Cyber Security of Smart Grid Communications: Risk Analysis and Experimental Testing

  • Giovanna Dondossola
  • Roberta Terruggia
Part of the Power Systems book series (POWSYS)


The book chapter deals with the cyber security evaluation of active distribution grids characterized by a high level penetration of renewable Distributed Energy Resources (DER). This evolution of the energy infrastructure introduces significant changes in the control and communication functions needed for meeting the technical, security and quality requirements during the grid operation. The risk analysis and treatment of fully controllable smart grid energy infrastructures require effective evaluation tools and scalable security measures. The analysis focuses on a Voltage Control function in medium voltage grids addressing voltage stability of the power grid when a consistent amount of distributed renewable sources are connected. For this reason the chapter analyses the most relevant security scenarios of an ICT (Information and Communication Technology) architecture implementing this control application. The risk level resulting from the analysis are linked to security requirements and standard measures whose deployment in real scale infrastructures requires the security testing of application architectures. The chapter presents an experimental environment for the security testing and evaluation of voltage control communications. This includes the test bed set up, the test cases and the evaluation framework to be used for measuring the attack effects on substation-DER communications and verifying the mitigation capability of standard security measures.


Smart Grid Security Requirement Voltage Control Security Testing Simple Network Management Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    IEC Smart Grid Standardization RoadMap. SMB Smart Grid Strategic Group SG3, Edition 1.0 (2010)Google Scholar
  2. 2.
    EPRI Smart Grid Resource Center (August 2010),
  3. 3.
    Smart Grid Mandate M/490 EN, Standardization Mandate to European Standardisation Organisations (ESOs) to support European Smart Grid deployment (March 2011),
  4. 4.
    European Technology Platform for the Electricity Networks of the future (2012),
  5. 5.
    National Institute of Standards and Technologies, The Smart Grid Interoperability Panel Cyber Security Working Group NISTIR 7628 “Guidelines for Smart Grid Cyber Security” (2010)Google Scholar
  6. 6.
    CEN-CENELEC-ETSI Smart Grid Coordination Group SGCG/M490/B_Smart Grid Report First set of standards Version 2.0 (November 16, 2012)Google Scholar
  7. 7.
    CEN-CENELEC-ETSI SGCG/M490/E_Smart Grid Use Case Management Process — Use Case Collection, Management, Repository, Analysis and Harmonization (2012)Google Scholar
  8. 8.
    CEN-CENELEC-ETSI Smart Grid Coordination Group. Smart Grid Information Security (November 2012)Google Scholar
  9. 9.
    Sommestad, T.: A Framework and theory for cyber security assessment. PhD Thesis in Industrial Information and Control Systems, Royal Institute of Technology, Stockholm (November 2012)Google Scholar
  10. 10.
    Ekstedt, M., Korman, M., Terruggia, R., Dondossola, G.: Application of a cyber security assessment framework to smart grid architectures. Paper D2-01_11 in the Proceedings of the Cigré Study Committee D2 Information Systems and Telecommunication, 2013 Colloquium, Mysore – Karnataka, India, November 13-15 (2013)Google Scholar
  11. 11.
    Ten, C.-W., Hong, J., Liu, C.C.: Anomaly Detection for Cybersecurity of the Substations. IEEE Trans. Smart Grid (2011)Google Scholar
  12. 12.
    Ten, C.-W., Govindarasu, M., Liu, C.C.: Cybersecurity for Critical Infrastructures: Attack and Defense Modeling. IEEE Trans. Systems, Man, and Cybernetics – Part A: Systems and Humans, 853–865 (July 2010)Google Scholar
  13. 13.
    LeMay, E., Ford, M.D., Keefe, K., Sanders, W.H., Muehrcke, C.: Model-based Security Metrics Using ADversary VIew Security Evaluation (ADVISE). In: Proceedings of the 2011 Eighth International Conference on Quantitative Evaluation of SysTems (QEST 2011), pp. 191–200. IEEE Computer Society, Washington, DC (2011)CrossRefGoogle Scholar
  14. 14.
    Hägerling, C., Kurtz, F., Wietfeld, C., Iacono, D., Daidone, A., Giandomenico, F.: Security Risk Analysis and Evaluation of Integrating Customer Energy Management Systems into Smart Distribution Grids. In: CIRED Workshop 2014 (June 2014)Google Scholar
  15. 15.
    SmartC2Net European Project, Deliverable D1.1. SmartC2Net Use Cases, Preliminary Architecture and Business Drivers (September 2013),
  16. 16.
    International Standard IEC 61850-7-420 ed1.0. Communication networks and systems for power utility automation - Part 7-420: Basic communication structure - Distributed energy resources logical nodes, Technical Specification (2009) Google Scholar
  17. 17.
    International Standard IEC 61850-8-1. Communication networks and systems in substations - Part 8-1: Specific Communication Service Mapping (SCSM) - Mappings to MMS (ISO 9506-1 and ISO 9506-2) and to ISO/IEC 8802-3. International Standard, 2nd edn. (June 2011)Google Scholar
  18. 18.
    International Standard IEC 60870-5. Telecontrol equipment and systems - Part 5-104: Transmission protocols – Network access for IEC 60870-5-101 using standard transport profiles. International Standard, 2nd edn., Reference Number IEC 60870-5-104(E) (June 2006)Google Scholar
  19. 19.
    International Standard IEC 62351. Power System Management and associated information exchange - Data and Communication Security – Parts 1-11Google Scholar
  20. 20.
    Petroni, P.: Smart Grids Operation, automation and protection issues. In: Cired 2012, Lisbon, May 29-30 (2012)Google Scholar
  21. 21.
    Comitato Elettrotecnico Italiano Norm CEI 0-16. Reference technical rules for the connection of active and passive consumers to the HV and MV electrical networks of distribution Company (2013)Google Scholar
  22. 22.
    SmartC2Net European Project, Deliverable D5.1. Methodologies Synthesis (September 2013),
  23. 23.
    Khaitan, S., McCalley, J.: Design Techniques and Applications of Cyber Physical Systems: A Survey. IEEE Systems Journal PP, 1–16 (2014)CrossRefGoogle Scholar
  24. 24.
    Khaitan, S., McCalley, J.: Cyber Physical System Approach for Design of Power Grids: A Survey. In: IEEE PES GM 2013, Vancouver, BC, July 21-25, pp. 1–5 (2013)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2015

Authors and Affiliations

  • Giovanna Dondossola
    • 1
  • Roberta Terruggia
    • 1
  1. 1.Ricerca Sistema Energetico RSE SpAMilanItaly

Personalised recommendations