Cyber Security in Smart Grids
BY
ADITYA KANDULA
DEVASIA THOMAS
Quick Recap

Advanced Metering Infrastructure (AMI)

ANSI C12.22

Security Levels(L0 to L5)

Tables in Meter Board
Cont’d..

Zigbee

Zigbee Security

Key Management

Key Establishment Schemes
The New Stuff!
Cyber Security Requirements

Availability

Integrity

Confidentiality
Cyber Security Requirements
Network Security threats in the
Smart Grid
Network security threats: Attack
Classification

Attacks targeting availability, also called denial-of-service(DoS) attacks,
attempt to delay, block or corrupt the communication in the Smart Grid.

Attacks targeting integrity aim at deliberately and illegally modifying or
disrupting data exchange in the Smart Grid.

Attacks targeting confidentiality intend to acquire unauthorized
information from network resources in the Smart Grid.
Network Security threats: D-o-S
Network Security threats: Attacks on
Integrity and Availability

Different from DoS, these attacks occur at the application layer.

Usually done with false data injection attacks.

Load redistribution attacks are another attack on Integrity

Wiretapping and traffic analyzers are attacks on confidentiality
Smart Grid Use Cases with Critical
Security Requirements
Smart Grid Use Cases with Critical
Security Requirements

Distribution and transmission operation in which communication is timecritical for monitoring, control, and protection

AMI and home-area networks in which communication is primarily for
interactions between customers and utilities
Distribution and transmission operation

Mission critical components

Hence Availability is a must
Distribution and transmission operation
Case 1

Potential Attacks:

DOS

Integrity targeting attacks
Distribution and transmission operation
Case 2

Potential Attacks:

DOS

Integrity targeting attacks
Distribution and transmission operation
Case 3

Potential Attacks:

DOS

Integrity targeting attacks
AMI and home area networks
Cases 4 & 5

Potential Attacks:

DOS

Integrity targeting attacks

Eavesdroppers and Traffic Analyzers
Summary: Smart Grid Threats

The distribution and transmission system in general features more timecritical yet less confidential communications.
Risk assessment of large-scale DoS
attacks

Probabilistic risk assessment

Graph based assessment

Security metric based
Network
countermeasures for the
Smart Grid
Attack detection for power networks

Signal based detection

Packet based detection

Proactive detection

Hybrid detection
Attack detection for power networks
Applications of Attack Mitigation
Mechanisms to Power Networks

Network-layer mitigation

Physical-layer mitigation
Network Layer Mitigation

Rate Limiting

Filtering

Reconfiguration
Physical Layer Mitigation


Coordinated Protocols

Frequency Hopping Spread Spectrum (FHSS)

Direct Sequence Spread Spectrum (DSSS)

Chirp Spread Spectrum (CSS)
Uncoordinated protocols

UFHSS

UDSSS
Network
countermeasures for the
Smart Grid
Encryption

Asymmetric Key Cryptography

Symmetric Key Cryptography
D. R.L. Brown, M. J. Campagna, S. A. Vanstone, “Security of ECQV-Certified
ECDSA Against Passive Adversaries”, Cryptology ePrint Archive: Report
2009/620.
Authentication

High Efficiency

Tolerance to faults and attacks

Multicast Support
Key Management

Refer to previous presentation
Design of secure network
protocols and
architectures
Protocols and standards for secure
power system communication

Secure DNP3

IEC 61850 and IEC 62351
Secure data aggregation protocols

More efficient than end to end protocols

But requires more computing resources

Homomorphic encryption used
Secure network architecture

Trust computing based architecture

Role-based network architecture
Discussions and remaining challenges
Conclusion
THANKYOU
Reference


Cyber security in the Smart Grid: Survey and challenges

Wenye Wang

Zhuo Lu

Department of Electrical and Computer Engineering, North Carolina State
University, Raleigh, NC 27606, USA
Elsevier Computer Networks 57 (2013) 1344–1371