Smart Grid Metering Networks: A Survey on Security, Privacy and Open Research Issues

Smart grid (SG) networks are newly upgraded networks of connected objects that greatly improve reliability, efficiency and sustainability of the traditional energy infrastructure. In this respect, the smart metering infrastructure (SMI) plays an important role in controlling, monitoring and managing multiple domains in the SG. Despite the salient features of SMI, security and privacy issues have been under debate because of the large number of heterogeneous devices that are anticipated to be coordinated through public communication networks. This survey paper shows a brief overview of real cyber attack incidents in traditional energy networks and those targeting the smart metering network. Specifically, we present a threat taxonomy considering: (i) threats in system-level security, (ii) threats and/or theft of services, and (iii) threats to privacy. Based on the presented threats, we derive a set of security and privacy requirements for SG metering networks. Furthermore, we discuss various schemes that have been proposed to address these threats, considering the pros and cons of each. Finally, we investigate the open research issues to shed new light on future research directions in smart grid metering networks

Secure Data Management and Transmission Infrastructure for the Future Smart Grid

Power grid has played a crucial role since its inception in the Industrial Age. It has evolved from a wide network supplying energy for incorporated multiple areas to the largest cyber-physical system. Its security and reliability are crucial to any country’s economy and stability [1]. With the emergence of the new technologies and the growing pressure of the global warming, the aging power grid can no longer meet the requirements of the modern industry, which leads to the proposal of ‘smart grid’. In smart grid, both electricity and control information communicate in a massively distributed power network. It is essential for smart grid to deliver real-time data by communication network. By using smart meter, AMI can measure energy consumption, monitor loads, collect data and forward information to collectors. Smart grid is an intelligent network consists of many technologies in not only power but also information, telecommunications and control. The most famous structure of smart grid is the three-layer structure. It divides smart grid into three different layers, each layer has its own duty. All these three layers work together, providing us a smart grid that monitor and optimize the operations of all functional units from power generation to all the end-customers [2]. To enhance the security level of future smart grid, deploying a high secure level data transmission scheme on critical nodes is an effective and practical approach. A critical node is a communication node in a cyber-physical network which can be developed to meet certain requirements. It also has firewalls and capability of intrusion detection, so it is useful for a time-critical network system, in other words, it is suitable for future smart grid. The deployment of such a scheme can be tricky regarding to different network topologies. A simple and general way is to install it on every node in the network, that is to say all nodes in this network are critical nodes, but this way takes time, energy and money. Obviously, it is not the best way to do so. Thus, we propose a multi-objective evolutionary algorithm for the searching of critical nodes. A new scheme should be proposed for smart grid. Also, an optimal planning in power grid for embedding large system can effectively ensure every power station and substation to operate safely and detect anomalies in time. Using such a new method is a reliable method to meet increasing security challenges. The evolutionary frame helps in getting optimum without calculating the gradient of the objective function. In the meanwhile, a means of decomposition is useful for exploring solutions evenly in decision space. Furthermore, constraints handling technologies can place critical nodes on optimal locations so as to enhance system security even with several constraints of limited resources and/or hardware. The high-quality experimental results have validated the efficiency and applicability of the proposed approach. It has good reason to believe that the new algorithm has a promising space over the real-world multi-objective optimization problems extracted from power grid security domain. In this thesis, a cloud-based information infrastructure is proposed to deal with the big data storage and computation problems for the future smart grid, some challenges and limitations are addressed, and a new secure data management and transmission strategy regarding increasing security challenges of future smart grid are given as well

Performance Optimization of Network Protocols for IEEE 802.11s-based Smart Grid Communications

The transformation of the legacy electric grid to Smart Grid (SG) poses numerous challenges in the design and development of an efficient SG communications network. While there has been an increasing interest in identifying the SG communications network and possible SG applications, specific research challenges at the network protocol have not been elaborated yet. This dissertation revisited each layer of a TCP/IP protocol stack which basically was designed for a wired network and optimized their performance in IEEE 802.11s-based Advanced Metering Infrastructure (AMI) communications network against the following challenges: security and privacy, AMI data explosion, periodic simultaneous data reporting scheduling, poor Transport Control Protocol (TCP) performance, Address Resolution Protocol (ARP) broadcast, and network interoperability. To address these challenges, layered and/or cross-layered protocol improvements were proposed for each layer of TCP/IP protocol stack. At the application layer, a tree-based periodic time schedule and a time division multiple access-based scheduling were proposed to reduce high contention when smart meters simultaneously send their reading. Homomorphic encryption performance was investigated to handle AMI data explosion while providing security and privacy. At the transport layer, a tree-based fixed Retransmission Timeout (RTO) setting and a path-error aware RTO that exploits rich information of IEEE 802.11s data-link layer path selection were proposed to address higher delay due to TCP mechanisms. At the network layer, ARP requests create broadcast storm problems in IEEE 802.11s due to the use of MAC addresses for routing. A secure piggybacking-based ARP was proposed to eliminate this issue. The tunneling mechanisms in the LTE network cause a downlink traffic problem to IEEE 802.11s. For the network interoperability, at the network layer of EPC network, a novel UE access list was proposed to address this issue. At the data-link layer, to handle QoS mismatch between IEEE 802.11s and LTE network, Dual Queues approach was proposed for the Enhanced Distributed Channel Access. The effectiveness of all proposed approaches was validated through extensive simulation experiments using a network simulator. The simulation results showed that the proposed approaches outperformed the traditional TCP/IP protocols in terms of end to end delay, packet delivery ratio, throughput, and collection time

A Framework for the Performance Analysis and Simulation of RF-Mesh Advanced Metering Infrastructures for Smart Grid Applications

RÉSUMÉ L’Infrastructure de Mesurage Avancée (IMA), conçue à l’origine pour lire à distance des compteurs intelligents, est actuellement considérée comme une composante essentielle dans le domaine des Smart Grid. Le but principal des IMAs est de connecter le grand nombre de compteurs intelligents installés chez les clients au le centre de contrôle de données de l’entreprise d’électricité et viceversa. Cette communication bidirectionnelle est une caractéristique recherchée par un grand nombre d’applications, qui visent à utiliser ces infrastructures comme support à la transmission de leurs données dans le réseau électrique, comme par exemple la gestion de la charge et la demande-réponse. Un grand nombre de technologies et de protocoles de communication sont actuellement utilisés dans les IMAs : parmi les solutions disponibles, le RF-Mesh est une des plus populaires, surtout grâce au bas coût pour l’installation et les équipements. Toutefois, le débit nominal des communications RF-Mesh est très bas, de l’ordre des dizaines de kbps, et la littérature qui traite leur performance est très limitée. Ceci pourrait en limiter l’utilisation pour des applications autres que la lecture à distance des compteurs intelligents. Ce travail de thèse vise à développer un système de modèles et outils pour évaluer la performance des réseaux RF-Mesh et encourager leur utilisation pour un grand nombre d’applications dans le domaine des Smart Grid. Le système d’évaluation de performance proposé est constitué (i) de modèles analytiques, pour calculer la probabilité de collision entre les paquets transmis, (ii) d’un simulateur de réseau, pour recréer le fonctionnement des réseaux RF-Mesh dans un environnement virtuel, (iii) d’un générateur de topologie, pour créer des cas réalistes en se basant sur des données géographiques et (iv) des méthodes pour l’analyse de la performance. Trois différents modèles analytiques ont été implémentés. Dans les deux premiers, une nouvelle formule analytique a été utilisée pour calculer la probabilité de collision entre paquets. La probabilité de collision est ensuite utilisée pour estimer le délai moyen de/vers chaque compteur intelligent dans l’IMA analysée. Par la suite, des indices de performance, basés sur le délai moyen, sont utilisés pour faire des analyses de performance : études de faisabilité pour les applications de Smart Grid, l’identification de noeuds critiques et d’éventuels goulots d’étranglement. Dans le troisième modèle analytique, la théorie de Markov-Modulated System est utilisée pour prendre en considération d’importants détails d’implémentation, comme la probabilité de retransmission et la taille des mémoires tampons des noeuds, qui n’avaient pas été inclus dans la modélisations précédente.----------ABSTRACT Advanced Metering Infrastructure (AMI), originally conceived to replace the old Automated Meter Reading (AMR) infrastructures, have now become a key element in the Smart Grid context and might be used for applications other than remote meter reading. The main driver to their widespread installation is that they provide power utilities with a bidirectional connectivity with the smart meters. A wide variety of communication networks are currently proposed to support the implementation of AMIs, and, among them, the RF-Mesh technology seems to be very popular. The main reasons for its adoption are the proprietary infrastructure and the modest cost for the installation and the equipment. However, RF-Mesh systems are characterized by poor achievable data-rates in the order of 10 kbps, and their performance is not well studied in the literature. The lack of tools and methods for the performance evaluation might be a roadblock to their widespread adoption. This thesis aims at filling this gap and increase the knowledge of large-scale RF-Mesh systems to foster their use for a wide variety of applications. We propose a comprehensive framework for the performance evaluation of large-scale AMIs adopting the RF-Mesh technology. The framework includes (i) a geo-based topology generator that uses geographic data to produce realistic AMI cases, (ii) analytic models for the computation of packet collision probability and delay, (iii) a network simulator to recreate the behavior of large-scale RF-Mesh systems, and (iv) methods to evaluate the performance. Three different analytic models are included in the framework. The first two provide a novel analytic formulation of the packet collision probability in a mesh network with timeslotted ALOHA and the Frequency Hopping Spread Spectrum (FHSS) protocol : the collision probability is then used to estimate the average delay in the network, and to define and evaluate performance indexes (e.g., critical nodes and survival function). In the third model, a complex Markov-Modulated System (MMS) is used to take into consideration important implementation details, such as the retransmission probability and the buffer size, that were not considered in the two previous models. This model also provides a more accurate computation of the packet collision probability. A Poisson distribution is used to represent the traffic coming from potential Smart Grid applications. The framework also includes an RFMesh network simulator, written in Java and Python. The tool provides additional enhanced features with respect to the analytic models, such as a dynamic routing protocol or different traffic distributions

Energy Data Analytics for Smart Meter Data

The principal advantage of smart electricity meters is their ability to transfer digitized electricity consumption data to remote processing systems. The data collected by these devices make the realization of many novel use cases possible, providing benefits to electricity providers and customers alike. This book includes 14 research articles that explore and exploit the information content of smart meter data, and provides insights into the realization of new digital solutions and services that support the transition towards a sustainable energy system. This volume has been edited by Andreas Reinhardt, head of the Energy Informatics research group at Technische Universität Clausthal, Germany, and Lucas Pereira, research fellow at Técnico Lisboa, Portugal

Cyber-Security Solutions for Ensuring Smart Grid Distribution Automation Functions

The future generation of the electrical network is known as the smart grid. The distribution domain of the smart grid intelligently supplies electricity to the end-users with the aid of the decentralized Distribution Automation (DA) in which intelligent control functions are distributed and accomplished via real-time communication between the DA components. Internet-based communication via the open protocols is the latest trend for decentralized DA communication. Internet communication has many benefits, but it exposes the critical infrastructure’s data to cyber-security threats. Security attacks may not only make DA services unreachable but may also result in undesirable physical consequences and serious damage to the distribution network environment. Therefore, it is compulsory to protect DA communication against such attacks. There is no single model for securing DA communication. In fact, the security level depends on several factors such as application requirements, communication media, and, of course, the cost.There are several smart grid security frameworks and standards, which are under development by different organizations. However, smart grid cyber-security field has not yet reached full maturity and, it is still in the early phase of its progress. Security protocols in IT and computer networks can be utilized to secure DA communication because industrial ICT standards have been designed in accordance with Open Systems Interconnection model. Furthermore, state-of-the-art DA concepts such as Active distribution network tend to integrate processing data into IT systems.This dissertation addresses cyber-security issues in the following DA functions: substation automation, feeder automation, Logic Selectivity, customer automation and Smart Metering. Real-time simulation of the distribution network along with actual automation and data networking devices are used to create hardware-in-the-loop simulation, and experiment the mentioned DA functions with the Internet communication. This communication is secured by proposing the following cyber-security solutions.This dissertation proposes security solutions for substation automation by developing IEC61850-TLS proxy and adding OPen Connectivity Unified Architecture (OPC UA) Wrapper to Station Gateway. Secured messages by Transport Layer Security (TLS) and OPC UA security are created for protecting substation local and remote communications. Data availability is main concern that is solved by designing redundant networks.The dissertation also proposes cyber-security solutions for feeder automation and Logic Selectivity. In feeder automation, Centralized Protection System (CPS) is proposed as the place for making Decentralized feeder automation decisions. In addition, applying IP security (IPsec) in Tunnel mode is proposed to establish a secure communication path for feeder automation messages. In Logic Selectivity, Generic Object Oriented Substation Events (GOOSE) are exchanged between the substations. First, Logic Selectivity functional characteristics are analyzed. Then, Layer 2 Tunneling over IPsec in Transport mode is proposed to create a secure communication path for exchanging GOOSE over the Internet. Next, communication impact on Logic Selectivity performance is investigated by measuring the jitter and latency in the GOOSE communication. Lastly, reliability improvement by Logic Selectivity is evaluated by calculating reliability indices.Customer automation is the additional extension to the smart grid DA. This dissertation proposes an integration solution for the heterogeneous communication parties (TCP/IP and Controller Area Network) in Home Area Network. The developed solution applies Secure Socket Layer in order to create secured messages.The dissertation also proposes Secondary Substation Automation Unit (SSAU) for realtime communication of low voltage data to metering database. Point-to-Point Tunneling Protocol is proposed to create a secure communication path for Smart Metering data.The security analysis shows that the proposed security solutions provide the security requirements (Confidentiality, Integrity and Availability) for DA communication. Thus, communication is protected against security attacks and DA functions are ensured. In addition, CPS and SSAU are proposed to distribute intelligence over the substations level

Application of service composition mechanisms to Future Networks architectures and Smart Grids

Aquesta tesi gira entorn de la hipòtesi de la metodologia i mecanismes de composició de serveis i com es poden aplicar a diferents camps d'aplicació per a orquestrar de manera eficient comunicacions i processos flexibles i sensibles al context. Més concretament, se centra en dos camps d'aplicació: la distribució eficient i sensible al context de contingut multimèdia i els serveis d'una xarxa elèctrica intel·ligent. En aquest últim camp es centra en la gestió de la infraestructura, cap a la definició d'una Software Defined Utility (SDU), que proposa una nova manera de gestionar la Smart Grid amb un enfocament basat en programari, que permeti un funcionament molt més flexible de la infraestructura de xarxa elèctrica. Per tant, revisa el context, els requisits i els reptes, així com els enfocaments de la composició de serveis per a aquests camps. Fa especial èmfasi en la combinació de la composició de serveis amb arquitectures Future Network (FN), presentant una proposta de FN orientada a serveis per crear comunicacions adaptades i sota demanda. També es presenten metodologies i mecanismes de composició de serveis per operar sobre aquesta arquitectura, i posteriorment, es proposa el seu ús (en conjunció o no amb l'arquitectura FN) en els dos camps d'estudi. Finalment, es presenta la investigació i desenvolupament realitzat en l'àmbit de les xarxes intel·ligents, proposant diverses parts de la infraestructura SDU amb exemples d'aplicació de composició de serveis per dissenyar seguretat dinàmica i flexible o l'orquestració i gestió de serveis i recursos dins la infraestructura de l'empresa elèctrica.Esta tesis gira en torno a la hipótesis de la metodología y mecanismos de composición de servicios y cómo se pueden aplicar a diferentes campos de aplicación para orquestar de manera eficiente comunicaciones y procesos flexibles y sensibles al contexto. Más concretamente, se centra en dos campos de aplicación: la distribución eficiente y sensible al contexto de contenido multimedia y los servicios de una red eléctrica inteligente. En este último campo se centra en la gestión de la infraestructura, hacia la definición de una Software Defined Utility (SDU), que propone una nueva forma de gestionar la Smart Grid con un enfoque basado en software, que permita un funcionamiento mucho más flexible de la infraestructura de red eléctrica. Por lo tanto, revisa el contexto, los requisitos y los retos, así como los enfoques de la composición de servicios para estos campos. Hace especial hincapié en la combinación de la composición de servicios con arquitecturas Future Network (FN), presentando una propuesta de FN orientada a servicios para crear comunicaciones adaptadas y bajo demanda. También se presentan metodologías y mecanismos de composición de servicios para operar sobre esta arquitectura, y posteriormente, se propone su uso (en conjunción o no con la arquitectura FN) en los dos campos de estudio. Por último, se presenta la investigación y desarrollo realizado en el ámbito de las redes inteligentes, proponiendo varias partes de la infraestructura SDU con ejemplos de aplicación de composición de servicios para diseñar seguridad dinámica y flexible o la orquestación y gestión de servicios y recursos dentro de la infraestructura de la empresa eléctrica.This thesis revolves around the hypothesis the service composition methodology and mechanisms and how they can be applied to different fields of application in order to efficiently orchestrate flexible and context-aware communications and processes. More concretely, it focuses on two fields of application that are the context-aware media distribution and smart grid services and infrastructure management, towards a definition of a Software-Defined Utility (SDU), which proposes a new way of managing the Smart Grid following a software-based approach that enable a much more flexible operation of the power infrastructure. Hence, it reviews the context, requirements and challenges of these fields, as well as the service composition approaches. It makes special emphasis on the combination of service composition with Future Network (FN) architectures, presenting a service-oriented FN proposal for creating context-aware on-demand communication services. Service composition methodology and mechanisms are also presented in order to operate over this architecture, and afterwards, proposed for their usage (in conjunction or not with the FN architecture) in the deployment of context-aware media distribution and Smart Grids. Finally, the research and development done in the field of Smart Grids is depicted, proposing several parts of the SDU infrastructure, with examples of service composition application for designing dynamic and flexible security for smart metering or the orchestration and management of services and data resources within the utility infrastructure

State of the art of cyber-physical systems security: An automatic control perspective

Cyber-physical systems are integrations of computation, networking, and physical processes. Due to the tight cyber-physical coupling and to the potentially disrupting consequences of failures, security here is one of the primary concerns. Our systematic mapping study sheds light on how security is actually addressed when dealing with cyber-physical systems from an automatic control perspective. The provided map of 138 selected studies is defined empirically and is based on, for instance, application fields, various system components, related algorithms and models, attacks characteristics and defense strategies. It presents a powerful comparison framework for existing and future research on this hot topic, important for both industry and academia