This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure

It is often appealing to assume that existing solutions can be directly applied to emerging engineering domains. Unfortunately, careful investigation of the unique challenges presented by new domains exposes its idiosyncrasies, thus often requiring new approaches and solutions. In this paper, we argue that the “smart” grid, replacing its incredibly successful and reliable predecessor, poses a series of new security challenges, among others, that require novel approaches to the field of cyber security. We will call this new field cyber-physical security. The tight coupling between information and communication technologies and physical systems introduces new security concerns, requiring a rethinking of the commonly used objectives and methods. Existing security approaches are either inapplicable, not viable, insufficiently scalable, incompatible, or simply inadequate to address the challenges posed by highly complex environments such as the smart grid. A concerted effort by the entire industry, the research community, and the policy makers is required to achieve the vision of a secure smart grid infrastructure.

[1]  William F. Tinney,et al.  Power Flow Solution by Newton's Method , 1967 .

[2]  Annabelle Lee,et al.  Guidelines for Smart Grid Cyber Security , 2010 .

[3]  Lingfeng Wang,et al.  Smart meters for power grid — Challenges, issues, advantages and status , 2011, 2011 IEEE/PES Power Systems Conference and Exposition.

[4]  Emma Marris,et al.  Energy: Upgrading the grid , 2008, Nature.

[5]  Bruno Sinopoli,et al.  False Data Injection Attacks in Electricity Markets , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[6]  Bruno Sinopoli,et al.  Secure control against replay attacks , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[7]  Sanjam Garg,et al.  Unified Architecture for Large-Scale Attested Metering , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[8]  Carl A. Gunter,et al.  Cumulative Attestation Kernels for Embedded Systems , 2009, ESORICS.

[9]  Pradeep K. Khosla,et al.  SWATT: softWare-based attestation for embedded devices , 2004, IEEE Symposium on Security and Privacy, 2004. Proceedings. 2004.

[10]  João Pedro Hespanha,et al.  A Survey of Recent Results in Networked Control Systems , 2007, Proceedings of the IEEE.

[11]  Dmitry Podkuiko,et al.  Embedded Firmware Diversity for Smart Electric Meters , 2010, HotSec.

[12]  Elias Leake Quinn,et al.  Smart Metering and Privacy: Existing Laws and Competing Policies , 2009 .

[13]  Heejo Lee,et al.  Resiliency of Network Topologies under Path-Based Attacks , 2006, IEICE Trans. Commun..

[14]  F.M. Cleveland,et al.  Cyber security issues for Advanced Metering Infrasttructure (AMI) , 2008, 2008 IEEE Power and Energy Society General Meeting - Conversion and Delivery of Electrical Energy in the 21st Century.

[15]  Lang Tong,et al.  Limiting false data attacks on power system state estimation , 2010, 2010 44th Annual Conference on Information Sciences and Systems (CISS).

[16]  Carl A. Gunter,et al.  Cumulative Attestation Kernels for Embedded Systems , 2009, IEEE Transactions on Smart Grid.

[17]  Peng Ning,et al.  False data injection attacks against state estimation in electric power grids , 2009, CCS.

[18]  A. G. Expósito,et al.  Power system state estimation : theory and implementation , 2004 .

[19]  R. Sanfelice,et al.  Hybrid dynamical systems , 2009, IEEE Control Systems.

[20]  Lingfeng Wang,et al.  Smart meters for power grid — Challenges, issues, advantages and status , 2011 .

[21]  Deepa Kundur,et al.  Towards a Framework for Cyber Attack Impact Analysis of the Electric Smart Grid , 2010, 2010 First IEEE International Conference on Smart Grid Communications.

[22]  E. Gilder,et al.  The Authors , 1977 .

[23]  Tansu Alpcan,et al.  Network Security , 2010 .

[24]  Elaine B. Barker,et al.  A Framework for Designing Cryptographic Key Management Systems , 2014 .

[25]  L. B. Milstein,et al.  Theory of Spread-Spectrum Communications - A Tutorial , 1982, IEEE Transactions on Communications.

[26]  S.M. Amin For the Good of the Grid , 2008, IEEE Power and Energy Magazine.

[27]  Bruce Renz,et al.  Understanding the Benefits of the Smart Grid , 2010 .

[28]  Ning Lu,et al.  Smart-grid security issues , 2010, IEEE Security & Privacy.

[29]  B. Sinopoli,et al.  Mechanisms to Provide Integrity in SCADA and PCS devices ∗ , 2008 .

[30]  Mohammad Shahidehpour,et al.  Impact of Security on Power Systems Operation , 2005, Proceedings of the IEEE.

[31]  Sujeet Shenoi,et al.  Attack taxonomies for the Modbus protocols , 2008, Int. J. Crit. Infrastructure Prot..

[32]  A. Perrig,et al.  Secure and Efficient Capability-Based Power Management in the Smart Grid , 2011, 2011 IEEE Ninth International Symposium on Parallel and Distributed Processing with Applications Workshops.

[33]  Karl Henrik Johansson,et al.  On Security Indices for State Estimators in Power Networks , 2010 .

[34]  Patrick D. McDaniel,et al.  Security and Privacy Challenges in the Smart Grid , 2009, IEEE Security & Privacy.