995 research outputs found
Assessing and augmenting SCADA cyber security: a survey of techniques
SCADA systems monitor and control critical infrastructures of national importance such as power generation and distribution, water supply, transportation networks, and manufacturing facilities. The pervasiveness, miniaturisations and declining costs of internet connectivity have transformed these systems from strictly isolated to highly interconnected networks. The connectivity provides immense benefits such as reliability, scalability and remote connectivity, but at the same time exposes an otherwise isolated and secure system, to global cyber security threats. This inevitable transformation to highly connected systems thus necessitates effective security safeguards to be in place as any compromise or downtime of SCADA systems can have severe economic, safety and security ramifications. One way to ensure vital asset protection is to adopt a viewpoint similar to an attacker to determine weaknesses and loopholes in defences. Such mind sets help to identify and fix potential breaches before their exploitation. This paper surveys tools and techniques to uncover SCADA system vulnerabilities. A comprehensive review of the selected approaches is provided along with their applicability
Design and Analysis of a Novel Split and Aggregated Transmission Control Protocol for Smart Metering Infrastructure
Utility companies (electricity, gas, and water suppliers), governments, and
researchers recognize an urgent need to deploy communication-based systems to
automate data collection from smart meters and sensors, known as Smart Metering
Infrastructure (SMI) or Automatic Meter Reading (AMR). A smart metering system
is envisaged to bring tremendous benefits to customers, utilities, and
governments. The advantages include reducing peak demand for energy, supporting
the time-of-use concept for billing, enabling customers to make informed
decisions, and performing effective load management, to name a few.
A key element in an SMI is communications between meters and utility servers.
However, the mass deployment of metering devices in the grid calls for studying
the scalability of communication protocols. SMI is characterized by the
deployment of a large number of small Internet Protocol (IP) devices sending
small packets at a low rate to a central server. Although the individual
devices generate data at a low rate, the collective traffic produced is
significant and is disruptive to network communication functionality. This
research work focuses on the scalability of the transport layer
functionalities. The TCP congestion control mechanism, in particular, would be
ineffective for the traffic of smart meters because a large volume of data
comes from a large number of individual sources. This situation makes the TCP
congestion control mechanism unable to lower the transmission rate even when
congestion occurs. The consequences are a high loss rate for metered data and
degraded throughput for competing traffic in the smart metering network.
To enhance the performance of TCP in a smart metering infrastructure (SMI), we
introduce a novel TCP-based scheme, called Split- and Aggregated-TCP (SA-TCP).
This scheme is based on the idea of upgrading intermediate devices in SMI
(known in the industry as regional collectors) to offer the service of
aggregating the TCP connections. An SA-TCP aggregator collects data packets
from the smart meters of its region over separate TCP connections; then it
reliably forwards the data over another TCP connection to the utility server.
The proposed split and aggregated scheme provides a better response to traffic
conditions and, most importantly, makes the TCP congestion control and flow
control mechanisms effective. Supported by extensive ns-2 simulations, we show
the effectiveness of the SA-TCP approach to mitigating the problems in terms of
the throughput and packet loss rate performance metrics.
A full mathematical model of SA-TCP is provided. The model is highly accurate
and flexible in predicting the behaviour of the two stages, separately and
combined, of the SA-TCP scheme in terms of throughput, packet loss rate and
end-to-end delay. Considering the two stages of the scheme, the modelling
approach uses Markovian models to represent smart meters in the first stage and
SA-TCP aggregators in the second. Then, the approach studies the interaction of
smart meters and SA-TCP aggregators with the network by means of standard
queuing models. The ns-2 simulations validate the math model results.
A comprehensive performance analysis of the SA-TCP scheme is performed. It
studies the impact of varying various parameters on the scheme, including the
impact of network link capacity, buffering capacity of those RCs that act as
SA-TCP aggregators, propagation delay between the meters and the utility
server, and finally, the number of SA-TCP aggregators. The performance results
show that adjusting those parameters makes it possible to further enhance
congestion control in SMI. Therefore, this thesis also formulates an
optimization model to achieve better TCP performance and ensures satisfactory
performance results, such as a minimal loss rate and acceptable end-to-end
delay. The optimization model also considers minimizing the SA-TCP scheme
deployment cost by balancing the number of SA-TCP aggregators and the link
bandwidth, while still satisfying performance requirements
Design and Analysis of a Novel Split and Aggregated Transmission Control Protocol for Smart Metering Infrastructure
Utility companies (electricity, gas, and water suppliers), governments, and
researchers recognize an urgent need to deploy communication-based systems to
automate data collection from smart meters and sensors, known as Smart Metering
Infrastructure (SMI) or Automatic Meter Reading (AMR). A smart metering system
is envisaged to bring tremendous benefits to customers, utilities, and
governments. The advantages include reducing peak demand for energy, supporting
the time-of-use concept for billing, enabling customers to make informed
decisions, and performing effective load management, to name a few.
A key element in an SMI is communications between meters and utility servers.
However, the mass deployment of metering devices in the grid calls for studying
the scalability of communication protocols. SMI is characterized by the
deployment of a large number of small Internet Protocol (IP) devices sending
small packets at a low rate to a central server. Although the individual
devices generate data at a low rate, the collective traffic produced is
significant and is disruptive to network communication functionality. This
research work focuses on the scalability of the transport layer
functionalities. The TCP congestion control mechanism, in particular, would be
ineffective for the traffic of smart meters because a large volume of data
comes from a large number of individual sources. This situation makes the TCP
congestion control mechanism unable to lower the transmission rate even when
congestion occurs. The consequences are a high loss rate for metered data and
degraded throughput for competing traffic in the smart metering network.
To enhance the performance of TCP in a smart metering infrastructure (SMI), we
introduce a novel TCP-based scheme, called Split- and Aggregated-TCP (SA-TCP).
This scheme is based on the idea of upgrading intermediate devices in SMI
(known in the industry as regional collectors) to offer the service of
aggregating the TCP connections. An SA-TCP aggregator collects data packets
from the smart meters of its region over separate TCP connections; then it
reliably forwards the data over another TCP connection to the utility server.
The proposed split and aggregated scheme provides a better response to traffic
conditions and, most importantly, makes the TCP congestion control and flow
control mechanisms effective. Supported by extensive ns-2 simulations, we show
the effectiveness of the SA-TCP approach to mitigating the problems in terms of
the throughput and packet loss rate performance metrics.
A full mathematical model of SA-TCP is provided. The model is highly accurate
and flexible in predicting the behaviour of the two stages, separately and
combined, of the SA-TCP scheme in terms of throughput, packet loss rate and
end-to-end delay. Considering the two stages of the scheme, the modelling
approach uses Markovian models to represent smart meters in the first stage and
SA-TCP aggregators in the second. Then, the approach studies the interaction of
smart meters and SA-TCP aggregators with the network by means of standard
queuing models. The ns-2 simulations validate the math model results.
A comprehensive performance analysis of the SA-TCP scheme is performed. It
studies the impact of varying various parameters on the scheme, including the
impact of network link capacity, buffering capacity of those RCs that act as
SA-TCP aggregators, propagation delay between the meters and the utility
server, and finally, the number of SA-TCP aggregators. The performance results
show that adjusting those parameters makes it possible to further enhance
congestion control in SMI. Therefore, this thesis also formulates an
optimization model to achieve better TCP performance and ensures satisfactory
performance results, such as a minimal loss rate and acceptable end-to-end
delay. The optimization model also considers minimizing the SA-TCP scheme
deployment cost by balancing the number of SA-TCP aggregators and the link
bandwidth, while still satisfying performance requirements
Modelling and Co-simulation of Multi-Energy Systems: Distributed Software Methods and Platforms
L'abstract Ăš presente nell'allegato / the abstract is in the attachmen
Recommended from our members
Performance evaluation of information and communications technology infrastructure for smart distribution network applications
This thesis was submitted for the degree of Master of Philosophy and awarded by Brunel University.Current electrical networks require secure, scalable and cost-effective Information and
Communications Technology (ICT) solutions to facilitate the novel functionalities
required by Smart Grids. Countries around the globe are investigating alternative energy sources to mitigate the current energy crisis and environmental issues experienced by many countries due to global warming, rapid growth of population, inefficient energy management, dwindling fossil fuel resources, etc. Therefore, alternative or renewable energy sources, such as wind, solar, hydro, combined heat and power, etc., are required to mitigate such a crisis and such sources will also need to be integrated in to the power grid
in a distributed manner. Such distributed energy sources are mainly connected to the
distribution networks and introduce huge challenges to the distribution network operator (DNO). Many of these challenges cannot be dealt with effectively using existing network operation mechanisms therefore the research and development of novel ICT solutions to support smart distribution network operation is required.
This research investigated suitable ICT solutions to enable the Smart Grid to tackle these challenges and proposes ICT infrastructure models that can be used for simulation studies in order to investigate cost-effective, scalable and secure solutions for the DNOs. Initially, a Quality of Service (QoS) monitoring test-bed was proposed to evaluate the performance of bandwidth intensive applications, such as smart meter data transmission. Simulation studies for different communication technologies, cellular and Power Line
Communication (PLC), were also carried out and the simulation models were verified
using experimental test results. Finally, the modelling and analysis of smart metering
infrastructure was carried out using simulation and extensive studies were performed to evaluate the data transmission rate performance for different configurations of smart meters and concentrators
Data-Driven Distributed Modeling, Operation, and Control of Electric Power Distribution Systems
The power distribution system is disorderly in design and implementation, chaotic in operation, large in scale, and complex in every way possible. Therefore, modeling, operating, and controlling the distribution system is incredibly challenging. It is required to find solutions to the multitude of challenges facing the distribution grid to transition towards a just and sustainable energy future for our society. The key to addressing distribution system challenges lies in unlocking the full potential of the distribution grid. The work in this dissertation is focused on finding methods to operate the distribution system in a reliable, cost-effective, and just manner.
In this PhD dissertation, a new data-driven distributed () framework using cellular computational networks has been developed to model power distribution systems. Its performance is validated on an IEEE test case. The results indicate a significant enhancement in accuracy and performance compared to the state-of-the-art centralized modeling approach.
This dissertation also presents a new distributed and data-driven optimization method for volt-var control in power distribution systems. The framework is validated for voltage control on an IEEE test feeder. The results indicate that the system has improved performance compared to the state-of-the-art approach.
The PhD dissertation also presents a design for a real-time power distribution system testbed. A new data-in-the-loop (DIL) simulation method has been developed and integrated into the testbed. The DIL method has been used to enhance the quality of the real-time simulations. The assets combined with the testbed include data, control, and hardware-in-the-loop infrastructure. The testbed is used to validate the performance of a distribution system with significant penetration of distributed energy resources
Modélisation formelle des systÚmes de détection d'intrusions
LâĂ©cosystĂšme de la cybersĂ©curitĂ© Ă©volue en permanence en termes du nombre, de la diversitĂ©, et de la complexitĂ© des attaques. De ce fait, les outils de dĂ©tection deviennent inefficaces face Ă certaines attaques. On distingue gĂ©nĂ©ralement trois types de systĂšmes de dĂ©tection dâintrusions : dĂ©tection par anomalies, dĂ©tection par signatures et dĂ©tection hybride. La dĂ©tection par anomalies est fondĂ©e sur la caractĂ©risation du comportement habituel du systĂšme, typiquement de maniĂšre statistique. Elle permet de dĂ©tecter des attaques connues ou inconnues, mais gĂ©nĂšre aussi un trĂšs grand nombre de faux positifs. La dĂ©tection par signatures permet de dĂ©tecter des attaques connues en dĂ©finissant des rĂšgles qui dĂ©crivent le comportement connu dâun attaquant. Cela demande une bonne connaissance du comportement de lâattaquant. La dĂ©tection hybride repose sur plusieurs mĂ©thodes de dĂ©tection incluant celles sus-citĂ©es. Elle prĂ©sente lâavantage dâĂȘtre plus prĂ©cise pendant la dĂ©tection. Des outils tels que Snort et Zeek offrent des langages de bas niveau pour lâexpression de rĂšgles de reconnaissance dâattaques. Le nombre dâattaques potentielles Ă©tant trĂšs grand, ces bases de rĂšgles deviennent rapidement difficiles Ă gĂ©rer et Ă maintenir. De plus, lâexpression de rĂšgles avec Ă©tat dit stateful est particuliĂšrement ardue pour reconnaĂźtre une sĂ©quence dâĂ©vĂ©nements. Dans cette thĂšse, nous proposons une approche stateful basĂ©e sur les diagrammes dâĂ©tat-transition algĂ©briques (ASTDs) afin dâidentifier des attaques complexes. Les ASTDs permettent de reprĂ©senter de façon graphique et modulaire une spĂ©cification, ce qui facilite la maintenance et la comprĂ©hension des rĂšgles. Nous Ă©tendons la notation ASTD avec de nouvelles fonctionnalitĂ©s pour reprĂ©senter des attaques complexes. Ensuite, nous spĂ©cifions plusieurs attaques avec la notation Ă©tendue et exĂ©cutons les spĂ©cifications obtenues sur des flots dâĂ©vĂ©nements Ă lâaide dâun interprĂ©teur pour identifier des attaques. Nous Ă©valuons aussi les performances de lâinterprĂ©teur avec des outils industriels tels que Snort et Zeek. Puis, nous rĂ©alisons un compilateur afin de gĂ©nĂ©rer du code exĂ©cutable Ă partir dâune spĂ©cification ASTD, capable dâidentifier de façon efficiente les sĂ©quences dâĂ©vĂ©nements.Abstract : The cybersecurity ecosystem continuously evolves with the number, the diversity,
and the complexity of cyber attacks. Generally, we have three types of Intrusion
Detection System (IDS) : anomaly-based detection, signature-based detection, and
hybrid detection. Anomaly detection is based on the usual behavior description of
the system, typically in a static manner. It enables detecting known or unknown attacks
but also generating a large number of false positives. Signature based detection
enables detecting known attacks by defining rules that describe known attackerâs behavior.
It needs a good knowledge of attacker behavior. Hybrid detection relies on
several detection methods including the previous ones. It has the advantage of being
more precise during detection. Tools like Snort and Zeek offer low level languages to
represent rules for detecting attacks. The number of potential attacks being large,
these rule bases become quickly hard to manage and maintain. Moreover, the representation
of stateful rules to recognize a sequence of events is particularly arduous. In this thesis, we propose a stateful approach based on algebraic state-transition
diagrams (ASTDs) to identify complex attacks. ASTDs allow a graphical and modular
representation of a specification, that facilitates maintenance and understanding of
rules. We extend the ASTD notation with new features to represent complex attacks.
Next, we specify several attacks with the extended notation and run the resulting specifications
on event streams using an interpreter to identify attacks. We also evaluate
the performance of the interpreter with industrial tools such as Snort and Zeek. Then,
we build a compiler in order to generate executable code from an ASTD specification,
able to efficiently identify sequences of events
- âŠ