Q Assignment aims to present information about the security issues in Smart Grid Networks and a cyber physical systems Home, - Smart Grid Networks Introduction The aim of the report is to present information about the security issues in Smart Grid Networks. A cyber physical systems or CPS consists of different systems and mechanisms that are controlled and monitored by some suitable computer based algorithm. The components of such systems are integrated with the Internet and the users. The physical and software components of a cyber physical system are intertwined with each other. And each component may operate on different temporal and special scales. At the same time, the components exhibits various distinctive modalities. The interactions among the components change with the changes in the context and purpose of using such a system. Smart grid is an example of a cyber physical system. It is an electrical grid system that connects smart appliances, smart meters, various sources of renewable energies and many other resources that are energy efficient. Some of the most important aspects of a smart grid system are conditioning of electrical power, controlling the production and distribution of electrical power. In the following sections of the report, there are discussion on the architecture of a smart grid system, recent developments in smart grid technologies and networks, and the importance of cyber security in such networks. Then the discussion will be focused on the current security issues in smart grids, along with some proposed solution. Following the discussion, a related case study will be discussed. About Smart Grid Networks Cyber physical systems integrates networking, computation, and various other physical processes. Embedded computers are connected by a network and are used to control and monitor the physical processes. Feedback loops are used to connect the computation and physical processes. The IoT or the Internet of Things play an important role in cyber physical systems. The machines or objects are called as things. These are connected to the Internet and are used for data collection, processing, monitoring, and controlling. Smart grid is an improved and modernized infrastructure or electricity supply chain that is operated from a major plant and connects the appliances of the consumers to the grid network. There are many power plants that generate electrical energy from other energy sources like thermal energy, wind energy, hydro energy, and nuclear energy and so on. All these stations generating electrical power, generates it at some certain voltage ranges. To ensure highly efficient energy distribution to distance consumers, it needs to ‘step up’ the voltage to some higher range and near to the consumers, the voltage is stepped down and distributed. Electrical meters are used at the consumers’ sites to measure the consumption of electricity. This is a traditional system that is used to distribute electrical power from the plants to the consumers. But in modern days, people are using various electrical appliances that are sensitive to voltage ranges and are known as smart devices. Such electronic devices needs very controlled and lesser power to run and being operated. Smart grids are new approach to electricity generation and distribution. It helps to deliver electricity to consumer in more efficient ways with the help of smart equipment and smart meters. Other than the performance and efficiency requirements, there are environmental requirements also. For example, it needs to ensure lesser emissions of greenhouse gases and to reduce the cost. Other than the technologies related to electrical utilities, smart grid systems also has data communication and networking utilities to optimize and control the operations of an entire grid system. Smart Grid Network Architecture The architecture of a smart grid consists of various electronics, mechanical systems, networks and various information technology communication components. The illustration given abode shows the interconnection of such components. The major architectural units are power generation, power transmission, and power distribution systems. Once power is generated in a plant, it goes through power transformers and then goes to the power transmission units. Again it goes through transmission substations to reach to the power distribution substations. From those substation power is distributed to different types of consumers like industrial plants, commercial users, and home users. Each of the types of the users have different requirements and setup. Home users uses smart meters and other smart home appliances connected by a smart home area network. The authentication between entities of such a network is managed by an aggregator and managed by some control center. Recent Developments in Smart Grid Networks Microgrid is a recent development and under research topic related to smart grid systems. Larger grids are useful to fulfil the requirements of cities and urban areas. But such grids are not useful to provide electricity to many remote areas. Micro grids are solution to that problem and are being used to fulfil the requirements of such remote and small areas. A small grid consists of micro, and mini grids. Such grids are smaller in capacity and sizes. Renewable energy efficient sources are used in such grids to provide electricity locally to the consumers and it also provides an infrastructure that is capable of decision making and to connect smart objects. The Importance of Cyber Security in Smart Grid Networks As smart grids consists of the information and communication technology infrastructure and the Internet, so there are chances of high information security risks, chances of failure of these components and loss of data. So, cyber security plays an important role in smart grid network to ensure the operations of the smart grids. Security Issues in Smart Grid Networks There are various security threats and challenges related to smart grid networks. As it is a cyber physical system and uses the Internet as an important component, so there are various cyber security risks related to it. The challenges are related to cyber-attacks, thefts, terrorism, natural disasters and so on. If a smart grid fails to operate due to any technological issue or any cyber security issue, a possible consequence of the failure can be disruption in power distribution and that will create havoc in civilian livelihood or there may be failures in the information and communication technology infrastructure of a smart grid system. For example, possible consequences may be damage to the devices of the consumers, cascade failures, chaos in energy markets, dangers to the human safety, and false visualization of the conditions of the actual systems. Smart grid systems collects sensitive customer information from various consumers and connected systems. And these are common targets for hackers. Some of the security threats are listed below. • Cyber attacks These are the most discussed attacks on smart grid network systems. The information and communication technology infrastructure of smart grid systems may have various vulnerabilities and that may lead to cyber-attacks. The results may be system collapse if the system does not have adequate countermeasures against cyber-attacks. A significant cyber-attack may mislead the utilities connected to a smart grid system and it may in turn make wrong decisions about the capacity and usage of electricity. Or it may initiate other on-going attacks and other impending problems. CIA or Confidentiality, integrity, and availability of information are three important requirements for any information security infrastructure. A cyber physical system like smart grid also needs to fulfil this requirement. The system must prevent unauthorized modifications of the data and infrastructure. A deliberate or non-deliberate attack may lead to power theft to infrastructural theft and these are very common to the safety and operations of power grid. On the other hand, customers are also very worried about sharing their data with a smart grid system as there may be breach to privacy of their data, or malicious attacks. For example, a privacy breach of customers’ data may reveal the pattern of electricity consumption of the customers, or may exploit a poorly configured firewall on the consumers’ end. The impacts of cyber-attacks on smart grid systems may be devastating. For example, there may be disruption in the economy or cascading failures as various critical infrastructure depends on the power supply. • Power theft and smart meters Smart meters have replaced the conventional meters and these meters are connected to servers and portals to give critical insights about power consumption patterns of the customers and to make decisions about those. It also gives additional information to the utility companies unlike the conventional meters. For example, it gives notifications about outage and failure information, can be used for remote command operations, load control responses and to interact with smart home appliances and electronics devices. Smart meters face a serious security issue of power theft. Attacks to smart meters are more related to the implementation of smart grid systems. Smart meters are used for real-time monitoring, recording consumption and pricing information of the utility and consumer both. Hence, all communication between smart devices and smart meter as well as between server and smart meters must be regulated and secured to combat with the issue of power theft, data loss etc. • Technical operational security issues The operational and technical complexity of smart grid systems depend on the operational schemes. There can be serious impacts on critical infrastructure due to the failures of operations of smart grids. Computerized systems are used to control the smart grid systems partially and some other parts need to be operated manually or using electro-mechanical devices. It also requires the attention from the operators at different utility control centers. For example, during the emergencies it needs human interventions. Faults may occur in the protective devices and that may lead to technical and operational failures. Proposed Solution The proposed solution is particularly focused on the cyber security attacks and threats. It needs to install proper counter measurements to monitor the whole infrastructure and to ensure confidentiality, integrity and availability of information and services. It needs to use proper user authentication and device authentication schemes to ensure that only authorized devices are communicating with a smart grid system. It also needs to implement proper firewalls, encryption techniques etc. to ensure the protection of data and to ensure the operational efficiencies and capabilities of the infrastructure. Smart grid systems highly depend on its information and communication technology components like various data acquisition systems, networks, distributed control systems, and operational systems components like firmware, operating systems etc. and the Internet is one of the major part of it. While making an information security infrastructure for a smart grid, it needs to cover all these components and the information security requirements of each of the component. Availability of information and services is also an important requirement. Hence, it needs to implement suitable incident response and backup solution for data as well as power supply. Discussion on a Case Study The MadIoT attack is an example of cyber-attack on the US power supply system is an example of attack on a smart grid system. IoT botnets were used in the attack and it caused blackouts. Even though official sources claim that the blackout on 28th Dec 2018 was a result of a power surge but unofficial sources claim that it was a result of a possible cyber-attack on the power system.