Figure 2 - available via license: CC BY
Content may be subject to copyright.
Source publication
The increasing proliferation of distributed energy resources (DERs) on the smart grid has made distributed solar and wind two key contributors to the expanding attack surface of the network; however, there is a lack of proper understanding and enforcement of DER communications security requirements. With vendors employing proprietary methods to mit...
Contexts in source publication
Context 1
... to understand how these protocols operate, a mapping between the TCP/IP stack and the OSI model must be understood. This mapping is shown in Figure 2. The TCP/IP stack, also called the Internet Protocol Suite or the U.S. Department of Defense model, has four layers of abstraction, and the OSI model has seven [16]. ...
Context 2
... primarily for connecting devices over the Internet, the TCP/IP stack facilitates point-to-point communications and prescribes how data must be framed, packeted, segmented, encoded/decoded, transmitted/received, and, finally, used for higher level user applications; however, the OSI model is more rigid in its definition of layers and does not pertain to the Internet networks. Figure 2 that the Network Interface layer of the TCP/IP stack corresponds to the Physical and Data Link layers of the OSI model, the Internet layer serves a function similar to the OSI's Network layer, followed by the Transport layer, which is attributed commonly in both. Although the OSI model distinguishes the Sesssion, Presentation, and Application layers for establishing connections, sustaining context, and interfacing with the applications, the TCP/IP stack encapsulates these services into a single layer called the Application. ...
Citations
... QoS relates to various layers within the OSI model. The QoS parameters associated with service primitives and Protocol Data Unit (PDU) are shown in the illustration 3 [16]. ...
The current trend of converging various network types, coupled with the rising traffic volumes and the increasing use of real-time and multimedia applications, has necessitated the transportation of diverse types of traffic, particularly those sensitive to latency. Traditional TCP/IP networks fall short in providing the required Quality of Service (QoS) for these applications, prompting the development of supplementary mechanisms to meet the necessary service levels. Additionally, the advent of new multimedia and cloud services, the expansion of the Internet of Things (IoT), and the integration of optical and wireless communications within the 5G optical network framework demand modifications to network infrastructure. These changes are essential to accommodate scalable traffic growth while simultaneously maintaining high levels of dynamic connectivity, complete flexibility, and enhanced energy efficiency. Within this context, QoS is crucial across all layers of the OSI model, ensuring effective and reliable data transmission within network systems.
... [ [31][32][33] Connected to the utility and third parties via the Internet. ...
... Also, DER devices are designed with limited processing capabilities to minimize costs. As a result, many DERs natively communicate using plaintext Modbus, exposing DER communications to potential security weaknesses [31][32][33]. ...
With the trend of large-scale renewable distributed energy sources (DERs) penetrating into the smart grids (SGs), the SGs entail heavy reliance on information and communication technologies (ICT) and increasing impact of social behaviors on system operation and management. The SGs can be viewed as cyber–physical–social systems (CPSSs). However, the deep coupling of cyber, physical, and social spaces leads the SGs to be more complex and openness, and thus, a higher risk of exposure to various threats. To study the threats, countermeasures, and challenges of the high-DER-penetrated SGs from a cyber–physical–social perspective, the key features of the SGs on devices, networks, and applications are first analyzed. On this basis, the threats faced by the SGs due to the widespread deployment of terminal devices, open network environments, and the increasing importance of social behaviors are analyzed. Subsequently, the limitations of the deployed security measures in current power systems are discussed, and an overview of the state-of-art countermeasures for the SGs security faced by the threats is organized in three stages: prevention, detection, and mitigation. Finally, the research challenges, key gaps, and future directions for security enhancement of the SGs are also discussed.
... An SLR is a process that allows the collection, categorization and structuring of existing information on a topic of investigative interest, in this case, in cybersecurity. Thus, for the design of the SLR, the protocol proposed by Petersen et al. [5], In addition to the guidelines set forth by Kitchenham [6] and Budgen et al. [7], with which, the following activities were carried out: (1) Apply Goal-Question-Metric (GQM) approach; (2) Define search and selection strategy; (3) 3 Conducting the review; and (4) Reporting the review. A detailed description of each of the activities carried out is presented in the following sections. ...
Introducción: Los Sistemas Ciber-físicos (CPS) requieren cambio en ciberseguridad por amenazas cibernéticas y la llegada de computación cuántica. A pesar del interés, obstáculos principales para adopción son ciberseguridad y protección dinámica. Investigación busca caracterizar Modelo de Referencia de Ciberseguridad para CPS en Infraestructuras Críticas, considerando limitaciones.
Objetivo: Caracterizar el modelo de referencia de ciberseguridad que prevenga ataques en CPS en infraestructuras críticas ante la llegada de la computación cuántica. Se analizan estudios primarios para identificar desarrollo de ciberseguridad en CPS. Metodología: Proceso incluye objetivos, preguntas, estrategias de búsqueda, criterios, calidad de estudios y datos. Se usaron métodos como Goal Question Metrics (GQM) y el modelo Population Intervention Comparison Outcome (PICO).
Resultados: De 630 estudios iniciales, 133 se consideraron relevantes, finalmente se seleccionaron 33 primarios. Se identificaron 3 tipos de vulnerabilidades, 25 desafíos, 8 tipos de ataques y 20 tipos de razones en ciberseguridad de CPS en la era cuántica, incluido impacto en criptografía. Aún no hay ataques a CPS mediante equipos cuánticos conocidos, pero hay riesgos potenciales. Conclusiones: La ciberseguridad de CPS en la era cuántica se ve comprometida por desafíos en criptografía. Transición esencial a algoritmos resistentes, pero la falta de preparación y comprensión de la comunidad de ciberseguridad es un gran obstáculo. Se enfatiza en la colaboración para abordar desafíos cuánticos. Se requiere respuesta integral para proteger CPS en la era cuántica.
... QoS relates to various layers within the OSI model. The QoS parameters associated with service primitives and Protocol Data Unit (PDU) are shown in the illustration 3 [16]. ...
The current trend of converging various network types, coupled with the rising traffic volumes and the increasing use of real-time and multimedia applications, has necessitated the transportation of diverse types of traffic, particularly those sensitive to latency. Traditional TCP/IP networks fall short in providing the required Quality of Service (QoS) for these applications, prompting the development of supplementary mechanisms to meet the necessary service levels. Additionally, the advent of new multimedia and cloud services, the expansion of the Internet of Things (IoT), and the integration of optical and wireless communications within the 5G optical network framework demand modifications to network infrastructure. These changes are essential to accommodate scalable traffic growth while simultaneously maintaining high levels of dynamic connectivity, complete flexibility, and enhanced energy efficiency. Within this context, QoS is crucial across all layers of the OSI model, ensuring effective and reliable data transmission within network systems.
... Ethernet-based protocols offer high-speed communication and support a large number of devices but are prone to higher transmission delays in harsh conditions, which can be detrimental to real-time wind turbine control [6]. Based on these comparisons, the RS-485 interface was selected as the optimal choice due to its balance of long-distance communication, high noise immunity, and flexibility in multi-point networks [7]. ...
This article explores and optimizes network technologies for wind energy systems, focusing on the RS-485 interface to ensure reliable data transmission in extreme conditions. The study aims to address the impact of various distortions on data quality and wind turbine management. A system was proposed with two wind turbines, each equipped with a Raspberry Pi 4, connected to sensors measuring temperature, vibration, and wind speed. The research examined how data transmission rates affect signal shape, calculating the distortion coefficient. At 460,800 baud, the signal was almost completely distorted, with significant amplitude loss. The distortion coefficients were 1.84 for logic ‘1’ and 1.92 for logic ‘0’. The optimal speed to minimize distortions was found to be 19,200 baud, providing the most stable signal. Additionally, temperature significantly impacted transmission quality, highlighting the need to consider climatic conditions in system design. The findings and methods can help improve existing data transmission systems and enhance wind turbine performance.
... Firewall rules Antivirus solution installed [90] Encryption implementation [91] Prediction framework: cellular computational network (CCN) [92] IDS [80] Man-in-the-middle attack Communication protocol encryption Network security (microsegmentation, firewall, proxy, load balancer rules) [93] Data encryption [94] Encryption and checksum implementation [95] Transport Layer Security (TLS) protocol [92] SSH public key authentication [93] Relay attack Use of secured protocol (sTELNET instead of TELNET protocol, or FTP-SSL for file transfer instead of DTP) [93] Password attack Implementation of least privilege principle Implementation of MFA (Multi-factor authentication) [96] Strong password Role-based access ...
In recent years, interest in renewable energy and photovoltaic systems has increased significantly. The design and implementation of photovoltaic systems are various, and they are in continuous development due to the technologies used. Photovoltaic systems are becoming increasingly complex due to the constantly changing needs of people, who are using more and more intelligent functions such as remote control and monitoring, power/energy prediction, and detection of broken devices. Advanced remote supervision and control applications use artificial intelligence approaches and expose photovoltaic systems to cyber threats. This article presents a detailed examination of the applications of various remote-control, artificial intelligence, and cybersecurity techniques across a diverse range of solar energy sources. The discussion covers the latest technological innovations, research outcomes, and case studies in the photovoltaics field, as well as potential challenges and the possible solutions to these challenges.
... Rather they exercise different proprietary security methods, which complicates the interoperability and standardization in resilient DER-based infrastructure [20]. To ensure adaptable communication between rising DERs and control systems of different manufacturers, vendors should conform to generalized IEC-61850, Modbus, DNP3, IEEE 2030.5, and other security protocols [21] [22]. However, Modbus and DNP3, which are the most used protocols, are vulnerable to interception and deciphering attacks, hence should be fortified with additional measures such as TLS as shown in our paper. ...
... However, Modbus and DNP3, which are the most used protocols, are vulnerable to interception and deciphering attacks, hence should be fortified with additional measures such as TLS as shown in our paper. That brings the necessity of standard cyber security measures in procurement language while buying DER equipment that comes only with moderate security measures [21]. Furthermore, as the number of inverter-based DERs continues to rise, ensuring scalability becomes an essential requirement to effectively cater to the demands of the future [20]. ...
The power grid is evolving with the increased integration of Distributed Energy Resources (DERs) and the growing need for bidirectional communication to manage DERs. As this evolution unfolds, the communication system supporting the power grid operation demands through analysis. Traditionally sparse wired mediums can not support increasing number of DERs connection. The continuous advancement of alternative wireless technologies provides possibility of efficient and economical communication methods. This paper explores the multifaceted area of alternative communication mediums tailored for DERcentric power distribution networks (PDN). A meticulous examination of the performance of diverse alternative mediums supported by experimental analysis and measured against a set of performance metrics, are presented. A comprehensive comparative analysis and guidelines considering existing protocols, to ensure a resilient power distribution system with DERs are also provided, highlighting the role of communication systems for a distributed energy landscape.
... With a focus on PV and wind DERs, the authors in [232] presented a comprehensive review of the key vulnerabilities in communication protocols used by the DERs to better un-derstand the DER security challenges. DER communication systems are composed of 4 layers; 1) the physical layer that includes fundamental devices and channels employed for connectivity, 2) the data link layer, which includes different protocols such as Ethernet, Frame relay and Asynchronous Transfer Mode, 3) the network layer that defines the data packet paths within the communication network, and 4) the transport layer where Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) connections are made. ...
Distribution systems are evolving from traditional passive networks into, what is known as, Active Distribution Networks (ADNs). Unlike traditional distribution networks, ADNs are characterized by bi-directional power flow, the high penetration of DERs, storage capabilities and sophisticated control strategies. Multiple layers of communications, sensing and computation are being integrated into ADNs for monitoring, control and protection of a variety of components and critical operations. This enhanced dependency on information and communication technologies, however, increases the exposure of ADNs to cyber-attacks. Several papers have been published in recent years with a focus on cyber-physical security (CPS) of smart grids. However, the published survey papers primarily emphasize the transmission level of smart grid threats and challenges, with little focus on the ADNs. Given the rapid deployment of ADNs and the increasing cyber threats against power grids and critical infrastructures, we are motivated, in this article, to present a review and survey focused, instead, on the latest research advancements in the area of CPS for ADNs. This paper represents the first survey of timely research in the area of CPS of ADNs with a focus on ADN critical operations and components. The cyber-physical aspects of each critical operation/component are analyzed. In addition, the challenges and requirements of associated communication protocols and standards are presented. Cybersecurity of ADN devices and sensors including Phasor Measurement Units (PMUs), smart meters, advanced metering infrastructure and protection relays are discussed in detail. Moreover, a thorough study of ADNs application drivers and enablers including microgrids, Electric Vehicles (EVs), Internet-of-Things (IoT) and smart homes is conducted. Potential and existing solutions by industry are highlighted. Finally, survey outcomes and directions for future work are presented to highlight emerging avenues of research.
... In severe cases, it could become unmanageable, posing a significant risk to critical infrastructure and the overall reliability of energy supply [17]. As a result, safeguarding the integrity of the Laplacian matrix and developing countermeasures against DoS attacks is crucial for ensuring the continued reliability and resilience of microgrid operations [18]. .While existing research has covered the detection and mitigation of Denial of Service (DoS) attacks, there is a notable gap in the investigation of communication channel alterations caused by these DoS attacks.This paper introduces a deep neural network-based signal estimator to enhance microgrid secondary control's cyber-attack tolerance, mitigating various attacks such as FDI, DoS, and latency attacks, with effective online signal recovery but no indication of impact of communication channel alteration due to DoS attack [19]. ...
... Adversarial capabilities consider the access to DER assets within a given system. For example, an attacker might be able to connect to remote DER devices through legitimate Bluetooth or speedwire connections (i.e., insider case) [41]. Additionally, attackers could possess or have physical access to EV charging stations or to the local area network (LAN) over which DERs communicate [42]. ...
... Data link layer uses the Ethernet protocol which is vulnerable to media access control (MAC) spoofing attacks. MAC addresses can be spoofed, allowing Ethernet frames to be forwarded to adversaries [41]. In addition, MAC flooding attacks target the MAC address tables used by switches to store the information of legitimate devices, and the specific ports to which each device is connected [41]. ...
... MAC addresses can be spoofed, allowing Ethernet frames to be forwarded to adversaries [41]. In addition, MAC flooding attacks target the MAC address tables used by switches to store the information of legitimate devices, and the specific ports to which each device is connected [41]. On the network layer, the cybersecurity of DER device communication is specified by IEEE Std. ...
The digitization and decentralization of the electric power grid are key thrusts for an economically and environmentally sustainable future. Toward this goal, distributed energy resources (DER), including rooftop solar panels, battery storage, electric vehicles, etc., are becoming ubiquitous in power systems. Power utilities benefit from DERs as they minimize operational costs; at the same time, DERs grant users and aggregators control over the power they produce and consume. DERs are interconnected, interoperable, and support remotely controllable features; thus, their cybersecurity is of cardinal importance. DER communication dependencies and the diversity of DER architectures widen the threat surface and aggravate the cybersecurity posture of power systems. In this work, we focus on security oversights that reside in the cyber and physical layers of DERs and can jeopardize grid operations. The existing works have underlined the impact of cyberattacks targeting DER assets; however, they either focus on specific system components (e.g., communication protocols), do not consider the mission-critical objectives of DERs, or neglect the adversarial perspective (e.g., adversary/attack models) altogether. To address these omissions, we comprehensively analyze adversarial capabilities and objectives when manipulating DER assets, and then present how protocol and device-level vulnerabilities can materialize into cyberattacks impacting power system operations. Finally, we provide mitigation strategies to thwart adversaries and directions for future DER cybersecurity research.