Optimization of Trust Node Assignment for Securing Routes in Smart Grid SCADA Networks

The move toward a smart power grid has widened the range of cyber vulnerabilities in supervisory control and data acquisition (SCADA) systems. Specialized security hardening devices, such as the trust systems, are being developed to protect energy SCADA networks from possible cyberattacks. The trust systems are network security resources that monitor and act on malicious packets. A node is said to be a trust node when it is equipped with a trust system. This paper investigates the optimal security deployment problem in resource-constrained SCADA networks. It proposes two deployment schemes for inline security devices: 1) link coverage maximization; and 2) minimal path tolerance (MPT). The first scheme focuses on the overall monitoring coverage. It is formulated as a quadratic assignment problem. The second scheme focuses on the hop distance between consecutive trust nodes. It uses a heuristic approach that deploys trust nodes in a distributive manner. The proposed schemes are evaluated considering the IEEE test case topologies under various scenarios. Numerical results demonstrate that the proposed schemes are capable of achieving their primary goals. They also reveal a performance tradeoff between the proposed schemes in the highly resource-constrained scenarios where MPT offers a better distributiveness.

[1]  Hussein T. Mouftah,et al.  A study of resource-constrained cyber security planning for smart grid networks , 2016, 2016 IEEE Electrical Power and Energy Conference (EPEC).

[2]  Hanif D. Sherali,et al.  An improved linearization strategy for zero-one quadratic programming problems , 2006, Optim. Lett..

[3]  H. T. Mouftah,et al.  Latency-aware segmentation and trust system placement in smart grid SCADA networks , 2016, 2016 IEEE 21st International Workshop on Computer Aided Modelling and Design of Communication Links and Networks (CAMAD).

[4]  Scott Graham,et al.  Collaborative, trust-based security mechanisms for a regional utility intranet , 2009, 2009 IEEE Power & Energy Society General Meeting.

[5]  Panayiotis Kotzanikolaou,et al.  Risk mitigation strategies for critical infrastructures based on graph centrality analysis , 2015, Int. J. Crit. Infrastructure Prot..

[6]  Petter Holme,et al.  Congestion and Centrality in Traffic Flow on Complex Networks , 2003, Adv. Complex Syst..

[7]  Song Tan,et al.  Survey of Security Advances in Smart Grid: A Data Driven Approach , 2017, IEEE Communications Surveys & Tutorials.

[8]  Jing Liu,et al.  Achieving Accountability in Smart Grid , 2014, IEEE Systems Journal.

[9]  Rami Puzis,et al.  On Network Footprint of Traffic Inspection and Filtering at Global Scrubbing Centers , 2017, IEEE Transactions on Dependable and Secure Computing.

[10]  Joachim Fabini,et al.  Resilience and Security: A Qualitative Survey of Urban Smart Grid Architectures , 2016, IEEE Access.

[11]  G.M. Coates,et al.  A Trust System Architecture for SCADA Network Security , 2010, IEEE Transactions on Power Delivery.

[12]  W. Art Chaovalitwongse,et al.  An improved linearization technique for a class of quadratic 0-1 programming problems , 2012, Optim. Lett..

[13]  Ronald L. Rivest,et al.  Introduction to Algorithms , 1990 .

[14]  Arun V. Sathanur,et al.  A novel centrality measure for network-wide cyber vulnerability assessment , 2016, 2016 IEEE Symposium on Technologies for Homeland Security (HST).

[15]  Saman A. Zonouz,et al.  CPIndex: Cyber-Physical Vulnerability Assessment for Power-Grid Infrastructures , 2015, IEEE Transactions on Smart Grid.

[16]  Hongjian Sun,et al.  A Fuzzy Logic Trust Model for Secure Routing in Smart Grid Networks , 2017, IEEE Access.

[17]  Mahesh Sooriyabandara,et al.  A Comparison of Centralized and Distributed Monitoring Architectures in the Smart Grid , 2013, IEEE Systems Journal.

[18]  Lingfeng Wang,et al.  Trust System Design Optimization in Smart Grid Network Infrastructure , 2013, IEEE Transactions on Smart Grid.

[19]  Matthew Compton,et al.  Optimization of trust system placement for power grid security and compartmentalization , 2011, 2011 IEEE Power and Energy Society General Meeting.

[20]  Yonggang Wen,et al.  Distributed Algorithm for Tree-Structured Data Aggregation Service Placement in Smart Grid , 2014, IEEE Systems Journal.

[21]  H. T. Mouftah,et al.  Optimal Trust System Placement in Smart Grid SCADA Networks , 2016, IEEE Access.

[22]  Ronald L. Rivest,et al.  Introduction to Algorithms, 3rd Edition , 2009 .