Path: EDN Asia >> Design Centre >> Communications/Network >> Grasping cyber security hazards in smart grids
Communications/Network Share print

Grasping cyber security hazards in smart grids

04 Dec 2014  | Saral Aggarwal, Siddharth Jain

Share this page with your friends

Smart grids utilise information and digital communication technology to gather information (such as the usage demands of consumers) in an automated fashion, and they act upon it to bolster the reliability, economy, efficiency, and sustainability of generation and distribution of electricity. In the process, they advance consumer participation in grid operations, thereby facilitating the integration of all involved. The whole concept of smart grids addresses environmental issues and power delivery constraints and disturbances (figure 1).


 Smart grid system

Figure 1: General block diagram of a smart grid system. Source: The Smart Grid Frontier: Wide Open; David Heyerman; May 3, 2009


The security of smart grids is one of the most daunting issues. Gaining access to the entire network has never been easier, for nodes (mostly meters) in case of such grids, cannot be all guarded by secured servers or be kept under surveillance all the time. Imagine the colossal amount of losses a fame-hungry hacker could cause to the utility, if he were to exploit any of the vulnerabilities of these grids. All that one has to do to attack is to become a customer of the utility. Not only does this provide ease of access to the nodes, but the existing state of lack of security of the supervisory control and data acquisition (SCADA) systems, which are the very heart and soul of these grids, is of great concern (figure 2).


 Apportionment of malicious cyber-attacks

Figure 2: Apportionment of malicious cyber-attacks in 2013. Source: https://ics-cert.us-cert.gov/sites/default/files/ICS-CERT_Monitor_April-June2013.pdf


Traditional network objectives
The four main objectives that traditional information technology (IT) and SCADA networks focus on are confidentiality, availability, integrity, and timeliness.

Confidentiality means that only the authorised person should have any access to information related to the specific systems (or the users of the grid). Any user's information could be readily available in the grid network, and if this data is not secured, it could easily spell a disaster in the attacker's hands.

Availability means that any component of the system should be available for use as and when it is needed. In the context of a smart grid, it could simply mean that power supply is available in an uninterrupted fashion to the user.

Integrity or authenticity implies that any correspondence received from the user's end (or any node of the grid) should be thoroughly authenticated, and only then shall it be acted upon. This means that not only the contents of each message should be verified and authenticated, but the source of the message shall also be confirmed.

Timeliness expresses the time criticality of control systems. It includes the timeliness of any related data being delivered in its specific, given time period, i.e., the data is only valid in its given time period, and the responsiveness of the system. Hence, it should be made sure that only the right data is processed at a given time.


Threats and vulnerabilities
Vulnerabilities gives attackers access to the network, enabling them to break the confidentiality and integrity of the transmitted data, destroy the timeliness of the service, and/or make the service unavailable. As is evident from the IBM X-Force Research and Development reports (figure 3), the number of new vulnerabilities reported is increasing each year. This means that utilities must ensure that their systems are updated regularly, and that their staff is equipped to counter emerging new vulnerabilities.


 Vulnerability disclosures growth by year

Figure 3: Vulnerability disclosures growth by year. Source: IBM X-Force Research and Development.



1 • 2 • 3 Next Page Last Page


Want to more of this to be delivered to you for FREE?

Subscribe to EDN Asia alerts and receive the latest design ideas and product news in your inbox.

Got to make sure you're not a robot. Please enter the code displayed on the right.

Time to activate your subscription - it's easy!

We have sent an activate request to your registerd e-email. Simply click on the link to activate your subscription.

We're doing this to protect your privacy and ensure you successfully receive your e-mail alerts.


Add New Comment
Visitor (To avoid code verification, simply login or register with us. It is fast and free!)
*Verify code:
Tech Impact

Regional Roundup
Control this smart glass with the blink of an eye
K-Glass 2 detects users' eye movements to point the cursor to recognise computer icons or objects in the Internet, and uses winks for commands. The researchers call this interface the "i-Mouse."

GlobalFoundries extends grants to Singapore students
ARM, Tencent Games team up to improve mobile gaming


News | Products | Design Features | Regional Roundup | Tech Impact