Kate Davis,Laszlo B. Kish,Chanan Singh

DOI: https://doi.org/10.1142/s0219477524500433

2024-03-15

Fluctuation and Noise Letters

Abstract:Unconditional security for smart grids is defined. Cryptanalyses of the watermarked security of smart grids indicate that watermarking cannot guarantee unconditional security unless the communication within the grid system is unconditionally secure. The successful attack against the dynamically watermarked smart grid remains valid even with the presence of internal noise from the grid. An open question arises if unconditionally authenticated secure communications within the grid, together with tamper resistance of the critical elements, are satisfactory conditions to provide unconditional security for the grid operation.

mathematics, interdisciplinary applications,physics, applied

Mehmet Yildirim,Nasir Kenarangui,Robert Balog,Laszlo B. Kish,Chanan Singh

2024-06-27

Abstract:Previous research employing a conceptual approach with a digital twin has demonstrated that (noise-based) dynamic watermarking is incapable of providing unconditional security in smart electrical grid systems. However, the implementation of digital twins can be prohibitively costly or infeasible due to limited available data on critical infrastructure. In this study, we first analyze the spectral properties of dynamic watermarking and its associated protocol. Subsequently, we present a straightforward attack inspired by the digital twin method, which extracts and utilizes the grid noises and completely breaches the security of dynamic watermarking without requiring knowledge of the private watermarking signal. The attacker can fully expose the grid while evading detection by the controller. Our findings indicate that in the absence of secure and authenticated communications, dynamic watermarking offers neither conditional nor unconditional security. Conversely, when communication lines, sensors, and communicators are equipped with tamper-resistant and secure/authenticated links, dynamic watermarking becomes redundant for grid security.

Cryptography and Security

Siddhartha Deb Roy,Ankush Sharma,Saikat Chakrabarti,Sanjoy Debbarma

DOI: https://doi.org/10.1109/tsg.2024.3370892

IF: 10.275

2024-01-01

IEEE Transactions on Smart Grid

Abstract:Modern power systems rely on Wide Area Network (WAN) for real-time data transmission and control. However, integrating WAN introduces vulnerabilities that adversaries can exploit, leading to inaccurate information, compromised decisions, and potential grid instability. The Automatic Generation Control (AGC) system, responsible for maintaining power balance, is an attractive target for attackers due to its reliance on WANs for critical signal transmission. Traditional security mechanisms like encryption, multi-factor authentication, antivirus, etc., may not be suitable for power systems due to system priorities, processing limitations, and compatibility issues. To address this, we propose a novel digital text watermarking-based approach that ensures data integrity and detects replay attacks. The watermarking technique dynamically embeds a unique timestamped watermark into sensor data, enabling detection of unauthorised modifications. The algorithm confirms data integrity by comparing the extracted and expected watermark utilizing Damerau-Levenshtein index. Timestamp analysis is employed to assist in identifying replay attacks. Notably, our technique is independent of system scale, making it practical for real-world implementation. Furthermore, the framework can be extended to secure other power system applications, enhancing overall cyber resilience. Experimental results demonstrate the efficacy of our algorithm in AGC systems while ensuring almost zero performance loss to system operations.

engineering, electrical & electronic

Xiong Li,Fan Wu,Saru Kumari,Lili Xu,Arun Kumar Sangaiah,Kim-Kwang Raymond Choo

DOI: https://doi.org/10.1016/j.jpdc.2017.11.008

IF: 4.542

2019-01-01

Journal of Parallel and Distributed Computing

Abstract:Smart grid (SG) is an agenda of interest to governments and researchers, as a successful cyberattack against smart grids (e.g. compromise of smart meters) can have devastating real-world consequences, ranging from financial loss to fatalities. In this paper, we present a novel and secure message authentication scheme, which provides mutual authentication and key establishment for smart grid. The scheme is also designed to preserve the identities of the gateways during message transmission. We then prove the security of the scheme, as well as verifying the security properties using Proverif and demonstrating the utility of the scheme using simulations.

Hongwei Li,Rongxing Lu,Liang Zhou,Bo Yang,Xuemin (Sherman) Shen

DOI: https://doi.org/10.1109/jsyst.2013.2271537

IF: 4.802

2014-01-01

IEEE Systems Journal

Abstract:Smart grid has emerged as the next generation of power grid, due to its reliability, flexibility, and efficiency. However, smart grid faces some critical security challenges such as the message injection attack and the replay attack. If these challenges cannot be properly addressed, an adversary can maliciously launch the injected or replayed message attacks to degrade the performance of smart grid. To cope with these challenging issues, in this paper, we propose an efficient authentication scheme that employs the Merkle hash tree technique to secure smart gird communication. Specifically, the proposed authentication scheme considers the smart meters with computation-constrained resources and puts the minimum computation overhead on them. Detailed security analysis indicates its security strength, namely, resilience to the replay attack, the message injection attack, the message analysis attack, and the message modification attack. In addition, extensive performance evaluation demonstrates its efficiency in terms of computation complexity and communication overhead.

Aijuan Wang,Junyang Li,Hai Nan

DOI: https://doi.org/10.1109/access.2022.3228905

IF: 3.9

2023-02-18

IEEE Access

Abstract:There are many security risks in the communication between the various nodes of the smart grid. Among these security risks, data leakage is a common one, which occurs in communicating between any two smart meters. In the existing studies, the data leakage is tackled by proposing various security strategies. In this paper, we propose a novel security communication scheme to ensure the security of transmission data between two smart meters against external malicious attacks. Specifically, an authentication scheme based on chaos theory is proposed for verifying the identity trustworthiness of smart meters. In the authentication phase, we use a chaos algorithm and a hash function to compute a shared session key that is used for authentication of both communicating parties, as well as for encryption of private information. Our proposed scheme implements a one-time session approach, i.e., each round of communication keys are unrelated to each other. In relevant validation experiments, we verify that the chaotic algorithm is sufficiently time efficient and compare the computational efficiency with other literature in terms of communication expenses, and the results prove that the proposed scheme is of lightweight nature. Finally we use the Proverif formal verification tool the BAN logic to verify the security as well as the feasibility of the proposed scheme.

computer science, information systems,telecommunications,engineering, electrical & electronic

Tong Huang,Bin Wang,Jorge Ramos-Ruiz,Prasad Enjeti,P. R. Kumar,Le Xie

DOI: https://doi.org/10.48550/arXiv.2011.12990

2020-11-25

Systems and Control

Abstract:This paper presents the first demonstration of using an active mechanism to defend renewable-rich microgrids against cyber attacks. Cyber vulnerability of the renewable-rich microgrids is identified. The defense mechanism based on dynamic watermarking is proposed for detecting cyber anomalies in microgrids. The proposed mechanism is easily implementable and it has theoretically provable performance in term of detecting cyber attacks. The effectiveness of the proposed mechanism is tested and validated in a renewable-rich microgrid.

Arastoo Zibaeirad,Farnoosh Koleini,Shengping Bi,Tao Hou,Tao Wang

2024-07-11

Abstract:In this study, we conduct a comprehensive review of smart grid security, exploring system architectures, attack methodologies, defense strategies, and future research opportunities. We provide an in-depth analysis of various attack vectors, focusing on new attack surfaces introduced by advanced components in smart grids. The review particularly includes an extensive analysis of coordinated attacks that incorporate multiple attack strategies and exploit vulnerabilities across various smart grid components to increase their adverse impact, demonstrating the complexity and potential severity of these threats. Following this, we examine innovative detection and mitigation strategies, including game theory, graph theory, blockchain, and machine learning, discussing their advancements in counteracting evolving threats and associated research challenges. In particular, our review covers a thorough examination of widely used machine learning-based mitigation strategies, analyzing their applications and research challenges spanning across supervised, unsupervised, semi-supervised, ensemble, and reinforcement learning. Further, we outline future research directions and explore new techniques and concerns. We first discuss the research opportunities for existing and emerging strategies, and then explore the potential role of new techniques, such as large language models (LLMs), and the emerging threat of adversarial machine learning in the future of smart grid security.

Cryptography and Security,Artificial Intelligence

Yilin Mo,Tiffany Hyun‐Jin Kim,Kenneth Brancik,D. C. Dickinson,Hee‐Jo Lee,Adrian Perrig,Bruno Sinopoli

2012-01-01

Abstract:It is often appealing to assume that existing solutions can be directly applied to emerging engineering do- mains. Unfortunately, careful investigation of the unique chal- lenges presented by new domains exposes its idiosyncrasies, thus often requiring new approaches and solutions. In this paper, we argue that the Bsmart( grid, replacing its incredibly successful and reliable predecessor, poses a series of new se- curity challenges, among others, that require novel approaches to the field of cyber security. We will call this new field cyber- physical security. The tight coupling between information and communication technologies and physical systems introduces new security concerns, requiring a rethinking of the commonly used objectives and methods. Existing security approaches are either inapplicable, not viable, insufficiently scalable, incom- patible, or simply inadequate to address the challenges posed by highly complex environments such as the smart grid. A con- certed effort by the entire industry, the research community, and the policy makers is required to achieve the vision of a secure smart grid infrastructure.

G. Johncy,R. S. Shaji

DOI: https://doi.org/10.1080/09540091.2024.2403393

2024-10-02

Connection Science

Abstract:Smart grid systems use digital communication technology to efficiently monitor and manage electricity distribution. However, there is a need for improve the robustness of smart grid systems. Hence a novel "Secure Smart Grid Implementation with Automatic Data Integrity Attack Location Prediction and Exalted Energy Theft Detection" has been proposed. Current detection methods are not good at identifying data integrity attacks. So a novel Automatic Deterministic Attack Location Prediction Model detects data integrity attacks using a Stacked Watermarking BiGRU-based Deep Deterministic Q network, extracting system matrix and state time series variation. Moreover, Energy theft detection algorithms, which are intended to detect dishonest clients, provide erroneous findings because of linear interpolation processes and randomised near misses, which ignore important data points. Thus a novel Exalted Energy Theft Detector with Secure Encoding is introduced where Amortized Multicode GAN method secures smart grids by detecting energy theft and preventing firmware code modifications, utilising fractional multi-level quantum encoding to identify injection locations. As a result, the proposed model has an accuracy of 97.1%, recall of 96.25%, error rate is 1.36%, F1-score is 96.20%, sensitivity is 96.10%, specificity is 96.10%, MAPE is 0.48%, MSE is 0.0001 and RMSE is 0.017.

computer science, artificial intelligence, theory & methods

Weizheng Wang,Huakun Huang,Lejun Zhang,Chunhua Su

DOI: https://doi.org/10.1007/s12083-020-01020-2

2020-11-14

Abstract:Smart grid has been acknowledged as the next-generation intelligent network that optimizes energy efficiency. Primarily through a bidirectional communication channel, suppliers and users can dynamically adjust power transmission in real time. Nonetheless, many security issues occur with the widespread deployment of smart grid, e.g., centralized register authority and potential Distributed-Denial-of-Service (DDoS) attack. These existing problems threaten the availability of smart grid. In this paper, we mainly focus on solving some identity authentication issues remained in the smart grid. Combined with blockchain, Elliptic Curve Cryptography (ECC), dynamic Join-and-Exit mechanism and batch verification, a reliable and efficient authentication protocol is proposed for smart meters and utility centers. Simultaneously, the provable security of this protocol is assured by the computational hard problem assumptions. Experiment results show that our protocol has achieved security and performance improvement compared with the other ECC related schemes.

computer science, information systems,telecommunications

Xu Li,Xiaohui Liang,Rongxing Lu,Xuemin (Sherman) Shen,Xiaodong Lin,Haojin Zhu

DOI: https://doi.org/10.1109/mcom.2012.6257525

IF: 9.03

2012-01-01

IEEE Communications Magazine

Abstract:Smart grid has emerged as the next-generation power grid via the convergence of power system engineering and information and communication technology. In this article, we describe smart grid goals and tactics, and present a three-layer smart grid network architecture. Following a brief discussion about major challenges in smart grid development, we elaborate on smart grid cyber security issues. We define a taxonomy of basic cyber attacks, upon which sophisticated attack behaviors may be built. We then introduce fundamental security techniques, whose integration is essential for achieving full protection against existing and future sophisticated security attacks. By discussing some interesting open problems, we finally expect to trigger more research efforts in this emerging area.

Daojing He,Chun Chen,Jiajun Bu,Sammy Chan,Yan Zhang,Mohsen Guizani

2012-01-01

Abstract:The smart grid provides a platform for thirdparty service providers to remotely monitor and manage energy usage for consumers. At the same time, the involvement of service providers brings a new set of security threats to the smart grid. In this article, we first identify the cyber security challenges on service provision in the smart grid. Then we present two main security issues related to service provision and provide potential solutions. The first one is to establish a secure communication procedure among the electric utility, consumers, and service providers. The second one is to provide a privacy-preserving yet accountable authentication framework among the smart grid entities without relying on any trusted third party. Finally, we suggest directions of future work on secure service provision by describing several open issues.

Vincent Omollo Nyangaresi,Zaid Ameen Abduljabbar,Salah H. Abbdal Refish,Mustafa A. Al Sibahee,Enas Wahab Abood,Songfeng Lu

DOI: https://doi.org/10.1007/978-3-030-98002-3_24

2022-01-01

Abstract:The security and privacy protection of smart grid data exchanged over the open and public wireless communication channels is critical yet challenging in this environment. Conventionally, public key cryptography, group signatures, blind signatures, identity based schemes and elliptic curve cryptography could provide the much needed security and privacy. However, all these techniques either lack some smart grid security requirements or have intensive communication, storage and computation overheads. This obviously renders them inefficient for resource-constrained smart grid network devices. In this paper, an anonymous key agreement and authentication protocol to address some of these challenges is proposed. The simulation results showed that the proposed protocol is the most efficient in terms of bandwidth and computation requirements. It also required relatively less memory space during its entire execution than some of the related protocols. Further, it is demonstrated that it offers both backward and forward key secrecy, anonymity, and is robust against impersonation, session hijacking, privileged insider, side-channels, packet replays, packet injection and privacy leaks attacks.

Daojing He,Sammy Chan,Yan Zhang,Mohsen Guizani,Chun Chen,Jiajun Bu

DOI: https://doi.org/10.1109/MNET.2014.6724101

IF: 10.294

2014-01-01

IEEE Network

Abstract:It is expected that the smart grid will radically add new functionalities to legacy electrical power systems. However, we believe that this will in turn introduce many new security risks. With the smart grid's backbone communication networks and subnetworks, there are possible scenarios when these subnetworks can become vulnerable to attacks. Ensuring security in these networks is challenging because most devices are resource constrained. In addition, different protocols that are used in these networks use their own set of security requirements. In this article, the security requirements of smart grid communication networks are firstly identified. We then point out that although public key infrastructure (PKI) is a viable solution, it has some difficulties to satisfy the requirements in availability, privacy preservation, and scalability. To complement the functions of PKI, we introduce some novel mechanisms so that those security requirements can be met. In particular, we propose a mechanism to efficiently resist Denial-of-Service (DoS) attacks, and some suggestions to the security protocol design for different application categories.

Aidong Xu,Yunan Zhang,Yixin Jiang,Jie Chen,Yushan Li,Lian Dong,Yujun Yi,Fei Pan,Hong Wen

DOI: https://doi.org/10.1007/978-3-030-34387-3_100

2019-01-01

Abstract:As a typical industry auto control system, security issue is a necessary task in order to guarantee safe and secure grid operation. The edge devices the local data processing and storage that provide a real time control, a low latency and also can play a role of the security gate, in which the terminal authentication, data privacy and data security can be provide. Due to the terminals of the SG are resource and computing constrained devices, the encryption security measurements are hard to perform on these devices. Physical-layer (PHY) security methods use the characteristics of the channel or the device fingerprints, which can run on the edge devices. Therefore, the terminals almost do nothing, which means these kinds of PHY security methods are light weight to the terminals. This paper introduced several PHY light weight authentication methods for the smart grid based on the edge computing and illustration their efficiency.

Bharadwaj Satchidanandan,P. R. Kumar

DOI: https://doi.org/10.48550/arXiv.1606.08741

2016-06-27

Abstract:The coming decades may see the large scale deployment of networked cyber-physical systems to address global needs in areas such as energy, water, healthcare, and transportation. However, as recent events have shown, such systems are vulnerable to cyber attacks. Being safety critical, their disruption or misbehavior can cause economic losses or injuries and loss of life. It is therefore important to secure such networked cyber-physical systems against attacks. In the absence of credible security guarantees, there will be resistance to the proliferation of cyber-physical systems, which are much needed to meet global needs in critical infrastructures and services. This paper addresses the problem of secure control of networked cyber-physical systems. This problem is different from the problem of securing the communication network, since cyber-physical systems at their very essence need sensors and actuators that interface with the physical plant, and malicious agents may tamper with sensors or actuators, as recent attacks have shown. We consider physical plants that are being controlled by multiple actuators and sensors communicating over a network, where some sensors could be "malicious," meaning that they may not report the measurements that they observe. We address a general technique by which the actuators can detect the actions of malicious sensors in the system, and disable closed-loop control based on their information. This technique, called "watermarking," employs the technique of actuators injecting private excitation into the system which will reveal malicious tampering with signals. We show how such an active defense can be used to secure networked systems of sensors and actuators.

Systems and Control,Dynamical Systems

Kehe Wu,Rui Cheng,Wenchao Cui,Wei Li

DOI: https://doi.org/10.1016/j.aej.2020.09.008

IF: 6.626

2021-02-01

Alexandria Engineering Journal

Abstract:With the increasing openness of smart grids, a large quantity of power terminals will be widely applied in systems of smart grids by various access modes (wired, wireless, satellite). In order to ensure the integrity and confidentiality of the data and the security of the communications between power terminals and the smart grid intranet, a lightweight security authentication and key agreement scheme is proposed in this article. The scheme provides mutual authentication based on the SM2 algorithm and key agreement which can prevent various attacks. Furthermore experimental evaluation and comparative analysis is conducted to indicate that the proposed scheme can resist many types of attacks with lower amounts of total computational resources and lower communications bandwidth. The analysis shows that the proposed scheme is suitable for smart grid.

engineering, multidisciplinary

Kumar Prateek,Meghashrita Das,Sairaaj Surve,Soumyadev Maity,Ruhul Amin

DOI: https://doi.org/10.1109/tnsm.2024.3357103

2024-01-01

IEEE Transactions on Network and Service Management

Abstract:Smart grids, steering an energy revolution through smart metering infrastructure, face cybersecurity threats and unauthorized access risks. Within these systems, classical authentication protocols validate identities, fostering trust and enabling access to authorized resources, while preventing unauthorized access. However, classical authentication protocols are predominantly dependent on public-key cryptography, rooted in computational hard problems such as integer factorization and discrete logs to uphold security. Nevertheless, these computational hard problems can be easily compromised by quantum adversaries. Furthermore, quantum-resistant smart meter authentication protocols are either deemed impractical or reliant on quantum hard problems, potentially lacking future-proof security. Moreover, maintaining SG entity privacy holds equal significance. Consequently, this article introduces the Quantum-Secure Privacy-Preserving Smart Meter Authentication (Q-Secure-P2-SMA) protocol. It utilizes semi-quantum key distribution and a hash function to facilitate quantum-resistant metering data communication, with a focus on privacy and practicality. The security analysis and performance evaluation conducted for Q-Secure-P2-SMA confirm its resilience against well-known security threats, showcasing improved efficiency compared to existing state-of-art-protocols across computation, communication, and energy overhead. Notably, the Q-Secure-P2-SMA doesn’t necessitate quantum capability among all SG entities, making it more practical and relevant in real-world scenarios.

computer science, information systems

Matthias Pilz,Fariborz Baghaei Naeini,Ketil Grammont,Coline Smagghe,Mastaneh Davis,Jean-Christophe Nebel,Luluwah Al-Fagih,Eckhard Pfluegel

DOI: https://doi.org/10.48550/arXiv.1810.07670

2018-10-18

Abstract:The introduction of advanced communication infrastructure into the power grid raises a plethora of new opportunities to tackle climate change. This paper is concerned with the security of energy management systems which are expected to be implemented in the future smart grid. The existence of a novel class of false data injection attacks that are based on modifying forecasted demand data is demonstrated, and the impact of the attacks on a typical system's parameters is identified, using a simulated scenario. Monitoring strategies that the utility company may employ in order to detect the attacks are proposed and a game--theoretic approach is used to support the utility company's decision--making process for the allocation of their defence resources. Informed by these findings, a generic security game is devised and solved, revealing the existence of several Nash Equilibrium strategies. The practical outcomes of these results for the utility company are discussed in detail and a proposal is made, suggesting how the generic model may be applied to other scenarios.

Computer Science and Game Theory,Cryptography and Security