify any rare event such as data manipulation that happens in AMI based on the data collected from the smart meter. The purpose of this study is to review existing studies on anomalies techniques used to detect data manipulation in AMI and smart grid systems. Furthermore, several measurement methods and approaches used by existing studies will be addressed.
Cyber-Defensive Architecture for Networked Industrial Control SystemsIJEACS
This paper deals with the inevitable consequence of the convenience and efficiency we benefit from the open, networked control system operation of safety-critical applications: vulnerability to such system from cyber-attacks. Even with numerous metrics and methods for intrusion detection and mitigation strategy, a complete detection and deterrence of internal code flaws and outside cyber-attacks has not been found and would not be found anytime soon. Considering the ever incompleteness of detection and prevention and the impact and consequence of mal-functions of the safety-critical operations caused by cyber incidents, this paper proposes a new computer control system architecture which assures resiliency even under compromised situations. The proposed architecture is centered on diversification of hardware systems and unidirectional communication from the proposed system in alerting suspicious activities to upper layers. This paper details the architectural structure of the proposed cyber defensive computer control system architecture for power substation applications and its validation in lab experimentation and on a cybersecurity testbed.
Practical analysis of the cybersecurity of European smart gridsSergey Gordeychik
This paper summarizes the experience gained during a series of
practical cybersecurity assessments of various components of Europe’s
smart electrical grids.
Importance of Measurements in Smart GridIJERD Editor
- The need to get reliable supply, independence from fossil fuels, and capability to provide clean
energy at a fixed and lower cost, the existing power grid structure is transforming into Smart Grid. The
development of a smart energy distribution grid is a current goal of many nations. A Smart Grid should have
new capabilities such as self-healing, high reliability, energy management, and real-time pricing. This new era
of smart future grid will lead to major changes in existing technologies at generation, transmission and
distribution levels. The incorporation of renewable energy resources and distribution generators in the existing
grid will increase the complexity, optimization problems and instability of the system. This will lead to a
paradigm shift in the instrumentation and control requirements for Smart Grids for high quality, stable and
reliable electricity supply of power. The monitoring of the grid system state and stability relies on the
availability of reliable measurement of data. In this paper the measurement areas that highlight new
measurement challenges, development of the Smart Meters and the critical parameters of electric energy to be
monitored for improving the reliability of power systems has been discussed.
Salsa20 based lightweight security scheme for smart meter communication in sm...TELKOMNIKA JOURNAL
The traditional power gird is altering dramatically to a smart power grid with the escalating development of information and communication technology (ICT). Among thousands of electronic devices connected to the grid through communication network, smart meter (SM) is the core networking device. The consolidation of ICT to the electronic devices centered on SM open loophole for the adversaries to launch cyber-attack. Therefore, for protecting the network from the adversaries it is required to design lightweight security mechanism for SM, as conventional cryptography schemes poses extensive computational cost, processing delay and overhead which is not suitable to be used in SM. In this paper, we have proposed a security mechanism consolidating elliptic curve cryptography (ECC) and Salsa20 stream cipher algorithm to ensure security of the network as well as addressing the problem of energy efficiency and lightweight security solution. We have numerically analyzed the performance of our proposed scheme in case of energy efficiency and processing time which reveals that the suggested mechanism is suitable to be used in SM as it consumes less power and requires less processing time to encrypt or decrypt.
An efficient security framework for intrusion detection and prevention in int...IJECEIAES
Over the past few years, the internet of things (IoT) has advanced to connect billions of smart devices to improve quality of life. However, anomalies or malicious intrusions pose several security loopholes, leading to performance degradation and threat to data security in IoT operations. Thereby, IoT security systems must keep an eye on and restrict unwanted events from occurring in the IoT network. Recently, various technical solutions based on machine learning (ML) models have been derived towards identifying and restricting unwanted events in IoT. However, most ML-based approaches are prone to miss-classification due to inappropriate feature selection. Additionally, most ML approaches applied to intrusion detection and prevention consider supervised learning, which requires a large amount of labeled data to be trained. Consequently, such complex datasets are impossible to source in a large network like IoT. To address this problem, this proposed study introduces an efficient learning mechanism to strengthen the IoT security aspects. The proposed algorithm incorporates supervised and unsupervised approaches to improve the learning models for intrusion detection and mitigation. Compared with the related works, the experimental outcome shows that the model performs well in a benchmark dataset. It accomplishes an improved detection accuracy of approximately 99.21%.
Security Attacks and Countermeasures on Cloud Assisted IoT App.docxedgar6wallace88877
Security Attacks and Countermeasures on Cloud Assisted IoT Applications
Asma Alsaidi
The Communication and Information Research Center
Sultan Qaboos University
Muscat, Oman
[email protected]
Firdous Kausar
Electrical and Computer Engineering Department
College of Engineering, Sultan Qaboos University
Muscat, Oman
[email protected]
Abstract— Internet of things is an emerging technology having
the potential to improve the quality of different aspects of
human life. Furthermore, integration of IoT with cloud
computing has accelerated the wide range of applications in
different areas such as commercial, manufacturing,
engineering, supply chains, etc. Currently security threat
obstacles the adoption of IoT technology in many areas. This
paper presents the architecture of cloud assisted IoT
applications for smart cities, telemedicine and intelligent
transportation system. We investigate the security threats and
attacks due to unauthorized access and misuse of information
collected by IoT nodes and device. Further, we describe the
possible countermeasure to these security attacks.
Keywords- IoT; Cloud Computing; Smart cities; Intelligent
transport system; Telemedicine;
I. INTRODUCTION
The Internet of things (IoT) compromises a combination
of different sensors and objects that can collaborate with
each other with no human interference necessary. The
“things” in the IoT comprises objects, such as cars,
microwaves, refrigerators, toaster, air conditions etc, which
collect useful data from its surroundings with the help of
sensors and transmit this to the other connected devices that
take actions/decisions based on it. In other words, it can be
said that IoT is an architecture that encompasses smart
embedded devices that are connected to internet so they can
be controlled and triggered by internet.
It is expected that by the 2020, around 25 billion objects
will become the part of global IoT network [9], which will
pose new challenges in securing IoT systems. It will become
easy target for hackers as these systems are often deployed in
uncontrolled and hostile environment. The main security
challenges in IoT environment are authorization, privacy,
authentication, admission control, system conformation,
storage, and administration [2]. There are security solutions
available already for Internet, which should be equally
applicable to IoT networks as well. However, constrained
resources, different operational environment, and complex
interconnectivity among huge number of devices in IoT
make those security solutions insufficient.
The IoT systems are vulnerable to numerous different
types of security attacks: Denial of Service (DoS), Jamming
attacks, Sybil attacks, blackhole attacks, wormhole attacks,
and malware attacks etc. Even after implementing proper
security solutions in IoT devices, there are still possibilities
of different kind of attacks on the network. Therefore,
proper.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
JMeter webinar - integration with InfluxDB and Grafana
Evaluation of cybersecurity threats -mdms.pdf
1. See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/318601090
Evaluation of Cybersecurity Threats on Smart Metering System
Chapter in Advances in Intelligent Systems and Computing · July 2018
DOI: 10.1007/978-3-319-54978-1_28
CITATIONS
14
READS
8,935
4 authors:
Some of the authors of this publication are also working on these related projects:
Microload Management in Generation Constrained Environment View project
Russian global information warfare View project
Samuel Tweneboah-Koduah
Aarhus Business School
11 PUBLICATIONS 219 CITATIONS
SEE PROFILE
Anthony Tsetse
Northern Kentucky University
25 PUBLICATIONS 113 CITATIONS
SEE PROFILE
Julius Quarshie Azasoo
The University of Northampton
16 PUBLICATIONS 96 CITATIONS
SEE PROFILE
Barbara Endicott-Popovsky
University of Washington Seattle
100 PUBLICATIONS 688 CITATIONS
SEE PROFILE
All content following this page was uploaded by Samuel Tweneboah-Koduah on 23 March 2018.
The user has requested enhancement of the downloaded file.
2. Page 1 of 7
Evaluation of cybersecurity threats on Smart Metering System
Abstract
Smart metering has emerged as the next-generation of
energy distribution, consumption, and monitoring
systems via the convergence of power engineering and
information and communication technology (ICT)
integration otherwise known as smart grid systems.
While the innovation is advancing the future power
generation, distribution, consumption monitoring and
information delivery, the success of the platform is
positively correlated to the thriving integration of
technologies upon which the system is built.
Nonetheless, the rising trend of cybersecurity attacks on
cyber infrastructure and its dependent systems coupled
with the system’s inherent vulnerabilities present a
source of concern not only to the vendors but also the
consumers. These security concerns need to be
addressed in order to increase consumer confidence so
as to ensure greatest adoption and success of smart
metering. In this paper, we present a functional
communication architecture of the smart metering
system. Following that, we demonstrate and discuss the
taxonomy of smart metering common vulnerabilities
exposure, upon which sophisticated threats can
capitalize. We then introduce countermeasure
techniques, whose integration is considered pivotal for
achieving security protection against existing and future
sophisticated attacks on smart metering systems.
Keywords
Smart Metering Infrastructure, Power Engineering,
Smart Grid, Cybersecurity, Cyber Threats, Cyber
Attack
1.0 Introduction
The modernization of the modern power grid systems
otherwise known as the smart grid has been developed
for the purpose of enabling bidirectional flows of
metering information in order to provide consumers
with diverse choices as to how, when, and how much
electricity they use. Integrated within the smart grid
infrastructure setup is smart metering which core
objective is to automate the monitoring of consumers’
power consumption, for the purpose of billing and
accounting. Smart metering infrastructure otherwise
known as Advanced Metering Infrastructure (AMI), is
the core component in smart grid infrastructure
systems. The functional architecture represents an
automated two-way communication between a smart
utility meter and a utility producer [1]. The metering
system monitors consumers’ power consumption by
collecting information on such consumption and
communicating such information back to the utility
company for load monitoring and billing [1].
Additionally, smart metering infrastructure provides
better monitoring of power consumption and efficient
and more transparent billing system to consumers.
Thus, the utility providers are able to apply different
price models for power consumption based on the time
of day and season power is consumed [2]. By design,
smart metering enables consumers to access their own
real-time use of power consumption information
through a web interface and mobile app service. These
goals could not have been achieved and realized
without the integration of communication technology
infrastructure required to gather, assemble, and
synthesize data provided by smart meters and other
interconnected components.
Smart Metering (SM) has gradually become an interest
to both research and industrial communities most
importantly to utility companies, energy regulators,
energy distribution vendors as well as energy
conservation societies [3]. The adoption and use of
smart metering are advancing in recent times due to the
ability to integrate information and communication
technologies with the development of energy
infrastructure systems. Notwithstanding, the recent
upsurge in cyber attacks against critical infrastructure
systems threatens the smooth functioning of smart
metering infrastructure development and the electric
grid as a whole.
In this paper, we assess some of the major cybersecurity
issues in smart metering infrastructure. Our goal is to
provide an initial step to classify the system’s inherent
vulnerabilities and the potential threats capable of
exploiting the vulnerabilities. We evaluate this by
demonstrating the feasibility and impact of various
threat vectors upon a smart metering communication
infrastructure network.
This paper is organized as follows. Beginning with this
introduction, the next section reviews the state of the art
of smart metering system. In Section III, smart metering
functional architecture is presented. Section IV explores
the evaluation of cybersecurity challenges on smart
metering. We discuss the study findings in section V
and then conclude the paper in Section VI.
2.0 Related studies
The concept of smart metering has advanced in recent
times due to the integration of information and
communication technologies into energy development.
Rinaldi classified such integration as cyber
interdependency [4]. In a related study, Rinaldi, et al.
3. Page 2 of 7
argued that interdependencies in critical infrastructure
systems give rise to functional and non-functional
challenges which do not exist in the single
infrastructural system [5]. Accordingly, Li et al, posit
that smart metering is part of the smart grid
infrastructure system and for that matter, security
attacks may take place both in the physical space, as in
the conventional power grid, as well as in the
cyberspace as in any modern communication
infrastructure network [2].
Smart metering infrastructure system is often
microprocessor-based which supports wireless
connectivity for easy control and monitoring. Li et al.
argue that smart meters are massively deployed as
access points and are mostly connected to the Internet
to engage customers in utility management. These
access points, conversely, have become ideal ports for
intrusions, penetration and other malicious attacks [2].
Conversely, Li et al, maintain that the openness in the
smart metering systems (to the public network)
increases vulnerabilities in the grid thereby escalating
sophisticated threat attacks on the system. In a related
study, Flick and Morehouse claim that cyber threats on
critical infrastructure systems in general, and the
electricity grid, in particular, has become the subject of
increasing research interest both in academia and
industry [6]. Contributing to this, Giani, et al., argue,
the potential consequences of successful cyber attack
on the electric grid is staggering [7]. They stated, smart
metering which is part of a Smart Grid infrastructure
system, incorporates sensing, communication, and
distributed control to accommodate renewable
generation, Electronic Vehicle (EV) loads, storage, and
many other technologies. These activities substantially
increase actionable data transfers making the system
more vulnerable to cyber attacks, thus, increasing the
urgency of cybersecurity research for electric grids [7].
Prior studies explored various aspects of cyber attacks
on smart grid and smart metering systems. For instance,
Yan et al, summarize possible vulnerabilities and
cybersecurity requirements in smart grid
communication systems and surveyed solutions capable
of counteracting related cybersecurity threats [8]. In a
related study, Wei et al. proposed a framework for
protecting power grid automation systems against cyber
attacks [9]. The proposal includes integration with the
existing legacy systems, desirable performance in terms
of modularity, scalability, extendibility, and
manageability, alignment to the “Roadmap to Secure
Control Systems in the Energy Sector” and future
intelligent power delivery systems [9]. Cleveland in [3]
argued that while various AMI vendors and customers
consider encryption as a security proof solution to the
threats of cyber adversaries on AMIs, there are other
potential cybersecurity challenges facing AMI systems
which require research focus. The challenges Cleveland
identified include confidentiality, integrity, data
availability and non-repudiation. The issues of privacy,
confidentiality, and data availability as cybersecurity
threats against smart grid systems have also been
discussed in the following studies [2], [10]- [14].
3.0 Smart Metering Functional Architecture
The future power grid has a tiered architecture to
supply energy to consumers [15]. This modern energy
infrastructure system starts from power generation
through transmission systems to distribution and
eventually to the final consumer. A smart grid system
strives to use and coordinate various generations, and
production as well as the distribution mechanisms of
the grid [15]. Smart metering infrastructure is the core
component in a smart grid infrastructure system. It
functional architecture represents an automated two-
way communication between a smart utility meter and a
utility producer [1]. Smart meters identify power
consumption by collecting information on such
consumption and communicate the information back to
the utility company for load monitoring and billing for
accounting purposes [1]. By generalizing the structures
in [15], [2] and [1], we present functional smart
metering architecture as illustrated in figure 1. The
architecture consists of a micro-load management unit
and it hardware subsystem which houses the various
hardware components of the system. Each of the
structures has its core components and functions
explained below.
i. Smart Meter: This is the core of a smart
metering infrastructure setup. It acts as the main
source of energy-related information or other
metrological data and provides interval data for
customer energy loads.
ii. Smart Metering Communications Network:
Like a traditional communication network, the
smart metering network provides a path for
information flow within the grid.
iii. Customer Gateway: This acts as the conduit
between a smart metering network and the other
smart devices in the grid or within the customer
facilities, such as a Home Area Network (HAN)
or the Neighborhood Area Network (NAN)
Other components within the metering structure
include:
iv. The Wide Area Network (WAN) Interface:
It collects metering and control information
from the Server systems and relays the
readings and status of the meter to the server.
v. The Home Area Network (HAN): This serves
as the communication medium for device
interface sensors, actuator/network relays, the
In-Home Display (IHD) units, etc. This
4. Page 3 of 7
communication medium can be a single
unidirectional or bidirectional or a
combination of multiple technologies such as
power line carrier (PLC), Ethernet, or wireless
communication technologies (e.g. Z-Wave,
Bluetooth, ZigBee, WiFi, RF mesh, and
WLAN (802.11)).
vi. The WAN gateway: This acts as the link
between the metering Unit and the Micro-load
metering information system to provide near
real-time monitoring and control functions of
the metering system and other auxiliary
services, by providing access to the electrical
utility companies and their consumers.
The utility company gains access to the metering
system through a computer interface directly connected
to the server. Utility consumers are usually provided
access to the metering system through the web and/or
mobile application interface, giving consumers the
ability to monitor real-time information about energy
consumption and billing, as well as performing home
automation activities using integrated mobile devices.
Figure 1: Smart Metering Communication Architecture
vii. The Home Area Network (HAN) Gateway:
It provides a communication channel between
the main metering unit and the micro-load
controllers. As a result, the microcontrollers
and load management can be extended to an
off-the-shelf micro-load meter for the use of
Electric Vehicle (EV) charging systems and
other energy consuming loads.
viii. The Neighboring Area Network (NAN)
Gateway: Acts as the intermediary tier
connecting multiple HANs collectively in the
smart grid for the purpose of accumulating
energy consumption information from
households (the HANs), in a neighborhood
and relay the data to the utility company [15]
for billing and monitoring.
The Metering Unit (MU) is the main control center for
the smart metering functional architecture. In the
absence of the HAN, the MU monitors the amount of
energy being consumed, as well as the ability to curtail
power to all consuming devices. Additionally, the
Micro-Load Metering Unit (MMU) monitors and reads
the consumptions of all the devices and appliances
attached to the main meter (including the Electric
Vehicle Charging Terminals (EVCT)) by providing
granular consumption data for consumption analysis
and predicting future energy consumption. The micro-
load controller functions to cut-off or connects micro-
loads to the main source of electricity via the metering
unit. This functionality is linked, to the Direct Load
Control (DLC) unit enabling consumers to respond to
pricing signals or time-of-use through an application
program interface (API) such as Web or App.
4.0 Cybersecurity Challenges in Smart
Metering
The conventional metering system is embedded with
dedicated power devices, which are mostly integrated
with control, monitoring and communication
functionalities, using closed networks composed of
predictable serial communication links. In contrast,
smart metering decouples communication and control
functionalities from power devices and is modularized
for the purposes of scalability and maintenance [2].
Moreover, smart metering core components are usually
commercial off-the-shelf (COTS) products from diverse
vendors having unknown incompatibilities.
Cybersecurity challenges of a smart metering system lie
in the system’s inherent vulnerabilities which expose
the infrastructure set to various attacks. Sources of
vulnerabilities include firmware, hardware architecture,
system applications, as well as a network interface.
Besides, the bi-directional communication link between
the metering unit and main gateway (and Metering
Information Server-MIS) leaves the system open for
network-related attacks and protocol failure. Other
communication attacks include wireless scrambling,
eavesdropping, man-in-the-middle attacks, message
modification and injection attacks. For example, IP-
based devices are susceptible to IP misconfiguration
which does exhibit nondeterministic behavior in times
of success attack. IP misconfiguration inevitably
decreases system operation and reliability. Besides,
smart meters are deployed in smart grid as access points
for each customer (in the NAN and HAN), in order to
manage utility consumption. These devices are usually
connected to the Internet through the metering gateway.
In addition to IP spoofing, the gateway (both local and
global), can become perfect points for intrusions, DoS
attacks, and other Internet-based attacks.
5. Page 4 of 7
Furthermore, per their design, utility consumers usually
interact with the metering system through the web
and/or mobile application interfaces. Most of these
applications are either web-based or stand-alone. Web-
based applications are integrated with the metering
system application using Application Programming
Interface (API). An outdated API code may be
susceptible to various attacks exposing the entire
metering system to malicious attacks. Additionally, a
poorly configured interface design exposes smart
metering system to injection and code execution
attacks. Furthermore, in the Home Area Network
(HAN), such attacks on a metering device could
destabilize the communication system leading to a
denial of essential services to interdependent
components or devices. In the Neighborhood Area
Network (NAN), such an attack could lead to
distributed denial of service (DDoS) attacks due to
inter-meter communication services.
While many of these systems are designed with security
in mind, security misconfiguration could occur at any
level or any part of system design exposing the entire
setup to software misconfiguration attack. More so, at
the firmware level, smart metering components usually
have internal memory used for temporary storage and
information processing. Like a conventional metering
system, power fluctuations in the grid occasionally
cause devices to lose memory leading to data loss.
Furthermore, intermittent power fluctuations in
semiconductor devices may lead to signal loss and
system malfunction. Other security challenges in the
smart metering infrastructure include component
incompatibilities, as well as device-based (physical)
attacks, such as natural disasters, illegitimate use of the
device (e.g. pilferage), and masquerading. To overcome
these challenges will require innovative research and
comprehensive system solutions which focus on the
architectural redesign, firmware and hardware
reconfiguration, network hardening and dynamic
system application design.
4.1 Smart Metering Cyber attack
From the above challenges, we present a taxonomy of
cybersecurity attack in a smart metering communication
system by analyzing system’s inherent vulnerabilities
vis-à-vis the potential threat actors. In this taxonomy,
six types of vulnerabilities are discussed. Thes are IP
Misconfiguration, Injection, DoS, Code Execution,
Memory Corruption, and XSS & CSRF. Corresponding
threat vectors include physical (device) attack,
application (software) attack, network attack, web
interface attack, and data attack (see table 1 and figure
2).
Table 1 shows our proposed vulnerability threat matrix.
In columns III and IV, threat vectors are matched with
their corresponding vulnerabilities.
Figure 2: Smart metering and corresponding threat attack
Table 1: Vulnerability-Threat Matrix
Vulnerabilities (V)
Cyber-attack
vectors (AV)
Vulnerability-Threat
Matrix
Attack
Vectors
Vulnerabilities
IP Misconfiguration
(IM)
Device Attack
(DA)
DA IP, MC, CE, D
SQL Injection (SI) Application
Attack (AA)
AA SI, D, CE
DoS (D) Network
Attack (NA)
NA SI, D, CE
Code Execution
(DE)
Web Interface
Attack (WiA)
WiA SI, D, XC, IP
XSS & CSRF (XC)
Data Integrity
Attack (DA)
DA SI, CE
Memory Corruption
(MC)
4.2 Attack Vectors
4.2.1 Device Attack
This is an attack type capable of compromising smart
metering devices. It is the first point of call to
compromise the functionality of the entire architecture
(depending on the devices involved). In HAN, this type
of attack could bring entire network down (especially
when the metering unit is the target). Similarly, in a
NAN, a device attack may affect the resistance of the
network which in the extreme case could lead to DDoS
attacks on the entire grid. Device attacks may be caused
by IP misconfiguration, memory corruption, and
wrongly executed code in the device operating system
at the middleware layer.
4.2.2 Application Service Attack
This is a type of attack that compromises system
applications (Web, Mobile, System, etc) which are run
on various components of the system. Smart metering
6. Page 5 of 7
systems run multiple applications both at the local and
the server levels. In most cases, these applications are
owned by application service providers (ASPs) which
are third party vendors. Cyber attacks on these
applications will surely compromise the metering
system. Common vulnerabilities in this type of attack
include SQL injection, code execution, and DoS.
4.2.3 Network Attack
This is an attack which aims at compromising
intercommunication among devices by either delaying
message forwarding or completely failing to deliver.
Network attacks may also destruct computational
processes within the smart metering system. In HAN,
this type of attack aims at destructing the core
functionalities of the metering system. Similarly, in a
NAN, a network attack may isolate or deny NAN
devices from accessing vital information from the
neighborhood or addressing messaging request from
neighboring devices. Causes of network availability
attacks include SQL injection, DoS and code execution
in the network infrastructure system.
4.2.4 Web Interface Attack
This type of attack presents itself as a result of account
enumeration, lack of account lockout or weak account
credentials. In this case, an attacker may use weak
account credentials (either capture plain-text credentials
or enumerate accounts) to access the web interface.
Web interface attacks may be caused by cross-site
scripting (XSS), cross-site reference forgery (CSRF), IP
misconfiguration and SQL injection. Other sources
include insecure web interface design and weak account
credentials. The attack compromises device integrity
and could lead to denial of services.
4.2.5 Data Integrity Attack
This is an attack whereby the threat agent attempts to
compromise system data by inserting, altering or
completely deleting data (either stored or in
transmission) so as to deceive smart metering to make
wrong decisions or compromise its integrity. Data
attacks may be caused by SQL injection and code
execution which may be executed by a remote attacker.
5.0 Experimental Evaluation of Cyberattacks
against Smart Metering
In this section, we demonstrate how SQL injection and
DoS attacks could be executed against a smart metering
system. These demonstrations were performed on a live
server with positive results. In each case, the results
show that cyber attack on smart metering systems was
successful.
SQL injection attack – Algorithm
Print header information
for URL in target URLs
for payload in get request payloads
response = send get request probe to server
if response.status code == 500
print payload and exist for manual attack
for paylaod in post request payloads
response = send post request probe to server
Figure 3: SQL injection attack – Flowchart
SQL injection attack – Python script
This function delivers a payload to the server using the
http ‘get’ method. To do this, the payload is added to
the url. The url sends the request to @params payload
{string}. The request parameters for example
requests.get('http://www.test.com/', params=payload)
will map to http://www.test.com/?key=value
###
def http_get(url, payload):
r = requests.get(url, params=payload)
return process_responds(r)
###
This function processes the request to determine if the
probe is positive or negative
Probing Get (assuming query is contracted: where id =
<defined_param>
('Params ', {'make': "'"})
('Url: ',
'http://metering.grid.com/metering/meter/topup_history'
7. Page 6 of 7
)
data been sanitised
data been sanitised
data been sanitised
data been sanitised
Probbing Post
data been sanitised
data been sanitised
data been sanitised
data been sanitised
Vulnerability: Weakness found (SQL injection)
Threat: data sanitised
Effect: sensitive information could be disclosed by
injection attack
Impact: Data confidentiality and integrity could be
compromised
Denial of Service Attack
DoS attack on the Application layer
Attack url:
http://metering.smartmeter.com/metering/server/dashbo
ard
Tool: loadtest
(https://www.npmjs.com/package/loadtest) requires
nodejs to be installed
Test parameter: $ loadtest
http://metering.aborsour.com/metering/server/dashboar
d -t 50 -c 10 --rps 1000.
Figure 4: Results (screenshot) of DoS attack
5.1 Discussion
The idea of running both SQLi and DoS attacks on a
smart metering system highlights their significant
impact on distributed network system, such as smart
metering (see table 1). In the case of the former, a
payload request was sent to the server to probe the
server for vulnerabilities. The server responded with an
ACKnowledgement a message header which
encourages an attack on the system. This means SQL
injection vulnerability in a smart metering system could
allow remote authenticated users to execute arbitrary
SQL commands via crafted serialized data both on the
metering information system server (MISS in figure 2).
For example, SQL injection vulnerability in the login
page in the user interface device would allow remote
attackers to execute arbitrary SQL commands via a
crafted URL.
Per the CVE
1
database, DoS vulnerability remains the
most common vulnerability type and can be exploited
by various threat vectors. In the above test, we executed
multiple (abnormal) remote requests (1000) to the
server from concurrent connections in 50 seconds. The
result (figure 4) shows the server failing or executing
arbitrary code (system crushing). For example, a buffer
overflow in the Point-to-Point Protocol over the
Ethernet (PPPoE) module in the customer gateway
when CHAP authentication is configured on the server,
could allow remote attackers to cause a denial of
service or execute arbitrary code via crafted packets
sent during authentication. For example, in CVE-2016-
8666, an IP stack in the Linux kernel (before 4.6)
allows remote attackers to cause a denial of service
(stack consumption and panic) or possibly have an
unspecified impact by triggering use of the GRO
functions (gro-receive and gro-complete) path for
packets with tunnel stacking.
6.0 Conclusion
The core objective of smart grid is to improve
efficiency and availability of power by adding more
monitoring and control capabilities [16]. This objective
is made plausible by the successful integration of a
smart metering system which core value is to automate
monitoring of consumer power consumption, efficient
energy distribution, billing, and accounting. In this
paper, an attempt has been made to evaluate the
taxonomy of the system inherent vulnerabilities which
expose smart metering to various cyber threat vectors
and make case for research effort in this emerging
technology. The discussion involved the identification
of various vulnerabilities inherent within smart
metering components matched with the potential threat
vectors capable of exploiting these vulnerabilities. We
executed two different attack scenarios (tests) as a proof
of concept. Tests results show that vulnerable smart
1
Common Vulnerability Exposure
8. Page 7 of 7
metering system could be abused by various threat
actors via crafted vectors.
Finally, it is critical to continue the discussion while at
the same time challenging device manufacturers and
components’ vendors to design, and implement
solutions for such mechanisms so as to counteract
threats from cyber adversaries of the electrical grid so
as to guarantee consumer utmost trust in a smart
metering innovation and transformation.
Reference
[1] Y. Yan, Y. Qian, H. Sharif, and D. Tipper, “A
survey on smart grid communication
infrastructures: Motivations, requirements, and
challenges,” Commun. Surv. Tutor. IEEE, vol.
15, no. 1, pp. 5–20, 2013.
[2] X. Li, X. Liang, R. Lu, X. Shen, X. Lin, and H.
Zhu, “Securing smart grid: cyber attacks,
countermeasures, and challenges,” IEEE
Commun. Mag., vol. 50, no. 8, pp. 38–45, 2012.
[3] F. M. Cleveland, “Cyber security issues for
advanced metering infrastructure (ami),” in
Power and Energy Society General Meeting-
Conversion and Delivery of Electrical Energy in
the 21st Century, 2008 IEEE, 2008, pp. 1–5.
[4] S. M. Rinaldi, “Modeling and simulating critical
infrastructures and their interdependencies,” in
System sciences, 2004. Proceedings of the 37th
annual Hawaii international conference on,
2004, p. 8–pp.
[5] S. M. Rinaldi, J. P. Peerenboom, and T. K. Kelly,
“Identifying, understanding, and analyzing
critical infrastructure interdependencies,” Control
Syst. IEEE, vol. 21, no. 6, pp. 11–25, 2001.
[6] T. Flick and J. Morehouse, Securing the smart
grid: next generation power grid security.
Elsevier, 2010.
[7] A. Giani, E. Bitar, M. Garcia, M. McQueen, P.
Khargonekar, and K. Poolla, “Smart grid data
integrity attacks: characterizations and
countermeasures π,” in Smart Grid
Communications (SmartGridComm), 2011 IEEE
International Conference on, 2011, pp. 232–237.
[8] Y. Yan, Y. Qian, H. Sharif, and D. Tipper, “A
survey on cybersecurity for smart grid
communications,” IEEE Commun. Surv. Tutor.,
vol. 14, no. 4, pp. 998–1010, 2012.
[9] D. Wei, Y. Lu, M. Jafari, P. Skare, and K. Rohde,
“An integrated security system of protecting
smart grid against cyber attacks,” in Innovative
Smart Grid Technologies (ISGT), 2010, 2010, pp.
1–7.
[10] J. Liu, Y. Xiao, S. Li, W. Liang, and C. L. Chen,
“Cyber security and privacy issues in smart
grids,” Commun. Surv. Tutor. IEEE, vol. 14, no.
4, pp. 981–997, 2012.
[11] G. N. Ericsson, “Cybersecurity and power system
communication—essential parts of a smart grid
infrastructure,” IEEE Trans. Power Deliv., vol.
25, no. 3, pp. 1501–1507, 2010.
[12] A. Hahn, A. Ashok, S. Sridhar, and M.
Govindarasu, “Cyber-physical security testbeds:
Architecture, application, and evaluation for
smart grid,” IEEE Trans. Smart Grid, vol. 4, no.
2, pp. 847–855, 2013.
[13] Z. Lu, X. Lu, W. Wang, and C. Wang, “Review
and evaluation of security threats on the
communication networks in the smart grid,” in
Military Communications Conference, 2010-
MILCOM 2010, 2010, pp. 1830–1835.
[14] A. R. Metke and R. L. Ekl, “Security technology
for smart grid networks,” IEEE Trans. Smart
Grid, vol. 1, no. 1, pp. 99–107, 2010.
[15] E. Bou-Harb, C. Fachkha, M. Pourzandi, M.
Debbabi, and C. Assi, “Communication security
for smart grid distribution networks,” IEEE
Commun. Mag., vol. 51, no. 1, pp. 42–49, 2013.
[16] S. Clements and H. Kirkham, “Cybersecurity
considerations for the smart grid,” in IEEE PES
General Meeting, 2010, pp. 1–5.
View publication stats