Advertisement

Analytics for Smart Grid Security and Resiliency

  • Ehab Al-Shaer
  • Mohammad Ashiqur Rahman
Chapter
  • 673 Downloads
Part of the Advances in Information Security book series (ADIS, volume 67)

Abstract

The security and resiliency analysis of a smart grid needs to consider the target component(s), flexible attack model, and the integration among different smart grid components and attack properties. An exhaustive security analysis is not only expensive but also infeasible using testbeds. Formal analytics can play an important role toward comprehensive security analysis of the system, which can identify potential threats provably, that can further be verified on testbeds.

Keywords

Model Check Smart Grid Intrusion Detection System Linear Temporal Logic Satisfiability Modulo Theory 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    M.Q. Ali, E. Al-Shaer, Randomization-based intrusion detection system for advanced metering infrastructure*. ACM Trans. Inf. Syst. Secur. 18 (2), 1–30 (2015)CrossRefGoogle Scholar
  2. 2.
    E. Al-Shaer et al., Network configuration in a box: towards end-to-end verification of network reachability and security, in IEEE International Conference on Network Protocols (ICNP), NY (2009), pp. 107–116Google Scholar
  3. 3.
    C. Baier, J.P. Katoen, Principles of Model Checking (The MIT Press, Cambridge, 2008)zbMATHGoogle Scholar
  4. 4.
    P. Bera, S. Ghosh, P. Dasgupta, Policy based security analysis in enterprise networks: a formal approach. IEEE Trans. Netw. Serv. Manage. 7 (4), 231–243 (2010)CrossRefGoogle Scholar
  5. 5.
    N. Bjørner, L. Moura, Z310: applications, enablers, challenges and directions, in International Workshop on Constraints in Formal Verification (2009)Google Scholar
  6. 6.
    E.M. Clarke, O. Grumberg, D. Peled (eds.), Model Checking (MIT Press, Cambridge, 1999)Google Scholar
  7. 7.
    L. de Moura, N. Bjørner, Satisfiability modulo theories: an appetizer, in Brazilian Symposium on Formal Methods (2009)zbMATHGoogle Scholar
  8. 8.
    A.D. Gordon et al., Probabilistic programming, in the 36th International Conference on Software Engineering, Hyderabad (2014), pp. 167–181Google Scholar
  9. 9.
    Guide to Industrial Control Systems (ICS) Security, NIST Special Publication 800-82 (Revision 1) (2013), http://dx.doi.org/10.6028/NIST.SP.800-82r1
  10. 10.
    D. Knuth, A. Yao, The complexity of nonuniform random number generation, in Algorithms and Complexity: New Directions and Recent Results (Academic Press, New York, 1976)Google Scholar
  11. 11.
    M. Kwiatkowska, Probabilistic model checking with PRISM: an overview (2015), http://qav.comlab.ox.ac.uk/papers/acmper_prismperf.pdf Google Scholar
  12. 12.
    M. Kwiatkowska, G. Norman, D. Parker, Stochastic model checking, in the 7th International Conference on Formal Methods for Performance Evaluation, Bertinoro (2007), pp. 220–270Google Scholar
  13. 13.
    M.W. Moskewicz et al., Chaff: engineering an efficient SAT solver, in Annual ACM IEEE Design Automation Conference (2001)CrossRefGoogle Scholar
  14. 14.
    R. Nieuwenhuis, A. Oliveras, On SAT modulo theories and optimization problems, in Theory and Applications of Satisfiability Testing (SAT). Lecture Notes in Computer Science, vol. 4121 (Springer, New York, 2006), pp. 156–169Google Scholar
  15. 15.
    NISTIR 7628: Guidelines for Smart Grid Cyber Security, Smart Grid Inter-Operability Panel- Cyber Security Working Group (2010), http://www.nist.gov/smartgrid/upload/nistir-7628_total.pdf Google Scholar
  16. 16.
    North American Electric Reliability Corporation, Comments of the North American Electric Reliability Corporation in Response to NIST Smart Grid Cyber Security Strategy and Requirements (Draft NISTIR 7628) (2009)Google Scholar
  17. 17.
    North-American Electric Reliability Corporation, Critical Infrastructure Protection (CIP) Standards (2015), http://www.nerc.com/pa/Stand/Pages/CIPStandards.aspx. Accessed 2015
  18. 18.
    Probabilistic Symbolic Model Checker, PRISM (2015), http://www.prismmodelchecker.org/. Accessed 2015
  19. 19.
    M.A. Rahman, E. Al-Shaer, P. Bera, SmartAnalyzer: a noninvasive security threat analyzer for AMI smart grid, in 31st IEEE International Conference on Computer Communications (INFOCOM) (2012), pp. 2255–2263Google Scholar
  20. 20.
    M.A. Rahman, E. Al-Shaer, Md. Rahman, A formal model for verifying stealthy attacks on state estimation in power grids, in IEEE International Conference on Smart Grid Communications, October 2013Google Scholar
  21. 21.
    M.A. Rahman, E. Al-Shaer, P. Bera, A noninvasive threat analyzer for advanced metering infrastructure in smart grid. IEEE Trans. Smart Grid 4 (1), 273–287 (2013)CrossRefGoogle Scholar
  22. 22.
    M.A. Rahman, E. Al-Shaer, R. Kavasseri, A formal model for verifying the impact of stealthy attacks on optimal power flow in power grids, in ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS), April 2014Google Scholar
  23. 23.
    M.A. Rahman, E. Al-Shaer, R. Kavasseri, Security threat analytics and countermeasure synthesis for state estimation in smart power grids, in IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), June 2014Google Scholar
  24. 24.
    M.A. Rahman, E. Al-Shaer, R. Kavasseri, Impact analysis of topology poisoning attacks on economic operation of the smart power grid, in IEEE 34th International Conference on Distributed Computing Systems (ICDCS), June 2014, pp. 649–659Google Scholar
  25. 25.
    M.A. Rahman, E. Al-Shaer, R.B. Bobba, Moving target defense for hardening the security of the power system state estimation, in The First ACM Workshop on Moving Target Defense (MTD), Scottsdale (2014), pp. 59–68Google Scholar
  26. 26.
    M.A. Rahman, A. Jakaria, E. Al-Shaer, Formal analysis for dependable supervisory control and data acquisition in smart grids, in IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). June 2016Google Scholar
  27. 27.
    Recommended Security Controls for Federal Information Systems and Organizations, NIST special publication 800-53 (Revision 4) (2013), http://dx.doi.org/10.6028/NIST.SP.800-53r4
  28. 28.
    The Die Example (2015), http://www.prismmodelchecker.org/tutorial/die.php. Accessed 2015
  29. 29.
    Z3 @ rise4fun from Microsoft, Microsoft research (2015), http://rise4fun.com/z3. Accessed 2015
  30. 30.
    The Z3 Theorem Prover, Microsoft research, https://github.com/Z3Prover/z3/wiki

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Ehab Al-Shaer
    • 1
  • Mohammad Ashiqur Rahman
    • 2
  1. 1.Department of Software and Information SystemsUniversity of North Carolina, CharlotteCharlotteUSA
  2. 2.Department of Computer ScienceTennessee Tech UniversityCookevilleUSA

Personalised recommendations