The role of communication systems in smart grids: Architectures, technical solutions and research challenges

The purpose of this survey is to present a critical overview of smart grid concepts, with a special focus on the role that communication, networking and middleware technologies will have in the transformation of existing electric power systems into smart grids. First of all we elaborate on the key technological, economical and societal drivers for the development of smart grids. By adopting a data-centric perspective we present a conceptual model of communication systems for smart grids, and we identify functional components, technologies, network topologies and communication services that are needed to support smart grid communications. Then, we introduce the fundamental research challenges in this field including communication reliability and timeliness, QoS support, data management services, and autonomic behaviors. Finally, we discuss the main solutions proposed in the literature for each of them, and we identify possible future research directions

Handling of advanced persistent threats and complex incidents in healthcare, transportation and energy ICT infrastructures

In recent years, the use of information technologies in Critical Infrastructures is gradually increasing. Although this brings benefits, it also increases the possibility of security attacks. Despite the availability of various advanced incident handling techniques and tools, there is still no easy, structured, standardized and trusted way to manage and forecast interrelated cybersecurity incidents. This paper introduces CyberSANE, a novel dynamic and collaborative, warning and response system, which supports security officers and operators to recognize, identify, dynamically analyse, forecast, treat and respond to security threats and risks and and it guides them to handle effectively cyber incidents. The components of CyberSANE are described along with a description of the CyberSANE data flow. The main novelty of the CyberSANE system is the fact that it enables the combination of active incident handling approaches with reactive approaches to support incidents of compound, highly dependent Critical Information Infrastructures. The benefits and added value of using CyberSANE is described with the aid of a set of cyber-attack scenarios

Trust and Reputation for Critical Infrastructure Protection

Tese de doutoramento em Engenharia Informática, apresentada ao Departamento de Engenharia Informática da Faculdade de Ciências e Tecnologia da Universidade de CoimbraAtualmente a sociedade contemporânea tem ao seu dispor um sem numero de serviços que suportam toda a economia globalizada em que vivemos bem como o nosso modo de vida. Serviços como distribuição de energia, água, gás, redes de transportes, telecomunicações, a Internet, entre outros, são atualmente parte integrante da vida dos cidadãos e das empresas. Estes serviços estão de tal forma presentes nas nossas vidas que a sua relevância e o grau de dependência aos serviços, apenas é sentido aquando da sua indisponibilidade. Este tipo de serviço dos quais depende o nosso modo de vida, são fornecidos por infraestruturas críticas, assim referidas pois a sua falha ou quebra da qualidade do serviço prestado pode ter um grande impacto na sociedade ou economia de um País. Para além dos fenómenos da natureza e dos riscos inerentes à sua própria exploração, os riscos que estas infraestruturas correm têm vindo a aumentar ao atrair cada vez mais o interesse de grupos de hackers e terroristas, principalmente pela forte visibilidade e consequências que mesmo um pequeno ataque pode acarretar. De entre os problemas inerentes ao funcionamento das infraestruturas críticas destaca-se o fato da existência de dependências ou interdependências entre infraestruturas. Veja-se o exemplo do serviço de telecomunicações que está por natureza dependente do fornecimento de energia elétrica ou dos serviços bancários que estão dependentes de ambos. Mas não está atualmente o fornecimento de energia dependente dos serviços de telecomunicações e dos seus sistemas de informação? Destes exemplos torna-se visível que, para além da (inter)dependência que possa existir, é necessário analisar também os efeitos em cascata que podem surgir após a falha de uma infraestrutura. Com o objetivo de promover a segurança em infraestruturas críticas, vários governos, em conjunto com a comunidade científica, promovem esforços de investigação nesta área. Em particular, nas áreas da distribuição de energia e das telecomunicações. Ao nível da União Europeia, existe grande determinação para promover projetos nesta área, em particular, projetos que promovem a troca de informação entre infraestruturas, na forma de alertas de risco, prevenindo os Operadores das infraestruturas relativamente a um aumento de risco de perda ou quebra de qualidade do serviço fornecido. Esta troca permite que as infraestruturas possam aplicar atempadamente os seus planos de contingência ou recuperação, minimizando eventuais quebras de serviço e consequentemente reduzindo o indesejado efeito de falha em cascata. A motivação para o trabalho apresentado nesta tese, surgiu da identificação dos principais aspectos em aberto relativos à troca e gestão de alertas de risco entre infraestruturas críticas. Muitas das abordagens existentes relativas à segurança em infraestruturas críticas focam-se na obtenção de níveis de risco através do uso de modelos mais ou menos complexos das infraestruturas. Apesar de estes modelos permitirem uma base sólida para a monitorização do risco, não apresentam mecanismos para a sua troca, gestão e avaliação de qualidade. Este trabalho aborda o problema relacionado com a confiança, reputação e gestão de alertas de risco no seio das infraestruturas críticas. Nesse sentido é proposta a introdução de mecanismos que permitam gerir e aferir em cada instante, o grau de confiança atribuído a cada um dos alertas de risco recebidos ou calculados internamente, permitindo melhorar a sua precisão e consequentemente melhorar também a resiliência da infraestrutura critica quando confrontada com alertas de riscos imprecisos ou inconsistentes. Na tese é abordado o problema da segurança em infraestruturas críticas interdependentes e identificados os principais problemas inerentes à troca de informação de risco, em particular, a forma de efetuar a partilha de informação de uma forma segura, a gestão dessa mesma partilha e a avaliação da fiabilidade da informação envolvida na partilha. Propõe-se nesta tese, a aplicação de mecanismos de gestão baseados no paradigma de gestão por politicas para a gestão da partilha de alertas de risco entre infraestruturas críticas. Com o objetivo de melhorar a gestão da partilha e posterior interpretação dos alertas de risco, é proposta a introdução da análise de confiança e reputação na avaliação da fiabilidade da informação envolvida na partilha e na avaliação do comportamento das entidades envolvidas. As propostas apresentadas nesta tese são discutidas e aplicadas no âmbito do projeto Europeu MICIE (Tool for systemic risk analysis and secure mediation of data exchanged across linked CI information infrastructures), em particular, no que se refere à solução proposta para a gestão da partilha de alertas de risco, que em conjunto com os indicadores de confiança e reputação propostos, permitem melhorar a proteção de cada infraestrutura relativamente ao uso de informação menos confiável ou inconsistente. Apresenta-se também a adaptação dos conceitos propostos ao CI Security Model, um modelo de análise de risco em tempo real, no qual as falhas identificadas são atenuadas com a introdução da análise de confiança e reputação proposta nesta tese. Os resultados da avaliação das propostas apresentadas são discutidos com base em cenários de simulação bem como através de dados reais de uma infraestrutura crítica. Os resultados obtidos indicam que as propostas apresentadas satisfazem os objectivos definidos, nomeadamente, ao contribuir para o aumento da confiança que uma infraestrutura crítica tem relativamente à informação recebida em tempo real acerca dos serviços dos quais depende, ao permitir uma melhor gestão dessa mesma informação e também ao contribuir para o aumento da fiabilidade dos resultados provenientes dos modelos de risco em uso na infraestrutura.Currently, our society has at its disposal an uncountable number of services able to support the global economy and also our current way of life. Services such as power distribution, water, gas, transport networks, telecommunications, the Internet, among others, are now an integral part of the citizens' lives and businesses. These services play such a big role in our lives that their importance is only appreciated when they are unavailable. These types of services, that our lives so heavily depend on, are provided by Critical Infrastructures. They are referred to as ``Critical" due to the fact that in case of failure or breakdown in providing quality of service, the impact on society and the economy of a country can be enormous. Beyond the phenomena of nature and risks inherent to the infrastructure operation, the risks faced by these infrastructures have continuously increasing, by attracting interest from groups of hackers and terrorist groups. Primarily due to the strong visibility and consequences that may result even from a small successful attack. Among the problems inherent to the operation of Critical Infrastructures, it is possible to emphasise the existence of dependencies and interdependencies among infrastructures. For example, a telecommunications service is inherently dependent on the electricity supply or, for instance, banking services are dependent on both telecommunications and energy supply services. However, is it not the service that provides power supply actually dependent on telecommunications services and also on information systems? Based on these examples it becomes apparent that in addition to the (inter)dependence that may exist, it is also necessary to examine the cascading effects that may arise after the failure of a Critical Infrastructure. Critical Infrastructures security has been the subject of discussion by numerous governments with the support of the academia by promoting research efforts in these areas, in particular in areas such as power distribution and telecommunications. Furthermore, within the European Union, there is determination to promote projects in these areas, in particular the promotion of projects that foster the exchange of information, in the form of warnings, among infrastructures. These warnings allow the Critical Infrastructure to be informed and aware of the increasing risk of loss or reduction in quality of the service received. This exchange allows the infrastructure to timely implement their contingency and recovery plans to minimise any service breaks and consequently minimise the unwanted effect of a cascading failure. The motivation for the work presented in this thesis arose from the identification of the main open issues relating to the exchange and management of risk warnings among Critical Infrastructures. Many of the existing approaches to security in Critical Infrastructures are focused on obtaining risk levels through the use of models based on the infrastructure. Although these models allow a solid foundation for risk monitoring, they do not have mechanisms for exchange, management and assessment of its quality. This work addresses the problem related to trust, reputation and risk alerts management within Critical Infrastructures. Accordingly, it is proposed to introduce mechanisms to manage and measure at each instant, the degree of confidence assigned to each of the alerts received or computed internally. Allowing improvement of their accuracy and consequently improving the resilience of Critical Infrastructures when faced with inaccurate or inconsistent risk alerts. This thesis addresses the problem of interdependent Critical Infrastructure security and identifies the main problems related to risk information sharing. In particular, how to allow information sharing in a secure manner, the management of that sharing and how to assess the reliability of such information. This thesis proposes the application of Policy Based Management mechanisms for the management of the risk alert information shared among Critical Infrastructures. In order to improve the information sharing management and the further interpretation of the risk alerts, it is proposed to evaluate Trust and Reputation in order to assess the shared information and also to consider the behaviour of the entities involved. The proposals presented in this thesis are discussed and applied in the context of the European Project MICIE ({Tool for systemic risk analysis and secure mediation of data exchanged across linked CI information infrastructures). In particular with regard to the proposed solution for the management of shared risk alerts, which uses the Policy Based Management paradigm. By incorporating the proposed Trust and Reputation indicators it allows to improve the Critical Infrastructure protection considering the use of untrustworthy or inconsistent information. It is also proposed the adaptation of the presented concepts to the CI Security Model, a model for real time risk analysis evaluation, in which the identified shortcomings are addressed with the integration of the Trust and Reputation approach proposed in this thesis. The results of the proposals evaluation are discussed based on simulation scenarios as well as through real data of a Critical Infrastructure. The achieved results indicate that the proposed mechanisms meet the objectives such as, by contributing to the increase in confidence that a Critical Infrastructure has on the information received about the services on which it depends. To allow improvement in management of such information as well as contribution to increased reliability of results obtained from the risk models applied to the infrastructure.FCT - (SFRH BD/35772/2007

GAIC: Um sistema inteligente e flexível para simulação e apoio à participação de pequenos e médios consumidores na gestão ativa de cargas no âmbito de smart grids

A liberalização dos mercados de energia e a utilização intensiva de produção distribuída tem vindo a provocar uma alteração no paradigma de operação das redes de distribuição de energia elétrica. A continuidade da fiabilidade das redes de distribuição no contexto destes novos paradigmas requer alterações estruturais e funcionais. O conceito de Smart Grid vem permitir a adaptação das redes de distribuição ao novo contexto. Numa Smart Grid os pequenos e médios consumidores são chamados ao plano ativo das participações. Este processo é conseguido através da aplicação de programas de demand response e da existência de players agregadores. O uso de programas de demand response para alcançar benefícios para a rede encontra-se atualmente a ser estudado no meio científico. Porém, existe a necessidade de estudos que procurem benefícios para os pequenos e médios consumidores. O alcance dos benefícios para os pequenos e médios consumidores não é apenas vantajoso para o consumidor, como também o é para a rede elétrica de distribuição. A participação, dos pequenos e médios consumidores, em programas de demand response acontece significativamente através da redução de consumos energéticos. De modo a evitar os impactos negativos que podem provir dessas reduções, o trabalho aqui proposto faz uso de otimizações que recorrem a técnicas de aprendizagem através da utilização redes neuronais artificiais. Para poder efetuar um melhor enquadramento do trabalho com as Smart Grids, será desenvolvido um sistema multiagente capaz de simular os principais players de uma Smart Grid. O foco deste sistema multiagente será o agente responsável pela simulação do pequeno e médio consumidor. Este agente terá não só que replicar um pequeno e médio consumidor, como terá ainda que possibilitar a integração de cargas reais e virtuais. Como meio de interação com o pequeno e médio consumidor, foi desenvolvida no âmbito desta dissertação um sistema móvel. No final do trabalho obteve-se um sistema multiagente capaz de simular uma Smart Grid e a execução de programas de demand response, sSendo o agente representante do pequeno e médio consumidor capaz de tomar ações e reações de modo a poder responder autonomamente aos programas de demand response lançados na rede. O desenvolvimento do sistema permite: o estudo e análise da integração dos pequenos e médios consumidores nas Smart Grids por meio de programas de demand response; a comparação entre múltiplos algoritmos de otimização; e a integração de métodos de aprendizagem. De modo a demonstrar e viabilizar as capacidades de todo o sistema, a dissertação inclui casos de estudo para as várias vertentes que podem ser exploradas com o sistema desenvolvido.The liberalization of electricity markets and the intensive use of distributed generation have been changing the paradigm of the electrical distribution networks operation. The continuity of distribution networks reliability in the context of these new paradigms requires structural and functional changes. The smart grid context allows the adaptation of the distributed generation to this new context. In a smart grid, small and medium consumers have to participate. This process is accomplished by the application of demand response programs and by aggregated players. The use of demand response programs to achieve benefits for the network is currently being studied in the scientific field. However, studies that seek for benefits for small and medium consumers are necessary. Reaching the benefits for small and medium consumers is not only advantageous for the consumer, but also for the electrical distribution network. The participation of small and medium consumers in demand response programs takes place mostly by reducing the energy consumption. In order to avoid negative impacts that may arise from these reductions, the work proposed makes use of optimizations that use learning through the artificial neural networks. For a better explaining the work with Smart Grids, a multiagent system capable of simulating the main players of a Smart Grid will be developed. The aim of this multiagent system will be the agent responsible for the simulation of the small and medium consumers. This agent must replicate the small and medium consumer, as well as enable the integration of real and virtual loads. As a means of interaction with the small and medium consumer, a mobile system has been developed in the scope of this dissertation. At the end of this work, it was obtained a multiagent system capable of simulating a smart grid, and the implementation of demand response programs. In this way, the agent responsible for the small and medium consumers capable of taking action and reactions in order to respond autonomously to the demand response programs of the network. The development of the system allows: the study and analysis of the integration of small and medium consumers in smart grids through demand response programs; comparing multiple optimization algorithms; and the integration of learning methods. For demonstrating and facilitating the capabilities of the whole system, the dissertation comprises case studies for the several ways that can be explored with the developed system

Telecommunication Economics

This book constitutes a collaborative and selected documentation of the scientific outcome of the European COST Action IS0605 Econ@Tel "A Telecommunications Economics COST Network" which run from October 2007 to October 2011. Involving experts from around 20 European countries, the goal of Econ@Tel was to develop a strategic research and training network among key people and organizations in order to enhance Europe's competence in the field of telecommunications economics. Reflecting the organization of the COST Action IS0605 Econ@Tel in working groups the following four major research areas are addressed: - evolution and regulation of communication ecosystems; - social and policy implications of communication technologies; - economics and governance of future networks; - future networks management architectures and mechanisms

A distributed middleware for IT/OT convergence in modern industrial environments

The modern industrial environment is populated by a myriad of intelligent devices that collaborate for the accomplishment of the numerous business processes in place at the production sites. The close collaboration between humans and work machines poses new interesting challenges that industry must overcome in order to implement the new digital policies demanded by the industrial transition. The Industry 5.0 movement is a companion revolution of the previous Industry 4.0, and it relies on three characteristics that any industrial sector should have and pursue: human centrality, resilience, and sustainability. The application of the fifth industrial revolution cannot be completed without moving from the implementation of Industry 4.0-enabled platforms. The common feature found in the development of this kind of platform is the need to integrate the Information and Operational layers. Our thesis work focuses on the implementation of a platform addressing all the digitization features foreseen by the fourth industrial revolution, making the IT/OT convergence inside production plants an improvement and not a risk. Furthermore, we added modular features to our platform enabling the Industry 5.0 vision. We favored the human centrality using the mobile crowdsensing techniques and the reliability and sustainability using pluggable cloud computing services, combined with data coming from the crowd support. We achieved important and encouraging results in all the domains in which we conducted our experiments. Our IT/OT convergence-enabled platform exhibits the right performance needed to satisfy the strict requirements of production sites. The multi-layer capability of the framework enables the exploitation of data not strictly coming from work machines, allowing a more strict interaction between the company, its employees, and customers

Telecommunication Economics

This book constitutes a collaborative and selected documentation of the scientific outcome of the European COST Action IS0605 Econ@Tel "A Telecommunications Economics COST Network" which run from October 2007 to October 2011. Involving experts from around 20 European countries, the goal of Econ@Tel was to develop a strategic research and training network among key people and organizations in order to enhance Europe's competence in the field of telecommunications economics. Reflecting the organization of the COST Action IS0605 Econ@Tel in working groups the following four major research areas are addressed: - evolution and regulation of communication ecosystems; - social and policy implications of communication technologies; - economics and governance of future networks; - future networks management architectures and mechanisms

Architecture, Services and Protocols for CRUTIAL

This document describes the complete specification of the architecture, services and protocols of the project CRUTIAL. The CRUTIAL Architecture intends to reply to a grand challenge of computer science and control engineering: how to achieve resilience of critical information infrastructures (CII), in particular in the electrical sector. In general lines, the document starts by presenting the main architectural options and components of the architecture, with a special emphasis on a protection device called the CRUTIAL Information Switch (CIS). Given the various criticality levels of the equipments that have to be protected, and the cost of using a replicated device, we define a hierarchy of CIS designs incrementally more resilient. The different CIS designs offer various trade offs in terms of capabilities to prevent and tolerate intrusions, both in the device itself and in the information infrastructure. The Middleware Services, APIs and Protocols chapter describes our approach to intrusion tolerant middleware. The CRUTIAL middleware comprises several building blocks that are organized on a set of layers. The Multipoint Network layer is the lowest layer of the middleware, and features an abstraction of basic communication services, such as provided by standard protocols, like IP, IPsec, UDP, TCP and SSL/TLS. The Communication Support layer features three important building blocks: the Randomized Intrusion-Tolerant Services (RITAS), the CIS Communication service and the Fosel service for mitigating DoS attacks. The Activity Support layer comprises the CIS Protection service, and the Access Control and Authorization service. The Access Control and Authorization service is implemented through PolyOrBAC, which defines the rules for information exchange and collaboration between sub-modules of the architecture, corresponding in fact to different facilities of the CII’s organizations. The Monitoring and Failure Detection layer contains a definition of the services devoted to monitoring and failure detection activities. The Runtime Support Services, APIs, and Protocols chapter features as a main component the Proactive-Reactive Recovery service, whose aim is to guarantee perpetual correct execution of any components it protects.Project co-funded by the European Commission within the Sixth Frame-work Programme (2002-2006