Logo PTI
Polish Information Processing Society
Logo FedCSIS

Annals of Computer Science and Information Systems, Volume 8

Proceedings of the 2016 Federated Conference on Computer Science and Information Systems

Situational Awareness Network for the Electric Power System: the Architecture and Testing Metrics

, ,

DOI: http://dx.doi.org/10.15439/2016F50

Citation: Proceedings of the 2016 Federated Conference on Computer Science and Information Systems, M. Ganzha, L. Maciaszek, M. Paprzycki (eds). ACSIS, Vol. 8, pages 743749 ()

Full text

Abstract. The contemporary electric power system is highly dependent on Information and Communication Technologies which results in its exposure to new types of threats, such as Advanced Persistent Threats (APT) or Distributed-Denial-of-Service (DDoS) attacks. The most exposed components are Industrial Control Systems in substations and Distributed Control Systems in power plants. Therefore, it is necessary to ensure the cyber security of this critical infrastructure and develop new cyber security technologies able to protect from advanced cyber threats. In this paper a pioneering Situation Awareness Network for the electric power system is presented together with a set of metrics for its testing.

References

  1. R. Kyusakov, J. Eliasson, J. Van Deventer, J. Delsing, and R. Cragie, “Emerging energy management standards and technologies - Chal- lenges and application prospects,” in IEEE International Conference on Emerging Technologies and Factory Automation, ETFA, 2012. http://dx.doi.org/10.1109/ETFA.2012.6489674. ISBN 9781467347372
  2. F. Maturana, R. Staron, K. Loparo, R. Ambre, and D. Carnahan, “Simulation-based environment for modeling distributed agents for smart grid energy management,” in IEEE International Conference on Emerging Technologies and Factory Automation, ETFA 2011, 2011. http://dx.doi.org/10.1109/ETFA.2011.6059124. ISBN 9781457700187. ISSN 1946-0740
  3. G. Dini and M. Tiloca, “On simulative analysis of attack impact in Wireless Sensor Networks,” in IEEE International Conference on Emerging Technologies and Factory Automation, ETFA, 2013. http://dx.doi.org/10.1109/ETFA.2013.6648059. ISBN 9781479908622. ISSN 19460740
  4. Y. Aillerie, S. Kayal, J.-p. Mennella, R. Samani, S. Sauty, and L. Schmitt, “Smart Grid Cyber Security,” 2013.
  5. Y. Yan, Y. Qian, H. Sharif, and D. Tipper, “A Survey on Cyber Security for Smart Grid Communications,” IEEE Communications Surveys & Tutorials, vol. 14, no. 4, pp. 998–1010, 2012. http://dx.doi.org/10.1109/SURV.2012.010912.00035.
  6. W. Wang and Z. Lu, “Cyber security in the Smart Grid: Survey and challenges,” Computer Networks, vol. 57, no. 5, pp. 1344–1371, apr 2013. http://dx.doi.org/10.1016/j.comnet.2012.12.017.
  7. N. Falliere, L. O. Murchu, and E. Chien, “W32.Stuxnet Dossier,” Symantec Security Response, Tech. Rep., 2011.
  8. D. Kushner, “The real story of stuxnet,” IEEE Spectrum, vol. 50, pp. 48–53, 2013. http://dx.doi.org/10.1109/MSPEC.2013.6471059
  9. P. Shakarian, J. Shakarian, and A. Ruef, Introduction to Cyber-warfare. Elsevier, 2013. ISBN 9780124078147. http://www.sciencedirect.com/science/article/pii/B9780124078147000087
  10. P. Technologies, “SCADA Safety in Numbers,” Tech. Rep., 2012.
  11. N. Virvilis and D. Gritzalis, “The Big Four - What We Did Wrong in Advanced Persistent Threat Detection?” in 2013 International Conference on Availability, Reliability and Security. IEEE, sep 2013. http://dx.doi.org/10.1109/ARES.2013.32. ISBN 978-0-7695-5008-4 pp. 248–254.
  12. ICS-CERT, “Alert (ICS-ALERT-14-281-01B) Ongoing Sophisticated Malware Campaign Compromising ICS (Update B),” 2014.
  13. A. Carcano, A. Coletta, M. Guglielmi, M. Masera, I. N. Fovino, and A. Trombetta, “A Multidimensional Critical State Analysis for Detecting Intrusions in SCADA Systems,” Industrial Informatics, IEEE Transactions on, vol. 7, no. 2, pp. 179–186, 2011. http://dx.doi.org/10.1109/TII.2010.2099234
  14. A. Felkner and A. Kozakiewicz, “More Practical Application of Trust Management Credentials,” in Proceedings of the 2015 Federated Conference on Computer Science and Information Systems, ser. Annals of Computer Science and Information Systems, M. Ganzha, L. Maciaszek, and M. Paprzycki, Eds., vol. 5. IEEE, 2015. pp. 1125–1134. http://dx.doi.org/10.15439/2015F95
  15. O. Rysavy, J. Rab, and M. Sveda, “Improving security in SCADA systems through firewall policy analysis,” in Proceedings of the 2013 Federated Conference on Computer Science and Information Systems, M. P. M. Ganzha L. Maciaszek, Ed. IEEE, 2013, pp. pages 1423–1428.
  16. M. Chakraborty, N. Chaki, and A. Cortesi, “A New Intrusion Prevention System for Protecting Smart Grids from ICMPv6 Vulnerabilities,” in Proceedings of the 2014 Federated Conference on Computer Science and Information Systems, ser. Annals of Computer Science and Information Systems, M. P. M. Ganzha L. Maciaszek, Ed., vol. 2. IEEE, 2014. pages 1539–1547. http://dx.doi.org/10.15439/2014F287
  17. A. Bialas, “Experimentation tool for critical infrastructures risk management,” in Proceedings of the 2015 Federated Conference on Computer Science and Information Systems, ser. Annals of Computer Science and Information Systems, M. Ganzha, L. Maciaszek, and M. Paprzycki, Eds., vol. 5. IEEE, 2015. pp. 1099–1106. http://dx.doi.org/10.15439/2015F77
  18. H. Khurana, M. Hadley, and D. Frincke, “Smart-grid security issues,” IEEE Security & Privacy Magazine, vol. 8, no. 1, pp. 81–85, jan 2010. http://dx.doi.org/10.1109/MSP.2010.49.
  19. “DEnSeK (Distributed Energy Security Knowledge) - project website.” http://www.densek.eu/
  20. M. R. Endsley and D. J. Garland, Situation Awareness Analysis and Measurement. CRC Press, Inc., 2000.
  21. “Snort Home Page.” http://www.snort.org/
  22. Z. Zhou, “The study on network intrusion detection system of Snort,” in 2010 International Conference on Networking and Digital Society, vol. 2. IEEE, may 2010. http://dx.doi.org/10.1109/ICNDS.2010.5479341. ISBN 978-1-4244-5162-3 pp. 194–196.
  23. OISF, “Suricata - Open Source IDS / IPS / NSM engine.” http://suricata-ids.org/
  24. “The Bro Network Security Monitor,” 2016. https://www.bro.org/
  25. G. K. Varadarajan, “Web Application Attack Analysis Using Bro IDS,” 2012. http://www.sans.org/reading-room/whitepapers/detection/web-application-attack-analysis-bro-ids-34042
  26. “Argos,” 2016. https://sourceforge.net/projects/argos-scada-en/
  27. “Apache Kafka: a high-throughput distributed messaging system,” 2016. http://kafka.apache.org/