A survey on cyber security for smart grid communications

A smart grid is a new form of electricity network with high fidelity power-flow control, self-healing, and energy reliability and energy security using digital communications and control technology. To upgrade an existing power grid into a smart grid, it requires significant dependence on intelligent and secure communication infrastructures. It requires security frameworks for distributed communications, pervasive computing and sensing technologies in smart grid. However, as many of the communication technologies currently recommended to use by a smart grid is vulnerable in cyber security, it could lead to unreliable system operations, causing unnecessary expenditure, even consequential disaster to both utilities and consumers. In this paper, we summarize the cyber security requirements and the possible vulnerabilities in smart grid communications and survey the current solutions on cyber security for smart grid communications. © 2012 IEEE

An efficient privacy-preserving authentication scheme for energy internet-based vehicle-to-grid communication

The energy Internet (EI) represents a new electric grid infrastructure that uses computing and communication to transform legacy power grids into systems that support open innovation. EI provides bidirectional communication for analysis and improvement of energy usage between service providers and customers. To ensure a secure, reliable, and efficient operation, the EI should be protected from cyber attacks. Thus, secure and efficient key establishment is an important issue for this Internet-based smart grid environment. In this paper, we propose an efficient privacy-preserving authentication scheme for EI-based vehicle-to-grid communication using lightweight cryptographic primitives such as one-way non-collision hash functions. In our proposed scheme, a customer can securely access services provided by the service provider using a symmetric key established between them. Detailed security and performance analysis of our proposed scheme are presented to show that it is resilient against many security attacks, cost effective in computation and communication, and provides an efficient solution for the EI

Scenarios for the development of smart grids in the UK: synthesis report

‘Smart grid’ is a catch-all term for the smart options that could transform the ways society produces, delivers and consumes energy, and potentially the way we conceive of these services. Delivering energy more intelligently will be fundamental to decarbonising the UK electricity system at least possible cost, while maintaining security and reliability of supply. Smarter energy delivery is expected to allow the integration of more low carbon technologies and to be much more cost effective than traditional methods, as well as contributing to economic growth by opening up new business and innovation opportunities. Innovating new options for energy system management could lead to cost savings of up to £10bn, even if low carbon technologies do not emerge. This saving will be much higher if UK renewable energy targets are achieved. Building on extensive expert feedback and input, this report describes four smart grid scenarios which consider how the UK’s electricity system might develop to 2050. The scenarios outline how political decisions, as well as those made in regulation, finance, technology, consumer and social behaviour, market design or response, might affect the decisions of other actors and limit or allow the availability of future options. The project aims to explore the degree of uncertainty around the current direction of the electricity system and the complex interactions of a whole host of factors that may lead to any one of a wide range of outcomes. Our addition to this discussion will help decision makers to understand the implications of possible actions and better plan for the future, whilst recognising that it may take any one of a number of forms

Detection and prevention of Denial-of-Service in cloud-based smart grid

Smart Grid (SG), components with historical set of security challenges, becomes more vulnerable because Information and Communications Technology (ICT) has its own share of problems while Cloud infrastructure adds yet another unpredicted layer of threats. Scalability and availability, which are strong aspects of the cloud platform making it attractive to users, also attracts security threats for the same reasons. The malware installed on single host offers very limited scope compared to attack magnitude that compromised Cloud platform can offer. Therefore, the strongest aspect of Cloud itself becomes a nightmare in Cloud-Based SG. A breach in such a delicate system can cause severe consequences including interruption of electricity, equipment damage, data breach, complete blackouts, or even life-threatening consequences. We mimic Denial-of-Service (DoS) attacks to demonstrate interruption of electricity in SG with open-source solution to co-simulate power and communication systems

Security Information Sharing in Smart Grids: Persisting Security Audits to the Blockchain

This article belongs to the Special Issue Advanced Cybersecurity Services DesignWith the transformation in smart grids, power grid companies are becoming increasingly dependent on data networks. Data networks are used to transport information and commands for optimizing power grid operations: Planning, generation, transportation, and distribution. Performing periodic security audits is one of the required tasks for securing networks, and we proposed in a previous work autoauditor, a system to achieve automatic auditing. It was designed according to the specific requirements of power grid companies, such as scaling with the huge number of heterogeneous equipment in power grid companies. Though pentesting and security audits are required for continuous monitoring, collaboration is of utmost importance to fight cyber threats. In this paper we work on the accountability of audit results and explore how the list of audit result records can be included in a blockchain, since blockchains are by design resistant to data modification. Moreover, blockchains endowed with smart contracts functionality boost the automation of both digital evidence gathering, audit, and controlled information exchange. To our knowledge, no such system exists. We perform throughput evaluation to assess the feasibility of the system and show that the system is viable for adaptation to the inventory systems of electrical companies.This work has been supported by National R&D Projects TEC2017-84197-C4-1-R, TIN2017-84844-C2-1-R, by the Comunidad de Madrid project CYNAMON P2018/TCS-4566 and co-financed by European Structural Funds (ESF and FEDER), and by the Consejo Superior de Investigaciones Científicas (CSIC) under the project LINKA20216 ("Advancing in cybersecurity technologies", i-LINK+ program)

Enhancing Cyber-Resiliency of DER-based SmartGrid: A Survey

The rapid development of information and communications technology has enabled the use of digital-controlled and software-driven distributed energy resources (DERs) to improve the flexibility and efficiency of power supply, and support grid operations. However, this evolution also exposes geographically-dispersed DERs to cyber threats, including hardware and software vulnerabilities, communication issues, and personnel errors, etc. Therefore, enhancing the cyber-resiliency of DER-based smart grid - the ability to survive successful cyber intrusions - is becoming increasingly vital and has garnered significant attention from both industry and academia. In this survey, we aim to provide a systematical and comprehensive review regarding the cyber-resiliency enhancement (CRE) of DER-based smart grid. Firstly, an integrated threat modeling method is tailored for the hierarchical DER-based smart grid with special emphasis on vulnerability identification and impact analysis. Then, the defense-in-depth strategies encompassing prevention, detection, mitigation, and recovery are comprehensively surveyed, systematically classified, and rigorously compared. A CRE framework is subsequently proposed to incorporate the five key resiliency enablers. Finally, challenges and future directions are discussed in details. The overall aim of this survey is to demonstrate the development trend of CRE methods and motivate further efforts to improve the cyber-resiliency of DER-based smart grid.Comment: Submitted to IEEE Transactions on Smart Grid for Publication Consideratio

Toward unified security and privacy protection for smart meter networks

The management of security and privacy protection mechanisms is one fundamental issue of future smart grid and metering networks. Designing effective and economic measures is a non-trivial task due to a) the large number of system requirements and b) the uncertainty over how the system functionalities are going to be specified and evolve. The paper explores a unified approach for addressing security and privacy of smart metering systems. In the process, we present a unified framework that entails the analysis and synthesis of security solutions associated with closely interrelated components of a typical smart metering system. Ultimately, the proposed framework can be used as a guideline for embedding cross-domain security and privacy solutions into smart grid communication systems

Towards Cyber Security for Low-Carbon Transportation: Overview, Challenges and Future Directions

In recent years, low-carbon transportation has become an indispensable part as sustainable development strategies of various countries, and plays a very important responsibility in promoting low-carbon cities. However, the security of low-carbon transportation has been threatened from various ways. For example, denial of service attacks pose a great threat to the electric vehicles and vehicle-to-grid networks. To minimize these threats, several methods have been proposed to defense against them. Yet, these methods are only for certain types of scenarios or attacks. Therefore, this review addresses security aspect from holistic view, provides the overview, challenges and future directions of cyber security technologies in low-carbon transportation. Firstly, based on the concept and importance of low-carbon transportation, this review positions the low-carbon transportation services. Then, with the perspective of network architecture and communication mode, this review classifies its typical attack risks. The corresponding defense technologies and relevant security suggestions are further reviewed from perspective of data security, network management security and network application security. Finally, in view of the long term development of low-carbon transportation, future research directions have been concerned.Comment: 34 pages, 6 figures, accepted by journal Renewable and Sustainable Energy Review

Vulnerability and resilience of cyber-physical power systems: results from an empirical-based study

Power systems are undergoing a profound transformation towards cyber-physical systems. Disruptive changes due to energy system transition and the complexity of the interconnected systems expose the power system to new, unknown and unpredictable risks. To identify the critical points, a vulnerability assessment was conducted, involving experts from power as well as information and communication technologies (ICT) sectors. Weaknesses were identified e.g.,the lack of policy enforcement worsened by the unreadiness of involved actors. The complex dynamics of ICT makes it infeasible to keep a complete inventory of potential stressors to define appropriate preparation and prevention mechanisms. Therefore, we suggest applying a resilience management approach to increase the resilience of the system. It aims at a better ride through failures rather than building higher walls. We conclude that building resilience in cyber-physical power systems is feasible and helps in preparing for the unexpected

Mean-Field-Type Games in Engineering

A mean-field-type game is a game in which the instantaneous payoffs and/or the state dynamics functions involve not only the state and the action profile but also the joint distributions of state-action pairs. This article presents some engineering applications of mean-field-type games including road traffic networks, multi-level building evacuation, millimeter wave wireless communications, distributed power networks, virus spread over networks, virtual machine resource management in cloud networks, synchronization of oscillators, energy-efficient buildings, online meeting and mobile crowdsensing.Comment: 84 pages, 24 figures, 183 references. to appear in AIMS 201