Abstract
In recent times, the number of cyberattacks has escalated quickly and predominantly. There is no particular victim of this attack as it has outrageously tampered with all the domains in society. Cogitating this issue, the paper focuses on the cyberattacks on smart grids and endeavors some prevention techniques for the DDOS attacks. The researchers are amidst a paradigm shift, and the factors affecting this must be addressed and dealt with. It talks about a radical transformation of the medieval grids to smart grids and the technologies used and some of the possible solutions.
Similar content being viewed by others
Avoid common mistakes on your manuscript.
Introduction
Electricity plays a significant role when it comes to developing and developed countries for their future ventures. Electricity use has dramatically changed over the years. It has ameliorated the standards of living in a particular region. It is also a promising factor in a country’s economic development, as it powers the indirect sectors of a region, thereby opening up numerous job opportunities. The majority of us are aware that acquire electricity from power plants using numerous forms of energy. The modern electric grid was built in the 1890s and was persistently embedded with the upcoming technology. Today, the medieval grid is improvised to hold 9200 electric generating units with more than a million megawatts of generating proportions linked to more than 3,000,000 miles of transmission lines. Although the electric grid is revolutionizing over the decades, it is needed a far more well-developed and handled system for the escalating electricity needs in the next century. With the present-day guidelines and upgrading technology, including numerous business opportunities, electric grids have captured a potential interest. Present in a world which is already fighting against a pandemic, it would be nerve-racking to deal with any other problem. In these desperate times, power resources play a significant role, too, so it is needed a far more dependable and flexible grid to cope with the changes around us.
The lack of modernized infrastructure and inadequate maintenance leads to a series of blackouts in Venezuela, which left almost 32 million in darkness for at least ten days overall, on March 7, 2019. This accurately portrays the lack of flexibility in the contemporary grid. Table 1 given below represents the recent cyberattacks around the world [1,2,3]. Given the increase in the world’s population and extreme living conditions, flexibility in delivering power services to people plays a significant role. Modernized power grids must be able to cope with the casualties and help revive the normal functioning of the grids within no time. Those were the days when large power plants with downwind transmission and distribution providing power for an entire region [4].
The amalgamation of renewable energy resources, namely wind, and solar power, has proved to open up new doors to the world’s power systems. These days grid operation includes increasing complexity through decentralization, multi-directional power flows, and labile power generation. Energy supply to the people is done in a far more ‘smart’ way by incorporating intelligence and shaping the power supplies that are resilient, reliable, cost-effective, and secure. The genesis of any highly distributed energy resources [DERs] with numerous levels, decision-making components, and communication protocols has obtained a lot of interest in developing conventional electric grids. The distributed systems are more approachable than the conventional system, and it is likely to replace the conventional grids. This helps overcome the vulnerabilities in long-distance power transmission, especially in the troubled regions of the world. The swiftly falling prices point to the transition of a centralized grid to a decentralized grid, where the power is generated in the right way and consumed the right way. It can lessen the terror attacks on centralized power stations by inaugurating decentralized power stations [5, 6].
Smart Grid: Delivering Energy in a ‘Smart’ Way
Smart energy grid (SEG) is an energy web that assures the boundaries of operational efficiency of the conventional way of energy supply by distributed generation and bi-directional flow of information. The objective, as mentioned above, is successfully conquered by incorporating intelligent monitoring and controlling multi-energy systems while preserving the quality, privacy, availability, and integrity and minimizing the impacts on the environment [7].
On knowing the benefits of the SEGs government is rigorously investing in SEGs to ensure top-notch energy supply to all levels of the society. Doing so creates room for opportunity, as it can integrate heterogeneous technologies like renewable energy systems, electrical vehicle networks, and smart homes around the grid. SEGs become an epitome of perfection by integrating these things for a better supply to the soaring demands of the customers [8].
The integration of the newer technologies which are suitable to carry out specific jobs indirectly increases the flexibility of any machine, for instance. So this radical transformation includes the replacement of aging assets of the grid with new information and communication technology (ICT). Smart grids are intelligent systems with digital automation technologies for carrying day-to-day jobs in a medieval electric grid [9, 10] [19].
Advanced Meter Infrastructure (AMI)
AMI is an aggregated term which includes all the application responsible for the real-time exchange of data between the customer and the grid. AMI is the backbone of a smart grid as it encompasses the cardinal features that make the grid futuristic. The components of the AMI are as follows:
-
1)
Smart meters smart meters are electronic devices that make two-way communication possible in the smart grid. The main objective of a smart grid is to collect data from the customer’s end. These data can be collected as frequently as 15 min or a day. This differs based on the grid requirements. The collected data are later transferred to the data collector through local area networks (LANs). The collected data are to be analyzed before it is utilized; the utility central collection points do this job via wide area networks (WANs) [11, 12].
-
2)
Communication network o enable two-way communications, a smart grid must have a bona fide communication network. Networks such as power line communications, fiber optic communications, fixed radiofrequency, or public networks are used for such purposes.
-
3)
Meter Data Acquisition System These systems positively acquire data from the meters via the networks stated above and send it to the management system.
-
4)
Meter Data Management System this is a host system that receives all the data collected, and it stores and analyzes the data collected.
SCADA is a remote terminal unit also known as RTU; it is a centralized system. SCADA is a central control system that comprises controllers, network interfaces, input/output devices, communication equipment, and software. These systems are used to monitor and control any industrial process; in this case, it successfully monitors and controls the operations of smart grids. When you talk in terms of smart grids, many different processes take place daily. SCADA systems efficiently monitor these entire events by collecting information from sensors or instruments in a remote area. It not only collects the information but also sends the collected data to the system promptly. It allows operators to change the set point for the flow and enable alarm conditions in case of any issues.
Smart grid technology is a concoction of operational technology and information technology. The need for this convergence between the OT and IT depends on how well it enables monitoring and controlling sensors and connected systems on a colossal scale. Operational excellence entirely depends on how well the information technology [IT] is interacting with the operational technology [OT] [6] [16].
Operational technology is hardware and software capable of detecting or causing an event. This is achieved through direct monitoring of the sub-systems. It comprises supervisory control and data acquisition system (SCADA), programmable logic controller (PLC), solid-state transformer (SST), sectionalizes, reclosers, and many other devices. These systems can reach out to systems as complex as substation gateways to as simple as sensors. On the operational side of the smart grid, the primary focus shifts to the grid management functions, integration of energy sources (renewable), and other operational functions. Integrating renewable sources of energy poses significant operational challenges as these energy sources are intermittent. Balancing between these intermittent renewable sources is a tremendous challenge for a smart grid; on the contrary, it gets cleaned and safe energy causing lesser damage to the environment simultaneously, as depicted in Fig. 1.
Convergence of OT and IT
The quality and quantity of these IT systems have increased with time due to their colossal assistance, as the grid is rapidly exploiting the uses of IT across its long-established boundaries. It is conveniently blurring the lines between OT and IT, as depicted in Fig. 2.
Inter conversion of IT and OT
Cybersecurity Smart Grids
Smart grids are the eternal boon to humanity, who is thriving for ultimate comfort. But this boon comes with a Pandora's Box of issues related to cybersecurity. Given the system's vastness, it is almost impossible to close all the loopholes present in the system. Potential attackers target these robust systems through these loopholes. The main objective of the smart grid is to ensure safe and honest communication over the network. Bound components in a robust system are under potential danger, as IoT devices themselves can attract a considered amount of cyberattacks. This causes enormous distress leading to the ceasing of works, financial loss, damaging essential pieces of equipment, and even a significant material loss. Threats especially designed for large industries like the smart grid are the genesis of production failure. These threats must be detected and taken care off before it causes some severe consequences in the future. Data and electricity flow across a secure smart grid domain are shown in Fig. 3.
Data and electricity flow across a secure smart grid domain (NISTIR 7628 Guidelines)
Distributed Denial-of-Service Attack (DDoS)
According to the security company Cloudflare, the average cost to a successful DDoS attack is around $100,000 for every hour of the attack. Eminent victims of DDoS attacks in 2018 include diverse organizations like Amazon, Google, PlayStation, Pinterest, and GitHub. Fundamental denial-of-service attack torpedoes an IP address with a substantial amount of traffic. If these IP addresses are linked to a server, the server is overburdened. The servers cannot pick up permissible requests as it is already overwhelmed, ultimately leading to the denial of service to authorized users or customers [13, 14].
A distributed denial-of-service attack is a distinctive type of denial-of-service attack where malicious traffic is not originated from a single source but multiple sources. To make things more arduous, these multiple sources might be positioned across the world. They are making this attack almost impossible to trace back to the principal source which orchestrates the traffic. Neustar, a global information and technology provider company, revealed a 168% increase in distributed denial-of-service (DDoS) attacks in Q4 2019, compared with Q4 2018.
Figure 4 represents the cybersecurity lifecycle that can apply to any attack the system is facing. These five significant steps can be used to prevent an attack from causing havoc in the system and disturbing the tranquility of the customers.
Cybersecurity lifecycle
Prevention is better than cure has the legends have already told it. It would be better to be ready with a preventive measure rather than bearing the weight of cure. Cyber-physical systems are prone to security issues and cyberattacks because of their connectivity and vastness. No matter how many measures take, it is almost impossible to close all the system's loopholes. Here are few measures required for the prevention of DDoS attacks on power grids.
Surplus bandwidth would be an ethical plan to have more bandwidth than the required amount; this way, it can accommodate sudden and unforeseen surges in traffic resulting from a DDoS attack. By increasing the bandwidth, it only acquires a few extra minutes to act before the whole system is overwhelmed.
Safe guarding the network can be achieved by using filtering techniques like the ingress filtering technique; it acts as a countermeasure against spoofing attacks. Blackhole routing is another technique where all the traffic is silently discarded. This helps in being more efficient and avoids affecting the network.
Mitigation can be carried out as a shield to prevent the scale of damage or the severity of the attack. DDoS mitigation is a process of safeguarding the servers and networks using specialized cloud-based protection services. The process of the DDoS mitigation is shown in Fig. 5.
Process of mitigation
Software-Defined Network (SDN) and Entropy-based Mechanisms
Theoretical and experimental study shows that incorporating software-defined network (SDN) in the smart grid can bestow us with many advantages in dealing with DDoS attacks. SDN was put forward to enable and manage global communication networks. It has restructured the norms of traditional communication network management. What makes SDN unique and reliable is that it segregates the control plane from the data plane, making the working of the network more flexible. When tagged along with smart grid with controllers, SDN can detect and resolve DoS attacks in 60 s [22]. When used in smart grid, SDN is very beneficial due to the increased granularity, synchronized movements, and potential. SDN directs the local requirements to the centralized controller.
Entropy-based mechanisms do not respond effectively in the changing network conditions. But when trivial entropy-based mechanisms are used along with the SDN territory, early detection and mitigation of irregularity are possible. The network conditions must be reconfigured to deliver a high detection rate (DR) and low false positive rate (FPR). DR states the rightly detected portion of the attack. FPS stands for the events that are deemed to be false despite it being confirmed. A simple DDoS defense mechanism must be used in smart grid and the Tsallis entropy [23] for appropriate DR and FPR values. It has to be kept in mind that the SDN environment when hitched with smart grid must be malleable and proficient in providing early detection and mitigation of DDoS attacks in the system.
Table 2 describes some of the methods to detection DDOS advantages, disadvantages and its effects on the system.
Solutions
System-Theoretic Solutions
Data breaches on SG (Smart Grid) systems could have negative physical effects. These have witnessed a wide variety of DoS attack defenses up to this time. However, none of them take physical factors into account. System-theoretic techniques have a great potential to consider physical factors as well. They may simulate the attacks as noise, external inputs, or component failures. The models and states of the system may be connected to security criteria like uninterrupted power delivery and precise dynamic pricing. System-theoretic methods have a growing corpus of research and are easily the subject of a separate survey study. The authors have only discussed a portion of these research below for the sake of conciseness [15].
Wireless-Specific Solutions
The use of wireless communication in the SG has a lot of benefits. However, as was already said, attackers are extremely successful versus wireless networks, especially when they target lower layers. For distribution and transmission use cases where communication process has strict timing constraints, these assaults are particularly destructive. The two sorts of defenses against these assaults are as follows: (1) effective and reliable identification: Passive monitoring can be used to determine the presence of an assault. It is also feasible to transmit probing packets proactively. (2) DoS-resistant designs: these can be planned in a planned or disorganized way.
Device Solutions
Many pieces of software system were created without taking security into account. Software flaws can be used to take control of a large number of affected SG devices. There is not much that can be done to thwart such a distributed attack, like the current Mirai attack, if a significant number of infected systems can impersonate normal traffic and its imitators were evident. Therefore, enhancing device security is crucial for a successful DoS protection approach.
Honeypots
The use of honeypots as a component of SG systems is advised. Honeypots, which are specifically created gadgets, imitate the victim of harmful assaults. They are employed in order to identify, identify, and analyze attacks. In SG situations, there are not many honeypot solutions. With a theoretic examination of the relationship between both the attackers and the defenders, the deployment of honeypots into the AMI network as a decoy system is suggested in [12]. In [6], a different honeypot strategy was put up as a realistic programmable logic controller to monitor and manage industrial operations alongside the control center.
Architectural Solutions
Network performance and their ability to withstand DoS attacks are both impacted by network topology. A logical re-architecture can be used to thwart DoS assaults in addition to the network's physical components. Redundancy is an established reliability solution that architectural solutions might offer. The authors have envisioned a potential scenario in which power cable communication is used when wireless communication is being attacked by jammer, as an instance. The ability for end-to-end communication between any two points over the Internet is something that users anticipate to be available with no service interruptions. Nevertheless, in an SG, a subnet can instantly isolate itself and continue to function as an island in the event of an external attack. A safe and reliable architectural approach, islanding, is particularly well suited to the needs of power distribution networks. In this regard, microgrids—defined as autonomous energy management systems controlled by a single administrative agency and able to operate in concurrently with the current electricity network or in an intentionally or unintentionally islanded from it—could provide a powerful and synergistic method for isolating and islanding against DoS attacks. Table 3 shows the possible DoS solutions.
Conclusion
In this era, smart grid technology makes the process easier and faster than conventional power systems. Security in the smart grid is very crucial as the data transferred between the grids. Providing security to such systems is equally important. In this paper, various cybersecurity threats to smart grids are discussed. Denial-of-service attack and its mitigation techniques are analyzed. In the future, preventive measures to minimize the impact of cybersecurity threats to smart grids are implemented.
References
N. Kshetri, J. Voas, Hacking power grids: a current problem. Computer 50(12), 91–95 (2017). https://doi.org/10.1109/MC.2017.4451203
C.C. Sun, A. Hahn, C.C. Liu, Cyber security of a power grid: state-of-the-art. Int. J. Electr. Power Energy Syst. (2018). https://doi.org/10.1016/j.ijepes.2017.12.020
Z. Li, M. Shahidehpour, F. Aminifar, Cybersecurity in distributed power systems. Proc. IEEE 105(7), 1367–1388 (2017). https://doi.org/10.1109/JPROC.2017.2687865
S. Amin, Smart grid: overview, issues and opportunities. Advances and challenges in sensing, modeling, simulation, optimization and control. Eur. J. Control 17, 547–567 (2011). https://doi.org/10.3166/ejc.17.547-567
Y. Yang, K. McLaughlin, S. Sezer, T. Littler, B. Pranggono, P. Brogan, H.F. Wang, Intrusion detection system for network security in synchrophasor systems, in Proceedings of the IET International Conference on Information and Communications Technologies (IETICT 2013), Beijing, China, 27–29 April 2013, pp. 246–252. https://doi.org/10.1049/cp.2013.0059
D.I. Buza, F. Juhász, G. Miru, M. Félegyházi, T. Holczer, CryPLH: protecting smart energy systems from targeted attacks with a PLC honeypot, in Proc. Int. Workshop Smart Grid Secur., 2014, pp. 181–192
Z. Qadir, V. Tafadzwa, H. Rashid, C. Batunlu, Smart solar micro-grid using zigbee and related security challenges, in 2018 18th Mediterranean Microwave Symposium (MMS), Istanbul, 2018, pp. 299–302. https://doi.org/10.1109/MMS.2018.8611886
M.Z. Gunduz, R. Das, Analysis of cyber-attacks on smart grid applications, in 2018 International Conference on Artificial Intelligence and Data Processing (IDAP), Malatya, Turkey, 2018, pp. 1–5. https://doi.org/10.1109/IDAP.2018.8620728
H.C. Tan, C. Cheh, B. Chen, D. Mashima, Tabulating cybersecurity solutions for substations: towards pragmatic design and planning, in 2019 IEEE Innovative Smart Grid Technologies - Asia (ISGT Asia), Chengdu, China, 2019, pp. 1018–1023. Doi: https://doi.org/10.1109/ISGT-Asia.2019.8881706
D.R. Thomas, R. Clayton, A.R. Beresford, 1000 days of UDP amplification DDoS attacks, in Proceedings of the APWG Symposium on Electronic Crime Research (eCrime), Phoenix, AZ, USA, 25–27 April 2017, pp. 79–84.
Y.S. Hussain, Network Intrusion Detection for Distributed Denial-of-Service (DDoS) Attacks using Machine Learning Classification Techniques. Master’s Thesis, University of Victoria, Victoria, BC, Canada, 2020. https://dspace.library.uvic.ca/handle/1828/11679. Accessed 26 Dec 2021
K. Wang, M. Du, S. Maharjan, Y. Sun, Strategic honeypot game model for distributed denial of service attacks in the smart grid. IEEE Trans. Smart Grid 8(5), 2474–2482 (2017)
E. Özer, M. Iskefiyeli, Detection of DDoS attack via deep packet analysis in real time systems, in Proceedings of the International Conference on Computer Science and Engineering (UBMK), Antalya, Turkey, 5–8 October 2017, pp. 1137–1140.
V. Maheshwari, A. Bhatia, K. Kumar, Faster detection and prediction of DDoS attacks using MapReduce and time series analysis, in Proceedings of the International Conference on Information Networking (ICOIN), Chiang Mai, Thailand, 10–12 January 2018, pp. 556–561.
A. Huseinović, S. Mrdović, K. Bicakci, S. Uludag, A survey of denial-of-service attacks and solutions in the smart grid. IEEE Access 8, 177447–177470 (2020). https://doi.org/10.1109/ACCESS.2020.3026923
Acknowledgements
This paper is a revised and expanded version of an article entitled, “Analysis of Preventive Measures against DDoS attack in Smart Grid” presented in ‘ICRTST-2021’, held at ‘ATME College of Engineering, Mysuru’, India during 8th and 9th of July, 2021.
Funding
Open access funding provided by Manipal Academy of Higher Education, Manipal.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
About this article
Cite this article
Gururaj, H.L., Swathi, B.H., Trupti, R. et al. Analysis of Preventive Measures Against DDoS Attacks in Smart Grid. J. Inst. Eng. India Ser. B 104, 297–303 (2023). https://doi.org/10.1007/s40031-022-00844-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s40031-022-00844-1