262 research outputs found
Moving target defense for securing smart grid communications: Architectural design, implementation and evaluation
Supervisory Control And Data Acquisition (SCADA) communications are often subjected to various kinds of sophisticated cyber-attacks which can have a serious impact on the Critical Infrastructure such as the power grid. Most of the time, the success of the attack is based on the static characteristics of the system, thereby enabling an easier profiling of the target system(s) by the adversary and consequently exploiting their limited resources. In this thesis, a novel approach to mitigate such static vulnerabilities is proposed by implementing a Moving Target Defense (MTD) strategy in a power grid SCADA environment, which leverages the existing communication network with an end-to-end IP Hopping technique among the trusted peer devices. This offers a proactive L3 layer network defense, minimizing IP-specific threats and thwarting worm propagation, APTs, etc., which utilize the cyber kill chain for attacking the system through the SCADA network. The main contribution of this thesis is to show how MTD concepts provide proactive defense against targeted cyber-attacks, and a dynamic attack surface to adversaries without compromising the availability of a SCADA system.
Specifically, the thesis presents a brief overview of the different type of MTD designs, the proposed MTD architecture and its implementation with IP hopping technique over a Control Center–Substation network link along with a 3-way handshake protocol for synchronization on the Iowa State’s Power Cyber testbed. The thesis further investigates the delay and throughput characteristics of the entire system with and without the MTD to choose the best hopping rate for the given link. It also includes additional contributions for making the testbed scenarios more realistic to real world scenarios with multi-hop, multi-path WAN. Using that and studying a specific attack model, the thesis analyses the best ranges of IP address for different hopping rate and different number of interfaces. Finally, the thesis describes two case studies to explore and identify potential weaknesses of the proposed mechanism, and also experimentally validate the proposed mitigation alterations to resolve the discovered vulnerabilities. As part of future work, we plan to extend this work by optimizing the MTD algorithm to be more resilient by incorporating other techniques like network port mutation to further increase the attack complexity and cost
A survey on cyber security for smart grid communications
A smart grid is a new form of electricity network with high fidelity power-flow control, self-healing, and energy reliability and energy security using digital communications and control technology. To upgrade an existing power grid into a smart grid, it requires significant dependence on intelligent and secure communication infrastructures. It requires security frameworks for distributed communications, pervasive computing and sensing technologies in smart grid. However, as many of the communication technologies currently recommended to use by a smart grid is vulnerable in cyber security, it could lead to unreliable system operations, causing unnecessary expenditure, even consequential disaster to both utilities and consumers. In this paper, we summarize the cyber security requirements and the possible vulnerabilities in smart grid communications and survey the current solutions on cyber security for smart grid communications. © 2012 IEEE
Power system fault analysis based on intelligent techniques and intelligent electronic device data
This dissertation has focused on automated power system fault analysis. New
contributions to fault section estimation, protection system performance evaluation
and power system/protection system interactive simulation have been achieved. Intelligent techniques including expert systems, fuzzy logic and Petri-nets, as well as
data from remote terminal units (RTUs) of supervisory control and data acquisition
(SCADA) systems, and digital protective relays have been explored and utilized to
fufill the objectives.
The task of fault section estimation is difficult when multiple faults, failures
of protection devices, and false data are involved. A Fuzzy Reasoning Petri-nets
approach has been proposed to tackle the complexities. In this approach, the fuzzy
reasoning starting from protection system status data and ending with estimation of
faulted power system section is formulated by Petri-nets. The reasoning process is
implemented by matrix operations. Data from RTUs of SCADA systems and digital
protective relays are used as inputs. Experiential tests have shown that the proposed
approach is able to perform accurate fault section estimation under complex scenarios.
The evaluation of protection system performance involves issues of data acquisition, prediction of expected operations, identification of unexpected operations and
diagnosis of the reasons for unexpected operations. An automated protection system performance evaluation application has been developed to accomplish all the tasks. The application automatically retrieves relay files, processes relay file data,
and performs rule-based analysis. Forward chaining reasoning is used for prediction
of expected protection operation while backward chaining reasoning is used for diagnosis of unexpected protection operations. Lab tests have shown that the developed
application has successfully performed relay performance analysis.
The challenge of power system/protection system interactive simulation lies in
modeling of sophisticated protection systems and interfacing the protection system
model and power system network model seamlessly. An approach which utilizes the
"compiled foreign model" mechanism of ATP MODELS language is proposed to model
multifunctional digital protective relays in C++ language and seamlessly interface
them to the power system network model. The developed simulation environment
has been successfully used for the studies of fault section estimation and protection
system performance evaluation
Development of communication protocolbased on low voltage distribution automation system
This paper presents the development of a customer
side distribution automation system (DAS) for operating and
controlling low voltage (LV) down stream of 415/240V by using the Tenaga Nasional Berhad (TNB) distribution system.
Supervisory Control and Data Acquisition (SCADA) based
remote Terminal Unit (RTU) along power line communication
PLC) system are used for DAS development that practically
imulates the down stream distribution system functions in an
automated manner. It is the first DAS research work done on
customer side substation for operating and controlling between the consumer side system and the substation. Most of the work is focused on building Human Machine Interface that provides a graphical operator interface function to monitor the system. The Human Machine Interface of SCADA system is developed using customized software and an RTU microprocessor and its software implements
Evaluation of Traditional Security Solutions in the SCADA Environment
Supervisory Control and Data Acquisition (SCADA) systems control and monitor the electric power grid, water treatment facilities, oil and gas pipelines, railways, and other Critical Infrastructure (CI). In recent years, organizations that own and operate these systems have increasingly interconnected them with their enterprise network to take advantage of cost savings and operational benefits. This trend, however, has introduced myriad vulnerabilities associated with the networking environment. As a result, the once isolated systems are now susceptible to a wide range of threats that previously did not exist. To help address the associated risks, security professionals seek to incorporate mitigation solutions designed for traditional networking and Information Technology (IT) systems. Unfortunately, the operating parameters and security principles associated with traditional IT systems do not readily translate to the SCADA environment. Security solutions for IT systems focus primarily on protecting the confidentiality of system and user data. Alternatively, SCADA systems must adhere to strict safety and reliability requirements and rely extensively on system availability. Mitigation strategies designed for traditional IT systems must first be evaluated prior to deployment on a SCADA system or risk adverse operational impacts such as a catastrophic oil spill, poisoning a water supply, or the shutdown of an electrical grid. This research evaluates the suitability of deploying a Host-Based Intrusion Detection System (IDS) to the Department of Defense SCADA fuels system. The impacts of the Host Intrusion Prevention System (HIPS) installed on the SCADA network\u27s Human Machine Interface (HMI) is evaluated. Testing revealed that the HIPS agent interferes with the HMI\u27s system services during startup. Once corrected, the HMI and connected SCADA network inherit the protections of the HIPS security agent and defenses associated with the Host-Based Security System
Advanced security aspects on Industrial Control Network.
Security threats are one of the main problems of this computer-based era. All systems making use of information and communication technologies (ICT) are prone to failures and vulnerabilities that can be exploited by malicious software and agents. In the latest years, Industrial Critical Installations started to use massively network interconnections as well, and what it is worst they came in contact with the public network, i.e. with Internet.
Industrial networks are responsible for process and manufacturing operations of almost every scale, and as a result the successful penetration of a control system network can be used to directly impact those processes. Consequences could potentially range from relatively benign disruptions, such as the disruption of the operation (taking a facility offline), the alteration of an operational process (changing the formula of a chemical process), all the way to deliberate acts of sabotage that are intended to cause harm.
The interconnectivity of Industrial Control Systems with corporate networks and the Internet has significantly increased the threats to critical infrastructure assets. Meanwhile, traditional IT security solutions such as firewalls, intrusion detection systems and antivirus software are relatively ineffective against attacks that specifically target vulnerabilities in SCADA protocols.
This presents presents an innovative approach to Intrusion Detection in SCADA systems based on the concept of Critical State Analysis and State Proximity. The theoretical framework is supported by tests conducted with an Intrusion Detection System prototype implementing the proposed detection approach
Advanced security aspects on Industrial Control Network.
Security threats are one of the main problems of this computer-based era. All systems making use of information and communication technologies (ICT) are prone to failures and vulnerabilities that can be exploited by malicious software and agents. In the latest years, Industrial Critical Installations started to use massively network interconnections as well, and what it is worst they came in contact with the public network, i.e. with Internet.
Industrial networks are responsible for process and manufacturing operations of almost every scale, and as a result the successful penetration of a control system network can be used to directly impact those processes. Consequences could potentially range from relatively benign disruptions, such as the disruption of the operation (taking a facility offline), the alteration of an operational process (changing the formula of a chemical process), all the way to deliberate acts of sabotage that are intended to cause harm.
The interconnectivity of Industrial Control Systems with corporate networks and the Internet has significantly increased the threats to critical infrastructure assets. Meanwhile, traditional IT security solutions such as firewalls, intrusion detection systems and antivirus software are relatively ineffective against attacks that specifically target vulnerabilities in SCADA protocols.
This presents presents an innovative approach to Intrusion Detection in SCADA systems based on the concept of Critical State Analysis and State Proximity. The theoretical framework is supported by tests conducted with an Intrusion Detection System prototype implementing the proposed detection approach
MiniCPS: A toolkit for security research on CPS Networks
In recent years, tremendous effort has been spent to modernizing
communication infrastructure in Cyber-Physical Systems (CPS) such as Industrial
Control Systems (ICS) and related Supervisory Control and Data Acquisition
(SCADA) systems. While a great amount of research has been conducted on network
security of office and home networks, recently the security of CPS and related
systems has gained a lot of attention. Unfortunately, real-world CPS are often
not open to security researchers, and as a result very few reference systems
and topologies are available. In this work, we present MiniCPS, a CPS
simulation toolbox intended to alleviate this problem. The goal of MiniCPS is
to create an extensible, reproducible research environment targeted to
communications and physical-layer interactions in CPS. MiniCPS builds on
Mininet to provide lightweight real-time network emulation, and extends Mininet
with tools to simulate typical CPS components such as programmable logic
controllers, which use industrial protocols (Ethernet/IP, Modbus/TCP). In
addition, MiniCPS defines a simple API to enable physical-layer interaction
simulation. In this work, we demonstrate applications of MiniCPS in two example
scenarios, and show how MiniCPS can be used to develop attacks and defenses
that are directly applicable to real systems.Comment: 8 pages, 6 figures, 1 code listin
Micro Smart Micro-grid and Its Cyber Security Aspects in a Port Infrastructure
Maritime ports are intensive energy areas with a plenty of electrical systems that require an average power of
many tens of megawatts (MW). Competitiveness, profits, reduction of pollution, reliability of operations, carbon emission
trading are important energy related considerations for any port authority. Current technology allows the deployment of a local
micro-grid of the size of tenths of MW, capable of islanded operation in case of emergency and to grant an increasing energy
independency. Ownership of the grid permits a large flexibility on prices of energy sold inside the port, trading on local electric
market and reduction of pollution. Renewable energy generation has a large impact on costs since features a low marginal cost.
Unfortunately the smart grid is a critical asset within the port infrastructure and its intelligence is a high-level target for cyberattacks.
Such attacks are often based on malicious software (malware), which makes use of a controlling entity on the network
to coordinate and propagate. In this document, we will outline some features of a port smart grid and typical characteristics of
cyber-attacks including potential ways to recognize it and suggestion for effective countermeasures
Analysis of a SCADA System Anomaly Detection Model Based on Information Entropy
SCADA (supervisory control and data acquisition) systems monitor and control many different types of critical infrastructure such as power, water, transportation, and pipelines. These once isolated systems are increasingly being connected to the internet to improve operations, which creates vulnerabilities to attacks. A SCADA operator receives automated alarms concerning system components operating out of normal thresholds. These alarms are susceptible to manipulation by an attacker. This research uses information theory to build an anomaly detection model that quantifies the uncertainty of the system based on alarm message frequency. Several attack scenarios are statistically analyzed for their significance including someone injecting false alarms or hiding alarms. This research evaluates the use of information theory for anomaly detection and the impact of different attack scenarios
- …