SMART GRID INFRASTRUCTURE

AND
PROTECTION AGAINST CYBER
ATTACKS

FARHAN IASIR RAFI

ID:2021200000036
Sub:Computer Fundamentals(CSE141)
Batch:59 Section:02
 1

Table of Contents

1.AN INTEGRATED SECURITY SYSTEM OF PROTECTING SMART GRID AGAINST

CYBER ATTACKS 3
Introduction 3

2. CYBER–PHYSICAL SECURITY OF A SMART GRID INFRASTRUCTURE 6

Introduction: 6
Security Of Cyber Physical Systems: 8
Cyber Physical Approach To Smart Grid Security : 9
System Model: 9
Cyber Security Requirements: 11
Attack Model: 12
System Theoretic Approach: 13
System Model: 14
Security Requirements: 15
Attack Model: 15
Cyber Physical Security: 16
A. Defense Against Replay Attack. 16
B. Cyber Security Investment. 16

3. CYBER SECURITY AND POWER SYSTEM COMMUNICATION - ESSENTIAL PART OF

SMART GRID INFRASTRUCTURE 17

Introduction : 17
Development And Classification Of Power System Communication Systems: 18
A. Outline: 18
B. Classifications of Communications 18
Development Of Power Systems Control Systems: 21
Cyber Security Issues: 22
Smart Grid: 25
 2

List of Figures
Figure 01: Power Grid Automation System(1)------------------------------------------------------4
Figure02:Power Grid Automation System(2)-------------------------------------------------------5
Figure 03: This is the figure of dynamic pricing and distribution generation with local
generation can reduce the electricity bill—-------------------------------------------------------7
Figure 04: The figure of cyber physical systems.--------------------------------------------------8
Figure 05: System Model—------------------------------------------------------------------------10
Figure 06: Flows of Information to/from a Smart Meter —---------------------------------------11
Figure 07: Attack Model—-------------------------------------------------------------------------12
Figure 08: This is the process of attack model.---------------------------------------------------13
Figure 09: System Model—------------------------------------------------------------------------14
Figure 10: System Diagram —---------------------------------------------------------------------16
Figure 11: Detection Rate Over Time—------------------------------------------------------------16
Figure 12—-----------------------------------------------------------------------------------------19
Figure 13 —----------------------------------------------------------------------------------------20
Figure 14: (1)Partially Integrated System Structure
(2)Today-Full Integration System Structure—-----------------------------------------21
Figure 15: De-coupling between operational SCADA/EMS and admistrstive IT environment—--22
Figure 16: Access points to SCADA System—-----------------------------------------------------23
Figure 17: Information Security Domain —-------------------------------------------------------24
Figure 18: Information Security Domain Model—------------------------------------------------25
 3

Chapter 1
1.An Integrated Security System of Protecting
Smart Grid against Cyber Attacks

Introduction
The recent discovery that hackers have inserted software into the
electrical grid. The electrical infrastructure with information
infrastructure is called "Smart Grid". Smart grid security is crucial to
maintain stable and reliable power system operation during the
contingency situation due to the failure of any critical power system
component. The major function of the power grid is to deliver electricity.
Due to lack of the proper security measures, a major blackout may
occur which can even lead to a cascading failure. Power grid automation
systems have been physically isolated from the corporate network, often
using proprietary protocols and legacy hardware and software.
Therefore, to protect this critical power system infrastructure and to
ensure a reliable and an uninterrupted power supply to the end users,
smart grid security issues must be addressed with high priority. Power
grid system operators also possess communication links between
corporate and control centers, and control centers and substations.
There are three categories of cyber-attacks.They are:
1. Component-wise,
2. Protocols-wise,
3. Topology-wise.
 4

Figure 01: Power Grid Automation System(1)

To make the smart grid strong, cyber system is integrated with the physical
power system. We believe that there are four major differences between IT
and automation networks.
They are:
 5

1.Different Security Objectives,

2.Different Security Architecture,
3.Different Technology base,
4. Different QOS(Quality-of Service) Requirements.

Figure02:Power Grid Automation System(2)

Due to the cyber-attack, power grid may face operational failures and loss
of synchronization. This operational failure may damage critical power
system components which may interrupt the power supply and make the
system unstable resulting high financial penalties.
 6

Chapter 2
2. Cyber–Physical Security of a Smart Grid
Infrastructure

Introduction:
Cyber physical systems security project addresses security concerns for
cyber physical systems and internet of things (device's.Cps and lot play an
increasingly important role in critical infrastructural, government and
every day life. This effort take a holistic approach to next generation
design and considers the resilience aspects that are not well qualified.
 7

This is the process of attack model.

System theoretic approach:

In this section we want to focus on system, theoretic approach to the real time security smart grid

Figure 03: This is the figure of dynamic pricing and

distribution generation with local generation can reduce the
electricity bill.
 8

Security Of Cyber Physical Systems:

Cyber physical systems are electronic control systems that control
physical machines such as motors and valve's in an industrial plant in a
networked environment. The security of the physical machines depends
on the security of the electronic control systems but cyber security is
not typically, the main concern cpSs is the availability of the physical
machines solving all the operation.

Figure 04: The figure of cyber physical systems.

 9

Cyber Physical Approach To Smart Grid Security :

It refers to a arbitrary attack the modified the reported power data

from sensor through network instructions, instead of physically
changing the real power flow topology.

System Model:
Smart grid consists of four components. These are
generation, transmission, distribution and consumption.
 10

Figure 05: System Model

Here the meter can be colocated with the gateway with the HAN and the
BAN. A ulility company may leverage with the WAN ( wide area network).
 11

Cyber Security Requirements:

Figure 06: Flows of Information to/from a Smart Meter

From the above discussion we can summarize the

importance of data,commands and software.
 12

Attack Model:

Figure 07: Attack Model

 13

Figure 08: This is the process of attack model.

System Theoretic Approach:

In this section we want to focus on system, theoretic approach to the
real time security smart grid
 14

System Model:

The focus of such a view of physical interaction between each

component in the grid.

Figure 09: System Model

 15

Security Requirements:

1. The power system should withstand a perspective list of

contingencies.
2. The accuracy of state emition should degrade grace fully which
respects sensor failures or attack.

Attack Model:
Attack models or attack types are a classification of cryptography
attack specifying the kind of class which is under attack when
attempting a brake encrypted message.
 16

Cyber Physical Security:

A. Defense Against Replay Attack.

Figure 10: System Diagram

B. Cyber Security Investment.

Figure 11: Detection Rate Over Time

 17

Chapter: 3
3. Cyber Security and power system
communication - Essential part of Smart Grid
Infrastructure

Introduction :

The concept of “smart grid” has become hype. It has received

considerable momentum during the recent years and this is expected
to develop even more. Critical parts here are the cyber security
issues and the power system communication (PSC) systems, which
are stressed in this paper. The use of electricity is of paramount
importance to our society, and the need for power supply is
increasing. Here, the concerns on physical security are quite mature
and easy to grasp, whereas now the digital threats are increasing. By
means of the PSC capabilities, Supervisory Control And Data
Acquisition (SCADA) systems and substations are now interconnected
with other systems.
All people involved must strive to take active decisions on the choice of
adequate technical solutions when deploying a new
SCADA system or protecting an existing one.
 18

Development And Classification Of Power System

Communication Systems:

Communication capabilities have developed from narrow-band, low speed

communications to high speed broadband
“highways” for all sorts of communications.

A. Outline:
In this phases the developing system of power system communication
systems are described, together with a classification of different
communication capabilities and requirements.

B. Classifications of Communications

Communication requirements should be classified, since this

facilitates the handling of requirements and the order of
requirements. One way is to classify requirements into three
categories, namely:

1. Real-time operational communication requirements.

2. Administrative operational communication requirements.
3. Administrative communication requirements
 19

Real Time Operational Communication Requirements:

● The class is in turn divided into real-time

● operational data communication and real-time
● operational Speech communication.

Real-Time Operational Data Communication Encompasses:

● Teleprocessing
● Power system control.

Administrative Operational Communication Requirements:

This class is referred to as administration operational

communication. Examples are interactions with local event
recorders, disturbanceu recorders, and power
Swing recorders.

Figure 12
 20

Also, the following functions are included in this class:

• Asset management.

• Fault location.
• Metering and transfer of settlement information.

• Security system.
• Substation camera supervision.

Figure 13

Administrative Communication Requirements:

Administrative communications involve writing business

correspondence such as memos, notices, reports and letters, speaking
in meetings and presentations and listening to all levels of employees,
co-workers and superiors to be productive and effective in your
position.
 21

Development Of Power Systems Control Systems:

The PSC system has been and will increasingly be the life nerve of the
power system. It is the necessity and prerequisite
For adequate operation and control of a power system.

Figure 14: (1)Partially Integrated System Structure

(2)Today-Full Integration System Structure
 22

Nevertheless, a customer typically gets what he asks for from

the vendor. So if one asks for “openness” one may get it. And if
One does not ask for “IT security,” one does not get that.

Cyber Security Issues:

Decoupling between operational SCADA and admin IT to secure

operational.

Figure 15: De-coupling between operational SCADA/EMS and

admistrstive IT environment
 23

1. Threat And Possibilities:

The fact that SCADA/EMS systems now are being interconnected
and integrated with external systems creates new possibilities
and threats. These new issues have been emphasized in the
CIGAR working groups Security for information Systems.

2. Scada Systems And Scada Security:

The fact that SCADA systems now are, to a great extent, based
on standardized off-the-shelf products, and increasingly being
connected over Internet for different purposes (remote access,
remote maintenance), implies that SCADA systems are being
exposed to the same kind of vulnerabilities as ordinary office PC
solutions based on Microsoft products.

Figure 16: Access points to SCADA System

 24

Figure 17: Information Security Domain

3. Governmental Coordination in Sweden on SCADA Security:

Like in many other countries, the issues of securing CIIP systems have
been emphasized in Sweden. A governmental coordination action
between different authorities and agencies were started in focusing on
SCADA security.

4. Information Security Domains—CIGAR Developments:

• Public, Supplier, Maintainer Domain.

• Power Plant Domain.

• Substation Domain.

• Telecommunication Domain.
• Real-Time Operation Domain.
• Corporate IT’S Domain.
 Figure 18: Information Security Domain Model

Smart Grid:

A smart grid is an electricity network allowing devices to

communicate between suppliers to consumers, allowing them to
manage demand, protect the distribution network, save energy and
reduce costs.