10,918 research outputs found
Assessing and augmenting SCADA cyber security: a survey of techniques
SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability
Multi-Layer Cyber-Physical Security and Resilience for Smart Grid
The smart grid is a large-scale complex system that integrates communication
technologies with the physical layer operation of the energy systems. Security
and resilience mechanisms by design are important to provide guarantee
operations for the system. This chapter provides a layered perspective of the
smart grid security and discusses game and decision theory as a tool to model
the interactions among system components and the interaction between attackers
and the system. We discuss game-theoretic applications and challenges in the
design of cross-layer robust and resilient controller, secure network routing
protocol at the data communication and networking layers, and the challenges of
the information security at the management layer of the grid. The chapter will
discuss the future directions of using game-theoretic tools in addressing
multi-layer security issues in the smart grid.Comment: 16 page
Multipath Routing of Fragmented Data Transfer in a Smart Grid Environment
The purpose of this paper is to do a general survey on the existing
communication modes inside a smart grid, the existing security loopholes and
their countermeasures. Then we suggest a detailed countermeasure, building upon
the Jigsaw based secure data transfer [8] for enhanced security of the data
flow inside the communication system of a smart grid. The paper has been
written without the consideration of any factor of inoperability between the
various security techniques inside a smart gridComment: 5 pages, 2 figure
The Impact of Stealthy Attacks on Smart Grid Performance: Tradeoffs and Implications
The smart grid is envisioned to significantly enhance the efficiency of
energy consumption, by utilizing two-way communication channels between
consumers and operators. For example, operators can opportunistically leverage
the delay tolerance of energy demands in order to balance the energy load over
time, and hence, reduce the total operational cost. This opportunity, however,
comes with security threats, as the grid becomes more vulnerable to
cyber-attacks. In this paper, we study the impact of such malicious
cyber-attacks on the energy efficiency of the grid in a simplified setup. More
precisely, we consider a simple model where the energy demands of the smart
grid consumers are intercepted and altered by an active attacker before they
arrive at the operator, who is equipped with limited intrusion detection
capabilities. We formulate the resulting optimization problems faced by the
operator and the attacker and propose several scheduling and attack strategies
for both parties. Interestingly, our results show that, as opposed to
facilitating cost reduction in the smart grid, increasing the delay tolerance
of the energy demands potentially allows the attacker to force increased costs
on the system. This highlights the need for carefully constructed and robust
intrusion detection mechanisms at the operator.Comment: Technical report - this work was accepted to IEEE Transactions on
Control of Network Systems, 2016. arXiv admin note: substantial text overlap
with arXiv:1209.176
- …