Threat landscape for smart grid systems

Mathas, Christos-Minas; Grammatikakis, Konstantinos-Panagiotis; Vassilakis, Costas; Kolokotronis, Nicholas; Bilali, Vasiliki-Georgia; Kavallieros, Dimitris

doi:10.1145/3407023.3409229

Cited by 15 publications

(12 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Cyber attacks are typically discussed from the perspective of CIA (confidentiality, integrity, and availability) requirements [59], [60]. The explanation of CIA is listed as follows:…”

Section: B Prevalent Attack Methodsmentioning

confidence: 99%

Smart Grid: Cyber Attacks, Critical Defense Approaches, and Digital Twin

Tang¹,

Liu²,

Puthal³

et al. 2022

Preprint

View full text Add to dashboard Cite

As a national critical infrastructure, the smart grid has attracted widespread attention for its cybersecurity issues. The development towards an intelligent, digital, and Internetconnected smart grid has attracted external adversaries for malicious activities. It is necessary to enhance its cybersecurity by either improving the existing defense approaches or introducing novel developed technologies to the smart grid context. As an emerging technology, digital twin (DT) is considered as an enabler for enhanced security. However, the practical implementation is quite challenging. This is due to the knowledge barriers among smart grid designers, security experts, and DT developers. Each single domain is a complicated system covering various components and technologies. As a result, works are needed to sort out relevant contents so that DT can be better embedded in the security architecture design of smart grid.In order to meet this demand, our paper covers the above three domains, i.e., smart grid, cybersecurity, and DT. Specifically, the paper i) introduces the background of the smart grid; ii) reviews external cyber attacks from attack incidents and attack methods; iii) introduces critical defense approaches in industrial cyber systems, which include device identification, vulnerability discovery, intrusion detection systems (IDSs), honeypots, attribution, and threat intelligence (TI); iv) reviews the relevant content of DT, including its basic concepts, applications in the smart grid, and how DT enhances the security. In the end, the paper puts forward our security considerations on the future development of DT-based smart grid. The survey is expected to help developers break knowledge barriers among smart grid, cybersecurity, and DT, and provide guidelines for future security design of DT-based smart grid.

show abstract

“…Cyber attacks are typically discussed from the perspective of CIA (confidentiality, integrity, and availability) requirements [59], [60]. The explanation of CIA is listed as follows:…”

Section: B Prevalent Attack Methodsmentioning

confidence: 99%

Smart Grid: Cyber Attacks, Critical Defense Approaches, and Digital Twin

Tang¹,

Liu²,

Puthal³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…The AMIs constitute critical information infrastructures with their operation having a high impact on end-users' everyday lives [28], making their security to be of outmost importance. High-level security requirements having been reported include [45,46]:…”

Section: Ami Requirementsmentioning

confidence: 99%

“…As noted in [45], confidentiality is becoming more important due to increasing privacy concerns, something that led [28] into defining privacy as a concrete AMI requirement to also account for inference attacks (amongst other privacytargeting attacks).…”

Section: Ami Requirementsmentioning

confidence: 99%

Advanced Metering Infrastructures: Security Risks and Mitigation

Bendiab,

Grammatikakis,

Koufos

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

Energy providers are moving to the smart meter era, encouraging consumers to install, free of charge, these devices in their homes, automating consumption readings submission and making consumers life easier. However, the increased deployment of such smart devices brings a lot of security and privacy risks. In order to overcome such risks, Intrusion Detection Systems are presented as pertinent tools that can provide network-level protection for smart devices deployed in home environments. In this context, this paper is exploring the problems of Advanced Metering Infrastructures (AMI) and proposing a novel Machine Learning (ML) Intrusion Prevention System (IPS) to get optimal decisions based on a variety of factors and graphical security models able to tackle zero-day attacks.

show abstract

“…The advent of the IoT has not only brought benefits; it has also brought serious security and privacy considerations. Numerous publications have provided a comprehensive mapping of the threat landscape in IoT, smart grid and 5G systems and the identification of relevant mitigation strategies, including [10][11][12][13][14][15][16][17]. More specifically, reference [10] portrays the threat landscape of next generation IoT-enabled smart grids, while reference [15] examines the security measures that are deemed appropriate for smart grids.…”

Section: Introductionmentioning

confidence: 99%

“…Attackers may attempt to capture or alter the data flowing through a smart grid network, thus compromising the confidentiality or integrity of the system respectively. Most importantly, attackers may attempt to disrupt the operation of the system, thus compromising its availability [12].…”

Section: Introductionmentioning

confidence: 99%

On the Design of IoT Security: Analysis of Software Vulnerabilities for Smart Grids

et al. 2021

Self Cite

View full text Add to dashboard Cite

The 5G communication network will underpin a vast number of new and emerging services, paving the way for unprecedented performance and capabilities in mobile networks. In this setting, the Internet of Things (IoT) will proliferate, and IoT devices will be included in many 5G application contexts, including the Smart Grid. Even though 5G technology has been designed by taking security into account, design provisions may be undermined by software-rooted vulnerabilities in IoT devices that allow threat actors to compromise the devices, demote confidentiality, integrity and availability, and even pose risks for the operation of the power grid critical infrastructures. In this paper, we assess the current state of the vulnerabilities in IoT software utilized in smart grid applications from a source code point of view. To that end, we identified and analyzed open-source software that is used in the power grid and the IoT domain that varies in characteristics and functionality, ranging from operating systems to communication protocols, allowing us to obtain a more complete view of the vulnerability landscape. The results of this study can be used in the domain of software development, to enhance the security of produced software, as well as in the domain of automated software testing, targeting improvements to vulnerability detection mechanisms, especially with a focus on the reduction of false positives.

show abstract

Threat landscape for smart grid systems

Cited by 15 publications

References 40 publications

Smart Grid: Cyber Attacks, Critical Defense Approaches, and Digital Twin

Smart Grid: Cyber Attacks, Critical Defense Approaches, and Digital Twin

Advanced Metering Infrastructures: Security Risks and Mitigation

On the Design of IoT Security: Analysis of Software Vulnerabilities for Smart Grids

Contact Info

Product

Resources

About