Figure 2 - available via license: CC BY
Content may be subject to copyright.
The logical mapping between OSI basic reference model and the TCP/IP stack.

The logical mapping between OSI basic reference model and the TCP/IP stack.

Source publication
Article
Full-text available
The increasing proliferation of distributed energy resources (DERs) on the smart grid has made distributed solar and wind two key contributors to the expanding attack surface of the network; however, there is a lack of proper understanding and enforcement of DER communications security requirements. With vendors employing proprietary methods to mit...

Contexts in source publication

Context 1
... to understand how these protocols operate, a mapping between the TCP/IP stack and the OSI model must be understood. This mapping is shown in Figure 2. The TCP/IP stack, also called the Internet Protocol Suite or the U.S. Department of Defense model, has four layers of abstraction, and the OSI model has seven [16]. ...
Context 2
... primarily for connecting devices over the Internet, the TCP/IP stack facilitates point-to-point communications and prescribes how data must be framed, packeted, segmented, encoded/decoded, transmitted/received, and, finally, used for higher level user applications; however, the OSI model is more rigid in its definition of layers and does not pertain to the Internet networks. Figure 2 that the Network Interface layer of the TCP/IP stack corresponds to the Physical and Data Link layers of the OSI model, the Internet layer serves a function similar to the OSI's Network layer, followed by the Transport layer, which is attributed commonly in both. Although the OSI model distinguishes the Sesssion, Presentation, and Application layers for establishing connections, sustaining context, and interfacing with the applications, the TCP/IP stack encapsulates these services into a single layer called the Application. ...

Citations

... Adversarial capabilities consider the access to DER assets within a given system. For example, an attacker might be able to connect to remote DER devices through legitimate Bluetooth or speedwire connections (i.e., insider case) [34]. Additionally, attackers could possess or have physical access to EV charging stations or to the local area network (LAN) over which DERs communicate [35]. ...
... Data link layer uses the Ethernet protocol which is vulnerable to media access control (MAC) spoofing attacks. The MAC address can be spoofed allowing Ethernet frames to be forwarded to adversaries [34]. In addition, MAC flooding attacks target the MAC address tables used by switches to store the information of legitimate devices, as well as the specific ports (of the switch) that each device is connected to [34]. ...
... The MAC address can be spoofed allowing Ethernet frames to be forwarded to adversaries [34]. In addition, MAC flooding attacks target the MAC address tables used by switches to store the information of legitimate devices, as well as the specific ports (of the switch) that each device is connected to [34]. On the network layer, the cybersecurity of DER device communication is specified by IEEE Std. ...
Preprint
Full-text available
The digitalization and decentralization of the electric power grid are key thrusts towards an economically and environmentally sustainable future. Towards this goal, distributed energy resources (DER), including rooftop solar panels, battery storage, electric vehicles, etc., are becoming ubiquitous in power systems, effectively replacing fossil-fuel based generation. Power utilities benefit from DERs as they minimize transmission costs, provide voltage support through ancillary services, and reduce operational risks via their autonomous operation. Similarly, DERs grant users and aggregators control over the power they produce and consume. Apart from their sustainability and operational objectives, the cybersecurity of DER-supported power systems is of cardinal importance. DERs are interconnected, interoperable, and support remotely controllable features, thus, their cybersecurity should be thoroughly considered. DER communication dependencies and the diversity of DER architectures (e.g., hardware/software components of embedded devices, inverters, controllable loads, etc.) widen the threat surface and aggravate the cybersecurity posture of power systems. In this work, we focus on security oversights that reside in the cyber and physical layers of DERs and can jeopardize grid operations. We analyze adversarial capabilities and objectives when manipulating DER assets, and then present how protocol and device -level vulnerabilities can materialize into cyberattacks impacting power system operations. Finally, we provide mitigation strategies to thwart adversaries and directions for future DER cybersecurity.
... IEEE 1815 (also known as distributed networking protocol 3.0, DNP3) and Modicon communication bus (Modbus) are very commonly used for DER communications [172], both of which present security deficiencies. IEEE 1547-2018, a standard covering specifications for interoperability between electric utility operators and DERs preconizes communications over Sunspec Modbus, DNP3 and IEEE 2030.5 IoT protocol [173]. ...
... VPN is often used by vendors and system integrators to access OT networks and, if compromised, can allow hard-to-detect adversary access into operation environments [230]. Remote connection capabilities are commonly used to monitor the OT assets, perform software updates, or perform maintenance [172], [231]. Complex systems like large power plants are often supported by multiple equipment manufacturers and other specialized service providers that may access the ICS network to monitor or remotely control devices, which multiplies the risk of exploitation in vulnerabilities present in remote connection systems. ...
... Protecting communication assets such as cables, switches and other devices from inadvertent and intentional damage reduces the risk of losing data availability caused by a physically-induced failure in communications, such as disconnecting a cable or asset theft. Insufficient physical access controls can also allow malicious actors to alter system settings through an unprotected HMI, manipulate system calibration or damaging equipment [172]. Furthermore, very often DER communicates do not encrypt data, which might allow a malicious actor wiretapping a physical communications device to access the data being transmitted [173]. ...
Article
Full-text available
This paper presents a literature review on current practices and trends on cyberphysical security of grid-connected battery energy storage systems (BESSs). Energy storage is critical to the operation of Smart Grids powered by intermittent renewable energy resources. To achieve this goal, utility-scale and consumer-scale BESS will have to be fully integrated into power systems operations, providing ancillary services and performing functions to improve grid reliability, balance power and demand, among others. This vision of the future power grid will only become a reality if BESS are able to operate in a coordinated way with other grid entities, thus requiring significant communication capabilities. The pervasive networking infrastructure necessary to fully leverage the potential of storage increases the attack surface for cyberthreats, and the unique characteristics of battery systems pose challenges for cyberphysical security. This paper discusses a number of such threats, their associated attack vectors, detection methods, protective measures, research gaps in the literature and future research trends.
... OpenADR, formerly IEC 62746-10-1, is an OSI L7 [59] open demand-response protocol provided by the OpenADR Alliance. OpenADR is developed to support the CSMS-DSO communication [60]. ...
Article
Full-text available
The increased use of smart Electric Vehicles (EVs) and Plug-in Electric Vehicles (PEV) opened a new area of research and development. The number of EV charging sites has considerably increased in residential as well as in public areas. Within these EV charging sites, various entities need to communicate in a secure and efficient way. The Open Charge Point Protocol (OCPP) offers a way to coordinate this communication and is already being used in many implementations. However, only the latest OCPP 2.0 version of the protocol includes certain security features. In this article, we present the entities that take part in an OCPP-based smart charging scenario, we identify security issues and threats and present solutions that have been proposed by scholars.We identify open security issues for OCPP and propose future research directions for the security enhancement of the protocol.
... To deal with DoS attacks with prohibited information, current research efforts focus on three categories: (a) by investigating the methodology for the attack and challenges [7]; (b) on techniques for detection of such occurrences [8], [9]; (b) and mitigating strategies to remove such attacks [10], [11]. The resilient operation of the control system has been studied for DERs connected to the grid or operating in standalone mode [12], [13]. ...
Conference Paper
Full-text available
This paper introduces two novel control solutions, which allow localised delay compensation for grid-connected and standalone inverters. As the prediction horizon of the existing controllers are quite small as compared to large communication delays and information unavailability due to denial-of-service (DoS) attacks, the proposed strategy offers a robust delay mitigation range using localized dynamics. Its design philosophy is leveraged via a prediction policy using the inner control loop dynamics. Based on different control objectives in grid-connected and standalone mode, the proposed solutions have been augmented into the control system accordingly. Finally, its robustness under various communication delay and DoS attacks have been tested.
... The device level attacks can also be studied from a network stack perspective. A detailed analysis of key vulnerabilities for solar and wind controllers at the protocol level guides discussion for best practices for improving DER cybersecurity [27]. These studies are useful as a reference but do not specifically analyze grid-scale batteries. ...
Article
Full-text available
The share of renewable and distributed energy resources (DERs), like wind turbines, solar photovoltaics and grid-connected batteries, interconnected to the electric grid is rapidly increasing due to reduced costs, rising efficiency, and regulatory requirements aimed at incentivizing a lower-carbon electricity system. These distributed energy resources differ from traditional generation in many ways including the use of many smaller devices connected primarily (but not exclusively) to the distribution network, rather than few larger devices connected to the transmission network. DERs being installed today often include modern communication hardware like cellular modems and WiFi connectivity and, in addition, the inverters used to connect these resources to the grid are gaining increasingly complex capabilities, like providing voltage and frequency support or supporting microgrids. To perform these new functions safely, communications to the device and more complex controls are required. The distributed nature of DER devices combined with their network connectivity and complex controls interfaces present a larger potential attack surface for adversaries looking to create instability in power systems. To address this area of concern, the steps of a cyberattack on DERs have been studied, including the security of industrial protocols, the misuse of the DER interface, and the physical impacts. These different steps have not previously been tied together in practice and not specifically studied for grid-connected storage devices. In this work, we focus on grid-connected batteries. We explore the potential impacts of a cyberattack on a battery to power system stability, to the battery hardware, and on economics for various stakeholders. We then use real hardware to demonstrate end-to-end attack paths exist when security features are disabled or misconfigured. Our experimental focus is on control interface security and protocol security, with the initial assumption that an adversary has gained access to the network to which the device is connected. We provide real examples of the effectiveness of certain defenses. This work can be used to help utilities and other grid-connected battery owners and operators evaluate the severity of different threats and the effectiveness of defense strategies so they can effectively deploy and protect grid-connected storage devices.
... The broadcasting of false ARP packets allows an attacker to interrupt the communications temporally or definitively between power substations and the AMI. Confidentiality, integrity and availability are impacted by masquerading attacks, together with authentication and access control, especially in the ethernet protocol [144]. Finally, man-in-the-middle (MITM) attacks represent an important security breach for the AMI [145], since the attacker intercepts, without corrupting them, messages exchanged by the data concentrator and the AMI, with the result that such attacks are almost undetectable. ...
Article
Full-text available
During the last decade, the smart grid (SG) concept has started to become a reality, mainly thanks to the technical progress achieved in telecommunications, informatics and power electronics, among other domains, leading to an evolution of the traditional electrical grid into an intelligent one. Nowadays, the SG can be seen as a system of smart systems that include cyber and physical parts from different technologies that interact with each other. In this context, intelligent buildings (IBs) constitute a paradigm in which such smart systems are able to guarantee the comfort of residents while ensuring an appropriate tradeoff of energy production and consumption by means of an energy management system (EMS). These interconnected EMSs remain the objective of potential cyber-attacks, which is a major concern. Therefore, this paper conducts a survey, from a multidisciplinary point of view, of some of the main security and privacy issues related to IBs as part of the SG, including an overview of EMS, smart meters, and the main communication networks employed to connect IBs to the overall SG. Future research directions towards a security enhancement from both technical and human perspectives are also provided.
... This ties closely with disaster response, which is another area where the use of CPS can reduce the chaos caused by natural disasters or other large-scale emergencies. These systems can be implemented to manage evacuations, and create scheduled departures that will reduce congestion and accidents that would further delay evacuations [3,4]. Various other applications find promise in cyber physical systems. ...
Chapter
This chapter presents a comprehensive review of the impacts of cyber attacks on the smart distribution grid and discusses the potential methods in the literature to mitigate them. The review considers different real-world case studies of successful cyber attacks on multiple grid assets, including networks with high-penetration of distributed energy resources (DERs). A specific use-case of a false data injection (FDI) attack on a photovoltaic (PV) production meter data used for 15-minute ahead forecasting is presented. The false data from the production meter causes the command and control center to give incorrect operational settings to the grid. The various impacts of this incorrect operational settings on the dynamics on the grid is theoretically analyzed, followed by simulation studies of this scenario on an IEEE 34 bus system with three PVs, one synchronous generator, and one energy storage. The impact of FDI on the system is analyzed by measuring the nodal voltages, the current flowing through the lines, and the systems’ active and reactive power losses. The results show that the FDI could potentially cause cascading failures due to possible over current and voltage collapse. This monograph also proposes an adaptive protection system based on a neural network model. This allows the network protection scheme to learn (based on the historical data) the dynamics of the system over time and adequately adapt the protection settings of the relays autonomously despite an FDI attack on the PV production meter. This study will be of particular importance to the utility and DER installers to proactively mitigate FDI attacks, thereby improving the overall situation awareness.
... The communication vulnerabilities associated with DERs has been outlined in Reference [131] identifying physical, data link, network, and transport layers of vulnerabilities, potential attacks, and existing solutions. These existing solutions include basic security controls, such as role-based access controls and intrusion detection, and advanced security controls, such as transport layer security and session renegotiation. ...
Article
Full-text available
Fundamental shifts in the structure and generation profile of electrical grids are occurring amidst increased demand for resilience. These two simultaneous trends create the need for new planning and operational practices for modern grids that account for the compounding uncertainties inherent in both resilience assessment and increasing contribution of variable inverter-based renewable energy sources. This work reviews the research work addressing the changing generation profile, state-of-the-art practices to address resilience, and research works at the intersection of these two topics in regards to electrical grids. The contribution of this work is to highlight the ongoing research in power system resilience and integration of variable inverter-based renewable energy sources in electrical grids, and to identify areas of current and further study at this intersection. Areas of research identified at this intersection include cyber-physical analysis of solar, wind, and distributed energy resources, microgrids, network evolution and observability, substation automation and self-healing, and probabilistic planning and operation methods.
... However, these frameworks can not fully address the cybersecurity requirements of DER units since the interaction of the communication network and power system is not adequately taken into account. Rigorous cybersecurity analyses for DER coordinated control systems and the development of efficient detection and mitigation approaches require a detailed modeling of both the power system and the communication network [7]. In [8] a java-based multi-agent framework for studying the cybersecurity of a central energy management system has been proposed. ...
Article
In this paper, the resilience of a coordinated control system for a set of PV-based distributed energy resources (DERs) against false data injection (FDI) attacks is evaluated. The evaluation is performed using a functional mock-up interface (FMI)-compatible cosimulation platform which enables the interaction of multi-domain simulators (EMTP, MATLAB/Simulink, and NS-3). The cosimulation platform permits rigorous analysis of cybersecurity through detailed modeling of all system components. The DER coordinated control and communication systems implemented on the IEEE-34 bus benchmark consist of measurement, control and monitoring components including substation central controller, DER local controllers, synchrophasor network and advanced metering infrastructure (AMI). Some DERs are equipped with an energy storage system (ESS) and coordinated by the central control unit in order to correct voltage disturbances resulting from the intermittent solar photovoltaic (PV) generation. The FDI attack targets the AMI system and aims at manipulating the load profile messages reported by the smart meter collector, thus yielding a central control failure. To detect the attacks and mitigate their impacts, a neural network-based algorithm is proposed and incorporated in the central control unit. The effectiveness of the proposed detection and mitigation algorithm is confirmed through simulations using the proposed FMI-compatible cosimulation platform.
... Wireless sensor networks can be divided based on their coverage range, with LASNs at customer level, MASNs up to the distribution grid level, and WASNs extending beyond distribution grids. A host of communications protocols are used, the elaboration of which can be found in the authors' previous work [15]. Preprocessing (PrP): In centralized computing, data are transmitted directly to the utility's repository or the cloud, but in decentralized edge or fog computing, preprocessing is pushed closer to data sources [2][3][4]. ...
Article
Full-text available
Big data standards and capability maturity models (CMMs) help developers build applications with reduced coupling and increased breadth of deployment. In smart grids, stakeholders currently work with data management techniques that are unique and customized to their own goals, thereby posing challenges for grid-wide integration and deployment. Although big data standards and CMMs exist for other domains, no work in the literature considers adapting them to smart grids, which will benefit from both. Further, existing smart grid standards and CMMs do not fully account for big data challenges. This paper bridges the gap by analyzing the role of big data in smart grids, and explores if and how big data standards and CMMs can be adapted specifically to 10 distributed generation use-cases that use big data. In doing so, this work provides a useful starting point for researchers and industry members developing standards and CMM assessments for smart grid distributed generation.