SEABASS: Symmetric-keychain Encryption and Authentication for Building Automation Systems

There is an increasing security risk in Building Automation Systems (BAS) in that its communication is unprotected, resulting in the adversary having the capability to inject spurious commands to the actuators to alter the behaviour of BAS. The communication between the Human-Machine-Interface (HMI) and the controller (PLC) is vulnerable as there is no secret key being used to protect the authenticity, confidentiality and integrity of the sensor data and commands. We propose SEABASS, a lightweight key management scheme to distribute and manage session keys between HMI and PLCs, providing a secure communication channel between any two communicating devices in BAS through a symmetric-key based hash-chain encryption and authentication of message exchange. Our scheme facilitates automatic renewal of session keys periodically based on the use of a reversed hash-chain. A prototype was implemented using the BACnet/IP communication protocol and the preliminary results show that the symmetric keychain approach is lightweight and incurs low latency

A review on various Smart Grid Technologies used in Power System

Electrical infrastructure is expanding day by day due to which smart grid gives better vision for electrical reliability. Various parameters like quality and quantity of power transmitted should be available with the electricity board which can be achieved using smart sensing, metering and communication technologies. If all the above requirements are met in power system then it is called smart grid (SG). SG also helps consumers to manage the load patters and also to manage their expenses. The main component of SG is the communication technology to share data between consumers and grid since grid operators requires real time data to schedule their supply. The Wireless Sensor Network (WSN) uses Aggregation Protocol with Error Detection (APED) to improve the security of data. The SG with SCADA is facilitated by data acquisitions which includes the meter reading, system conditions, etc. that are monitored and transmitted at regular intervals in real time. This paper reviews the modern technologies used in smart grid communication based on IEEE 802.15.4 standard to the SG and how it is modified to ensure effective, efficient and economical and secured communication of the huge real time data from the smart meters

Modelling the IEC 61850 and DNP3 Protocol Using OPNET in an Electrical Substation Communication Network

Communication protocols are a composite of supervisory control and data acquisition (SCADA) and they are used by the devices connected on the SCADA network. In this paper the distributed network protocol (DNP3) and International Electrotechnical Commission IEC 61850 communication protocols were modelled in OPNET. The simulation of DNP3 and IEC 61850 communication protocol is done in different scenarios and the traffic behavior is analyzed. The DNP3 protocol is modelled as the medium protocol of communication during the maintenance of a 400kV Transformer at an Electrical Substation. Its network traffic behavior is then analyzed for this operation. The IEC 61850 protocol is then used as a medium of communication in the same Electrical Substation communication network (SCN) when a faulty backbone switch is present. In this scenario the network traffic behavior is again analyzed. The DNP3 simulation during the maintenance of the 400 kV Transformer shows that the model is working since the throughput is consistent without dropped packets at the Substation RTU end and the 400kV Transformer IED end. The IEC 61850 simulation when a faulty backbone switch is present shows that the model is working in this scenario since the throughput is again consistent. When the IEC 61850 protocol is modelled on the SCN, the time delay is 80 μs during normal operation and with a faulty switch the delay is 100 μs for this protocol. This shows that for the IEC 61850 model the time delay increases when there is a faulty backbone switch but not exceedingly since there is a backup switch in the structure. In the DNP3 model during the maintenance of the 400kV Transformer the time delay is approximately 160 μs. The IEC 61850 protocol performs approximately twice as fast as the DNP3 protocol during normal operation in an SCN.University of South AfricaElectrical and Mining Engineerin

Implementation of Secure DNP3 Architecture of SCADA System for Smart Grids

With the recent advances in the power grid system connecting to the internet, data sharing, and networking enables space for hackers to maliciously attack them based on their vulnerabilities. Vital stations in the smart grid are the generation, transmission, distribution, and customer substations are connected and controlled remotely by the network. Every substation is controlled by a Supervisory Control and Data Acquisition (SCADA) system which communicates on DNP3 protocol on Internet/IP which has many security vulnerabilities. This research will focus on Distributed Network Protocol (DNP3) communication which is used in the smart grid to communicate between the controller devices. We present the DNP3 SAv5 and design a secure architecture with Public Key Infrastructure (PKI) on Asymmetric key encryption using a Certificate Authority (CA). The testbed provides a design architecture between customer and distribution substation and illustrates the verification of the public certificate. We have added a layer of security by giving a password to a private key file to avoid physical tampering of the devices at the customer substations. The simulation results show that the secure communication on the TLS layer provides confidentiality, integrity, and availability

Layer 2 Ethernet Communication Tunneling Possibilities in Automation Systems

Future trends in energy generation are renewable energy sources and distributed energy generation. In control systems, these changes require higher automatization, more intelligent devices and secure and reliable communication. Another requirement is faster communication. Building a system that is able to fulfill real-time communication requirements over network layer is a hindrance to automation systems. There are multiple protocols that can manage the requirements, but many of them have limitations and requirements of their own. The limitations can be related to packet sizes, used devices or they may require a license. Tunneling protocols can bring a more general solution for the real-time problem. Tunneling Ethernet communication over network layer and letting the tunneling protocol to handle the network layer packaging instead of the communication protocol removes the need of a layer 3 protocol. Layer 2 tunneling provides a direct connection between separate local area networks. It enables a way for devices to communicate with each other over network layer using layer 2 communication protocols. Tunnel uses a pre-configured route to the destination gateway device making the routing of messages simpler and faster than with traditional IP routing. Layer 2 tunneling can be used in any communication system that utilizes layer 2 and layer 3 communication. This thesis focuses on use of tunneling in automation systems. The purpose of this thesis is to provide information and possible solutions for layer 2 Ethernet tunneling. The main focus is in suitable tunneling protocols and communication protocols, but also security and resilience solutions are studied. This thesis is composed of published studies, researches, articles and books that address the topic

Secure Authentication in the Grid: A Formal Analysis of DNP3 SAv5

Most of the world's power grids are controlled remotely. Their control messages are sent over potentially insecure channels, driving the need for an authentication mechanism. The main communication mechanism for power grids and other utilities is defined by an IEEE standard, referred to as DNP3; this includes the Secure Authentication v5 (SAv5) protocol, which aims to ensure that messages are authenticated. We provide the first security analysis of the complete DNP3: SAv5 protocol. Previous work has considered the message-passing sub-protocol of SAv5 in isolation, and considered some aspects of the intended security properties. In contrast, we formally model and analyse the complex composition of the protocol's sub-protocols. In doing so, we consider the full state machine, the protocol's asymmetric mode, and the possibility of cross-protocol attacks. Furthermore, we model fine-grained security properties that closely match the standard's intended security properties. For our analysis, we leverage the Tamarin prover for the symbolic analysis of security protocols. Our analysis shows that the core DNP3: SAv5 design meets its intended security properties. Notably, we show that a previously reported attack does not apply to the standard. However, our analysis also leads to several concrete recommendations for improving future versions of the standard

Data-driven cyber attack detection and mitigation for decentralized wide-area protection and control in smart grids

Modern power systems have already evolved into complicated cyber physical systems (CPS), often referred to as smart grids, due to the continuous expansion of the electrical infrastructure, the augmentation of the number of heterogeneous system components and players, and the consequential application of a diversity of information and telecommunication technologies to facilitate the Wide Area Monitoring, Protection and Control (WAMPAC) of the day-to-day power system operation. Because of the reliance on cyber technologies, WAMPAC, among other critical functions, is prone to various malicious cyber attacks. Successful cyber attacks, especially those sabotage the operation of Bulk Electric System (BES), can cause great financial losses and social panics. Application of conventional IT security solutions is indispensable, but it often turns out to be insufficient to mitigate sophisticated attacks that deploy zero-day vulnerabilities or social engineering tactics. To further improve the resilience of the operation of smart grids when facing cyber attacks, it is desirable to make the WAMPAC functions per se capable of detecting various anomalies automatically, carrying out adaptive activity adjustments in time and thus staying unimpaired even under attack. Most of the existing research efforts attempt to achieve this by adding novel functional modules, such as model-based anomaly detectors, to the legacy centralized WAMPAC functions. In contrast, this dissertation investigates the application of data-driven algorithms in cyber attack detection and mitigation within a decentralized architecture aiming at improving the situational awareness and self-adaptiveness of WAMPAC. First part of the research focuses on the decentralization of System Integrity Protection Scheme (SIPS) with Multi-Agent System (MAS), within which the data-driven anomaly detection and optimal adaptive load shedding are further explored. An algorithm named as Support Vector Machine embedded Layered Decision Tree (SVMLDT) is proposed for the anomaly detection, which provides satisfactory detection accuracy as well as decision-making interpretability. The adaptive load shedding is carried out by every agent individually with dynamic programming. The load shedding relies on the load profile propagation among peer agents and the attack adaptiveness is accomplished by maintaining the historical mean of load shedding proportion. Load shedding only takes place after the consensus pertaining to the anomaly detection is achieved among all interconnected agents and it serves the purpose of mitigating certain cyber attacks. The attack resilience of the decentralized SIPS is evaluated using IEEE 39 bus model. It is shown that, unlike the traditional centralized SIPS, the proposed solution is able to carry out the remedial actions under most Denial of Service (DoS) attacks. The second part investigates the clustering based anomalous behavior detection and peer-assisted mitigation for power system generation control. To reduce the dimensionality of the data, three metrics are designed to interpret the behavior conformity of generator within the same balancing area. Semi-supervised K-means clustering and a density sensitive clustering algorithm based on Hieararchical DBSCAN (HDBSCAN) are both applied in clustering in the 3D feature space. Aiming to mitigate the cyber attacks targeting the generation control commands, a peer-assisted strategy is proposed. When the control commands from control center is detected as anomalous, i.e. either missing or the payload of which have been manipulated, the generating unit utilizes the peer data to infer and estimate a new generation adjustment value as replacement. Linear regression is utilized to obtain the relation of control values received by different generating units, Moving Target Defense (MTD) is adopted during the peer selection and 1-dimensional clustering is performed with the inferred control values, which are followed by the final control value estimation. The mitigation strategy proposed requires that generating units can communicate with each other in a peer-to-peer manner. Evaluation results suggest the efficacy of the proposed solution in counteracting data availability and data integrity attacks targeting the generation controls. However, the strategy stays effective only if less than half of the generating units are compromised and it is not able to mitigate cyber attacks targeting the measurements involved in the generation control