Secure and Private Smart Grid: The SPEAR Architecture

Information and Communication Technology (ICT) is an integral part of Critical Infrastructures (CIs), bringing both significant pros and cons. Focusing our attention on the energy sector, ICT converts the conventional electrical grid into a new paradigm called Smart Grid (SG), providing crucial benefits such as pervasive control, better utilisation of the existing resources, self-healing, etc. However, in parallel, ICT increases the attack surface of this domain, generating new potential cyberthreats. In this paper, we present the Secure and PrivatE smArt gRid (SPEAR) architecture which constitutes an overall solution aiming at protecting SG, by enhancing situational awareness, detecting timely cyberattacks, collecting appropriate forensic evidence and providing an anonymous cybersecurity information-sharing mechanism. Operational characteristics and technical specifications details are analysed for each component, while also the communication interfaces among them are described in detail.

[1]  Dimitrios Tzovaras,et al.  A Survey On Honeypots, Honeynets And Their Applications On Smart Grid , 2019, 2019 IEEE Conference on Network Softwarization (NetSoft).

[2]  David Fernández,et al.  Enabling an Anatomic View to Investigate Honeypot Systems: A Survey , 2017, IEEE Systems Journal.

[3]  EMMANOUIL VASILOMANOLAKIS,et al.  Taxonomy and Survey of Collaborative Intrusion Detection , 2015, ACM Comput. Surv..

[4]  Cynthia Wagner,et al.  MISP: The Design and Implementation of a Collaborative Threat Intelligence Sharing Platform , 2016, WISCS@CCS.

[5]  Panagiotis G. Sarigiannidis,et al.  Towards an anonymous incident communication channel for electric smart grids , 2018, PCI.

[6]  Panagiotis G. Sarigiannidis,et al.  Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems , 2019, IEEE Access.

[7]  Jules Sarrat,et al.  DPIA: How to Carry Out One of the Key Principles of Accountability , 2018, APF.

[8]  Yue Zhao,et al.  PyOD: A Python Toolbox for Scalable Outlier Detection , 2019, J. Mach. Learn. Res..

[9]  Manoj Singh Gaur,et al.  A Systematic Survey on Cloud Forensics Challenges, Solutions, and Future Directions , 2019, ACM Comput. Surv..

[10]  Rafal Leszczyna,et al.  Evaluation of open source SIEM for situation awareness platform in the smart grid environment , 2015, 2015 IEEE World Conference on Factory Communication Systems (WFCS).

[11]  Ing-Ray Chen,et al.  A survey of intrusion detection techniques for cyber-physical systems , 2014, ACM Comput. Surv..

[12]  Song Tan,et al.  Survey of Security Advances in Smart Grid: A Data Driven Approach , 2017, IEEE Communications Surveys & Tutorials.

[13]  Emmanouil Panaousis,et al.  Attacking IEC-60870-5-104 SCADA Systems , 2019, 2019 IEEE World Congress on Services (SERVICES).

[14]  Panagiotis Sarigiannidis,et al.  A Novel and Interactive Industrial Control System Honeypot for Critical Smart Grid Infrastructure , 2019, 2019 IEEE 24th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks (CAMAD).

[15]  Forensic analysis , 2016, Electrophoresis.

[16]  Wenchang Shi,et al.  A Survey on Digital Forensics in Internet of Things , 2020, IEEE Internet of Things Journal.

[17]  Kelly M. Kavanagh,et al.  Magic Quadrant for Security Information and Event Management , 2011 .

[18]  Taufik Abrão,et al.  Network Anomaly Detection System using Genetic Algorithm and Fuzzy Logic , 2018, Expert Syst. Appl..

[19]  H. T. Mouftah,et al.  Smart grid forensic science: applications, challenges, and open issues , 2013, IEEE Communications Magazine.

[20]  Panagiotis G. Sarigiannidis,et al.  Securing the Internet of Things: Challenges, threats and solutions , 2019, Internet Things.

[21]  Ali A. Ghorbani,et al.  Characterization of Tor Traffic using Time based Features , 2017, ICISSP.

[22]  Marcin Nawrocki,et al.  A Survey on Honeypot Software and Data Analysis , 2016, ArXiv.