ERIGrid Holistic Test Description for Validating Cyber-Physical Energy Systems

Smart energy solutions aim to modify and optimise the operation of existing energy infrastructure. Such cyber-physical technology must be mature before deployment to the actual infrastructure, and competitive solutions will have to be compliant to standards still under development. Achieving this technology readiness and harmonisation requires reproducible experiments and appropriately realistic testing environments. Such testbeds for multi-domain cyber-physical experiments are complex in and of themselves. This work addresses a method for the scoping and design of experiments where both testbed and solution each require detailed expertise. This empirical work first revisited present test description approaches, developed a newdescription method for cyber-physical energy systems testing, and matured it by means of user involvement. The new Holistic Test Description (HTD) method facilitates the conception, deconstruction and reproduction of complex experimental designs in the domains of cyber-physical energy systems. This work develops the background and motivation, offers a guideline and examples to the proposed approach, and summarises experience from three years of its application.This work received funding in the European Community’s Horizon 2020 Program (H2020/2014–2020) under project “ERIGrid” (Grant Agreement No. 654113)

WaterBox: A Testbed for Monitoring and Controlling Smart Water Networks

Copyright 2015 ACM.Smart water distribution networks are a good example of a large scale Cyber-Physical System that requires monitoring for precise data analysis and network control. Due to the critical nature of water distribution, an extensive simulation of decision making and control algorithms are required before their deployment. Although some aspects of water network behaviour can be simulated in software such as hydraulic responses in valve changes, software simulators are unable to include dynamic events such as leakages or bursts in physical models. Furthermore, due to safety concerns, contemporary large-scale testbeds are limited to the monitoring processes or control methods with well established safety guarantees. Sophisticated algorithms for dynamic and optimal water network reconfiguration are not yet widespread. This paper presents a small-scale testbed, WaterBox, which allows the simulation of emerging/advanced monitoring and control algorithms in a fail-safe environment. The flexible hydraulic, hardware, and software infrastructure enables a substantial number of experiments. On-going experiments are related to in-node data processing and decision making, energy optimization, event-driven communication, and automatic control

On specification-based cyber-attack detection in smart grids

The transformation of power grids into intelligent cyber-physical systems brings numerous benefits, but also significantly increases the surface for cyber-attacks, demanding appropriate countermeasures. However, the development, validation, and testing of data-driven countermeasures against cyber-attacks, such as machine learning-based detection approaches, lack important data from real-world cyber incidents. Unlike attack data from real-world cyber incidents, infrastructure knowledge and standards are accessible through expert and domain knowledge. Our proposed approach uses domain knowledge to define the behavior of a smart grid under non-attack conditions and detect attack patterns and anomalies. Using a graph-based specification formalism, we combine cross-domain knowledge that enables the generation of whitelisting rules not only for statically defined protocol fields but also for communication flows and technical operation boundaries. Finally, we evaluate our specification-based intrusion detection system against various attack scenarios and assess detection quality and performance. In particular, we investigate a data manipulation attack in a future-orientated use case of an IEC 60870-based SCADA system that controls distributed energy resources in the distribution grid. Our approach can detect severe data manipulation attacks with high accuracy in a timely and reliable manner

CRITICAL INFRASTRUCTURE TESTBED FOR CYBER-SECURITY TRAINING AND RESEARCH (4)

Critical infrastructures encompass various sectors such as energy resources, manufacturing and governmental services, which tend to be dispersed over large geographic areas. With recent technological advancements over the last decade, they have developed to be increasingly dependent on Information and Communication Technology (ICT); where control systems and the use of sensor equipment help facilitate operation. In order to sustain the ever-increasing demands, it is essential that these systems can adapt by integrating various new and existing digital technologies. However, this results in an increased vulnerability to cyber-threats. In addition, the persistently evolving global state of ICT has resulted in the emergence of sophisticated cyber-threats. As dependence upon critical infrastructure systems continues to increase, so too does the urgency with which these systems need to be adequately protected. Unfortunately, the consequences of a successful cyber-attack can be dire, potentially resulting in the loss of life or a devastating effect on the operation of government services and the economy. Despite the seriousness of this problem, the development of new and innovative cyber-security methods are being hampered by the lack of access to real-world data for training, research and testing new design methodologies. As such, the project presented in this paper highlights an in-progress project, funded by UKAIS, for the development of an easily-replicable and affordable critical infrastructure testbed for cyber-security training and research

Cyber-Physical Attacks: The Role of Network Parameters

The fact that modern Networked Industrial Control Systems (NICS) depend on Information and Communications Technologies (ICT) is well known. Although many studies have focused on the security of NICS, today we still lack a proper understanding of the impact that network parameters, e.g. network delays, packet losses, background traffic, and network design decisions, have on cyber attacks targeting NICS. In this paper we investigate the impact of network parameters on cyber attacks targeting industrial processes. Our analysis is based on the Tennessee-Eastman chemical process and proves that network parameters have a limited effect on remote cyber attacks.JRC.G.6-Security technology assessmen