YANG Yang,HUANG Xiaoqing,CAO Yijia,ZHANG Zhidan,HE Jie

2011-01-01

Abstract:As the security specifications for IEC 61850 P2P communication protocol(real-time communication),IEC 62351-6 recommends the adoption of authentication for ensuring the safety of data transmission.To meet the requirement for the data flow and data security objectives in IEC 61850 digital substations,a method of implementing identity authentication with extended safe message through SHA-1 and DES encryption is put forward.Through the security analysis,it can meet the confidentiality,integrity and validity of the message.Further,by taking the bus fault on the unified star and the ring network in the whole D2-1 substation as an example,the OPNET network simulation and calculation are applied to the process of authentication.It is proved that the substation communication program has both good security and real-time character.

Zhining LV,Ziheng HU,Baifeng NING,Lifu DING,Gangfeng YAN,Xiasheng SHI

DOI: https://doi.org/10.1109/ICPRE48497.2019.9034805

2019-01-01

Abstract:Power system intelligent terminal equipment is widely used in real-time monitoring, data acquisition, power management, power distribution and other tasks of smart grid. The power system intelligent terminal can obtain various information of users and power companies in the power grid, but there is still a lack of protection means for the connection and communication process of the terminal components. In this paper, a novel method based on improved deep belief network(IDBN) is proposed to accomplish the business-level security monitoring and attack detection of power system terminal. A non-intrusive business-level monitoring platform for power system terminals is established, which uses energy metering intelligent terminals as an example for non-intrusive data collection. Based on this platform, the I-DBN extracts the spatial and temporal attack characteristics of the external monitoring data of the system. Some fault conditions and cyber attacks of the model have been simulated to demonstrate the effectiveness of the proposed detection method and the results show excellent performance. The method and platform proposed in this paper can be extended to other services in the power industry, providing a theoretical basis and implementation method for realizing the security monitoring of power system intelligent terminals from the business level.

Zhining Lv,Ziheng Hu,Gangfeng Yan,Baifeng Ning,Ningxuan Guo,Yinan Wang

DOI: https://doi.org/10.1145/3377713.3377751

2019-01-01

Abstract:In order to reduce the failure rate of smart grid and effectively improve the security protection capability of power terminals, this paper proposes a power terminal security monitoring method based on business logic consistency. The method can effectively correlate "timing label", "equipment status characteristics" and "business process", and can achieve security monitoring and abnormality detection for common attacks of power terminals from the business level. Based on this method, a monitoring platform for metering service is further built, and simulation experiments are conducted on the platform. The results show that the proposed method and platform can effectively monitor the operation status of power terminals that participating in the metering service. Besides, the method improves the monitoring efficiency and fault identification rate of safety hazards. The research in this paper can be extended to various power business in the power industry. It provides a theoretical basis and implementation method for preventing penetration and safety monitoring of power terminals from the business level.

Aamir Shahzad,Malrey Lee,Neal Naixue Xiong,Gisung Jeong,Young-Keun Lee,Jae-Young Choi,Abdul Wheed Mahesar,Iftikhar Ahmad

DOI: https://doi.org/10.3390/s16030322

2016-03-03

Abstract:In Industrial systems, Supervisory control and data acquisition (SCADA) system, the pseudo-transport layer of the distributed network protocol (DNP3) performs the functions of the transport layer and network layer of the open systems interconnection (OSI) model. This study used a simulation design of water pumping system, in-which the network nodes are directly and wirelessly connected with sensors, and are monitored by the main controller, as part of the wireless SCADA system. This study also intends to focus on the security issues inherent in the pseudo-transport layer of the DNP3 protocol. During disassembly and reassembling processes, the pseudo-transport layer keeps track of the bytes sequence. However, no mechanism is available that can verify the message or maintain the integrity of the bytes in the bytes received/transmitted from/to the data link layer or in the send/respond from the main controller/sensors. To properly and sequentially keep track of the bytes, a mechanism is required that can perform verification while bytes are received/transmitted from/to the lower layer of the DNP3 protocol or the send/respond to/from field sensors. For security and byte verification purposes, a mechanism needs to be proposed for the pseudo-transport layer, by employing cryptography algorithm. A dynamic choice security buffer (SB) is designed and employed during the security development. To achieve the desired goals of the proposed study, a pseudo-transport layer stack model is designed using the DNP3 protocol open library and the security is deployed and tested, without changing the original design.

ZHANG Chi,CAO Jiandong,LI Yiquan,WANG Huifang

DOI: https://doi.org/10.3969/j.issn.1007-290x.2012.05.006

2012-01-01

Abstract:Aiming at lack of quantitative assessment and choosing design scheme of relaying protection system of digital substation,the paper proposes to develop quantitive assessment software for relaying protection scheme of digital substation and elaborates on technical lines for implementing reliability assessment,economy assessment and comprehensive assessment;it presents flow chart of the implementation and discusses content and implementing method of each functional module.It is indicated by the research that the implementation of the software can effectively help to scientific choose design scheme of relaying protection system of digital substation.

Sun Shucai,Zhu Chenpeng,Xie Yehua

DOI: https://doi.org/10.1088/1755-1315/257/1/012047

2019-05-10

IOP Conference Series: Earth and Environmental Science

Abstract:This paper describes a method to improve the security of control signal transmission in substation by introducing third party authentication and applying encryption technology. We can use asymmetric encryption technology to ensure the safety of data transmission process. A third party authentication device is introduced to verify the rights and identities of both sides of the command and prevent the interception and tampering of command information. Use dynamic key and authorization expiration system to further protect control security. Finally, the character code is checked by the command and the error data is filtered effectively. This method can effectively prevent signals from being truncated or tampered and ensure the security of data. Restricting the operation crowd, isolating illegal users, protecting information security, greatly improve the information security of substation control process.

Chao Guo,Jianghai Li,Zhe Dong,Xiaojin Huang

2017-01-01

Abstract:Digital Instrumentation and control (I&C) system serves as the “senses and nervous system” of a nuclear power plant (NPP). It plays an important role in the safe and economic operation in the NPPs. Digital I&C system has a series of advantages compared with analogue ones, but the introduction of the operation system platform, the application software, and the network communication structure are causing security risk to the power plant. Different kinds of procedures have already been adopted against these risks such as the communication isolation, but the security attacks still occur from time to time in the industrial fields around the world. This paper presents two computer security methods based on the thought of software verification and validation with step-by-step operation identification. First, three scenarios of security attack are proposed according to the structure of a distributed control system (DCS). Then a method with two network bypasses and a security computer are adopted to obtain the operation commands, the actuation signal, and the operation feedback in case of the first two scenarios by identifying the consistency of the obtained data. Furthermore, the method is optimized by combining the operation procedure and the camera shot to identify the anomaly of the information flow, thus to improve the effectiveness against the computer security issues. In the end, the influence and feasibility of this method is discussed.

Gagan Dangwal,Saksham Mittal,Mohammad Wazid,Jaskaran Singh,Ashok Kumar Das,Debasis Giri,Mohammed J.F. Alenazi

DOI: https://doi.org/10.1016/j.compeleceng.2024.109828

IF: 4.152

2024-11-08

Computers & Electrical Engineering

Abstract:The widespread adoption of computers and the Internet in recent decades has led to a growing reliance on digital technologies. Supervisory Control and Data Acquisition (SCADA)-enabled Internet of Things (IoT) applications are now used in various sectors such as nuclear power plants, oil and gas extraction, and refineries. However, ensuring the security of computer networks and such autonomous systems is essential to thwart potential threats from hackers and intruders. In this article, an intrusion detection scheme is proposed by deploying different machine learning algorithms (referred to as IDM-DNP3). These algorithms are rigorously trained and tested on an extensive dataset encompassing nine Distributed Network Protocol 3 (DNP3) testbed attacks. Utilizing a range of algorithms, a multi-class classification model was successfully developed for detecting attacks related to SCADA and DNP3. The comparative study conducted shows that IDM-DNP3 can detect potential threats with higher accuracy than other existing schemes.

engineering, electrical & electronic,computer science, interdisciplinary applications, hardware & architecture

Hao Huang,C. Matthew Davis,Katherine R. Davis

DOI: https://doi.org/10.1109/TPEC51183.2021.9384947

2021-07-07

Abstract:Modern power grids are dependent on communication systems for data collection, visualization, and control. Distributed Network Protocol 3 (DNP3) is commonly used in supervisory control and data acquisition (SCADA) systems in power systems to allow control system software and hardware to communicate. To study the dependencies between communication network security, power system data collection, and industrial hardware, it is important to enable communication capabilities with real-time power system simulation. In this paper, we present the integration of new functionality of a power systems dynamic simulation package into our cyber-physical power system testbed that supports real-time power system data transfer using DNP3, demonstrated with an industrial real-time automation controller (RTAC). The usage and configuration of DNP3 with real-world equipment in to achieve power system monitoring and control of a large-scale synthetic electric grid via this DNP3 communication is presented. Then, an exemplar of DNP3 data collection and control is achieved in software and hardware using the 2000-bus Texas synthetic grid.

Systems and Control

HAN Yuqi,GUO Jia,GUO Chuangxin,HUANG Han

DOI: https://doi.org/10.13334/j.0258-8013.pcsee.2016.06.005

2016-01-01

Abstract:With the deep incorporating of information and communication technology in power systems, the power system has involved into the cyber-physical power system. The application of software-defined networking theory into the cyber physical power system can improve the system flexibility and provide room for new functions. Under this circumstance, the assessment of intelligent substation security risk should consider both the information device hardware factor and software factor. This paper combines the specifics of software defined networking and cyber physical power systems and then divided the system into the application layer, the control layer, the cyber operation layer and the physical operation layer. Based on the function decomposed modelling method, this paper put forwards the system security risk assessment method incorporating the failures of application layer control and function software and cyber device application software. The calculation and sensitive analysis of the security risk of T1-1 substation is operated using the assessment method in this paper.

CAO Yijia,YAO Huan,HUANG Xiaoqing,ZHANG Zhenfu

DOI: https://doi.org/10.3969/j.issn.1006-6047.2011.06.001

2011-01-01

Abstract:The quantification of each threat against information security of substation communication system is the prerequisite to the planning of security strategy.Based on the analysis of the requirements of substation communication system for information security,all threats are classified according to its four properties,based on which,the index system and hierarchy of information security evaluation is established.The joint weight is calculated by the scale method for each threat,experts' assessments are quantified and merged based on the D-S theory,and all threats are ranked according to the confidence interval.Case study shows that the quantified threats provide the theoretical support to the security strategy planning of substation.

Wang Ning,Wu Yanli,Liu Guangxing,Yao Ruizhe,Zhang Longfei

DOI: https://doi.org/10.1088/1755-1315/464/1/012006

2020-03-01

IOP Conference Series: Earth and Environmental Science

Abstract:Abstract The intelligent distribution network is an important hub for connecting power generation and users, and the security of its information is closely related to the stable operation of the power grid. In order to solve the contradiction between the security and real-time of information in intelligent distribution network according to Supplementary Provisions for Safety Protection of Medium and Low Voltage Distribution Network Automation System, an information security model of intelligent distribution network is proposed, after deeply studying AES encryption algorithm and SHA-256 authentication algorithm, using OPNET as simulation software for smart distribution network information to carryout transmission delay curve. FPGA is used as information security processing platform. We obtain the total delay, analyze the integrity and availability. The experiment proves that the intelligent distribution network information security processing solution satisfies the three elements of CIA information security, and has good confidentiality, integrity and availability.

YANG Wen-zheng,GUO Chuang-xin,CAO Yi-jia,YI Yong-hui

DOI: https://doi.org/10.3969/j.issn.1001-4551.2007.09.029

2007-01-01

Abstract:The digital substation will be the essential tendency of substation's development.And the information security and its safeguard will become a hot spot.Based on the analysis of the ethernet of digital substation,the security meaning and threats of digital substation information were discussed.Some security strategies and measures were proposed,such as digital signature、VLAN、multi-agent and firewall.

Longhua Guo,Mianxiong Dong,Kaoru Ota,Jun Wu,Jianhua Li

DOI: https://doi.org/10.1109/GLOCOM.2016.7841519

2016-01-01

Abstract:With the rapid growth of the Internet, the current TCP/IP based network cannot well satisfy the requirements such as scalable content distribution, mobility, security and so on. The new networking architectures which aren't based on TCP/IP have been a trade of next generation networking such as Information-Centric Networking (ICN). In smart grid, parts of communication protocol in IEC 61850 are also not based on TCP/IP architecture such as Sampled Value (SV) and Generic Object-Oriented Substation Event (GOOSE). IEC 61850 based smart substation employing wireless network has significantly improved the interoperability and interconnection of substation devices. However, with the amount and openness growth of Intelligent Electronic Devices (IED) nodes, these changes introduce new efficiency, reliability and security challenges especially in wireless network. The strict time requirement has limited the use of heavyweight security protocols to fight against cyber-attacks. To address these issues, a name-based security mechanism using ICN is proposed for the non TCP/IP based SV and GOOSE communication. Publish/subscribe (pub/sub) based access control and lightweight encryption algorithm are utilized to secure the decentralized large-scale smart grid data sharing. The results show the proposed mechanism is secure and efficient for IEC 61850 communication employing wireless network.

Xiao Chun Yin,Zeng Guang Liu,Lewis Nkenyereye,Bruce Ndibanje

DOI: https://doi.org/10.3390/s19224952

2019-11-14

Abstract:We present an innovative approach for a Cybersecurity Solution based on the Intrusion Detection System to detect malicious activity targeting the Distributed Network Protocol (DNP3) layers in the Supervisory Control and Data Acquisition (SCADA) systems. As Information and Communication Technology is connected to the grid, it is subjected to both physical and cyber-attacks because of the interaction between industrial control systems and the outside Internet environment using IoT technology. Often, cyber-attacks lead to multiple risks that affect infrastructure and business continuity; furthermore, in some cases, human beings are also affected. Because of the traditional peculiarities of process systems, such as insecure real-time protocols, end-to-end general-purpose ICT security mechanisms are not able to fully secure communication in SCADA systems. In this paper, we present a novel method based on the DNP3 vulnerability assessment and attack model in different layers, with feature selection using Machine Learning from parsed DNP3 protocol with additional data including malware samples. Moreover, we developed a cyber-attack algorithm that included a classification and visualization process. Finally, the results of the experimental implementation show that our proposed Cybersecurity Solution based on IDS was able to detect attacks in real time in an IoT-based Smart Grid communication environment.

zhong wei li,li cheng,hong li zhang,wei ming tong

DOI: https://doi.org/10.4028/www.scientific.net/AMM.325-326.637

2013-01-01

Applied Mechanics and Materials

Abstract:AMI (Advanced Metering Infrastructure) is the first step of the implementation of the smart grid. The communication network is the important part of AMI. The reasonable communication network architecture and effective cyber security measures are the keys of the realization of AMIs functions. The components, functions and communication network architecture are studied. Communication technologies that can be used in AMI are analyzed. Based on ZigBee, fieldbus/industrial EtherNet and GPRS, a typical AMI are constructed. The cyber security threats, communication data types and cyber security requirement of AMI are analyzed. The cyber security strategy and implementing scheme are offered. The communication standards and cyber security standards that can be referred while constructing AMI are analyzed. The necessity that publishes AMIs communication standard and cyber security is put forward.

Yanjie Zhang,Qiqi Shu,Yubo Wang,Yin Gao,Lei Zhang,Yan Li

DOI: https://doi.org/10.1109/EI2.2018.8582358

2018-01-01

Abstract:With the increasing mutual interaction between smart grid and users, intelligent acquisition terminals and mobile operation terminals are widely used and accessed. The types of data transmitted in the network are more complex, and the requirements for information security protection are higher. Currently, the general security protocols for power systems do not meet the new requirements. This paper studies ISO/IEC 9798 series of standards, combines key agreement, entity authentication and hybrid algorithm technology, designs a secure channel protocol for high-security data transmission, and analyzes its complexity and time performance. Finally, it is completed based on security chip. Data transmission test shows that it has the characteristics of high security and flexible protocol, and can effectively meet the security and real-time requirements of data communication.

Zhou Jing,Tian Wenxi,Ding Jie

DOI: https://doi.org/10.3969/j.issn.1671-1041.2023.05.019

2023-01-01

Abstract:For the nuclear power DCS platform, real-time communication network architecture and the selection lack of theoretical basis and performance comparison, as well as the lack of mature experience for reference in the design of DCS Platform made in China, this paper studies the hardware and software implementation of real-time network communication architecture based on different protocols. A network communication scheme suitable for the design of various network topologies of safety-level DCS is proposed, which realizes the real-time and deterministic data transmission of Safety DCS network. It has the advantages of better certainty of data communication, fault-tolerant ability and stability of response time, and meets the requirements of high reliability of data communication for DCS network system of nuclear power platform.

Chanjuan Tang,Rong Tian,Bingjie Liu,Bingxin Tian,Fan Yu,Jiuchun Ren

DOI: https://doi.org/10.1117/12.3029263

2024-01-01

Abstract:To address the challenges of wiring operation and maintenance in substations and the security issues associated with wireless data acquisition in smart grid environments, we have developed a secure wireless data acquisition system for substation monitoring. This system integrates 5G, short-range wireless communication, Internet of Things (IoT) technology, and video processing to establish a secure and unified access model. The system comprises an intelligent gateway deployed at the wireless network boundary, equipped with hardware encryption cards for terminal authentication, data encryption, and information security. The gateway seamlessly integrates with the IoT system architecture, encompassing perception, edge computing, transport, and service layers. A security access module for the terminal is introduced in the design, taking into account the security constraints in the substation environment. This module ensures encrypted data transmission between the gateway and the terminal, providing a secure access solution for video and sensors.

Yongge Wang

DOI: https://doi.org/10.48550/arXiv.1207.5434

2012-07-23

Information Theory

Abstract:Distributed control systems (DCS) and supervisory control and data acquisition (SCADA) systems were developed to reduce labour costs, and to allow system-wide monitoring and remote control from a central location. Control systems are widely used in critical infrastructures such as electric grid, natural gas, water and wastewater industries. While control systems can be vulnerable to a variety of types of cyber attacks that could have devastating consequences, little research has been done to secure the control systems. American Gas Association (AGA), IEC TC57 WG15, IEEE, NIST and National SCADA Test Bed Program have been actively designing cryptographic standard to protect SCADA systems. American Gas Association (AGA) had originally been designing cryptographic standard to protect SCADA communication links and finished the report AGA 12 part 1. The AGA 12 part 2 has been transferred to IEEE P1711. This paper presents an attack on the protocols in the first draft of AGA standard (Wright et al., 2004). This attack shows that the security mechanisms in the first version of the AGA standard protocol could be easily defeated. We then propose a suite of security protocols optimised for SCADA/DCS systems which include: point-to-point secure channels, authenticated broadcast channels, authenticated emergency channels, and revised authenticated emergency channels. These protocols are designed to address the specific challenges that SCADA systems have.