cyber security and privacy issues in smart grids
play

Cyber Security and Privacy Issues in Smart Grids Acknowledgement: - PDF document

Jan 10, 2024 •250 likes •397 views

2015/10/30 Cyber Security and Privacy Issues in Smart Grids Acknowledgement: Slides by Hongwei Li from Univ. of Waterloo References Main Reference Liu, J. and Xiao, Y. and Li, S. and Liang, W. and Chen, C. Cyber Security and

  1. 2015/10/30 Cyber Security and Privacy Issues in Smart Grids Acknowledgement: Slides by Hongwei Li from Univ. of Waterloo References  Main Reference  Liu, J. and Xiao, Y. and Li, S. and Liang, W. and Chen, C. “Cyber Security and Privacy Issues in Smart Grids,” IEEE Communications Surveys & Tutorials, 2012.  In Brief  U.S. NIST, “ Guidelines for smart grid cyber security ,” NIST IR- 7628, Aug. 2010, available at: http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7628. NIST: National Institute of Standard and Technology 2 1

  2. 2015/10/30 Outline Reference model for the smart grid 3 1 Security issues 2 Privacy issues 3 3 Future research directions 4 3 Fig. 1. NIST reference model for the smart grid Fig. 1. NIST reference model for the smart grid 4 2

  3. 2015/10/30 SCADA: an important component of operations SCADA: an important component of operations SCADA (Distribution Supervisory Control and Data Acquisition) A type of control system that transmits individual device status, manages energy consumption by controlling the devices. Allows operators to directly control power system equipment. The main goal of SCADA Helping the grid reduce operation and maintenance costs and ensure the reliability of the power supply. 5 MTU: Master Terminal Unit HMI: Human Machine Interface MTU: Master Terminal Unit HMI: Human Machine Interface RTU: Remote Terminal Unit PLC: Programmable Logic Controller RTU: Remote Terminal Unit PLC: Programmable Logic Controller Field data interface devices: Including RTU and PLC, et al. Field data interface devices: Including RTU and PLC, et al. Fig. 3. A typical SCADA architecture Fig. 3. A typical SCADA architecture 6 3

  4. 2015/10/30 SCADA Security Issues-1 SCADA Security Issues-1 Distribution control commands and access logs are critical for SCADA systems. Intercepting, tampering, or forging these data damages the grid. Possible solutions: Ensure all commands and log files are accurate and secure. Synchronizing time-tagged data in wide areas is essential; without it the safety and reliability of the SCADA system cannot be achieved. Possible solutions: Use a common time reference for time synchronization. 7 SCADA Security Issues-2 SCADA Security Issues-2 Every decision of SCADA comes from the analysis of the raw data based on a reasonable model. Improper models may mislead operator actions. In addition, different vendors using distinct SCADA models will disrupt the consistency of the grid. Possible solutions: So far, no. Other security issues ? 8 4

  5. 2015/10/30 PHEV; Plug-in Hybrid Electric Vehicle DER: Distributed Energy Resource PHEV; Plug-in Hybrid Electric Vehicle DER: Distributed Energy Resource HAN: Home Area Network AMI: Advanced Metering Infrastructure HAN: Home Area Network AMI: Advanced Metering Infrastructure Fig. 2. A use case of AMI in HAN Fig. 2. A use case of AMI in HAN 9 Smart Meter Security Smart Meter Security Meters may suffer physical attacks such as battery change, removal, and modification. Functions like remote connect/disconnect meters and outage reporting may be used by unwarranted third parties. Customer tariff varies on individuals, and thus, breaches of the metering database may lead to alternate bills. Possible solutions Ensure the integrity of meter data. Detect unauthorized changes on meter. Authorize all accesses to/from AMI networks. Secure meter maintenance. 10 5

  6. 2015/10/30 Customer Interface Security Customer Interface Security Home appliances can interact with service providers or other AMI devices. Once manipulated by malicious intruders, they could be unsafe factors in residential areas. Energy-related information can be revealed on the communication links. Unwarranted data may misguide users’ decision. Possible solutions Access control to all customer interfaces. Validate notified information. Improve security of hardware and software upgrade. 11 PHEV Security PHEV Security PHEV can be charged at different locations. Inaccurate billings or unwarranted service will disrupt operations of the market. Possible solutions Establish electric vehicle standards [1]. [1] U.S. NIST, “Guidelines for smart grid cyber security ,” NIST IR-7628, Aug. 2010, available at: [1] U.S. NIST, “Guidelines for smart grid cyber security ,” NIST IR-7628, Aug. 2010, available at: http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7628. http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7628. 12 6

  7. 2015/10/30 Anomaly detection-1: Temporal Information Anomaly detection-1: Temporal Information Unsecured time information may be used for replay attacks and revoked access which has a significant impact on many security protocols. Timestamps in event logs may be tampered by malicious people. Possible solutions Use Phasor Measurement Units (PMUs) to ensure accurate time information. Adopt existing forensic technologies to ensure temporal logs are accurate. 13 Anomaly detection-2: Data & Service Anomaly detection-2: Data & Service RTUs may be damaged in various ways. The accuracy of transmitted data and the quality of services therefore can not be guaranteed. Possible solutions Utilize fraud detection algorithms and models used in credit card transaction monitoring[1]. [1] U.S. NIST, “Guidelines for smart grid cyber security ,” NIST IR-7628, Aug. 2010, available at: [1] U.S. NIST, “Guidelines for smart grid cyber security ,” NIST IR-7628, Aug. 2010, available at: http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7628. http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7628. 14 7

  8. 2015/10/30 Demand Response Demand Response What is the demand response? Smart grid allows customers to shift load and to generate and store energy based on near real-time prices and other economic incentives. Customers can also sell surfeit stored energy back to the grid when the price is high. Such demand-response mechanisms help the grid balance power supply and demand, thus enhancing the efficiency of power usage. 15 Privacy Issues on Smart Grid Privacy Issues on Smart Grid counterm easures Privacy Concerns Personal I nform ation 16 8

  9. 2015/10/30 Personal Information Personal Information NIST guidelines have provided a list of personal information that may be available through the smart grid as follows[1]: Name: responsible for the account Address: location to which service is being taken Account number: unique identifier for the account Meter IP, Meter reading, current bill, billing history Lifestyle; when the home is occupied and it is unoccupied, when occupants are awake and when they are asleep, how many various appliances are used, etc. DER: the presence of on-site generation and/or storage devices, operational status, net supply to or consumption from the grid, usage patterns. Service Provider: identity of the party supplying this account, relevant only in retail access markets. [1] U.S. NIST, “Guidelines for smart grid cyber security ,” NIST IR-7628, Aug. 2010, available at: [1] U.S. NIST, “Guidelines for smart grid cyber security ,” NIST IR-7628, Aug. 2010, available at: http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7628. http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7628. 17 Privacy Concerns Privacy Concerns Energy consumption data obtained by a third part may disclose personal information without one’s permission[1]. Firstly, data in the smart meter and HAN could reveal certain activities of home smart appliances, e.g., appliance vendors may want this kind of data to know both how and why individuals used their products in certain ways. Secondly, obtaining near real-time data regarding energy consumption may infer whether a residence or facility is occupied, what they are doing, and so on. Thirdly, personal lifestyle information derived from energy use data could be valuable to some vendors or parties, e.g., vendors may use this information for targeted marketing, which could not be welcomed by those targets. . . . [1] U.S. NIST, “Guidelines for smart grid cyber security ,” NIST IR-7628, Aug. 2010, available at: [1] U.S. NIST, “Guidelines for smart grid cyber security ,” NIST IR-7628, Aug. 2010, available at: http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7628. http://csrc.nist.gov/publications/PubsNISTIRs.html#NIST-IR-7628. 18 9

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Cyber Security in Smart Grids EE 772 : Smart Grids Prof. S. A. Khaparde Indian Institute of

Cyber Security in Smart Grids EE 772 : Smart Grids Prof. S. A. Khaparde Indian Institute of

Cyber Security in Smart Grids EE 772 : Smart Grids Prof. S. A. Khaparde Indian Institute of Technology Bombay Introduction to Cyber-Physical Systems - Communication between physical devices through a cyber layer - Sensors and Actuators

893 views • 53 slides
NIST and the Smart Grid Annabelle Lee Senior Cyber Security Strategist National Institute of

NIST and the Smart Grid Annabelle Lee Senior Cyber Security Strategist National Institute of

NIST and the Smart Grid Annabelle Lee Senior Cyber Security Strategist National Institute of Standards and Technology U.S. Department of Commerce 11 January 2010 Why Do We Need Smart Grids? Fundamental Drivers Smart Grid goals Reduce

711 views • 34 slides
UPM DAY 1: SMART GRIDS TABLE 1: TECHNOLOGICAL CHALLENGES RELATED WITH SMART GRIDS DEVELOPMENT

UPM DAY 1: SMART GRIDS TABLE 1: TECHNOLOGICAL CHALLENGES RELATED WITH SMART GRIDS DEVELOPMENT

Guillermo del Campo UPM DAY 1: SMART GRIDS TABLE 1: TECHNOLOGICAL CHALLENGES RELATED WITH SMART GRIDS DEVELOPMENT INTERNATIONAL SUMMER SCHOOL SMART GRIDS AND SMART CITIES Barcelona, 6-8 June 2017 Context Dramatic growth of energy

618 views • 16 slides
Communication Technologies and Standards for Smart Grids EE 772 : Smart Grids Prof. S. A.

Communication Technologies and Standards for Smart Grids EE 772 : Smart Grids Prof. S. A.

Communication Technologies and Standards for Smart Grids EE 772 : Smart Grids Prof. S. A. Khaparde Indian Institute of Technology Bombay Smart Grid Communications 1. Bi-directional flow of information (along with electricity) for effective

647 views • 32 slides
Smart Grid Cyber Security Deakin University, La Trobe University, RMIT and The University of

Smart Grid Cyber Security Deakin University, La Trobe University, RMIT and The University of

Smart Grid Cyber Security Deakin University, La Trobe University, RMIT and The University of Melbourne Smart Grid Cyber Security The smart power grid is transforming towards a large cyber- physical system. The increased reliance of

397 views • 22 slides
Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems (NSF CNS-1505799 and

Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems (NSF CNS-1505799 and

Synergy: Collaborative: Security and Privacy-Aware Cyber-Physical Systems (NSF CNS-1505799 and the Intel-NSF Partnership for Cyber- Physical Systems Security and Privacy) Insup Lee (PI) PRECISE Center School of Engineering and Applied Science

1.11k views • 34 slides
Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security

Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security

Cyber Security and Smart Infrastructure: Research Dr. Stacy Prowell Chief Cyber Security Research Scientist Oak Ridge National Laboratory Main Points Information Sharing Enable discovering and sharing information about real threats to

216 views • 6 slides
CORPORATE SECURITY IMPROVED SECURITY FOR THE MID-MARKET 1 SYNERGIES ACROSS SEGMENTS Privacy

CORPORATE SECURITY IMPROVED SECURITY FOR THE MID-MARKET 1 SYNERGIES ACROSS SEGMENTS Privacy

Jens Thonke, EVP, Cyber Security Services Jyrki Rosenberg, EVP, Corporate Cyber Security CORPORATE SECURITY IMPROVED SECURITY FOR THE MID-MARKET 1 SYNERGIES ACROSS SEGMENTS Privacy Family Connected home 2 F-Secure Capital Markets Day 2017

736 views • 19 slides
Privacy Harm Analysis: A Case Study on Smart Grids Sourya Joyee De & Daniel Le M etayer

Privacy Harm Analysis: A Case Study on Smart Grids Sourya Joyee De & Daniel Le M etayer

Privacy Harm Analysis: A Case Study on Smart Grids Sourya Joyee De & Daniel Le M etayer INRIA, Universit e de Lyon, France 26 May 2016 PIA/ PRA is relevant today PIA: a process whereby the potential impacts and implica- tions of

394 views • 20 slides
Smart Devices in Airbnbs: Considering Privacy and Security for both Guests and Hosts Abstract:

Smart Devices in Airbnbs: Considering Privacy and Security for both Guests and Hosts Abstract:

Proceedings on Privacy Enhancing Technologies ; 2020 (2):436458 Shrirang Mare*, Franziska Roesner, and Tadayoshi Kohno Smart Devices in Airbnbs: Considering Privacy and Security for both Guests and Hosts Abstract: Consumer smart home devices

596 views • 23 slides
IoT SECURITY Enabling Trust and Digital Future LIM SOON CHIA DIR(TECHNOLOGY) CYBER SECURITY

IoT SECURITY Enabling Trust and Digital Future LIM SOON CHIA DIR(TECHNOLOGY) CYBER SECURITY

IoT SECURITY Enabling Trust and Digital Future LIM SOON CHIA DIR(TECHNOLOGY) CYBER SECURITY AGENCY 1 of 14 The Great Digital Convergence Smart Mobility Smart Payment Smart Health 3 of 17 Office Smart Mobility MRT Station Bus Stop

577 views • 14 slides
Jos Manuel Martn INYCOM DAY 1: SMART GRIDS TABLE 1: TECHNOLOGICAL CHALLENGES RELATED WITH

Jos Manuel Martn INYCOM DAY 1: SMART GRIDS TABLE 1: TECHNOLOGICAL CHALLENGES RELATED WITH

Jos Manuel Martn INYCOM DAY 1: SMART GRIDS TABLE 1: TECHNOLOGICAL CHALLENGES RELATED WITH SMART GRIDS DEVELOPMENT INTERNATIONAL SUMMER SCHOOL SMART GRIDS AND SMART CITIES Barcelona, 6-8 June 2017 1. INTRODUCTION 2. P2P-SMARTEST

387 views • 20 slides
Validating Security and Resiliency in Software Defined Networks for Smart Grids Rakesh Kumar

Validating Security and Resiliency in Software Defined Networks for Smart Grids Rakesh Kumar

Validating Security and Resiliency in Software Defined Networks for Smart Grids Rakesh Kumar DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING UNIVERSITY OF ILLINOIS, URBANA-CHAMPAIGN Motivation 2 Security: Access Control In United

349 views • 23 slides
The Intersection of Smart Grid Technology and Intellectual Property Issues Finding the Keys to

The Intersection of Smart Grid Technology and Intellectual Property Issues Finding the Keys to

The Intersection of Smart Grid Technology and Intellectual Property Issues Finding the Keys to the Smart Grid Ken Van Meter Principal, Energy and Cyber Services Lockheed Martin The Smart Grid is, and must be, a national priority Security

333 views • 9 slides
Privacy Enhancing Techniques for Smart Grids PETs PhD Course 4 th Session Valentin Tudor

Privacy Enhancing Techniques for Smart Grids PETs PhD Course 4 th Session Valentin Tudor

Privacy Enhancing Techniques for Smart Grids PETs PhD Course 4 th Session Valentin Tudor October 18th, 2012 Karlstad Chalmers University of Technology Dept. of Computer Science and Engineering Computer Science and Engineering Department

1.03k views • 41 slides
Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations Christopher S. Yoo

Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations Christopher S. Yoo

Security and Privacy-Aware Cyber-Physical Systems: Legal Considerations Christopher S. Yoo University of Pennsylvania July 12, 2018 Overview of Research Tort and products liability for CPS Privacy and cybersecurity regulation NHTSA

472 views • 25 slides
Privacy in the Smartphone Age Di Ma NSF US/Mid-East Workshop on Trustworthiness in Emerging

Privacy in the Smartphone Age Di Ma NSF US/Mid-East Workshop on Trustworthiness in Emerging

Privacy in the Smartphone Age Di Ma NSF US/Mid-East Workshop on Trustworthiness in Emerging Distributed Systems and Networks June 4-6, 2012 Istanbul, Turkey The issue Privacy in the smartphone age I s important because smartphones

233 views • 6 slides
State Machine Replication for the Masses with BFT-SM A R T Hsin-Yang Huang Chih-shang Chen

State Machine Replication for the Masses with BFT-SM A R T Hsin-Yang Huang Chih-shang Chen

State Machine Replication for the Masses with BFT-SM A R T Hsin-Yang Huang Chih-shang Chen Outline 1.Introduction 2.BFT-SMART Design 3.Implementation 4.Alternative Configuration 5.Evaluation 6.Lessons Learned 7.Conclusion Introduction

1.1k views • 31 slides
Deep Learning in Smart Spaces Markus Loipfinger Advisor(s): Marc-Oliver Pahl, Stefan Liebald

Deep Learning in Smart Spaces Markus Loipfinger Advisor(s): Marc-Oliver Pahl, Stefan Liebald

Fakultt fr Informatik Technische Universitt Mnchen [1] Deep Learning in Smart Spaces Markus Loipfinger Advisor(s): Marc-Oliver Pahl, Stefan Liebald Supervisor: Prof. Dr.-Ing. Georg Carle Chair of Network Architectures and Services

663 views • 24 slides
Migrating code with SmaCC John Brant brant@refactoryworkers.com Migration Strategy

Migrating code with SmaCC John Brant brant@refactoryworkers.com Migration Strategy

Migrating code with SmaCC John Brant brant@refactoryworkers.com Migration Strategy Define Parser SmaCC Create transformation program Compatibility layer Normal development continues -Keeps same design garbage in

550 views • 18 slides
Smart programming languages, smart program analysis Varmo Vene Institute of Cybernetics at TUT

Smart programming languages, smart program analysis Varmo Vene Institute of Cybernetics at TUT

Smart programming languages, smart program analysis Varmo Vene Institute of Cybernetics at TUT & University of Tartu Introduction A quote from classics Everyone knows that debugging is twice as hard as writing a program in the first

371 views • 26 slides
Cloud Tutorial: AWS IoT CSE 520S Spring, Jan. 16, 2020 Ruixuan Dai XaaS: Basics in Cloud

Cloud Tutorial: AWS IoT CSE 520S Spring, Jan. 16, 2020 Ruixuan Dai XaaS: Basics in Cloud

Cloud Tutorial: AWS IoT CSE 520S Spring, Jan. 16, 2020 Ruixuan Dai XaaS: Basics in Cloud Computing Cloud Computing Cloud computing provides shared pool of configurable computing resource to end users on demand Three service models q IaaS

510 views • 47 slides
Password Authenticated Key Agreement for Contactless Smart Cards Dennis Kgler 1 , Heike Neumann

Password Authenticated Key Agreement for Contactless Smart Cards Dennis Kgler 1 , Heike Neumann

Password Authenticated Key Agreement for Contactless Smart Cards Dennis Kgler 1 , Heike Neumann 2 , Sebastian Stappert 2 , Markus Ullmann 1 , Matthias Vgeler 2 1 Bundesamt fr Sicherheit in der Informationstechnik 2 NXP Semiconductors Outline

174 views • 16 slides
Event Recording in Smart Room Ivan Galov, Rustam Kadirov, Andrew Vasilev, Dmitry Korzun

Event Recording in Smart Room Ivan Galov, Rustam Kadirov, Andrew Vasilev, Dmitry Korzun

Event Recording in Smart Room Ivan Galov, Rustam Kadirov, Andrew Vasilev, Dmitry Korzun Petrozavodsk State University Department of Computer Science Yaroslavl State University This project is supported by grant KA179 of Karelia ENPI joint

382 views • 14 slides

More recommend