Security Aspects of Internet of Things aided Smart Grids: a Bibliometric Survey

The integration of sensors and communication technology in power systems, known as the smart grid, is an emerging topic in science and technology. One of the critical issues in the smart grid is its increased vulnerability to cyber threats. As such, various types of threats and defense mechanisms are proposed in literature. This paper offers a bibliometric survey of research papers focused on the security aspects of Internet of Things (IoT) aided smart grids. To the best of the authors' knowledge, this is the very first bibliometric survey paper in this specific field. A bibliometric analysis of all journal articles is performed and the findings are sorted by dates, authorship, and key concepts. Furthermore, this paper also summarizes the types of cyber threats facing the smart grid, the various security mechanisms proposed in literature, as well as the research gaps in the field of smart grid security.Comment: The paper is published in Elsevier's Internet of Things journal. 25 pages + 20 pages of reference

Modeling distributed denial of service attack in advanced metering infrastructure

Imminent attacks on critical infrastructure can disrupt operations. It also interrupts information availability. One way through cyberspace is to harness the distributed computing power and flood on targeted systems with massive information as a consequence of denial in service. This paper discusses the distributed denial of service (DDoS) attack, a potential cyberthreat in AMI communication network. A typical DDoS includes two stages: (1) agents recruitment stage and (2) actual attack stage. In this paper, various models of malware installation and flooding attack on AMI devices are introduced and potential impacts are studied. Some particular attack scenario is simulated using NS3. We also discussed the potential defense technologies

Modelo de ciberseguridad en las Unidades de medición fasorial (PMU) del nuevo sistema inteligente de supervisión y control avanzado de tiempo real (ISAAC) del sistema eléctrico Nacional

El mapa de implementación del proyecto Sistema Inteligente de Supervisión y Control Avanzado (ISAAC) desarrollado por la compañía XM SA ESP, está basado en dispositivos PMU (Unidades de medición fasorial) los cuales hacen parte de la infraestructura eléctrica colombiana, éstos, son la base para el control de la frecuencia, sirven para dar respuesta efectiva de la oferta y demanda de energía. Éste proyecto ha definido un modelo de ciberseguridad del proyecto ISAAC, para lo cual, se estableció (i) Una estimación de los riesgos asociados a ciberataques sobre dispositivos de supervisión PMU, (II) se definió un modelo para la implementación de controles, que reduzcan los niveles de riesgos sobre los dispositivos de supervisión PMU y (III) se implementó un ambiente de prueba que permita valorar los resultados del modelo propuesto y el impacto de los controles de seguridad sobre las funcionalidades de los equipos. Este proyecto no contempla la implementación de elementos de seguridad en su diseño ni controles complementarios sobre las PMU, Los ciberataques cada vez más complejos y elaborados (ataques de hombre en el medio, alteración de datos, ataques de denegación de servicios distribuidos, suplantación, inserción de código, botnet, entre otros), el surgimiento de grupos especializados en construir software malicioso (malware, troyanos, APTS -amenazas persistentes en el tiempo, secuestro de información), el ciberespionaje y la situación compleja de nuestro país hacen que sea necesario la implementación de controles y modelos de ciberseguridad para proteger la infraestructura que soporta el sistema eléctrico Dado lo anterior en éste trabajo de maestría, se diseñó un modelo de ciberseguridad para los elementos PMU en el proyecto ISAAC asociado al sistema eléctrico colombiano, que permite realizar una operación confiable y segura, mitigando con ello riesgos y mejorando la resiliencia ante posibles eventos de ciberseguridad sobre dichas PMU.The implementation map of the Intelligent Advanced Monitoring and Control System (ISAAC) project developed by the company XM SA ESP, is based on PMU devices (Fasorial measurement units) which are part of the Colombian electrical infrastructure, these are the basis for frequency control, they serve to effectively respond to the supply and demand of energy. This project has defined a cybersecurity model of the ISAAC project, for which, it was established (i) An estimate of the risks associated with cyber attacks on PMU monitoring devices, (II) a model for the implementation of controls was defined, which reduce the risk levels on the PMU monitoring devices and (III) a test environment was implemented to assess the results of the proposed model and the impact of safety controls on the functionalities of the equipment. This project does not include the implementation of security elements in its design or complementary controls on PMUs, The increasingly complex and elaborate cyberattacks (man-in-the-middle attacks, data alteration, attacks on denial of distributed services, impersonation, code insertion, botnet, among others), the emergence of groups specialized in building malicious software (malware , Trojans, APTS - persistent threats over time, kidnapping of information), cyber espionage and the complex situation of our country make it necessary to implement controls and cybersecurity models to protect the infrastructure that supports the electrical system Given the above in this master's work, a cybersecurity model was designed for the PMU elements in the ISAAC project associated with the Colombian electricity system, which allows a reliable and safe operation, thereby mitigating risks and improving resilience to possible events cybersecurity about these PMU