Transactive Energy System Deployment over Insecure Communication Links

In this paper, the privacy and security issues associated with the transactive energy system (TES) deployment over insecure communication links are addressed. In particular, it is ensured that 1) individual agents’ bidding information is kept private throughout hierarchical market-based interactions; and 2) any extraneous data injection attack can be quickly and easily detected. An implementation framework is proposed to enable the cryptography-based enhancement of privacy and security for the deployment of any general hierarchical systems including TESs. Under the proposed framework, a unified cryptography-based approach is developed to achieve both privacy and security simultaneously. Specifically, privacy preservation is realized by an enhanced Paillier encryption scheme, where a block design is proposed to significantly improve computational efficiency. Attack detection is further achieved by an enhanced Paillier digital signature scheme, where a stamp-concatenation mechanism is proposed to enable detection of data replace and reorder attacks. Simulation results verify the effectiveness of the proposed cyber-resilient design for transactive energy systems. Note to Practitioners —This paper is motivated by addressing the issues of cyber resiliency for practically deploying transactive energy system (TES) but it is also applicable to the problem of enhancing the privacy and security for any general hierarchical control systems. TES is an emerging control approach that engages energy suppliers and customers through market operations and uses the price to optimally allocate energy resources. While it has been shown to be promising for power system applications, the underlying market-based interactions raise significant concerns of privacy (data leakage) and security (data tampering). However, existing TES works only focus on the coordination mechanism instead of privacy and security issues. This paper proposes a new cryptography-based TES design for practical deployment. Specifically, to protect privacy, individual supply and demand amounts to be exchanged are all encrypted in a particular way such that the original amounts cannot be inferred from the encrypted amounts, while the desired computation for setting the market clearing price can be carried out over the encrypted amounts, thus generating an encrypted result which, when decrypted, matches that of the same computation over the original amounts. To achieve security, for each exchanged data, its sender generates a particular digital signature which is exchanged together with the data. This enables the receiver to automatically detect the integrity by checking whether a mathematical relationship holds for the pair of data and signature. In our future research, we will investigate more challenging scenarios where some suppliers and customers themselves could be corrupted and purposely submit distorted amounts

Improving the resilience of cyber-physical systems under strategic adversaries

Renewable energy resources challenge traditional energy system operations by substituting the stability and predictability of fossil fuel based generation with the unreliability and uncertainty of wind and solar power. Rising demand for green energy drives grid operators to integrate sensors, smart meters, and distributed control to compensate for this uncertainty and improve the operational efficiency of the grid. Real-time negotiations enable producers and consumers to adjust power loads during shortage periods, such as an unexpected outage or weather event, and to adapt to time-varying energy needs. While such systems improve grid performance, practical implementation challenges can derail the operation of these distributed cyber-physical systems. Network disruptions introduce instability into control feedback systems, and strategic adversaries can manipulate power markets for financial gain. This dissertation analyzes the impact of these outages and adversaries on cyber-physical systems and provides methods for improving resilience, with an emphasis on distributed energy systems. First, a financial model of an interdependent energy market lays the groundwork for profit-oriented attacks and defenses, and a game theoretic strategy optimizes attack plans and defensive investments in energy systems with multiple independent actors. Then attacks and defenses are translated from a theoretical context to a real-time energy market via denial of service (DoS) outages and moving target defenses. Analysis on two market mechanisms shows how adversaries can disrupt market operation, destabilize negotiations, and extract profits by attacking network links and disrupting communication. Finally, a low-cost DoS defense technique demonstrates a method that energy systems may use to defend against attacks

CPS Attacks Mitigation Approaches on Power Electronic Systems with Security Challenges for Smart Grid Applications: A Review

This paper presents an inclusive review of the cyber-physical (CP) attacks, vulnerabilities, mitigation approaches on the power electronics and the security challenges for the smart grid applications. With the rapid evolution of the physical systems in the power electronics applications for interfacing renewable energy sources that incorporate with cyber frameworks, the cyber threats have a critical impact on the smart grid performance. Due to the existence of electronic devices in the smart grid applications, which are interconnected through communication networks, these networks may be subjected to severe cyber-attacks by hackers. If this occurs, the digital controllers can be physically isolated from the control loop. Therefore, the cyber-physical systems (CPSs) in the power electronic systems employed in the smart grid need special treatment and security. In this paper, an overview of the power electronics systems security on the networked smart grid from the CP perception, as well as then emphases on prominent CP attack patterns with substantial influence on the power electronics components operation along with analogous defense solutions. Furthermore, appraisal of the CPS threats attacks mitigation approaches, and encounters along the smart grid applications are discussed. Finally, the paper concludes with upcoming trends and challenges in CP security in the smart grid applications

Edge intelligence in smart grids : a survey on architectures, offloading models, cyber security measures, and challenges

The rapid development of new information and communication technologies (ICTs) and the deployment of advanced Internet of Things (IoT)-based devices has led to the study and implementation of edge computing technologies in smart grid (SG) systems. In addition, substantial work has been expended in the literature to incorporate artificial intelligence (AI) techniques into edge computing, resulting in the promising concept of edge intelligence (EI). Consequently, in this article, we provide an overview of the current state-of-the-art in terms of EI-based SG adoption from a range of angles, including architectures, computation offloading, and cybersecurity c oncerns. The basic objectives of this article are fourfold. To begin, we discuss EI and SGs separately. Then we highlight contemporary concepts closely related to edge computing, fundamental characteristics, and essential enabling technologies from an EI perspective. Additionally, we discuss how the use of AI has aided in optimizing the performance of edge computing. We have emphasized the important enabling technologies and applications of SGs from the perspective of EI-based SGs. Second, we explore both general edge computing and architectures based on EI from the perspective of SGs. Thirdly, two basic questions about computation offloading are discussed: what is computation offloading and why do we need it? Additionally, we divided the primary articles into two categories based on the number of users included in the model, either a single user or a multiple user instance. Finally, we review the cybersecurity threats with edge computing and the methods used to mitigate them in SGs. Therefore, this survey comes to the conclusion that most of the viable architectures for EI in smart grids often consist of three layers: device, edge, and cloud. In addition, it is crucial that computation offloading techniques must be framed as optimization problems and addressed effectively in order to increase system performance. This article typically intends to serve as a primer for emerging and interested scholars concerned with the study of EI in SGs.The Council for Scientific and Industrial Research (CSIR).https://www.mdpi.com/journal/jsanElectrical, Electronic and Computer Engineerin

Blockchain-based secure Unmanned Aerial Vehicles (UAV) in network design and optimization

Unmanned Aerial Vehicles (UAVs) have emerged as transformative technologies with wide ranging applications, including surveillance, mapping, remote sensing, search and rescue, and disaster management. As sophisticated Unmanned Aerial Vehicle (UAV) increasingly operate in collaborative swarms, joint optimization challenges arise, such as flight trajectories, scheduling, altitude, Aerial Base Stations (ABS), energy harvesting, power transfer, resource allocation, and power consumption. However, the widespread adoption of UAV networks has been hindered by challenges related to optimal Three-Dimensional (3D) deployment, trajectory optimization, wireless and computational resource allocation, and limited flight durations when operating as ABSs. Crucially, the broadcast nature of UAV-assisted wireless networks renders them susceptible to privacy and security threats such as Distributed Denial-of-Service (DDoS) replay, impersonation, message injection, spoofing, malware infection, eavesdropping, and line of-interference attacks. This study aims to address these privacy and security challenges by leveraging blockchain technology’s potential to secure data and delivery in UAV communication networks. With amalgamation of blockchain, this study seeks to harness its inherent immutability and cryptographic properties to ensure secure and tamper-proof data transmission, promote trust and transparency among stakeholders, enable automated Smart Contract (SC) for secure delivery, and facilitate standardization and interoperability across platforms. Specifically, blockchain can secure UAV network privacy and security through data privacy and integrity, secure delivery and tracking, access control, identity management, and resilience against cyber-attacks. Furthermore, this study explores the synergies among blockchain, UAV networks, and Federated Learning (FL) for privacy-preserving intelligent applications in healthcare and wireless networks. FL enables collaborative training of Machine Learning (ML) models without sharing raw data, ensuring data privacy. By integrating FL with blockchain-assisted UAV networks, this study aims to revolutionize future intelligent applications, particularly in time-sensitive and privacy-critical domains. Overall, this thesis contributes to the field by providing a comprehensive analysis of integrating blockchain, FL, and UAV networks, beyond Fifth-Generation (5G) communication networks. It addresses privacy and security concerns related to data and delivery, thereby enabling secure, reliable, and intelligent applications in various sectors

Distributed Ledger Technologies in Supply Chain Security Management: A Comprehensive Survey

Supply chains (SC) present performance bottlenecks that contribute to a high level of costs, infiltration of product quality, and impact productivity. Examples of such inhibitors include the bullwhip effect, new product lines, high inventory, and restrictive data flows. These bottlenecks can force manufacturers to source more raw materials and increase production significantly. Also, restrictive data flow in a complex global SC network generally slows down the movement of goods and services. The use of distributed ledger technologies (DLT) in SC management (SCM) demonstrates the potentials to reduce these bottlenecks through transparency, decentralization, and optimizations in data management. These technologies promise to enhance the trustworthiness of entities within the SC, ensure the accuracy of data-driven operations, and enable existing SCM processes to migrate from a linear to a fully circular economy. This article presents a comprehensive review of 111 articles published in the public domain in the use and efficacy of DLT in SC. It acts as a roadmap for current and future researchers who focus on SC security management to better understand the integration of digital technologies such as DLT. We clustered these articles using standard descriptors linked to trustworthiness, namely, immutability, transparency, traceability, and integrity

Distributed Ledger Technologies in Supply Chain Security Management: A Comprehensive Survey

This is an accepted manuscript of an article published by IEEE in IEEE Transactions on Engineering Management, available online at: https://ieeexplore.ieee.org/document/9366288 The accepted version of the publication may differ from the final published versionSupply-chains (SC) present performance bottlenecks that contribute to a high level of costs, infltration of product quality, and impact productivity. Examples of such inhibitors include the bullwhip effect, new product lines, high inventory, and restrictive data fows. These bottlenecks can force manufacturers to source more raw materials and increase production signifcantly. Also, restrictive data fow in a complex global SC network generally slows down the movement of goods and services. The use of Distributed LedgerTechnologies (DLT) in supply chain management (SCM) demonstrates the potentials to to reduce these bottlenecks through transparency, decentralization, and optimizations in data management. These technologies promise to enhance the trustworthiness of entities within the supply chain, ensure the accuracy of data-driven operations, and enable existing SCM processes to migrate from a linear to a fully circular economy. This paper presents a comprehensive review of 111 articles published in the public domain in the use and effcacyofDLTin SC.It acts asaroadmapfor current and futureresearchers whofocus onSC Security Management to better understand the integration of digital technologies such as DLT. We clustered these articles using standard descriptors linked to trustworthiness, namely, immutability, transparency, traceability, and integrity

Optimising a defence-aware threat modelling diagram incorporating a defence-in-depth approach for the internet-of-things

Modern technology has proliferated into just about every aspect of life while improving the quality of life. For instance, IoT technology has significantly improved over traditional systems, providing easy life, time-saving, financial saving, and security aspects. However, security weaknesses associated with IoT technology can pose a significant threat to the human factor. For instance, smart doorbells can make household life easier, save time, save money, and provide surveillance security. Nevertheless, the security weaknesses in smart doorbells could be exposed to a criminal and pose a danger to the life and money of the household. In addition, IoT technology is constantly advancing and expanding and rapidly becoming ubiquitous in modern society. In that case, increased usage and technological advancement create security weaknesses that attract cybercriminals looking to satisfy their agendas. Perfect security solutions do not exist in the real world because modern systems are continuously improving, and intruders frequently attempt various techniques to discover security flaws and bypass existing security control in modern systems. In that case, threat modelling is a great starting point in understanding the threat landscape of the system and its weaknesses. Therefore, the threat modelling field in computer science was significantly improved by implementing various frameworks to identify threats and address them to mitigate them. However, most mature threat modelling frameworks are implemented for traditional IT systems that only consider software-related weaknesses and do not address the physical attributes. This approach may not be practical for IoT technology because it inherits software and physical security weaknesses. However, scholars employed mature threat modelling frameworks such as STRIDE on IoT technology because mature frameworks still include security concepts that are significant for modern technology. Therefore, mature frameworks cannot be ignored but are not efficient in addressing the threat associated with modern systems. As a solution, this research study aims to extract the significant security concept of matured threat modelling frameworks and utilise them to implement robust IoT threat modelling frameworks. This study selected fifteen threat modelling frameworks from among researchers and the defence-in-depth security concept to extract threat modelling techniques. Subsequently, this research study conducted three independent reviews to discover valuable threat modelling concepts and their usefulness for IoT technology. The first study deduced that integration of threat modelling approach software-centric, asset-centric, attacker-centric and data-centric with defence-in-depth is valuable and delivers distinct benefits. As a result, PASTA and TRIKE demonstrated four threat modelling approaches based on a classification scheme. The second study deduced the features of a threat modelling framework that achieves a high satisfaction level toward defence-in-depth security architecture. Under evaluation criteria, the PASTA framework scored the highest satisfaction value. Finally, the third study deduced IoT systematic threat modelling techniques based on recent research studies. As a result, the STRIDE framework was identified as the most popular framework, and other frameworks demonstrated effective capabilities valuable to IoT technology. Respectively, this study introduced Defence-aware Threat Modelling (DATM), an IoT threat modelling framework based on the findings of threat modelling and defence-in-depth security concepts. The steps involved with the DATM framework are further described with figures for better understatement. Subsequently, a smart doorbell case study is considered for threat modelling using the DATM framework for validation. Furthermore, the outcome of the case study was further assessed with the findings of three research studies and validated the DATM framework. Moreover, the outcome of this thesis is helpful for researchers who want to conduct threat modelling in IoT environments and design a novel threat modelling framework suitable for IoT technology

Efficiency and Sustainability of the Distributed Renewable Hybrid Power Systems Based on the Energy Internet, Blockchain Technology and Smart Contracts-Volume II

The climate changes that are becoming visible today are a challenge for the global research community. In this context, renewable energy sources, fuel cell systems, and other energy generating sources must be optimally combined and connected to the grid system using advanced energy transaction methods. As this reprint presents the latest solutions in the implementation of fuel cell and renewable energy in mobile and stationary applications, such as hybrid and microgrid power systems based on the Energy Internet, Blockchain technology, and smart contracts, we hope that they will be of interest to readers working in the related fields mentioned above