Smart grid cyber security requirements

Smart Grid Cyber Security Requirements Emiliano Pallotti Federica Mangiatordi Fondazione Ugo Bordoni Rome, Italy epallotti@fub.it Fondazione Ugo Bordoni Rome, Italy fmangiatordi@fub.it Abstract—The transformation of the traditional power grid into a network of intelligent energy distribution able to meet the growing needs of efficiency and environmental impact involves, not only a historical and technical development, but also a profound transformation of the entire existing infrastructure. Given the undeniable benefits introduced, the new smart energy network vulnerabilities are found both in the communication system and power distribution. This paper aims to explore requirements for the smart grid security issues. Keywords-Smart Grid; Security Standards; Electrical power grid; Cyber Security; I. INTRODUCTION In recent years, the electricity grid is undergoing a profound transformation whose primary purpose is to increase energy efficiency, reliability and sustainability. The driving factors of this renewal are the growing electricity demand by civil society and economies and the need to mitigate climate change by reducing greenhouse gas emissions. The gradual depletion of fossil fuels and their rising costs are pushing new technologies for energy production based on renewable resources. The introduction of these new forms of generation in existing distribution networks and transmission raises new challenges in the local monitoring and control. New forms of generation have much smaller electricity outputs than traditional type and also exhibit greater intermittency. Distributed generators cause reversal of power flows and variation of local grid voltages and other technical parameters necessary for secure operation so new active power balancing will be implemented. Numerous research paper analyze the reliability impact of distributed generation [17-21] since the electricity grid traditionally was not designed to accommodate active power generation and storage at the distribution level. These issues requires the improvement of accountability and responsiveness of resources highly distributed within electric power system through realization of wide-area measurement and control networks for efficient energy management and automatic adaptive reconfiguration of the power infrastructures in case of threats or disturbances. An effective approach is suggested by microgrids and remote mini-grid architectures [26-29] which enable the electricity consumers to have some degree of energy independence, provide customized power quality level and open the bulk power system to small distributed energy resources and storage devices. This work is supported by Electronics Dpt. of the University Roma TRE where the authors are PhD students at the doctoral school EDEMON Microgrids are defined as low voltage networks consisting of interconnected controllable loads (e.g. water heaters, air conditioning) and distributed generation units (e.g. photovoltaic cells, wind turbines, fuel cells, geothermal plants), which are normally connected to bulk electric grid. When the micro-grid is in connected mode, loads receive power both from the bulk power grid and local micro-sources. During disturbances, the generation and corresponding loads can separate from the main distribution system to isolate the microgrid’s loads from the disturbance protecting consumers from power outages. Micro-grids are automatically and smoothly reconnected to distribution network after faults are cleared. To ensure distributed control with decision making done locally with each power source and load, several papers discuss the implementation of a multi-agent technology in microgrids. In this context each component in the microgrid can be represented as an autonomous agent, which must be able to respond effectively to system changes [30-33]. Reliability a sustainability of the electricity grid can also be improved through customer’s involvement in decisions about his energy consumption, adjusting both the timing and quantity of his electricity use. This capability, called demand side management, includes load shifting and energy conservation. Shifting customer load during periods of high demand to offpeak periods flattens the load curve, saving the building of additional generation capacity and minimizing climate impact. Demand management can be treated as a form of indirect generation. Smart metering, with two-way communications capability allow utilities to collect and analyze usage information at narrow interval rather than relying on manual monthly reading. This data can be used by utilities to verify impact of new planning strategies or build targeted programs to appeal to specific segments of customers [34-36]. Several security and privacy issue arise in deploying the smart grid. In fact customers share more information about how they use energy exposing them to privacy invasion. Moreover customer grids are connected over a vast network of computerized infrastructure that can be used to move largescale attack on the electrical infrastructure. II. FROM GRID TO SMART-GRID The electric power grid is world’s largest and oldest interconnected machine. In Europe and North America is the most capital-intensive infrastructure. To achieve the desired goals of reliable, efficient, and clean energy distribution, smart grids employ a combination of different technologies [1]: • The more interconnections exists the opportunities for system compromising exist • Two-way communication framework • • Advanced control systems The growing of smart nodes involves larger number of entry points for DOS • Advanced hardware components • Many Network link can increase potential cascading failure. • Smart sensing technologies • New technologies can introduce new issue. • IT applications more With the convergence of the smart grid between power network and IT infrastructure smart grid have to consider the typical vulnerability in an IT contest with additional vulnerabilities due to a more complex interaction, different operational requirements. III. THE REFERENCE MODEL The principle of least privilege requires that a user be given no more privileges than necessary to perform his/her job function. Confidentiality, Integrity, and Availability (CIA) are the core principles of information security [2]. Figura 1 - Smart Grid Domains Electrical and Communication Flows This system is undergoing tremendous change shifting from few end points with little intelligence to many end points with large amounts of intelligence. The goal is the achievement of more Availability – Integrity and confidentiality of the network [41,42]. Bidirectional communication and advanced control systems can fix blackouts remotely saving time and cost. Thus, the penetration of smart end points into the power network will raise new security issues and they may become portals for intrusions and malicious attacks [43-44]. Security issues involve not only human factor but also natural calamities and material failure. A secure and reliable operation of the power network is fundamental to economies and quality of life, and the growing complexity makes the grid vulnerable to regional and global disruptions [45]. The increasing use of smart endpoints raise important security hole in systems where, for an historical fact, security provisions isn’t a design criteria. Utility communication infrastructure will be transformed from a star network with centralized command and control to a dynamic peer-to-peer communication network: the communication infrastructure component of a smart grid is critical. A new scenario lies ahead, the convergence of the communication infrastructure with the electric power introduces new security and privacy challenges. In fact, the more heavily power system rely on computer communication the more dependent on system security becomes. A. Availability Availability is the response to the question why smart grid. Losses of reliability have impacts on all actors involved, this includes: customer, utilities and government. Security have to preventing out-of-service (DoS) due at human factor, redundancy can mitigate environmental threats. Security had to prevent peripheral attacks through specific DoS toward smart meter terminal equipment (non-professional hacking through script kiddie). The attack at the utility companies interest the availability of the power to their location and it will certainly be malicious and for extortion. B. Confidentiality It’s about protection of the information about unauthorized disclosure. It’s customer side requirement. They are concentrated at the utility companies and it’s an important target for the hackers. It’s a collection of all data about customer, personal information, consumption data and confidential billing data. This data are not only available on the smart grid but in a Web Application too (customer self monitor and configuration). Data collected can reveal lot of information about costumer’s activities (Figure 2) [38-39]. It’s a typical IT security problem like SQL injection. Here some potential risk: • Greater complexity increases accidental errors and potential attackers Figure 2 - Device Load C. Integrity From the side of the utility companies an authorized access to confidential data will manifest a service theft and fraud. Element involved are smart meter. Hacking this smart end point is for manipulating the net data metering. The aim is to steal service through modification of the reporting data to the company or fraud reporting wrong generated electricity data for collecting money. IV. PRACTICE TO SECURE SMART GRID The utility companies have to consider if they have still a security program to upgrade after a gap analysis or have no security program yet so an exhaustive adaptation of the frameworks is needed. An important certified security program is the ISO/IEC 27000 series [14-16], which is set of 6 standard of best practice for information security suitable for every organization. An other important but not certified security program is the Information Security Forum ISF [22] a non profit organization that distribute free of charge the Information Security Forum’s standard of Good Practice 1 2 3 4 5 6 7 8 9 10 11 12 Section Risk assessment Security policy Organization of information security Asset management Human resources security Physical and environment security Communications and operations management Access control Information systems acquisition, development, and maintenance Information security incident management Business continuity management Compliance A code of technical practice for helping companies in in information security can be briefed in 12 sections [37]. 1) Threat modelling II architects and consultant attempt to identify the potential attack vectors investigating Use case vs Abuse case. 2) Segmentation For minimize the impact of attacks, the utility companies have to use segmentation. For example if data traffics would be limited in a geographical location through a stateful firewall, an attack would be contained in that location only. 3) Firewall rules A typical implementation in an IT environment is a deny all firewall rules with proxy server and continent filtering. on smart grid environments and perimeters area they will be able to better understand the weaknesses of the infrastructure. 6) Encryption Adopting encryption on transport layer, data archive and control network can safeguard sensitive information from compromises. 7) Vulnerability management It’s a control center in the company for ensure that the security policies are effective and constantly upgraded. 8) Penetration testing Exploiting, periodically, the weakness issue found in a vulnerability scanner test. 9) Source code review It’ s an important software quality development requirement especially oriented through code vulnerabilities and fixing patch. 10) Configuration hardening Smart Elements on the grid have to be tested with vulnerability scanner and hardened before enter in production. CIS standard con be used for benchmarking [25]. 11) Strong Authentication The companies have to adopt at least 2 authentications method between (password - hardware key – biometric id) 12) Logging and monitoring Logging and Monitoring provide information for identify attacks or reconstruct events in case of natural calamities. Interesting researches are still in progress in signal processing analysis, mixing typical data-mining technique with Multiresolution analysis of wavelet transform. Analyzing and mine the data security log can detect a larger numbers of attacks on different time scale. [23] V. CONCLUSION Smart grid technologies provide great benefits to the utility companies and customers. However, the highly connected nature of smart grid allows hackers and attackers to identify and exploit vulnerabilities of the power grid, moving attacks from many different locations. The utility company needs to implement new security policies and procedures for customer authentication and data encryption. Wavelet techniques could be a valuable method for compression and encryption of customer's data and for identification of fraud in the electrical power distribution. REFERENCES [1] 4) Signing Software on smart grid device has to implement signing. It does validate the integrity of the code to be executed. [2] 5) Honeypots Used as trap attackers a honeypot can identified an attack alerting the organization in time for countermeasures. Placed [3] Fangxing Li, Wei Qiao, Hongbin Sun, Hui Wan, Member, Jianhui Wang, Yan Xia, Zhao Xu, Pei Zhang, “Smart Transmission Grid: Vision and Framework” IEEE Transaction on Smart Grid, vol. 1, NO. 2, September 2010. NIST (National Institute of Standards and Technology). 2010. Smart Grid Cyber Security Strategy and Require- ments, The Smart Grid Interoperability Panel–Cyber Security Working Group, NISTIR 7628, August 2010. European SmartGrids Technology Platform, European Commission, 2006[Online].Available:http://ec.europa.eu/research/energy/pdf/smartgri ds_en.pdf. [4] [5] [6] [7] [8] [9] [10] [11] [12] [13] [14] [15] [16] [17] [18] [19] [20] [21] [22] [23] [24] L. H. Tsoukalas and R. Gao, “From smart grids to an energy internet: Assumptions, architectures and requirements,” in Proc. 3rd Int. Conf. Electr. Utility Deregulation Restructuring Power Technol., Apr. 6–9, 2008, pp. 94–98. R.Krebs, B.M.Buchholz, Z.A.Styczynski, K.Rudion, C.Heyde, and Y. Sassnick, “Vision 2020—Security of the network operation today and in the future. German experiences,” in Proc. IEEE PES Gen. Meet. 2008, pp. 1–6. H. Khurana et al., “Design Principles for Power Grid Cyberinfrastructure Authentication Protocols,” to be published in Proc. 43rd Ann. Hawaii Int’l Conf. System Sciences (HICSS 10), IEEE Press, 2010. R. Bobba et al., “PBES: A Policy Based Encryption System with Application to Data Sharing in the Power Grid,” Proc. 4th Int’l Symp. Information, Computer, and Com- munications Security (ASIACCS 09), ACM Press, 2009, pp. 262–275. Sebastian Rohjans, Mathias Uslar, Robert Bleiker, Jose ́ Gonza ́lez, Michael Specht, Thomas Suding and Tobias Weidelt, “Survey of Smart Grid Standardization Studies and Recommendations” Smart Grid Communications (SmartGridComm), 2010, pp 358-588 Hassan, R.; Radman, G, “Survey on Smart Grid”, IEEE SoutheastCon 2010 (SoutheastCon), pp 201-213 Hiskens, I.A., “What's smart about the smart grid?”, Design Automation Conference (DAC), 2010 47th ACM/IEEE, pp 937-939 R. J. Sarfi, M. K. Tao, L. Germoets, “Making the Smart Grid Work for Community Energy Delivery”, Proceedings of the 11th Annual International Digital Government Research Conference on Public Administration,2010 May Robin Permann, Kenneth Rohde ,“Cyber Assessment Methods for SCADA Security”, 2005 Techno Security’s Guide to Securing SCADA: A Comprehensive Handbook On Protecting The Critical Infrastructure (ISBN: 978-159749-282-9, Syngress) and Securing SCADA Systems. ISO/IEC 27000 – Information technology – Security techniques – Information security management systems – Overview and vocabulary ISO/IEC 27001 – Information technology – Security techniques – Information security management systems – Requirements ISO/IEC 27002 – Information technology – Security techniques – Code of practice for information security management "Analyzing the reliability impact of distributed generation," Power Engineering Society Summer Meeting, 2001. IEEE , vol.2, no., pp.10131018 vol.2, 2001 Barker, P.P. De Mello, R.W. "Determining the impact of distributed generation on power systems. I. Radial distribution systems," Power Engineering Society Summer Meeting, 2000. IEEE , vol.3, no., pp.16451656 vol. 3, 2000 In-Su Bae, Jin-O Kim, Jae-Chul Kim, Singh, C., "Optimal operating strategy for distributed generation considering hourly reliability worth," Power Systems, IEEE Transactions on , vol.19, no.1, pp. 287- 292, Feb. 2004 Falaghi, H.Mahmood-Reza Haghifam, "Distributed Generation Impacts on Electric Distribution Systems Reliability: Sensitivity Analysis," Computer as a Tool, 2005. EUROCON 2005.The International Conference on , vol.2, no., pp.1465-1468, 21-24 Nov. 2005 Qiuye Sun, Zhongxu Li, Huaguang Zhang, "Impact of Distributed Generation on Voltage Profile in Distribution System," cso, vol. 1, pp.249-252, 2009 International Joint Conference on Computational Sciences and Optimization, 2009 Information Security Forum’s Standard of Good Practice (SoGP) (www.isfsecuritystandard.com/SOGP07/index.htm). Ming Meng; , "Network security data mining based on wavelet decomposition," Intelligent Control and Automation, 2008. WCICA 2008. 7th World Congress on , vol., no., pp.6646-6649, 25-27 June 2008 Lan Liu; Zhitang Li; Ling Xu; Huajun Chen; , "A Security Event Management Framework Using Wavelet and Data-Mining Technique," Communications, Circuits and Systems Proceedings, 2006 International Conference on , vol.3, no., pp.1566-1569, 25-28 June 2006 [25] Center for Internet Security (CIS – http://cisecurity.org/) [26] Lasseter, R.H.; Paigi, P.; , "Microgrid: a conceptual solution," Power Electronics Specialists Conference, 2004. PESC 04. 2004 IEEE 35th Annual , vol.6, no., pp. 4285- 4290 Vol.6, 20-25 June 2004 [27] Barklund, E.; Pogaku, N.; Prodanovic, M.; Hernandez-Aramburo, C.; Green, T.C.; , "Energy Management in Autonomous Microgrid Using Stability-Constrained Droop Control of Inverters," Power Electronics, IEEE Transactions on , vol.23, no.5, pp.2346-2352, Sept. 2008 [28] Nigim, K.A.; Wei-Jen Lee; , "Micro Grid Integration Opportunities and Challenges," Power Engineering Society General Meeting, 2007. IEEE , vol., no., pp.1-6, 24-28 June 2007 [29] Vandoorn, T. L.; Renders, B.; Degroote, L.; Meersman, B.; Vandevelde, L.; , "Active Load Control in Islanded Microgrids Based on the Grid Voltage," Smart Grid, IEEE Transactions on , vol.2, no.1, pp.139-151, March 2011 [30] Dimeas, A.L.; Hatziargyriou, N.D.; , "Operation of a Multiagent System for Microgrid Control," Power Systems, IEEE Transactions on , vol.20, no.3, pp. 1447- 1455, Aug. 2005 [31] Chun-Xia Dou; Shi-Jiu Jin; Guo-Tao Jiang; Zhi-Qian Bo; , "Multi-Agent Based Control Framework for Microgrids," Power and Energy Engineering Conference, 2009. APPEEC 2009. Asia-Pacific , vol., no., pp.1-4, 27-31 March 2009 [32] Zhang Jian; Ai Qian; Jiang Chuanwen; Wang Xingang; Zheng Zhanghua; Gu Chenghong; , "The application of multi agent system in microgrid coordination control," Sustainable Power Generation and Supply, 2009. SUPERGEN '09. International Conference on , vol., no., pp.1-6, 6-7 April 2009 [33] Dimeas, A.L.; Hatziargyriou, N.D.; , "Multi-agent reinforcement learning for microgrids," Power and Energy Society General Meeting, 2010 IEEE , vol., no., pp.1-8, 25-29 July 2010 [34] Ibars, C.; Navarro, M.; Giupponi, L.; , "Distributed Demand Management in Smart Grid with a Congestion Game," Smart Grid Communications (SmartGridComm), 2010 First IEEE International Conference on , vol., no., pp.495-500, 4-6 Oct. 2010 [35] Saffre, F.; Gedge, R.; , "Demand-Side Management for the Smart Grid," Network Operations and Management Symposium Workshops (NOMS Wksps), 2010 IEEE/IFIP , vol., no., pp.300-303, 19-23 April 2010 [36] Huq, Md. Zahurul; Islam, Syed; , "Home Area Network technology assessment for demand response in smart grid environment," Universities Power Engineering Conference (AUPEC), 2010 20th Australasian , vol., no., pp.1-6, 5-8 Dec. 2010 [37] Tony Flick, Justin Morehouse, “Securing the smart grid - Next Generation Power Grid Security”, Elsevier, 2011 [38] Jules Polonetsky, “Privacy and the Smart Grid: New Frontiers, New Challenges”, 31st International Conference of Data Protection and Privacy Commissioners, November 2009 [39] Future of Privacy Forum (FPF - http://www.futureofprivacy.org) [40] Gellings, C.W.; Samotyj, M.; Howe, B.; , " The future's smart delivery system [electric power supply]," Power and Energy Magazine, IEEE , vol.2, no.5, pp. 40- 48, Sept.-Oct. 2004 [41] X. P. Zhang, “A framework for operation and control of smart grids with distributed generation,” in IEEE Power Energy Soc. Gen. Meet. —Conv. Del. Elect. Energy 21st Century, 2008, pp. 1–5. [42] Momoh, J.A.; , "Smart grid design for efficient and flexible power networks operation and control," Power Systems Conference and Exposition, 2009. PSCE '09. IEEE/PES , vol., no., pp.1-8, 15-18 March 2009 [43] Chee-Wooi Ten; Manimaran, G.; Chen-Ching Liu; , "Cybersecurity for Critical Infrastructures: Attack and Defense Modeling," Systems, Man and Cybernetics, Part A: Systems and Humans, IEEE Transactions on , vol.40, no.4, pp.853-865, July 2010 [44] Mell P, Kent K, Nusbaum J. National Institute of Standards and Technology. Guide to Malware incident prevention and handling (http://csrc.nist.gov/publications/nistpubs/800-83/SP800-83.pdf) [45] Amin, S.M.,"Electricity infrastructure security: Toward reliable, resilient and secure cyber-physical power and energy systems," Power and Energy Society General Meeting, 2010 IEEE,vol., no., pp.1-5, July 2010