Top

International Journal of Information Security

Published in:

04-07-2019 | Regular Contribution

Attacks on smart grid: power supply interruption and malicious power generation

Authors: Sridhar Adepu, Nandha Kumar Kandasamy, Jianying Zhou, Aditya Mathur

Published in: International Journal of Information Security | Issue 2/2020

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Electric power supply is an essential component for several sectors including manufacturing, healthcare, building management, water distribution, and transportation systems. Hence, any interruption in electric power is likely to have an undesirable impact on the overall operation of any residential or commercial ecosystem. The serious impacts of power supply interruption attacks have been realized in the recent cyber incidents such as the Ukraine power blackout. It is also evident from recent incidents that both network and process vulnerabilities are crucial for an adversary to cause an adverse impact on the operation. This paper reports an investigation into power supply interruption and malicious power generation attacks focusing on process and network vulnerabilities. The investigation was conducted in two steps: First, a vulnerability assessment was conducted on a fully operational electric power testbed. Next, the vulnerabilities discovered were exploited to perform different types of power supply interruption attacks and malicious power generation attacks. The attacks were executed using control code modification and SMA, a PV converter manufacturer, portal manipulation. The attacks reported here are useful for researchers and smart-grid operators to design and develop effective protection, detection, and response mechanisms.

previous article Using Hierarchical Timed Coloured Petri Nets in the formal study of TRBAC security policies

next article SonarSnoop: active acoustic side-channel attacks

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Malicious power generation can subsequently lead to accelerated aging and hence possible power supply interruption. Hence, we have considered it as a stealthy way of achieving power supply interruption.

https://www.ema.gov.sg/cmsmedia/News/Media%20Release/2016/SP%20Services%20Rolls%20Out%20Redesigned%20Bill.pdf.

https://www.secureworks.com/blog/vulnerability-assessments-versus-penetration-tests.

https://itrust.sutd.edu.sg/research/testbeds/electric-power-intelligent-control-epic/.

Generic Object Oriented Substation Events.

Manufacturing Message Specification.

CoDeSys is a development environment for programming controllers such as WAGO PLCs.

The proportion of power sharing could be different, i.e., 60-40, but the logic remains unchanged.

Synchronization is carried out for incoming generators to ensure that the voltage, frequency, and phase angle of the incoming generator are same as those of the existing generators.

An inverse relationship exists between the percentage of overload and tripping time, i.e., the higher the overload, the shorter will be the tripping time.

We did not increase the speed owing to safety concerns; the attack was executed in reverse logic.

Synchronization is carried out for incoming generators to ensure that the voltage, frequency, and phase angle of the incoming generators are the same as the existing generators.

Adepu, S., Kandasamy, N.K., Mathur, A.: EPIC: an electric power testbed for research and training in cyber physical systems security. In: Computer Security, pp. 37–52. Springer, Cham (2018)CrossRef

Adepu, S., Mathur, A.: Generalized attacker and attack models for cyber-physical systems. In: Proceedings of the 40th International Computers, Software and Applications Conference, pp. 283–292. IEEE (2016)

Adepu, S., Mathur, A.: Using process invariants to detect cyber attacks on a water treatment system. In: Proceedings of the 31st International Conference on ICT Systems Security and Privacy Protection—IFIP SEC, pp. 91–104. Springer, New York (2016)CrossRef

Adepu, S., Mathur, A.: Assessing the effectiveness of attack detection at a hackfest on industrial control systems. IEEE Trans. Sustain. Comput. 1(1), 1–14 (2018)CrossRef

Adepu, S., Mathur, A.: Distributed attack detection in a water treatment plant: method and case study. IEEE Trans. Dependable Secure Comput. (2018)

Adepu, S., Prakash, J., Mathur, A.: Waterjam: an experimental case study of jamming attacks on a water treatment system. In: IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C), pp. 341–347. IEEE (2017)

Alcaraz, C., Lopez, J.: Wasam: a dynamic wide-area situational awareness model for critical domains in smart grids. Future Gen. Comput. Syst. 30, 146–154 (2014)CrossRef

Alcaraz, C., Lopez, J., Choo, K.-K.R.: Resilient interconnection in cyber-physical control systems. Comput. Secur. 71, 2–14 (2017)CrossRef

Amadi, H.N.: Impact of power outages on developing countries: evidence from rural households in Niger Delta, Nigeria. J. Energy Technol. Policy 5(3), 27–38 (2015)

10.

Cárdenas, A.A., Amin, S., Lin, Z.-S., Huang, Y.-L., Huang, C.-Y., Sastry, S.: Attacks against process control systems: risk assessment, detection, and response. In: Proceedings of the 6th ASIACCS, pp. 355–366 (2011)

11.

Chattopadhyay, A., Ukil, A., Jap, D., Bhasin, S.: Towards threat of implementation attacks on substation security: case study on fault detection and isolation. IEEE Trans. Ind. Inform. 14(6), 2442–2451 (2018)CrossRef

12.

Cintuglu, M.H., Mohammed, O.A., Akkaya, K., Uluagac, A.S.: A survey on smart grid cyber-physical system testbeds. IEEE Commun. Surv. Tutor. 19(1), 446–464 (2017)CrossRef

13.

CODESYS: CODESYS- industrial IEC 61131-3 PLC programming. https://www.codesys.com/ (2018). Accessed 1 July 2019

14.

CVE-2017-0144: Windows SMB remote code execution vulnerability. https://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0144 (2017). Accessed 1 July 2019

15.

FitzPatrick, G.J., Wollman, D.A.: NIST interoperability framework and action plans. In: Power and Energy Society General Meeting, pp. 1–4. IEEE (2010)

16.

Formby, D., Walid, A., Beyah, R.: A case study in power substation network dynamics. Proc. ACM Meas. Anal. Comput. Syst. 1(1), 19 (2017)CrossRef

17.

Gamage, T., McMillin, B., Roth, T.: Enforcing information flow security properties in cyber-physical systems: a generalized framework based on compensation. In: IEEE 34th Annual Computer Software and Applications Conference Workshops (COMPSACW), pp. 158 –163, July 2010

18.

Govil, N., Agrawal, A., Tippenhauer, N.O.: On ladder logic bombs in industrial control systems. CoRR (2017)

19.

Greenwald, P.W., Rutherford, A.F., Green, R.A., Giglio, J.: Emergency department visits for home medical device failure during the 2003 North America blackout. Acad. Emerg. Med. 11(7), 786–789 (2004)CrossRef

20.

Hernandez, M., Ramos, G.A., Lwin, M., Siratarnsophon, P., Santoso, S.: Embedded real-time simulation platform for power distribution systems. IEEE Access 6, 6243–6256 (2017)CrossRef

21.

Homeland Security: DHS common cybersecurity vulnerabilities in ICS. https://ics-cert.us-cert.gov/sites/default/files/recommended_practices/DHS_Common_Cybersecurity_Vulnerabilities_ICS_2010.pdf

22.

Huang, K., Zhou, C., Tian, Y.-C., Yang, S., Qin, Y.: Assessing the physical impact of cyber-attacks on industrial cyber-physical systems. IEEE Trans. Ind. Electron. 65(10), 8153–8162 (2018)CrossRef

23.

ICS-CERT Advisories: https://ics-cert.us-cert.gov/advisories. Accessed 1 July 2019

24.

Islam, M.A., Ren, S., Wierman, A.: Exploiting a thermal side channel for power attacks in multi-tenant data centers. In: Proceedings of the 2017 ACM SIGSAC, CCS ’17, pp. 1079–1094 (2017)

25.

Kandasamy, N.K., Tseng, K.J., Boon-Hee, S.: Virtual storage capacity using demand response management to overcome intermittency of solar PV generation. IET Renew. Power Gen. 11(14), 1741–1748 (2017)CrossRef

26.

Kasper Sky: Industrial control systems vulnerabilities statistics. https://kasperskycontenthub.com/securelist/files/2016/07/KL_REPORT_ICS_Statistic_vulnerabilities.pdf. Accessed 1 July 2019

27.

Kriaa, S., Pietre-Cambacedes, L., Bouissou, M., Halgand, Y.: A survey of approaches combining safety and security for industrial control systems. Reliab. Eng. Syst. Saf. 139, 156–178 (2015)CrossRef

28.

Kwon, C., Liu, W., Hwang, I.: Security analysis for cyber-physical systems against stealthy deception attacks. In: ACC, pp. 3344–3349 (2013)

29.

Langner, R.: Stuxnet: dissecting a cyberwarfare weapon. IEEE Secur. Priv. 9(3), 49–51 (2011)CrossRef

30.

Lee, E.A.: Cyber physical systems: design challenges. In: 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC), pp. 363–369. IEEE (2008)

31.

Lin, H., Slagell, A., Kalbarczyk, Z., Sauer, P., Iyer, R.: Runtime semantic security analysis to detect and mitigate control-related attacks in power grids. IEEE Trans. Smart Grid 9(1), 163–178 (2018)CrossRef

32.

Lin, Q., Adepu, S., Verwer, S., Mathur, A.: Tabor: a graphical model-based approach for anomaly detection in industrial control systems. In: Proceedings of the AsiaCCS, pp. 525–536. ACM, Korea (2018)

33.

Lipovsky, R.: New wave of cyber attacks against Ukrainian power industry. http://www.welivesecurity.com/2016/01/11 (2016). Accessed 1 July 2019

34.

Liu, Y., Ning, P., Reiter, M.: False data injection attacks against state estimation in electric power grids. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 21–32 (2009)

35.

Lopez, J., Alcaraz, C., Roman, R.: Smart control of operational threats in control substations. Comput. Secur. 38, 14–27 (2013)CrossRef

36.

Lopez, J., Rubio, J.E., Alcaraz, C.: A resilient architecture for the smart grid. IEEE Trans. Ind. Inform. 14(8), 3745–3753 (2018)CrossRef

37.

Mackiewicz, R.: Overview of IEC 61850 and benefits. In: Power Systems Conference and Exposition, 2006. PSCE’06. 2006 IEEE PES, pp. 623–630 (2006)

38.

McDaniel, P., McLaughlin, S.: Security and privacy challenges in the smart grid. IEEE Secur. Priv. 7, 75–77 (2009)CrossRef

39.

Meliopoulos, A.S., Cokkinides, G., Fan, R., Sun, L.: Data attack detection and command authentication via cyber-physical comodeling. IEEE Des. Test 34(4), 34–43 (2017)CrossRef

40.

Mitchell, R., Chen, I.-R.: A survey of intrusion detection techniques for cyber-physical systems. ACM Comput. Surv. (CSUR) 46(4), 55 (2014)CrossRef

41.

MITRE: CVE-2012-6068. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6068 (2012). Accessed 1 July 2019

42.

MITRE: CVE-2016-2509. https://cve.circl.lu/cve/CVE-2016-2509 (2016). Accessed 1 July 2019

43.

MITRE: NVD-CVE-2016-7406. https://nvd.nist.gov/vuln/detail/CVE-2016-7406 (2016). Accessed 1 July 2019

44.

MITRE: NVD-CVE-2016-7407. https://nvd.nist.gov/vuln/detail/CVE-2016-7407 (2016). Accessed 1 July 2019

45.

MITRE: NVD-CVE-2016-7408. https://nvd.nist.gov/vuln/detail/CVE-2016-7408 (2016). Accessed 1 July 2019

46.

MITRE: NVD-CVE-2016-7409. https://nvd.nist.gov/vuln/detail/CVE-2016-7409 (2016). Accessed 1 July 2019

47.

MITRE: CVE-2018-5461. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5461 (2018). Accessed 1 July 2019

48.

MITRE: CVE-2018-5465. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5465 (2018). Accessed 1 July 2019

49.

MITRE: CVE-2018-5467. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5467 (2018). Accessed 1 July 2019

50.

MITRE: CVE-2018-5469. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5469 (2018). Accessed 1 July 2019

51.

MITRE: CVE-2018-5471. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5471 (2018). Accessed 1 July 2019

52.

Nakashima, E., Timberg, C.: NSA officials worried about the day its potent hacking tool would get loose. Washington Post. https://www.washingtonpost.com/business/technology/nsa-officials-worried-about-the-day-its-potent-hacking-tool-would-get-loosethen-it-did/2017/05/16/50670b16-3978-11e7-a058-ddbb23c75d82_story.html (2017). Accessed 1 July 2019

53.

PCvue: Versatile HMI-SCADA software. https://www.pcvuesolutions.com/index.php/products-a-technology/pcvue-hmiscada-48583 (2018). Accessed 1 July 2019

54.

Poudineh, R., Jamasb, T.: Electricity supply interruptions: sectoral interdependencies and the cost of energy not served for the scottish economy. Energy J. 38(1), 51–76 (2017)CrossRef

55.

Pourbabak, H., Chen, T., Zhang, B., Su, W.: Control and energy management system in microgrids. arXiv preprint arXiv:1705.10196 (2017)

56.

Qi, J., Hahn, A., Lu, X., Wang, J., Liu, C.-C.: Cybersecurity for distributed energy resources and smart inverters. IET Cyber Phys. Syst. Theory Appl. 1(1), 28–39 (2016)

57.

Reaves, B., Morris, T.: An open virtual testbed for industrial control system security research. Int. J. Inf. Secur. 11(4), 215–229 (2012)CrossRef

58.

Rogers, K.M., et al.: An authenticated control framework for distributed voltage support on the smart grid. IEEE Trans. Smart Grid 1, 40–47 (2010)CrossRef

59.

Saadat, H.: Power Systems Analysis of Mcgraw-Hill Series in Electrical and Computer Engineering. McGraw-Hill, New York (2002)

60.

Schmidthaler, M., Reichl, J.: Assessing the socio-economic effects of power outages ad hoc. Comput. Sci. Res. Dev. 31(3), 157–161 (2016)CrossRef

61.

Shrivastava, S., Adepu, S., Mathur, A.: Design and assessment of an orthogonal defense mechanism for a water treatment facility. Robot. Autonom. Syst. 101, 114–125 (2018)CrossRef

62.

SMA: SMA-portal (2019). https://www.sunnyportal.com/. Accessed 1 July 2019

63.

Sridhar, S., Govindarasu, M.: Model-based attack detection and mitigation for automatic generation control. IEEE Trans. Smart Grid 5(2), 580–591 (2014)CrossRef

64.

Stamp, M.: Information Security: Principles and Practice. Wiley, New York (2011)CrossRef

65.

Taljegard, M.: The impact of an electrification of road transportation on the electricity system in Scandinavia. Ph.D. thesis, Department of Space, Earth and Environment, Chalmers University of Technology (2017)

66.

Tan, R., Badrinath Krishna, V., Yau, D.K., Kalbarczyk, Z.: Impact of integrity attacks on real-time pricing in smart grids. In: Proceedings of the 2013 ACM CCS, pp. 439–450. ACM (2013)

67.

Tan, R., Nguyen, H.H., Foo, E.Y., Yau, D.K., Kalbarczyk, Z., Iyer, R.K., Gooi, H.B.: Modeling and mitigating impact of false data injection attacks on automatic generation control. IEEE TIFS 12(7), 1609–1624 (2017)

68.

Ten, C.-W., Yamashita, K., Yang, Z., Vasilakos, A., Ginter, A.: Impact assessment of hypothesized cyberattacks on interconnected bulk power systems. IEEE Trans. Smart Grid 9(5), 4405–4425 (2018)CrossRef

69.

WAGO: Wago programmable logic controllers. http://www.wago.us/products/components-for-automation/modular-io-system-ip-20-750753-series/plc/overview/ (2009). Accessed 1 July 2019

70.

Yuan, Y., Li, Z., Ren, K.: Modeling load redistribution attacks in power systems. IEEE Trans. Smart Grid 2(2), 382–390 (2011)CrossRef

71.

Zhang, Y., et al.: Inclusion of SCADA cyber vulnerability in power system reliability assessment considering optimal resources allocation. IEEE Trans. Power Syst. 31(6), 4379–4394 (2016)CrossRef

72.

Zimba, A., Wang, Z., Chen, H.: Multi-stage crypto ransomware attacks: a new emerging cyber threat to critical infrastructure and industrial control systems. ICT Express 4(1), 14–18 (2018)CrossRef

Title: Attacks on smart grid: power supply interruption and malicious power generation
Authors: Sridhar Adepu
Nandha Kumar Kandasamy
Jianying Zhou
Aditya Mathur
Publication date: 04-07-2019
Publisher: Springer Berlin Heidelberg
Published in: International Journal of Information Security / Issue 2/2020
Print ISSN: 1615-5262
Electronic ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-019-00452-z

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 2/2020

Using Hierarchical Timed Coloured Petri Nets in the formal study of TRBAC security policies

Correction to: Using Hierarchical Timed Coloured Petri Nets in the formal study of TRBAC security policies

Designing in-VM-assisted lightweight agent-based malware detection framework for securing virtual machines in cloud computing

SEDS: secure and efficient server-aided data deduplication scheme for cloud storage

SonarSnoop: active acoustic side-channel attacks

Premium Partner