176 research outputs found
Cyber-physical security of a smart grid infrastructure
permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of Carnegie Mellon University's products or services. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to [email protected]. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.INVITE
Multipath Routing of Fragmented Data Transfer in a Smart Grid Environment
The purpose of this paper is to do a general survey on the existing
communication modes inside a smart grid, the existing security loopholes and
their countermeasures. Then we suggest a detailed countermeasure, building upon
the Jigsaw based secure data transfer [8] for enhanced security of the data
flow inside the communication system of a smart grid. The paper has been
written without the consideration of any factor of inoperability between the
various security techniques inside a smart gridComment: 5 pages, 2 figure
Forensic Attacks Analysis and the Cyber Security of Safety-Critical Industrial Control Systems
Industrial Control Systems (ICS) and SCADA (Supervisory Control And Data Acquisition) applications monitor
and control a wide range of safety-related functions. These include energy generation where failures could have
significant, irreversible consequences. They also include the control systems that are used in the manufacture of
safety-related products. In this case bugs in an ICS/SCADA system could introduce flaws in the production of
components that remain undetected before being incorporated into safety-related applications. Industrial Control
Systems, typically, use devices and networks that are very different from conventional IP-based infrastructures.
These differences prevent the re-use of existing cyber-security products in ICS/SCADA environments; the
architectures, file formats and process structures are very different. This paper supports the forensic analysis of
industrial control systems in safety-related applications. In particular, we describe how forensic attack analysis is
used to identify weaknesses in devices so that we can both protect components but also determine the information
that must be analyzed during the aftermath of a cyber-incident. Simulated attacks detect vulnerabilities; a risk-based
approach can then be used to assess the likelihood and impact of any breach. These risk assessments are then used
to justify both immediate and longer-term countermeasures
Smart Meter Privacy with an Energy Harvesting Device and Instantaneous Power Constraints
A smart meter (SM) periodically measures end-user electricity consumption and
reports it to a utility provider (UP). Despite the advantages of SMs, their use
leads to serious concerns about consumer privacy. In this paper, SM privacy is
studied by considering the presence of an energy harvesting device (EHD) as a
means of masking the user's input load. The user can satisfy part or all of
his/her energy needs from the EHD, and hence, less information can be leaked to
the UP via the SM. The EHD is typically equipped with a rechargeable energy
storage device, i.e., a battery, whose instantaneous energy content limits the
user's capability in covering his/her energy usage. Privacy is measured by the
information leaked about the user's real energy consumption when the UP
observes the energy requested from the grid, which the SM reads and reports to
the UP. The minimum information leakage rate is characterized as a computable
information theoretic single-letter expression when the EHD battery capacity is
either infinite or zero. Numerical results are presented for a discrete binary
input load to illustrate the potential privacy gains from the existence of a
storage device.Comment: To be published in IEEE ICC201
Fake-Acknowledgment Attack on ACK-based Sensor Power Schedule for Remote State Estimation
We consider a class of malicious attacks against remote state estimation. A
sensor with limited resources adopts an acknowledgement (ACK)-based online
power schedule to improve the remote state estimation performance. A malicious
attacker can modify the ACKs from the remote estimator and convey fake
information to the sensor. When the capability of the attacker is limited, we
propose an attack strategy for the attacker and analyze the corresponding
effect on the estimation performance. The possible responses of the sensor are
studied and a condition for the sensor to discard ACKs and switch from online
schedule to offline schedule is provided.Comment: submitted to IEEE CDC 201
Towards a Secure Smart Grid Storage Communications Gateway
This research in progress paper describes the role of cyber security measures
undertaken in an ICT system for integrating electric storage technologies into
the grid. To do so, it defines security requirements for a communications
gateway and gives detailed information and hands-on configuration advice on
node and communication line security, data storage, coping with backend M2M
communications protocols and examines privacy issues. The presented research
paves the road for developing secure smart energy communications devices that
allow enhancing energy efficiency. The described measures are implemented in an
actual gateway device within the HORIZON 2020 project STORY, which aims at
developing new ways to use storage and demonstrating these on six different
demonstration sites.Comment: 6 pages, 2 figure
Self-triggered Coordination over a Shared Network under Denial-of-Service
The issue of security has become ever more prevalent in the analysis and
design of cyber-physical systems. In this paper, we analyze a consensus network
in the presence of Denial-of-Service (DoS) attacks, namely attacks that prevent
communication among the network agents. By introducing a notion of
Persistency-of-Communication (PoC), we provide a characterization of DoS
frequency and duration such that consensus is not destroyed. An example is
given to substantiate the analysis
- …