2015 International Conference on Smart Grid and Clean Energy Technologies

Smart Grid Cyber Security: Challenges and Solutions

Salsabeel Shapsough, Fatma Qatan, Raafat Aburukba, Fadi Aloul, A. R. Al Ali

Department of Computer Science & Engineering, American University of Sharjah, UAE
e-mail: {g0004l6l9, g00059l35, raburukba, faloul, aali}@aus.edu

Abstract-Cyber security in smart grid systems is becoming a

maj or concern throughout the grid communication networks
and software platforms that operate and manage the entire grid.
The smart grid networks characteristics such as heterogeneity, Software Layer:
delay constraints, bandwidth, scalability, and others make it Meter data analysis, billing, Outage Management, Load Control,
Consumers and Field Engineers Devices Interface, GIS, Wide area
challenging to deploy uniform security approaches all over the
management Systems, Consumer Information Systems
networks segments. Therefore, more research is required to
develop standards and techniques that meet the smart grid
network requirements at a low cost. In this paper, we discuss
some of the existing cyber security challenges in smart grid
networks, highlight some of the latest solutions, and
recommend a new security conceptual model based on the
Internet of Things paradigm.

Keywords-smart grid; cyber security; networks; loT

I. INTRODUCTION

Smart grid research and development are gaining

momentum as the grid role from conceptual model to
deployment phase. The National Institute of Standards and
Technology (NIST) described the smart grid as the
integration of the last century power grid with the current
century development in Information and Communication
Technologies (lCT) [1], [2]. Such integration empowers
utility, ICT developers and consumers to operate the grid
efficiently by installing distributed and mixed renewable
Figure I. Smart grid conceptual model.
energy resources near the consumption premises [3]-[5]. In
the smart grid, power flow is bidirectional, i.e. consumers As shown in the communications layer, there are different
and utility can exchange power by utilizing two-way types of communication networks. Some maybe wired and
communication networks [6], [7]. Utility companies are not others maybe wireless and can cover short or long areas. The
anymore the prime owner of the power grid. As projected in software layer also consists of several different software
the NIST conceptual model, the smart grid has seven packages to operate the grid.
domains namely: bulk generations, transmission, distribution, Many operators, homeowners, workforce field engineers,
consumption, service provider, operations and markets [1], service providers and marketing staff require access to the
[8].Technical shareholders of the grid utilize several layers of operating software packages and tools via many access
communication networks and software packages to manage points. Such access imposes serious cyber security threats
the grid efficiently. For example IBM has introduced smart that require authentication and authorization to protect the
grid model that elaborates more on the communication grid from any cyber-attacks.
networks, storage and computing platforms Infrastructure as This paper presents a survey on the cyber security
a Service (laaS) as well as software packages as services challenges and existing solutions within the smart grid
(SaaS) [9]. Such characterization provides better environment. The rest of this paper is organized as follows.
customization in terms of device communication needs, Section II presents security requirements and objectives in
mainly: bandwidth, latency, resiliency, security, and protocol the smart grid. Section III presents the security challenges in
capacity. Fig. 1 mimics the IBM model within the NIST smart grids. Section IV surveys solutions that address the
conceptual model context [9]. With closer look to the IBM smart grid security challenges. Finally, Section V discusses
model one can find that the ICT layers constitute around 70% open issues and recommendations for further improving the
of the smart grid infrastructure [lO]. security of smart grids. Section VI concludes the paper.

170 978-1-4673-8734-7/15/$31.00 ©2015 IEEE

 II. SECURITY REQUIREMENTS AND OBJECTIVES • Connectivity: The communication network in the smart

Smart grid is composed of a large number of grid is sophisticated as it combines a large number of
interconnected devices. There are two types of data that are devices that interoperate. Given the nature of the smart
exchanged throughout the smart grid namely information grid environment being decentralized, the systems require
data and operational data. Information maybe the power a high level of protection against attacks and
consumption bill, trending, logging, tagging, historical vulnerabilities. Attacks can lead to physical damage,
reporting geographical locations, consumers' information and black-outs and lack of efficiency. This is because,
emails [11]. Operational data could be real time current and attackers gain control of the system [14].
voltage values, transformer tap changers, capacitors banks, • Trust: Consumers are no longer assumed trustworthy due
transformer feeders' current loads, fault locations, relays to the high connectivity of the smart grid systems which
status, circuit breakers status [11]-[13]. Operational data affected the design decisions. Some consumers will not
requires a high level of security to protect the smart grid adhere to the policies and agreements. For instance, users
systems from any vulnerability and attack that may cause
might intentionally damage the smart meter to report false
power blackout.
data about the power consumption to save money.
The security requirements and objectives in the smart grid
are: • Customer's Privacy: Ensuring consumer's privacy is an

• Availability: Accessing information in a timely in the important aspect in any system including the smart grid
smart grid. Loss of availability could affect the power that should be well protected and preserved. The
delivery since access to authorized individuals might be introduction of smart meter into the smart grid brought
denied. Attacks targeting the system availability are many challenges related to user's information privacy.
considered Denial of service attacks (DOS) which aim to Besides reporting back some essential information about
disturb the data transfer in order to make the resources user's power consumption, smart meter could
unavailable. compromise the user's privacy which is a critical. Since it
could use the information received at the service provider
• Integrity: Preventing an unauthorized modification of
to infer the behaviors of the users. The collected data
information or system by illegitimate users. Loss of
about customers include information about the time they
integrity in the smart grid might modify sensors values
are available at home or travelling. It can even extract
and products recipes which in turn can affect the power
information about some daily activities such as sleeping,
management.
watching television or even what appliances they are
Confidentiality: Preventing unauthorized users from
using. Criminals who plan to commit a crime, business,
•

accessing information in order to protect personal privacy

marketers who want to advertise or even competitors are
and safety. Smart grid networks carry information that
interested in the extracted data. So, data should be
varies in privacy and sensitivity levels; from consumption
protected during the transmitting and the storage process
information all the way to consumer private information.
to prevent unauthorized access to data in order to protect
• Authentication: Validating the true identity of the the user's privacy [15].
communicating parties. Authentication of humans and
• Software Vulnerabilities: Software suffers from a wide
machine is of high importance, and a weakness in it can
variety of vulnerabilities that include malwares.
lead to an attacker gaining access to private information,
Supervisory Control and Data Acquisition (SCADA)
or an illegitimate devices making use of the smart grid
systems composed of general purpose technology that
resources.
introduces the risk of malwares and malicious updated.
• Authorization: Providing permission and granting General purpose system suffers from a various well
access to a system (also known as access control). The known vulnerabilities that should be patched to ensure
variety of devices and humans that exist in a smart grid that the system stay updated. On the other hand, patching
network requires an authorization system in order to is considered a difficult process especially in critical
provide proper management of information and systems like the smart grid because it is very expensive
resources. and it could lead to downtime [14].
Non-Repudiation: Assuring that a certain action
performed by a system or user can't be later denied. IV. SOLUTIONS TO THE SMART GRID SECURITY
Non-repudiation becomes a major issue when valuable
Cyber security in the smart grid is a crucial issue that
resources and information are involved. attracted the attention of researchers and industry
professionals. While some solutions were proposed to solve
III. SECURITY CHALLENGES IN THE SMART GRID security issues in the smart grid, vulnerabilities still exist. This
Smart grid is vulnerable to various threats and challenges. section surveys existing solutions and methods that address
In this section, various cyber security challenges are the cyber security issues in the smart grid.
addressed.

171
A. Network Security • Using Transmission Failure Count: This is a technique
Denial of Service (DoS) is the most common attack in the to detect jamming attack to keep track of transmission
smart grid network. When launched against any system, its failure. This is done either at the transmitter or at the
main goal is to make the system unable to function as receiver. A jammer can cause transmission failure, or
intended. Lots of attention is given to this type of attack. corrupt the transmitted packet. If the nwnber of failures
Handling DoS attacks in smart grid networks is usually done hits a certain threshold, the transmitter or the receiver can
by: DoS Detection and DoS Mitigation [16]. consider it a jamming attack [21].
1) DoS Detection • Using Signatures: DoS attack signatures are usually
Smart grid systems must detect DoS attacks as they constructed using known attack patterns and
happen in order to apply appropriate counter measures. characteristics. Any suspicious activity is compared to the
Detection is important with Distributed DoS (DDoS) attacks, signatures, and a match results in a DoS detection [20].
where detection methods that target a source IP address is not
2) DoS Mitigation
an option. Several methods have been developed which
Once a DoS attack has been detected, smart grid systems
attempt to detect DoS attacks through the packet content,
should be able to take appropriate actions within a short
attack pattern, and other properties. Some recent methods are:
period in order to protect the nodes and minimize the outage
• Using Flow Entropy: Several recent studies in the field time. Attack mitigation counter measures in smart grid
of DoS detection focus on using probabilistic approaches networks are usually deployed at two layers: the Network
to analyze traffic in order to detect a DoS attack. The layer, and the Physical layer. This is because DoS attacks can
methods presented in [17]-[19] suggest sampling packets be in two forms: 1) DoS attacks exhausting the victim's
and measuring flow entropy to detect an attack. The resources, 2) DoS attacks trying to disrupt the
router would sample one of every five packets to communication over the network.
construct a flow, and then calculate measures of entropy DoS attack mitigation on the network layer can be done
such as the average entropy, and entropy of the source, as through one or more of the following methods:
well as the nwnber of packets per second. The router • Pushback: Once an attack has been detected at the victim
would then compare the measured values with known side, characteristics of the attacker such as source IP
threshold values to decide if it was under attack. address or pattern is pushed back to the upstream router.
• Using Signal Strength: Measuring signal strength to
The router then blocks all traffic that matches the
detect an attack is usually done by wireless devices. By characteristics [20].
measuring signal strength level or ambient energy, a • Rate Limiting: Once an attack has been detected, the
device can decide if it is receiving legitimate data, or it is router limits the data rate allowed for a certain user. This
under a jamming attack. However, since every device method is used when the detector decides that the user is
comes with its own properties such as receiver sensitivity performing a DoS attack, but the false detection rate is
and noise threshold, it is not possible to assign a unified high. In case the user is a legitimate user, then they can
strength value for jamming attacks. Therefore, the complain and the data rate can be raised again. Otherwise,
decision has to be made at each device using empirical limiting the rate can reduce the effectiveness of an attack.
methods, which may sometimes come across as a flaw in • Filtering: The router filters the source IP of a suspicious
the method. A jamming attack can take one of two forms; packet against a detector's blacklist. If a match is found,
the attacker can either choose to send a continuous, the packets are immediately filtered out in order to make
amplified signal to jam the channel, or can send a space for legitimate packets to go through.
noise-like signal. The detector must be able to develop • Reconfiguration: This is done by changing the topology
two models to detect either. Another approach is to check of the network in order to dedicate more resources to a
the decoder output for signals that are strong enough to be victim, or isolate an attacker. However, due to the current
detected. If the signal level is at one which should be network implementation and hardware used in smart grid
decodable, but the decoder cannot make out a meaningful, systems, this method is rarely used as it is very expensive.
there is a possibility of a jammer [20]. • Cleaning Center: A hybrid of filtering and
• Using Sensing Time Measurement: Carrier Sense reconfiguration. Once an attack has been detected at one
Multiple Access (CSMA) is a popular mUltiple access node, the traffic is directed to a "cleaning center", which
techniques in wireless networks. In CSMA, a transmitter is a particular node in the network that is capable of
senses the channel to confirm that it is free before performing filtering, in addition to several other
proceeding to send data. In case of a jamming attack, the functionalities [20].
sensing time will be long and the channel will never be • Physical Layer Mitigation: DoS attacks on the physical
free. Every time the transmitter attempts to send data, it layer level usually take the form of frequency jamming. In
will record the sensing time. Once the time hits a order to mitigate such attacks some of the employed
threshold, the transmitter will declare it as a DoS algorithms are: Frequency Hopping Spread Spectrwn
attack [21].

172
 (FHSS), Direct Sequence Spread Spectrum (DSSS), and • Hybrid asymmetry: this method incorporates both
Chirp Spread Spectrum (CSS). secret-info asymmetry and time asymmetry by creating
Those methods focus on similar a fundamental issue different temporary keys for every transmission.
which is transmitting data on multiple frequencies depending
C. Key Management
on a certain sequence that has been agreed on by the
transmitter and receiver. If the attacker is to acquire the Key management plays a significant role in authentication
sequence, the methods are no longer valid. For this reason, and encryption to achieve a secure system. It is categorized
uncoordinated versions of the aforementioned methods are into Public Key Infrastructure (PKI) and symmetric key
developed, where the sequence is further-randomized, and a management. PKI technology ensures the security by
new sequence is generated for every new verifying the true identity of the party through receiving a
transmission [22], [23]. Frequency hopping technologies are certificate from the Certificate Authority (CA) before
already used in light-weight communication protocols such establishing any communication. Symmetric key
as Bluetooth and ZigBee. management is used in symmetric cryptography which is
composed of key generation, key distribution, key storage and
B. Data Security key update.
Another level of securing a smart grid network is by The advantage of symmetric key management over the
providing data protection and object authentication. PKI is the speed and efficiency. However, due to the
Cryptography methods and algorithms are used to encrypt criticality of smart grid information, and the differences in
data in order to secure communication, protect user computing capability between smart grid objects, new
information, and to authenticate users in order to prevent approaches were proposed to the key management issue [6].
attacks against data integrity. The first step was to identify smart grid key requirements
In encryption, both Symmetric Key encryption and Public which include:
Key encryption are used in smart grid networks. While • Secure management: In order to provide confidentiality
symmetric key requires lower computing capabilities, public and integrity.
key has been proven to be more secure and is easier to • Scalability: Because of the large scale of the smart grid
implement when it comes to key management. However, due network, key management has to take into account the
to the variation of computational capability of devices across number of objects that share keys, and the distance they
smart grid networks, which range from simple sensors to cover.
smart phones and computers, both types of encryption are • Efficiency: In terms of computation, storage, and
used. The choice of which type of encryption to use in a
communication.
certain part of the network depends on factors such as
• Evolve-ability: The smart grid network consists of new
computation capability, time contains, and data-criticality.
cutting-edge technologies as well as legacy systems. Key
As for authentication, certain requirements have to be met.
These requirements [14] include: High efficiency, Tolerance management protocols are to accommodate existing
to faults and attacks, and the Support for multicast. The devices, as well as to evolve to accommodate future
support for multicast relates to one of the most important technologies.
component in the smart grid networks. Since a smart grid Despite the number of technologies, methods, and
network handles energy monitoring, generation, and protocols available for smart grid network designers, the
distribution, multicast provides the means for fast delivery of problem of achieving security in real-time and reduced cost
mass messages, such as those requiring routing of power to a remains unresolved. For this reason, research has extended
certain target, or immediate breaking of a power circuit. into handling such problems at lower layers in the smart grid
Authentication for multicast applications can be done system; mainly at the physical layer.
through one of the following methods: Recent techniques such as physical layer authentication
• Secret-info asymmetry: each transmitter uses a different allow for fast authentication and add little to no overhead [6].
key to authenticate itself at each receiver. The transmitter Physical layer authentication can be performed on the signal
creates a message, appends all receivers' authentication by altering either the modulation scheme of the physical
keys, and then sends the message through multicast. The signal, or by the characteristics of the signal and transmission
downside of this method is system overhead. The channel. Although such technologies are still prone to errors,
they introduce new means of authentication that can be
authentication information is considered redundant data,
further developed in order to meet the requirements of the
and as the size of the network grows, the throughput
smart grid.
continues to decrease due to the number of keys required.
• Time asymmetry: the transmitter first sends the D. Network Security Protocols
message, and then creates a temporary authentication key. The design of secure network protocols and architecture
The transmitter only sends the key after the message has plays an important role in smart grid security. Some of the
been received by all nodes. This way, if an attacker sniffs existing smart grid systems use internet-based protocols for
the key, they will not be able to use it. secure communication such as IPSec and TLS. However,
since the smart grid requirements differ from classical data
networks, many smart grid systems use protocols and

173
standards that are more suitable. Such protocols include: Utilizing the loT requires a large number of IP addresses.
Secure DNP3 and IEC6I850 & IEC62351. Both protocols This is not an issue as the IPv4 is extending from 32-bits to
modify existing smart grid communication protocols by I28-bits address size IP addresses. The IPv4 can address up
adding security layers to the architecture. Those protocols are to 232 devices (4-billion unique addresses). Moreover, IPv6
used for end-to-end communication in the smart grid such as can address up to 2128 (Trillions of unique addresses) [25],
communication between different sensors. [26].
Data-aggregation on the other hand, communicates data
from sensors to the application layer. It has a different
process that requires a set of protocols due to overhead and
security requirements.
To have a secure architecture, smart grid networks are
built using one of two architectures [6]:
• Trust computing-based architecture: Where the task of
authenticating objects is distributed throughout the
system, and all objects participate in authenticating each
other by assigning trust levels.
• Role-based network architecture: Where a network is
divided to sub-domains and each domain has a number of
devices that take on certain roles and privileges.

E. Compliance Checks
Compliance checks are done via automated tools that run
checks across all components in the system to ensure that
configurations of each component are up to standards of
secure mitigation and protection. The tool can also point out
weaknesses that need attention. This is important because in a Figure 2. Proposed smart grid model.
critical system such as the smart grid, a fault in one
component can cause a huge security breach. Therefore, VI. CONCLUSION
compliance check tools are highly recommended [24]. Cyber security in the smart grid is a critical issue that
received attention of researchers and industry professionals.
V. OPEN ISSUES AND RECOMMENDATIONS In this paper, we surveyed architecture models proposed for
Despite the abundance of protocols, compatibility the smart grid. We also summarized the security
remains a challenge given the heterogeneous nature of smart requirements and challenges of the smart grid and we briefly
grid environment. In such environment, high-level addressed existing security solutions. Recommendations for
sophisticated computers are exchanging information with improving the security of smart grids are discussed. Cyber
simple, low-computing, and low-power devices. As security in the smart grid is still under research and needs
explained in the IBM model [9], the data aggregation can more investigation to overcome the vulnerabilities and
cause security vulnerabilities because the features in one threats.
protocol cannot be perfectly translated into another.
The current movement towards IPv6 over Low power REFERENCES

Wireless Personal Area Networks (6LoWPAN) can be the [I] NIST, Introduction to NISTTR 7628 Guidelines for Smart Grid Cyber
key to solving some of the current weaknesses in the smart Security. [Online]. Available: http://www.nist.gov/smartgrid/upload/
grid model [25], [26]. The proposed recommendation in this nistir-7628_total.pdf
work suggests migrating to a purely-IPv6 system, using IPv6 [2] R. Apel, "Smart grid architecture model: methodology and practical
to address the various objects in the system, and using application," presented at Workshop of Electrical Power Control
Centers,2013.
IP-based communication and security protocols. We suggest
[3] H. Brown, S. Suryanarayanan, S. Natarajan, and S. Rajopadhye.
a system that is similar to the IBM model except for one
(2012) .Improving Reliability of Islanded Distribution Systems With
difference; there is only one segment for the communication Distributed Renewable Energy Resources. iEEE Trans. on Smart Grid,
layer. All the devices would have a direct connection to the vol. 3,no. 4,pp. 2028-2038
internet, and thus data coming from edge devices would not [4] M. Miller, M. Johns, E. Sortomme, and S. S. Venkata (2012).
have to be aggregated through mUltiple devices in order to Advanced integration of distributed energy resources in Proc. of Power
arrive at the application layer, but can be sent directly and Energy Society General Meeting,pp. 1-2.
through WiFi or 4G network as shown in Fig. 2. This [5] R. Morales Gonzalez, B. Asare-Bediako, 1. Cobben, W. Kling, G.
recommendation requires thorough research in order to be Scharrenberg, and D. Dijkstra.( 2012) "Distributed energy resources
applied in real-life systems, however, we believe similar for a zero-energy neighborhood," in Proc. of the 3rd IEEE PES
contribution of the 6LoWPAN within the Internet of Things International Conference and Exhibition on Innovative Smart Grid
(loT); can be applied to the smart grid. Technologies, pp.I-8.

174
[6] W. Wang and Z. Lu.( 2013) "Cyber security in the Smart Grid: Survey [17] J.-H. Jun, D. Lee, C.-W. Ahn and S.-H. Kim, "DDoS attack detection
and challenges," Computer Networks, vol. 57,no. 7,pp. 1344-1371. using flow entropy and packet sampling on huge networks," presented
[7] W. Wang, "A survey on the communication architectures in smart at the 13th International Conference on Networks,Nice,2014.
grid," Computer Networks, vol. 55,no. 15,pp. 3604-3629,2011 [18] G. Meng and N. Wang, "A network intrusion detection method based
[8] G. F. Reed, P. A. Philip, A. Barchowsky and C. J. Lippert.( 2010). on improved K-means algorithm," Advanced Science and Technology
"Sample survey of smart grid approaches and technology gap Lellers, vol. 53,no. I,pp. 429-433,2014.
analysis," presented at Innovative Smart Grid Technologies [19] S. Shin,S. Lee,H. Kim,and S. Kim, "Advanced probabilistic approach
Conference Europe. for network intrusion forecasting and detection," Expert Systems with
[9] G. Garner.( 2010) "Designing last mile communications infrastructures Applications, vol. 40,no. I,pp. 315-322,2013.
for intelligent utility networks (smart grid)," presented at IBM [20] D. Lin, "Network intrusion detection and mitigation against denial of
Intelligent Utility Network (lUN) Communication Services. service attack," WPE-U Report,Univ. of Pennsylvania,Apr. 2013.
[10] C. Lima, "An architecture for the smart grid," in Proc. ojiEEE P2030 [21] W. Xu, W. Trappe, Y. Zhang and T. Wood, "The feasibility of
Smart Grid Comm. Architecture SGI ETSi Workshop, pp. 1-27,2011 launching and detecting jamming attacks in wireless networks,"
[II] H. Naidua and K. Thanushkodib, "Recent trends in SCADA power presented at the 6th ACM In!'1 Symposium on Mobile Ad Hoc
distribution automation systems," Journal oj Scientific and industrial Networking and Computing,2005.
Research, vol. 45,no. 3,pp. 205-218,2010. [22] C. Popper, M. Strasser and S. Capkun, "Anti-jamming broadcast
[12] A. Rezai, P. Keshavarzi, and Z. Moravej, "Secure SCADA communication using uncoordinated spread spectrum techniques,"
communication by using a modified key management scheme," iSA iEEE J. on Selected Areas in Comm., vol. 28,no. 5,pp. 703-715,2010.
Transactions, vol. 52,no. 4,pp. 517-524,July 2013. [23] E. K. Lee, M. Gerla and S. Y. Oh, "Physical layer security in wireless
[13] E. Knapp and R. Samani, "Security models for SCADA, ICS, and smart grid," iEEE Comm. Magazine, vol. 50,no.8,pp. 46-52,2012.
smart grid," Applied Cyber Security and the Smart Grid, pp. 101-123, [24] M. Kammerstetter, "Architecture-driven SMART GRID security
2013. management," presented at ACM Workshop on Information Hiding
[14] M. B. Line,I. A. Tondel and M. G. Jaatun, "Cyber security challenges and Multimedia Security, 2014.
in Smart Grids," presented at the 2nd IEEE PES International [25] V. Gungor,D. Sahin,T. Kocak,S. Ergut,C. Buccella,C. Cecati,and G.
Conference and Exhibition, Innovative Smart Grid Technologies Hancke, "A survey on smart grid potential applications and
(ISGT Europe),Manchester, 2011. communication requirements," iEEE Trans. on industrial informatics,
[15] H. Khurana, M. Hadley, L. Ning and D. A. Frincke, "Smart grid vol. 9,no. I,pp. 28-42,2013.
security issues," iEEE Security &Privacy, vol. 7, no. I, pp. 81-85, [26] Z. Huang, and F. Yuan, "Implementation of 6LoWPAN and Its
2010. Application in Smart Lighting," Journal oj Computer and
[16] NIST Framework and Roadmap for Smart Grid Interoperability Communications, vol. 3,no. 3,pp. 80-85,2015.
Standards, Release 3, Nat'l Institute of Standards and Technology,
2014.

175