Shubhra Shah

Smart Grid: The “Energy Internet”

2-way flow of electricity and information

 Smart Grid
 Smart grid is a promising power delivery infrastructure integrated
with communication and information technologies.
 Its bi-directional communication and electricity flow enable both
utilities and customers to monitor, predict, and manage energy
usage.
 As per the Definition given by IEEE
 Smart grid is a large ‘system of systems’ where each functional
domain consists of three layers (1) the power and energy layer (2) the
communication layer (3) the IT / computer Layer.
 Layers 2 and 3 are the enabling infrastructure that makes the
existing power and energy infrastructure 'smarter’.
 The increased interconnection and integration introduces cyber
vulnerabilities into the grid.
 Failure to address these problems will hinder the modernization
of the existing power system.
 The presentation focuses on conceptual model given by NIST for
Smart Grid, it key components, the cyber security objectives ,
threats and issues in smart grid.
NIST Conceptual Model for Smart Grid
5
 Domain Roles/Services in the Domain
1 Customer The end users of electricity. May also generate, store, and manage the
use of energy. Traditionally, three customer types are discussed, each
with its own domain: residential(HAN),commercial(BAN)and
industrial(IAN).
2 Markets The operators and participants in electricity markets.
3 Service The organizations providing services to electrical customers and to
Provider utilities.
4 Operations The managers of the movement of electricity.
5 Generation The generators of electricity. May also store energy for later distribution.
This domain includes traditional generation sources (traditionally
referred to as generation) and distributed energy resources (DER). At a
logical level, “generation” includes coal, nuclear, and large-scale hydro
generation usually attached to transmission. DER (at a logical level) is
associated with customer and distribution-domain-provided generation
and storage, and with service-provider-aggregated energy resources

6 Transmission The carriers of bulk electricity over long distances. May also store and
generate electricity.
7 Distribution The distributors of electricity to and from customers. May also store
and generate electricity.
7
Smart Grid Networks for Information Exchange

8
 Key components of Smart Grid
 AMI (Advanced Metering Infrastructure): Major
applications include smart meters, HAN, meter data
management systems (MDMS), and operational
gateways (as shown in Fig. 2).
 SCADA (Supervisory Control and Data Acquisition):
It consist of four parts (as shown in Fig. 3)
 Field data interface devices such as RTUs and PLCs
 Communication system (e.g., telephone, radio, cable,
satellite, etc.)
 Central master terminal unit (MTU)
 HMI software or systems.
 Key components of Smart Grid Contd.

 PHEV (Plug-in Hybrid Electric Vehicle) : Vehicle-to-

grid concept may improve the efficiency and increase
the reliability of the power grid.

 Communication Protocols and Standards

11
12
 Standards for Power System Information exchange
Communication
Protocols & Standards Use

IEC 60870-5 & Between SCADA and RTUs

DNP3(IEEE 1815)

IEC 61850 Peer-to-peer communication mode for field devices DERs

IEC 61970 CIM Applications to application interaction primarily within utility

operations centres For grid modelling

IEC 61968 CIM Application to application interactions primarily within utility operation
centres for distribution functions

IEC 60870-6 Used primarily for communications between control centres and also for
TASE.2 (ICCP) communication between SCADA systems and other engineering systems
within the control centres

IEEE C37.118 & For phasor measurement units

IEC 61850-90-5

ANSI C12 Metering standard

IEC 62351 Specifies security constraints and concerns of the above communication
protocols and standards
 IEC 62351
IEC 62351 Summary

Part 1 & 2 Present an introduction to its background and a glossary of

terms
Part-3 Specifies the security requirements for TCP/IP
profiles in IEC 60870 and IEC 61850
Part-4 Addresses MMS (Manufacturing Message Specification, ISO
9506) protocol security in the IEC 61850 standard.
Part-5 Focuses on the security of serial communication
in IEC 60870 and DNP3.
Part-6 Provides security for non-routable peer-to-peer communications

Part-7 & Part-8 are still at draft specification

Part- 7 : secure the network and system management (NSM) of
the information infrastructure.
Part-8 : designed to address authorization
problems in control centers. 14
 Cyber Security Objectives
• Organisations involved: EPRI, NIST, SGiP , IEEE
• As per NIST

15
 Cyber Security Threats
 Generation System / Transmission System
 Numerical relays adopt Ethernet based IEC61850 for
information exchange. Prone to DOS attack.
 Various Local control Loops including that of speed
control, valve control and AVR are linked with plant
control centre through Ethernet. Possibility to find
security holes to gain access inside the LAN and plant a
Trojan or get a backdoor entry .

16
 Cyber Security Threats contd

 Generation System/ Transmission System

 SCADA system - Legacy SCADA still uses hardcoded
passwords, ladder logic and lack authentication. Possibility
of invasion into the SCADA system to change frequency
measurements provided to the automatic governor control
(AGC). Such an attack can directly affect the stability of the
system.
 Communication protocols MODBUS or DNP3 –
 The MODBUS protocol does not provide security against
unauthorized entry.
 DNP3 protocol also does not employ encryption, authentication
and authorization.
 “Buffer flooding” attack -on a DNP3 based SCADA network.
 “Man-in-the middle” attack between the SCADA and the slave
devices (RTUs or PLCs).
17
 Cyber Security Threats contd

 Distribution System
 Meter tampering
 Reversing counter/manipulation of calculation.
 Remotely tampering with data sent to the system operator or sneak into
confidential data of the consumers. For eg false data packets can be
send to inject negative pricing in the system resulting in power
shortages at the targeted area causing loss of revenue to the utility
company.
 There are millions of conventional/smart meters connected to the
system and since it is difficult to secure every node, thus increasing the
vulnerabilities of the system .
 Switch-off millions of smart meters simultaneously through a remote
location.
 Smart meters also fail to comply to the Open Web Application
Security Project (OWASP) standards such as injection,
authentication, cross site scripting (XSS), access control, security
misconfiguration and sensitive data exposure.
18
 Cyber Security Threats contd

 Distribution System
 Networking and communication within the AMI infrastructure
will rely on technologies like WLAN, ZigBee, RF mesh, WiMax,
WiFi and PLC.
 Wireless Local Area Networks (WLANs) follow IEEE 802.11
standards which by default do not provide authorization
mechanisms and is also vulnerable to DOS attack,
eavesdropping and session hijacking attacks.
 ZigBee is based on IEEE 802.15.4 standards which are vulnerable
to jamming attacks. Bennet and Wicker [13] have argued that the
conventional ZigBee would suffer from delays due to multi-tier
feature of the cluster-tree based routing strategy.
 Power Line Communication (PLC) can be susceptible to threats
by hostile users on the network using access control to misguide
services.
 Ethernet Passive Optical Networks (EPON) used for electric
power system distribution automation systems in smart grid is
also vulnerable to attacks such as DoS, eavesdropping and
spoofing.
19
 Cyber Security Issues in Smart Grid Contd

Computational Constraints

Channel Bandwidth

Cyber Security Connectivity

Entropy

Key Management Issues

Next
20
 Computational Constraints
 Some smart grid devices for e.g residential meters &
in-home devices, may be limited in their
computational power and/or ability to store
cryptographic materials .
 Need of low-cost semiconductors, including low-cost
embedded processors with built-in cryptographic
capabilities.
 Future devices connected to the smart grid will have
basic cryptographic capabilities, including the ability
to support symmetric ciphers for authentication
and/or encryption.

Back
21
 Channel Bandwidth
 Smart grid involves communication over a variety of
communication channels with varying bandwidths.
 Encryption alone does not generally impact channel
bandwidth. However, encryption negatively influences
lower layer compression algorithms, since encrypted
data is uniformly random and therefore not
compressible.
 Integrity protection as provided by an efficient Cipher-
Based Message Authentication Code (CMAC) adds a
fixed overhead to every message, typically 64 or 96
bits. On slow channels that communicate primarily
short messages, this overhead can be significant.
Back
22
 Connectivity
 Standard Public Key Infrastructure (PKI) systems
based on a peer-to-peer key establishment model
where any peer may need to communicate with any
other may not be necessary or desirable from a security
standpoint for components in the smart grid.
 Many devices may not have connectivity to key servers,
certificate authorities, Online Certificate Status
Protocol (OCSP) servers, etc. Many connections
between smart grid devices will have much longer
durations (often permanent) than typical connections
on the Internet.

Back
23
 Entropy
 Many devices do not have access to sufficient sources
of entropy to serve as good sources of randomness for
cryptographic key generation and other cryptographic
operations.
 This is a fundamental issue and has impacts on the key
management and provisioning system that must be
designed and operated in this case.

Back
24
 Key Management Issues
 All security protocols rely on the existence of a security
association (SA).
 The provisioning of secret keys (i.e., symmetric keys) can be a
very expensive process, with security vulnerabilities not present
when using digital certificates. The main reason for this is that
with symmetric keys, the keys need to be transported from the
device where they were generated and then inserted into at least
one other device; typically, a different key is required for each
pair of communicating devices. Key provisioning should be
coordinated so that each device receives the appropriate keys—a
process that is prone to human error and subject to insider
attacks.
 There are hardware solutions for secure key transport and
loading, but these can require a great deal of operational
overhead and are typically cost-prohibitive for all but the
smallest systems. All of this overhead and risk can be multiplied
several times if each device is to have several independent
security associations, each requiring a different key.
Back
25
 Conclusion
 Cyber security in smart grid is still under critical stage of
development.
 Cyber security gets even more challenging when the scale
and complexity of the smart grid increases.
 The contemporary IT security techniques such as virtual
private networks (VPNs), public key infrastructure
(PKIs), intrusion detection systems (IDSs), firewall, anti-
virus, etc. may be transplanted into the smart grid, but
due to their inherent differences they still cannot be
made effective without any enhancements.

26
 References
 Liu, J. and Xiao, Y. and Li, S. and Liang, W. and Chen, C. “Cyber Security and
Privacy Issues in Smart Grids,” IEEE Communications Surveys & Tutorials, 2012.
 U.S. NIST, “Guidelines for smart grid cyber security (Vol. 1 to 3),” NIST IR-7628,
Aug. 2010,
 U.S. NIST, “NIST framework and roadmap for smart grid interoperability
standards, release 1.0,” NIST Special Publication 1108, Jan. 2010.
 Electric Power Research Institute, “Report to NIST on smart grid
interoperability standards roadmap,” 2009.
 Open Web Application Security Project, “Top 10 OWASP, 2017,”
 R. E. Mackiewicz, "Overview of IEC 61850 and Benefits," in Proc. IEEE PSCE,
Oct./Nov. 2006, pp. 623-630.
 IEC 60870-5- Telecontrol Equipments and Systems- Part 5: Transmission
Protocols, IEC Std. 2002
 IEC 60870-6- Telecontrol Equipments and Systems- Part 6: Telecontrol
Protocols Compatible with ISO Standards and ITU-T Recommendations, IEC
Std. 2004.
 W. Wang, Z. Lu, "Cyber security in the smart grid: Survey and challenges",
Computer Networks, vol. 57, no. 5, pp. 1344-1371, Apr. 2013.
 IEC TC57 Dashboard: http://www.iec.ch/tc57
Thank you
 Cyber Security Objectives and requirements
 Organisations involved: EPRI, NIST, SGiP , IEEE
 As per NIST
Objectives Requirements

Confidentiality Identification

Authentication
Integrity
Authorization

Availability
Trust

Access Control

Privacy
29
30
 IEC 62351
IEC 62351 Summary
Part 1 & 2 Present an introduction to its background and a glossary of
terms
Part-3 Specifies the security requirements for TCP/IP
profiles in IEC 60870 and IEC 61850
Part-4 Addresses MMS (Manufacturing Message Specification, ISO
9506) protocol security in the IEC 61850 standard.
Part-5 Focuses on the security of serial communication
in IEC 60870 and DNP3.
Part-6 Provides security for non-routable peer-to-peer
communications
Part-7 & Part-8 are still at draft specification
Part- 7 : secure the network and system management (NSM)
of the information infrastructure.
Part-8 : designed to address authorization
problems in control centers. 31
 Cyber Security Issues in Smart Grid
 The cyber security of the power industry covers all IT
and communications issues that affect the operation of
power delivery systems and the management of the
utilities.
 Securing the power grid prevents, prepares for,
protects against, mitigates, responds to, and recovers
from unexpected cyber events or natural disasters
 Challenges in the development of a secure smart grid
 New communication requirements and obsolescence
issue .
 Legacy devices
 Heterogeneous technologies and protocols
 Proprietary systems
 Challenges
 New communication requirements and Avoiding early
obsolescence .
 Legacy devices
 Use of heterogeneous technologies and protocols
 proprietary systems
 Cyber Security Issues in Smart Grid Contd

Device Issues

Networking Issues

Cyber Security Management Issues

Anomaly Detection Issues

Other Issues
34