Statistical Methods for Detection and Mitigation of the Effect of Different Types of Cyber-Attacks and Inconsistencies in Electrical Design Parameters in a Real World Distribution System

In the present grid real time control systems are the energy management systems and distribution management systems that utilize measurements from real-time units (RTUs) and Supervisory Control and Data Acquisition (SCADA). The SCADA systems are designed to operate on isolated, private networks without even basic security features which are now being migrated to modern IP-based communications providing near real time information from measuring and controlling units. To function brain (SCADA) properly heart (RTUs) should provide necessary response thereby creating a coupling which makes SCADA systems as targets for cyber-attacks to cripple either part of the electric transmission grid or fully shut down (create blackout) the grid. Cyber-security research for a distribution grid is a topic yet to be addressed. To date firewalls and classic signature-based intrusion detection systems have provided access control and awareness of suspicious network traffic but typically have not offered any real-time detection and defense solutions for electric distribution grids.;This thesis work not only addresses the cyber security modeling, detection and prevention but also addresses model inconsistencies for effectively utilizing and controlling distribution management systems. Inconsistencies in the electrical design parameters of the distribution network or cyber-attack conditions may result in failing of the automated operations or distribution state estimation process which might lead the system to a catastrophic condition or give erroneous solutions for the probable problems. This research work also develops a robust and reliable voltage controller based on Multiple Linear Regression (MLR) to maintain the voltage profile in a smart distribution system under cyber-attacks and model inconsistencies. The developed cyber-attack detection and mitigation algorithms have been tested on IEEE 13 node and 600+ node real American electric distribution systems modeled in Electric Power Research Institute\u27s (EPRI) OpenDSS software

Strategies Security Managers Used to Prevent Security Breaches in SCADA Systems\u27 Networks

Supervisory Control and Data Acquisition (SCADA) systems monitor and control physical processes in critical infrastructure. The impact of successful attacks on the SCADA systems includes the system\u27s downtime and delay in production, which may have a debilitating effect on the national economy and create critical human safety hazards. Grounded in the general systems theory, the purpose of this qualitative multiple case study was to explore strategies SCADA security managers in the Southwest region of the United States use to secure SCADA systems\u27 networks. The participants comprised six SCADA security managers from three oil and gas organizations in the midstream sector located within this region. Data were collected using semistructured interviews and a review of organizational documents. Four themes emerged from the thematic analysis: (a) the importance of security awareness and workforce security training, (b) the use of technical control mechanisms, (c) the establishment of standard security policies, and (d) the use of access and identity management techniques. A key recommendation is for IT managers to adopt security awareness and workforce security training to strengthen the security chain\u27s most vulnerable link. The implications for positive social change include the potential to prevent consequences such as loss of lives, damage to the environment, and the economy resulting from malicious activities

Integration Framework of MES Toward Data Security Interoperation

© 2020, Springer Nature Switzerland AG. The core problem of the application of MES (Manufacturing Execution System) in intelligent manufacturing systems is integration, which solves the problem of the data interoperation between the distributed manufacturing systems. The previous researches on MES integration rarely considered the problem of system data security access. A three-level data security access mechanism based on the independence of the system administrators, security administrators, and security auditors is proposed which integrated into the MES integration framework to guarantee the business and engineering data security access for the related distributed clients. The principle is using the domain to make the logical isolation for different clients and data sources and applying the pre-defined data sharing rules for safe access. In the proposed MES integration framework model, the data interoperation between MES and the engineering software systems is discussed which includes ERP (Enterprise Resource Management), CAPP (Computer Aided Process Planning), DNC (Distribution Numerical Control), WMS (Warehouse Management System), and SCADA (Supervisory Control and Data Acquisition), etc., the implementation method of personalized data display GUI is discussed as well. The study is based on the KMMES developed by Wuhan KM-Software of China, and it has been deployed in over forty companies from the sections of aerospace, automotive, shipbuilding and other industries

Securing the Participation of Safety-Critical SCADA Systems in the Industrial Internet of Things

In the past, industrial control systems were ‘air gapped’ and isolated from more conventional networks. They used specialist protocols, such as Modbus, that are very different from TCP/IP. Individual devices used proprietary operating systems rather than the more familiar Linux or Windows. However, things are changing. There is a move for greater connectivity – for instance so that higher-level enterprise management systems can exchange information that helps optimise production processes. At the same time, industrial systems have been influenced by concepts from the Internet of Things; where the information derived from sensors and actuators in domestic and industrial components can be addressed through network interfaces. This paper identifies a range of cyber security and safety concerns that arise from these developments. The closing sections introduce potential solutions and identify areas for future research

Towards a Layered Architectural View for Security Analysis in SCADA Systems

Supervisory Control and Data Acquisition (SCADA) systems support and control the operation of many critical infrastructures that our society depend on, such as power grids. Since SCADA systems become a target for cyber attacks and the potential impact of a successful attack could lead to disastrous consequences in the physical world, ensuring the security of these systems is of vital importance. A fundamental prerequisite to securing a SCADA system is a clear understanding and a consistent view of its architecture. However, because of the complexity and scale of SCADA systems, this is challenging to acquire. In this paper, we propose a layered architectural view for SCADA systems, which aims at building a common ground among stakeholders and supporting the implementation of security analysis. In order to manage the complexity and scale, we define four interrelated architectural layers, and uses the concept of viewpoints to focus on a subset of the system. We indicate the applicability of our approach in the context of SCADA system security analysis.Comment: 7 pages, 4 figure

Smart grid architecture for rural distribution networks: application to a Spanish pilot network

This paper presents a novel architecture for rural distribution grids. This architecture is designed to modernize traditional rural networks into new Smart Grid ones. The architecture tackles innovation actions on both the power plane and the management plane of the system. In the power plane, the architecture focuses on exploiting the synergies between telecommunications and innovative technologies based on power electronics managing low scale electrical storage. In the management plane, a decentralized management system is proposed based on the addition of two new agents assisting the typical Supervisory Control And Data Acquisition (SCADA) system of distribution system operators. Altogether, the proposed architecture enables operators to use more effectively—in an automated and decentralized way—weak rural distribution systems, increasing the capability to integrate new distributed energy resources. This architecture is being implemented in a real Pilot Network located in Spain, in the frame of the European Smart Rural Grid project. The paper also includes a study case showing one of the potentialities of one of the principal technologies developed in the project and underpinning the realization of the new architecture: the so-called Intelligent Distribution Power Router.Postprint (published version

Incident Analysis & Digital Forensics in SCADA and Industrial Control Systems

SCADA and industrial control systems have been traditionally isolated in physically protected environments. However, developments such as standardisation of data exchange protocols and increased use of IP, emerging wireless sensor networks and machine-to-machine communication mean that in the near future related threat vectors will require consideration too outside the scope of traditional SCADA security and incident response. In the light of the significance of SCADA for the resilience of critical infrastructures and the related targeted incidents against them (e.g. the development of stuxnet), cyber security and digital forensics emerge as priority areas. In this paper we focus on the latter, exploring the current capability of SCADA operators to analyse security incidents and develop situational awareness based on a robust digital evidence perspective. We look at the logging capabilities of a typical SCADA architecture and the analytical techniques and investigative tools that may help develop forensic readiness to the level of the current threat environment requirements. We also provide recommendations for data capture and retention

Assessing and augmenting SCADA cyber security: a survey of techniques

SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability