“…The proposed response mechanism replaces the measurements from the compromised sensor with a measurement sequence that the linear model generates. Similarly, in [30], a SCADA system with software-defined network (SDN) assistance is presented, which replaces compromised measurements with estimated ones. For evaluation, an extension of the MiniCPS [31] is developed in order to provide SDN functionalities for both supervisory and field networks.…”
Section: Model-based Responsementioning
confidence: 99%
“…Moreover, the incident response system for the water treatment SCADA system, previously presented in [30], can also use SDN for deception technique. According to this work, another potential incident-response strategy to mitigate an attack is to mislead an adversary to a honeypot when an attack has been detected.…”
Smart grids (SG) draw the attention of cyber attackers due to their vulnerabilities, which are caused by the usage of heterogeneous communication technologies and their distributed nature. While preventing or detecting cyber attacks is a well-studied field of research, making SG more resilient against such threats is a challenging task. This paper provides a classification of the proposed cyber resilience methods against cyber attacks for SG. This classification includes a set of studies that propose cyber-resilient approaches to protect SG and related cyber-physical systems against unforeseen anomalies or deliberate attacks. Each study is briefly analyzed and is associated with the proper cyber resilience technique which is given by the National Institute of Standards and Technology in the Special Publication 800-160. These techniques are also linked to the different states of the typical resilience curve. Consequently, this paper highlights the most critical challenges for achieving cyber resilience, reveals significant cyber resilience aspects that have not been sufficiently considered yet and, finally, proposes scientific areas that should be further researched in order to enhance the cyber resilience of SG.
“…The proposed response mechanism replaces the measurements from the compromised sensor with a measurement sequence that the linear model generates. Similarly, in [30], a SCADA system with software-defined network (SDN) assistance is presented, which replaces compromised measurements with estimated ones. For evaluation, an extension of the MiniCPS [31] is developed in order to provide SDN functionalities for both supervisory and field networks.…”
Section: Model-based Responsementioning
confidence: 99%
“…Moreover, the incident response system for the water treatment SCADA system, previously presented in [30], can also use SDN for deception technique. According to this work, another potential incident-response strategy to mitigate an attack is to mislead an adversary to a honeypot when an attack has been detected.…”
Smart grids (SG) draw the attention of cyber attackers due to their vulnerabilities, which are caused by the usage of heterogeneous communication technologies and their distributed nature. While preventing or detecting cyber attacks is a well-studied field of research, making SG more resilient against such threats is a challenging task. This paper provides a classification of the proposed cyber resilience methods against cyber attacks for SG. This classification includes a set of studies that propose cyber-resilient approaches to protect SG and related cyber-physical systems against unforeseen anomalies or deliberate attacks. Each study is briefly analyzed and is associated with the proper cyber resilience technique which is given by the National Institute of Standards and Technology in the Special Publication 800-160. These techniques are also linked to the different states of the typical resilience curve. Consequently, this paper highlights the most critical challenges for achieving cyber resilience, reveals significant cyber resilience aspects that have not been sufficiently considered yet and, finally, proposes scientific areas that should be further researched in order to enhance the cyber resilience of SG.
“…This is particularly useful for control networks within critical infrastructures, which require extremely high availability. Reference [25] discusses how SDN and Network Function Virtualization (NFV) technologies can help design automatic incident-response mechanisms for ICS and also describes a prototype to show the feasibility in a scenario that uses Programmable Logic Controllers (PLC) managing a classical tank-filling control system. Reference [26] studies the applicability of emerging technologies in the area of IP networks, including SDN, NFV, and next generation firewalls, to secure ICS.…”
Microgrids are growing in importance in the Smart Grid paradigm for power systems. Microgrid security is becoming crucial since these systems increasingly rely on information and communication technologies. Many technologies have been proposed in the last few years for the protection of industrial control systems, ranging from cryptography, network security, security monitoring systems, and innovative control strategies resilient to cyber-attacks. Still, electrical systems and microgrids present their own peculiarities, and some effort has to be put forth to apply cyber-protection technologies in the electrical sector. In the present work, we discuss the latest advancements and research trends in the field of microgrid cybersecurity in a tutorial form.
“…But these studies were proactive response approaches, they could not identity what type of field devices were compromised and react as soon as an attack was detected. In [25], Piedrahita et al described a prospect of intrusion response solution in ICSs by leveraging the SDN and network functions virtualization (NFV) techniques, but it did not suggest a specific method.…”
Section: B Software-defined Security (Sdsec)mentioning
Industrial control systems (ICSs) are facing increasingly severe security threats. Zone isolation, a commonly adopted idea for stopping attack propagation in general information systems, has been investigated for ICS security protection. It is usually implemented through perimeter security techniques. However, anomaly states of the physical processes in a compromised field zone may spread into other zones through the inter-zone information interaction. Due to the coupling of the physical processes between different zones, it is difficult to prevent the propagation of attack impact in ICSs. In this paper, a softwaredefined security (SDSec) approach is presented to address this problem. It consists of a hybrid anomaly detection module and a multi-level security response module, both of which work together to secure the ICS field zones. The hybrid anomaly detection module inspects anomaly behaviors from the perspectives of network communications and physical process states. The multi-level security response module helps prevent unapproved packets from communications, thus isolating any compromised zone. It also generates attack mitigation strategies to secure physical processes. Hardware-in-the-loop simulations are conducted to demonstrate the effectiveness of the presented approach.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.