2020 11th IEEE Control and System Graduate Research Colloquium (ICSGRC 2020), 8 August 2020, Shah Alam,

Malaysia

Distributed Framework via Block-chain Smart

Contracts for Smart Grid Systems against Cyber-
Attacks
Mahdi Alkaeed1 Md Mohiuddin Soliman2 Khaled M. Khan3
Computer Science and Engineering Electronic and Telecommunication Department of Computer Science,
Qatar University Engineering College of Engineering
Doha, Qatar International Islamic University Qatar University
ma1805365@qu.edu.qa Chittagong, Bangladesh Doha, Qatar
mohiuddinmohin86@gmail.com k.khan@qu.edu.qa
Tarek M. Elfouly4
Department of Computer Engineering,
College of Engineering
Qatar University, Doha, Qatar
tarekfouly@qu.edu.qa

Abstract— In this century, the demand for energy is increasing
daily, and the need for energy resources has become urgent
and inevitable. New ways of generating energy, such as
renewable resources that depend on many sources, including
the sun and wind energy will contribute to the future of
humankind largely and effectively. These renewable sources
are facing major challenges that cannot be ignored which also
require more researches on appropriate solutions . This has led
to the emergence of a new type of network user called
prosumer, which causes new challenges such as the
intermittent nature of renewable. Smart grids have emerged as
a solution to integrate these distributed energy sources. It also
provides a mechanism to maintain safety and security for
power supply networks. The main idea of smart grids is to
facilitate local production and consumption By customers and
consumers.
Distributed ledger technology (DLT) or Block-chain
technology has evolved dramatically since 2008 that coincided
with the birth of its first application Bitcoin, which is the first
cryptocurrency. This innovation led to sparked in the digital
revolution, which provides decentralization, security, and
democratization of information storage and transfer systems
across numerous sectors/industries. Block-chain can be applied
for the sake of the durability and safety of energy systems. In
this paper, we will propose a new distributed framework that
provides protection based on block-chain technology for
energy systems to enhance self-defense capability against those
cyber-attacks.
Keywords— Block-chain; Bitcoin; Cryptocurrency;
Distributed energy sources; Cyber-attacks.
I. INTRODUCTION
Electrical network consists of transmission lines, a group of
substations, and some transformers and other components
[1]. This network is responsible for the process of delivering
the electricity from the energy resources to your home or
office, which you get when you turn on the light switch or
when you turn on the TV or Computer. In 1886 in Great
Barrington, Massachusetts, the first alternating current
power grid system was created at that time [7].
In 1960, electrical networks in some countries had expanded
very dramatically and became much interconnected with
each other to provide the power to centers through power
lines[2]. The network topology remained in the range of 1
gigabyte (1,000 megawatts) to 3 giga-watts still cost-
effective, because of the efficiency enhancing features [2].
Currently, the electrical network is made up of many
generating units (about 9,200) with over a million
megawatts of generating capacity that are connected with
over three thousand miles of transmission lines [3]. In the
21st century Brazil, China, India, are leaders in the
deployment of smart grids [4]. A smart grid provides a
modern and convenient chance to take the energy industry
to a perfect stage characterized by a high degree of
reliability, availability, and efficiency. It makes the
electricity grid as a more flexible grid that can deal with
emergencies that include dangerous storms, sudden
earthquakes, and terrorist attacks. Smart grids provides more
active carriage of electricity between suppliers and
consumers. It reduces electricity rates by reducing the peak
demand. When we face a power outage problem, the smart
grid does the recovery process for electricity faster. It
provides the ability to reduce both the operating and
management costs of utilities and also reduce energy costs
for consumers and it provides better integration between all
power generation systems, and this also includes renewable
energy systems and a mechanism to improve security.
The smart grid also provides a mechanism to benefit more
from energy generators owned by customers to produce
energy when it is not available from the facilities [3]. It also
contributes to a mechanism to address the old energy
infrastructure that needs maintenance, upgrade, or
replacement [3].
The main concept of the smart grid is not only related to
facilities and technologies, but it includes a bigger concept
than that in terms of giving and collecting information and
providing tools that we need it to make quick and necessary
decisions about your energy use. If you are running your
business remotely through a computer like banking, the
smart grid enables you to manage electricity and energy
resources. The smart grid will provide services more
intelligent and unprecedented to share data with the
consumer. For example, the consumer can know the amount
of electricity consumed at any time without waiting for the
monthly statement where through smart meters, the
consumer can get a clear picture of the amount of
consumption and the amount of cost [3].

978-1-7281-5313-1/20/$31.00 ©2020 IEEE 100

Authorized licensed use limited to: University College London. Downloaded on November 02,2020 at 01:41:39 UTC from IEEE Xplore. Restrictions apply.
 2020 11th IEEE Control and System Graduate Research Colloquium (ICSGRC 2020), 8 August 2020, Shah Alam, Malaysia
The main feature of smart grid is the use of smart counters
or meters. These meters are used to monitor and manage
energy consumption for electronic devices to transfer them
to the closer layer. However, the mechanism of data
exchange and the use of the Internet have led to the
emergence of multiple problems as weaknesses in cyber
security, which can lead to many problems such as power
outages, power theft, and violation of energy consumer
privacy. In addition to that, the communication protocols
adopted by the smart grid are contained several security
holes. Those protocols do not include authentication and
access control mechanisms. With these security gaps
emerging, hackers can exploit them to launch various cyber-
attacks [5]. The hackers also use their expertise to conduct
attacks that lead to losses or damage to other countries.
In this paper we focused on developing work with certain
modifications like building a smart grids security system
based on block-chain technology, and then we will
implement it on smart grids systems. The most important
thing in this model or system is to achieve security and
efficiency in the network environment against all possible
risks.
II. ANALYSIS OF THE CYBER-ATTACKS ON THE UKRAINIAN
ENERGY SECTORS
On December 23, 2015, Ukrainian Kyivoblenergo, an
electricity distribution company specializing in electrical
transmission and supply, announced service disruptions to
its customers [6].In this case, what was happening was
something exceptional. Where the supply of electricity to
customers was not interrupted due to weather, infrastructure,
or equipment malfunctions this was due to illegal third-party
penetration of Kyivoblenergo mainframe and remote
networks through the Internet. For approximately three
hours, seven 110 kV and 23 35 kV substations were
remotely disengaged. The cyber-attack stopped other parts
of the distribution network, which forced Kyivoblenergo
staff to switch to manual mode, and restore power by using
Soviet-era manual controls [7]. Kyivoblenergo’s initial
estimate put the total affected customers at about 80,000,
but after realizing that two other companies were also
attacked, the updated estimate raised the total affected to
225,000 customers who lost energy across the region [8].
The hackers initiated the Kill Disk wiper malware on
network drives that hindered or permanently disabled
Ukrainian power grid equipment that is essential to run the
facilities that serve its customers [9]. The Kill Disk software
is a type of malware that deletes particular files on target
systems as well as corrupts the master boot record, the first
sector of any hard disk that identifies where and how an
operating system is located for it to load, thus incapacitating
the system it hijacks. Additionally, the hackers maliciously
corrupted the firmware of certain Serial-to-Ethernet
converters at select substations, making them inoperable
[10]. These tiny boxes in the substations have the job of
translating internet protocols to communicate with older
equipment [11]. The hackers remotely disconnected
uninterruptable power supplies (UPS) to two of the
electrical companies control centers that provide emergency
backup power in the event primary power is lost [12].
101
Authorized licensed use limited to: University College London. Downloaded on November 02,2020 at 01:41:39 UTC from IEEE Xplore. Restrictions apply.
A. Black Energy Malware
Kyivoblenergo claimed that they had been infected with
Black Energy, a Trojan used to initially conduct cyber
espionage, setting forth the path for denial-of-service (DoS)
and information destruction attacks. The cyber espionage
allowed hackers to illicitly acquire login credentials that
enabled them to remotely manipulate the power grid. The
hackers targeted electric company employees who serve
Ukraine’s 24 geographical regions with a variety of
administrative accesses using an email spoofing tactic called
spear-phishing [13]. However, the codes were used to attack
and delay restoration efforts, respectively [14].
B. Backdoor.Droshel and Backdoor.Cooder Malware
With the illegally acquired credentials, hackers were able to
conduct follow-up attacks against targeted organizations.
They used a variety of techniques to install
Backdoor.Dorshel or Backdoor. Goodor malware that
allowed remote access to computer terminals [15]. Attackers
with unrestricted remote access were able to chart their
targeted domain and systems as well as increase their
administrative rights, which allowed them to connect to
industrial control systems that potentially operate the
electrical grid [15].
C. Plan of Attack - Techniques and Procedure
The attack against Ukraine power grid started simple with
company employees commonly receiving strings of
phishing emails containing an attachment disguised with
malware. This case is no different than a hacker tapping into
a personal home network, except that it was performed on a
grander scale. The key goal with the Black Energy malware
was to steal user credentials for use them in next month’s
later to control breakers and manipulate the grid [16]. The
attackers then used stolen credentials to reach the industrial
control systems, networks, and remote access tools to
control the human-machine interface (HMI) [17].
Additionally, the hackers waged a telephone denial-of-
service attack against customer call centers, thwarting the
ability for customers to report the outage and providing the
hackers with another smokescreen to go undetected [18].
III. SMART GRID REFERENCE MODEL
In [19], mentioned that SG reference model consists of
many functional areas. These areas are:
• Bulk Generation: Conventional sources of power
generation use a source such as coal and gas, and these
sources are non-renewable and expensive. The smart
grid uses other renewable resources for power generation
such as wind turbines and solar panels.
• Transmission: To transfer energy from power generators
to consumers.
• Distribution: The distribution field spreads electricity to
individuals and transports suppliers and users.
• Operation: To monitor and control of all transmission
and distribution areas.
• Market: Mechanism to balance supply and demand with
all parties involved in the supply and trade of
electricity.
 2020 11th IEEE Control and System Graduate Research Colloquium (ICSGRC 2020), 8 August 2020, Shah Alam, Malaysia

• Customer: By using additional power batteries, all

smart grid customers can store the energy.
• Service Provider: To provide electricity to customers
and a range of services(management and billing).
A. Smart Grid Layers
According to [20], the first smart grid layer is application
layer the function of this layer is to provide the necessary
applications. Security layer meets the security and safety
requirements. Communication layer provides a safe and
reliable mechanism for two-way data transmission. Power Fig. 2. Cyber-Attacks Against SG.
control layer it monitors and controls the process of
transmitting power through PMUs and using many sensors, Table (1), shows the most important items in any attack that
node meters transformers, and the storage devices [20]. are expected against communications in the smart grid,
Power system layer is a mechanism that provides electricity where the symbols (I, A and C) that are used in the table
to all customers through the use of power generation refer to integrity, availability, and confidentiality:
systems, task transfers, and the distribution mechanism. Table-I Communication in SG
B. Smart Grid Communications Domain Networks Applications Security Attacks Protocols
Home Areas 1-Consumption I- MED -Spoofing – - ZigBee
Fig. (1) shows SG architecture in terms of communication. Networks - - monitoring. A- MED Eavesdropping -DoS
2-Pricing C-High attacks
Illustrates 3 layers, we can see in the first layer three types AMI Field Area information. I- High --Denial of Services(DoS) - ANSI
of network areas. Home area networks (HANs) is Networks 1-Usage Data.
2-Update energy
A-MED
C-High
-Man in the Middle
Attack(MitM)
C12,22

responsible for the connection between household pricing 3-Meter

maintenance
appliances with smart meters that collect data every period Distribution 1-Distributed I-High -Spoofing – DoS IEC 61850
inside the house or in the nearest areas. This network needs Distribut- SKADA Automation. A-High -Unauthorized remote DNP3,
ions 2-Fault C-Low control(Backdoor.Dorshe Modbus
about 100 kbps and provides about 100-meter coverage detection/mgmt. l or
distance [21]. Neighborhood Area Networks (NANs) a data Distribute-
ion
3-Distributed energy
resources.
I-High
A-High
Backdoor.Unauthorized(r
ead/write) commands
IEC 61850

rate higher than the rate of 100 Kbps per second to 10 Mbps Substation -Protective relaying. C-Low (KillDisk software)
-Packet injection
and provides a coverage range of 10 km. The appropriate attacks.-Reply attacks.

technologies for this network are multiple, such as ZigBee

Transmis- Transmission 1-Telemetry and I-High -Spoofing IEC 61850
and WiFi networks, and cellular networks are considered sion / SKADA control data. A-High Eavesdropping DNP3,
appropriate for NAN [22]. Generation 2-EMS functions. C-Low -Man in the Middle
Attack(MitM)
Modbus

Transmission 1-Protective relaying I-high -Spoofing IEC 61850

Substation .2-Special protection A-High Eavesdropping
schemes. C-Low -Man in the Middle
Attack(MitM)

Inter-control 1-Generation I-High -Spoofing - ICCP

Center scheduling. 2- A-Med Eavesdropping
Transmit grid status. C-Low -DoS attacks
-Data manipulation -ARP
attacks

Spoofing: is the method that the attacker usually uses fake

Fig. 1. SG architecture in terms of communication.
While Wide Area Networks (WANs) is used is to send
information such as electricity reports from local areas to
the main station in the utility company. This network
requires a high data rate of about 10 Mbps to 1Gbps. It
covers long-range more than 100 km. The appropriate
technologies for this network are cellular, WiMAX, and
fiber optic technologies [23].
IV. CYBER-ATTACKS AGAINST SMART GRIDS
Figure(2) shows the different cyber-attacks against SG
systems, devices, networks, and power applications:
or deceptive messages, which aims to make it appear as a
reliable system to access the physical network components.
This includes the attacker’s ability to use forms of
authentication and knowledge of encryption methods, keys,
and electronic signature, which are used to secure the secure
exchange of messages between different components of the
smart grid. The communication protocols which have used
in the smart grid is designed with an insufficient
authentication mechanism [23].
Denial of Service (Dos): Heavy congestion in the network
due to the injection of a large number of packages will cause
the network to stop performing its basic tasks and functions.
Wired and wireless networks are still vulnerable to these
attacks, which allow the attacker to easily access the
components of the smart grid [23].
Man in the Middle Attack (MitM): When the physical
medium is unprotected, this medium can be attacked by
several hackers. Sometimes this is done in several ways,
including processing network addresses (ARP) or
controlling routing mechanisms. MitM aims to be able to

102

Authorized licensed use limited to: University College London. Downloaded on November 02,2020 at 01:41:39 UTC from IEEE Xplore. Restrictions apply.
 2020 11th IEEE Control and System Graduate Research Colloquium (ICSGRC 2020), 8 August 2020, Shah Alam, Malaysia
handle original communications for access. Eavesdropping
is the process that an attacker surreptitiously eavesdropping
on the communication that takes place between the different
components without their consent.
SG Misconfigurations: One of the most important security
flaws (vulnerabilities) is those that are formed due to errors
that occur through initialization operations. Where firewalls
in smart grid components define both the trusted and
untrusted parts of the network [24].
V. CYBER-ATTACKS AGAINST SG SYSTEMS AND
Devices
Smart grid systems and their hardware components(devices)
are vulnerable to several forms of cyber-attacks. There are a
lot of software vulnerabilities that can provide the ability to
the attacker from doing bypassing the authentication process
so that he can control the system such as buffer overflow,
Structured Query Language Injection (SQL) and integer
Overflow. In [24, 25], Studies have shown that there are
Many program gaps in smart networks. Devices in the smart
grid systems use weak or virtual passwords without strong
encryption that can provide a strong and secure
authentication mechanism for users. Also, authentication
mechanisms may be completely absent from many of the
system’s features [26]. Malware, through the process of
injecting malicious control communications, can affect
SCADA systems. Stuxnet is the first multi-part worm that
infected the devices through the storage devices or the
networks and it makes a lot of damages in the devices [27].
Attacking the supply chain will put the entire system at risk.
Because the majority of network devices contain back doors
as those doors are exploited by unauthorized attackers to
access the system and its resources [28]. False Data
Injection Attack (FDIA) is a cyber-attack that can lead to
misleading the control system and in turn [29], it causes
great damage to the network due to making decisions based
on misleading data.
VI. SCADA SYSTEM INFRASTRUCTURE
Most modern SCADA systems contain two layers physical
layers and communication layer, figure(3) [30]. SCADA
network provides real-time data collection this data includes
the amount of current and voltage, the amount of real
energy, the status of transformers and much more .
Fig. 3. SCADA Network.
Sensors and meters are distributed in this network according
to a specific distance, according to the geographical range,
to provide a path for communication between the nodes. In
the proposed system that we would like to suggest there are
two scenarios as shown in figure(4). For scenario(a), it indicate
that an attacker can manipulations data before transmission
data. For scenario (b), shows that our proposed work the
blockchain technology can protect that when these data
103
Authorized licensed use limited to: University College London. Downloaded on November 02,2020 at 01:41:39 UTC from IEEE Xplore. Restrictions apply.
transmitted to all Distributed Energy Resources (DERs)
which refers to the multiple agents or nodes(meters).
Fig. 4. Proposed System infrastructure.
VII. PROPOSED WORK- METHODOLOGY
In the proposed Block-chain architecture in the distributed
network we consider the measurements of the meter as
nodes that can be presented in blocks. Each node has a
unique address and number. For every node, two keys the
first is a public key that shares with the others while private
key cannot be shared. These nodes have the ability to
communicate with each other wireless and wired. The
permission is only given to the nodes for data collection.
The operations that take place between this node can be
made according to a certain consensus mechanism
automatically, contrary to what is known in bitcoin where
transactions are done manually by humans.
A. The description of the problem:
When an attacker obtains the basic credentials and powers
that give him full control of the substations or any node over
the network, how can we detect this, prevent him, withdraw
those permissions from him, and limit its potential threats. If
an attacker could obtain the consumer, producer, or control
authority credentials then he can launch the FDIA attack.
We suggest a new proposed method to detect these kinds of
attacks to prevent the attackers and withdraw the
permissions from them which will reduce the limit of the
harms. Block chain technology will significantly reduce the
possibility of penetration, but if that penetration occurs, we
have proposed a secondary defense mechanism. The second
line of defense will reveal the hackers and their knowledge
through their behavior based on their old activity records
and the actions they perform, and thus they can be classified
into groups of the contract. These classifications include
trusted nodes, malicious nodes, and semi-honest nodes.
B. Reputation Score
We will rely on giving each node a credit or reputation score
(RS) which is a great advantage to use in the second line of
defense. Where this value is not known to the attackers
because it is related to several things and variables that
cannot be predicted and cannot be accessed and calculated
in an easy way . An attacker could steal the basic identifiers
to gain access to the system impersonation and use of all
user IDs and keys. But through the degree of reputation and
based on the hacker’s actions if that degree is less than a
specific value (threshold), then more safety measures will be
requested and if he does not provide them, the powers will
be removed from him immediately and all requests sent by
him will be ignored. For each event to be validated, that
value has been added. High detection performance:
 2020 11th IEEE Control and System Graduate Research Colloquium (ICSGRC 2020), 8 August 2020, Shah Alam, Malaysia

depending on an algorithm to make correct classifications to make a decision. Each LEM has a reputation score, which
that recognized malicious activities as unmoral behavior. was calculated by using a certain algorithm (It uses many
Detection rate, sensitivity, or probability of detection is a instantaneous variables and it will be added to each
major factor in classification to malicious or benign transaction). These reputation score will lead to give the
behavior. We consider the node as a malicious if the LEM more reward (credit) or reduce the credit value and
reliability ratio is mall while, if this ratio is large the node sometimes receive penalties. Figure(6), shows the results of
will be trusted one. User history and stored cookies the proposed implementation, which illustrates the rates of
indicating his past activities can play also a role in this. wrong events by attackers without using the reputation ratio.
C. Block-Chain Technology and Smart Contracts
In Home Energy Management (HEM) both consumers and
prosumers can trade energy without the need for a third
party[30]. This will give both of them the capability for
optimization the management for energy loads and reduce
the costs. The use of smart contracts in the energy trade
process will provide a safe and error-free mechanism and
provide a defense mechanism against electronic attacks.
This new technology enables programming logic through
solidity (Ethereum) programming language to create smart
contracts. Each LEM will has a blockchain local copy which
will be updates through the network, figure(5). Fig. 6. False Events vs Percentage of Attackers.

Figure(7), shows that using RS will better reduce the effect

of wrong events as shown in the percentages .

Fig. 5. Proposed System Model.

The behavior of any node in the smart grid can be described

by a set of instructions. These instructions are validated
results by consensus, and they represent the smart contract. Fig. 7. Success Rates vs Reputation Score.
The failure of consensus gives the impression that this node
is a malicious node. Smart grid which uses smart contracts The figure(8), shows the percentage of Number of Attackers
will be safer than traditional, central methods. We also and Success Rates in two Cases. We can notice that the
conducted a vulnerability analysis to ensure that the smart proposed work gives a real feasibility and privilege.
energy trade contract is safe and error-free against common
vulnerabilities and attacks [30]. The proposed framework
consists of a set of nodes in the smart grid. These nodes are
consumer, prosumer. Within this framework, a
communication mechanism based on a block-chain protocol
is defined to coordinate operations between nodes and
process management from power generation to demand
between them in a decentralized form [30].

D. Case Study – Results

In our proposed work we use Solidity programming
language for smart contracts with Ganache which quickly
provides a personal Ethereum block-chain for testing and
executing commands. Ganache provides ten virtual nodes
with their public and private keys to simulate our proposed Fig. 8. Number of Attackers and Success Rates in two Cases.
framework. We considered that the number of LEM is ten in
each feeder. Control Authority is the server that can handle
events and analyze data to extract the important knowledge

104

Authorized licensed use limited to: University College London. Downloaded on November 02,2020 at 01:41:39 UTC from IEEE Xplore. Restrictions apply.
 2020 11th IEEE Control and System Graduate Research Colloquium (ICSGRC 2020), 8 August 2020, Shah Alam, Malaysia
VIII. CONCLUSION
In this paper we proposed a reputation-based LEM event
validation and authentication scheme using block-chain
technology. We enhanced the false event success of
previous works and can decrease the size of the global
block-chain using the floating genesis block in the future.
The reputation scores proved that it can be useful when it
comes to detecting internal attackers it has great potential
and can be improved to adapt to different requirements. It
gives the smart grid systems great advantage over the
attackers as the algorithm used to calculate the scores is kept
secret and never shared under any circumstances. As we
mentioned before that the main contribution to this
academic research is to present a new and simple framework
to analyze the smart grids. This framework is based on the
block-chain for validation and trust verification. It will give
us a formal analysis of the average number of unconfirmed
transactions and the average time of a transaction to be
confirmed.
Acknowledgement :This paper was made possible by Grant
NPRP8-531-1-111 from Qatar National Research Fund
(QNRF) The statements made herein are solely the
responsibility of the authors.
REFERENCES
[1] T. Strasser, “a review of architectures and concepts for intelligence in
future electric energy systems,” ieee trans. Ind. Electron., vol. 62, no.
4, pp. 24242438, apr. 2015.
[2] The history of electrification: the birth of our power grid. Edison tech
center. Retrieved november 6, 2013.
[3] Https://www.smartgrid.gov/the smartgrid/smart grid.html.
[4] Mohsen Fadaee Nejad; Amin Mohammad Saberian; Hashim Hizam;
et al. (2013). Application of smart power grid in developing countries.
2013 IEEE 7th International Power Engineering and Optimization
Conference (PEOCO) (PDF). IEEE. Pp. 427431.
Doi:10.1109/PEOCO.2013.6564586. ISBN 978-1-4673-5074-7.
[5] P. I. Radoglou-Grammatikis and P. G. Sarigiannidis, Securing the
Smart Grid: A Comprehensive Compilation of Intrusion Detection
and Prevention Systems,IEEEAccess,vol.7, pp. 4659546620, 2019,
doi: 10.1109/ACCESS.2019.2909807.
[6] Electricity Information Sharing and Analysis Center (E-ISAC),
Analysis of the Cyber-attack on the Ukrainian Power Grid
(Washington, DC: E-ISAC, 2016),
https://www.nerc.com/pa/CI/ESISAC/ Documents/E-ISAC-SANS-
Ukraine-DUC-18Mar2016.pdf.
[7] Peter Behr and Blake Sobczak, Utilities Look Back to the Future for
Hands-on Cyberdefense, EE News, last modified July 21, 2016,
https://www.eenews.net/stories/1060040590.
[8] Pavel Polityuk, Oleg Vukmanovic, and Stephen Jewkes, Ukraines
Power Outage Was a Cyberattack: Ukrenergo, Reuters, last modified
January 18, 2017, https://www.reuters.com/article/usukrainecyber-
attack-energy/kiev-power-outage-in-december-wascyber- attack-
ukrenergo-idUSKBN1521BA.
[9] Zack Whittaker, US Report Confirms Ukraine Power Outage Caused
by Cyberattack, ZDNet, last modified February 29, 2016,
https://www.zdnet.com/article/us-report-confirmsukraine- power-
outagecaused- by-cyberattack/.
[10] Del Rodilas, Hack on Ukrainian Power Grid Highlights the Urgency
for Accelerated Threat Intelligence in Industrial Control Systems -
Palo Alto Networks, Palo Alto Networks, last modified April 7, 2016,
https://researchcenter.paloaltonetworks.com/2016/04/utilitiespan-os-
7-1-utilities/
[11] Andy Greenberg, How an Entire Nation Became Russias Test Lab for
Cyberwar, Wired, last modified June 20, 2017,
https://www.wired.com/story/russian-hackers-attack-ukraine/.
[12] D. E. Whitehead, Ukraine Cyber-Induced Power Outage: Analysis
and Practical Mitigation Strategies, Schweitzer Engineering
105
Authorized licensed use limited to: University College London. Downloaded on November 02,2020 at 01:41:39 UTC from IEEE Xplore. Restrictions apply.
Laboratories, Inc. (September 2017): 8, https://doi.org/10.1109/
CPRE.2017.8090056.
[13] Thomas Brewster, NotPetya Ransomware Hackers Took Down
Ukraine Power Grid, Forbes, last modified July 3, 2017,
https://www.forbes.com/sites/thomasbrewster/2017/07/03/russiasuspe
ct- inransomware-attacks-says-ukraine/788e7bec6b89.
[14] Kim Zetter, Inside the Cunning, Unprecedented Hack of Ukraines
Power Grid, Wired, March 3, 2016,
https://www.wired.com/2016/03/inside-cunning-unprecedentedhack-
ukraines-power-grid/.
[15] Pierluigi Paganini, Dragonfly 2.0: The Sophisticated Attack Group Is
Back with Destructive Purposes, Security Affairs, last modified
September 7, 2017, https://securityaffairs.co/wordpress/62782/
hacking/dragonfly-2-0-campaigns.html.
[16] GReAT, BlackEnergy APT Attacks in Ukraine Employ
Spearphishing with Word Documents, Securelist - Kaspersky Labs
Cyberthreat Research and Reports (blog), January 28, 2016,
https://securelist.com/blackenergy-apt-attacks-in-ukraine
employspearphishing- with-word-documents/ 73440/
[17] Andrew Thomas, Requirements for IIoT Data Communication,
Skynet, last modified July 5, 2017, https://skkynet.com/requirements-
iiot-data-communication/.
[18] Kim Zetter, Inside the Cunning, Unprecedented Hack of Ukraines
Power Grid, Wired, last modified March 3,
2016,https://www.wired.com/2016/03/inside-cunning-
unprecedentedhack-ukrainespower- grid/.
[19] W. Wang, Y. Xu, and M. Khanna, A survey on the communication
architectures in smart grid,” Computer Networks, vol. 55, no. 15, pp.
36043629, 2011.
[20] M. Kuzlu, and S. Rahman, network requirements for major smart grid
applications in HAN, NAN and WAN,” Elsevier Editorial System for
Computer Networks, August 2013.
[21] G. N. Ericsson, security and power system communication essential
parts of a smart grid infrastructure, Power Delivery, IEEE
Transactions on, vol. 25, no. 3, pp. 15011507, 2010.
[22] M. Kuzlu, M. Pipattanasomporn, and S. Rahman, network
requirements for major smart grid applications in HAN, NAN and
WAN,” Elsevier Editorial System for Computer Networks, August
2013.
[23] Idaho National Laboratory (INL). Vulnerability Analysis of Energy
Delivery Control Systems, September 2011.
[24] National Institute of Standards and Technology (NIST). NISTIR
7628: Guidelines for Smart Grid Cyber Security, August 2010.
[25] M. Davis. Smart grid device security adventures in a new medium.
IOA active, 2009. http://www.blackhat.com/presentations/bh-usa-
09/MDAVIS/BHUSA09-Davis-AMI-SLIDES.pdf (Accessed: 04- 22-
2013).
[26] R. Wightman. Project Basecamp: Hacking and Exploiting PLC’s. S4
Conference, January 2012.
[27] N. Falliere, L. Murchu, and E. Chien. W32.Stuxnet Dossier, Version
1.3. Symantec, Nov. 2010.
[28] U.S. House of Representatives, 112th Congress. Investigative Report
on the U.S. National Security Issues Posed by Chinese
Telecommunications Companies Huawei and ZTE, A report by
Chairman Mike Rogers and Ranking Member C.A. Dutch
Ruppersberger of the Permanent Select Committee on Intelligence,
October 2012.
[29] G. Liang, S. R.Weller, F. Luo, J. Zhao, and Z. Y. Dong, Distributed
Blockchain-Based Data Protection Framework for Modern Power
Systems Against Cyber Attacks, IEEE Trans. Smart Grid, vol. 10, no.
3, pp. 31623173, 2019, doi: 10.1109/TSG.2018.2819663.
[30] A. S. Yahaya et al., Blockchain Based Sustainable Local Energy
Trading Considering Home Energy Management and Demurrage
Mechanism, Sustainability, vol. 12, no. 8, p. 3385, 2020, doi:
10.3390/su12083385.