Vulnerability Assessment and Experimentation of Smart Grid DNP3

Authors

  • Ihab Darwish City University of New York, City College, USA
  • Obinna Igbe City University of New York, City College, USA
  • Tarek Saadawi City University of New York, City College, USA

DOI:

https://doi.org/10.13052/2245-1439.513

Keywords:

Smart-Grid, SCADA, DNP3, IED, Malicious Attacks, MITM, DoS, and Game Theory

Abstract

Smart-grids security is becoming a challenging research area that has emerged in recent years facing the energy sector. Threats are arising every day that could cause great scale of damages in critical infrastructure. Our paper will assess vulnerabilities pertaining to internal security threats associated with the smart grid.We will perform penetration testing using various attack scenarios in a simulated virtual environment involving DNP3 protocol. Vulnerability analysis and penetration testing involving Man-in-the-middle (MITM) attack will be addressed. Ultimately, by utilizing theoretical modeling of smart-grid attacks using game theory, we will be able to optimize our detection and mitigation strategies to reduce cyber threats in DNP3 environment. Intrusion detection system (IDS) will be necessary to identify attackers targeting the smart grid infrastructure. Mitigation techniques will ensure a healthy check of the network. Performing DNP3 vulnerabilities assessment, security attacks, detections, preventions and counter measures will be our goals to achieve in this research paper.

 

Downloads

Download data is not yet available.

Author Biographies

Ihab Darwish, City University of New York, City College, USA

I. Darwish is a Ph.D. candidate in Electrical Engineering at City College of New York – CUNY involved in Cyber Security research affiliated with the Center of Information Networking and Telecommunications (CINT) with a focus on vulnerabilities, attack models, simulation and prevention techniques covering different practical implementation including power-grid systems. He is a certified Project Management Professional (PMP) holding multiple certificates from the industry including Microsoft and Oracle with over than 20 years of IT & project management related experiences, and have worked with various IT solutions and applications in many different business environments. Currently, he is a Visiting Professor at DeVry University and a Lecturer at various institutions in NY and NJ in the areas of electrical engineering and information technology.

Obinna Igbe, City University of New York, City College, USA

O. Igbe is a Ph.D. candidate in Electrical Engineering at the City College of New York (CCNY) with particular interest in Network Security; more especially security of cloud infrastructures, connected vehicles and smart grids. He also holds a master’s degree in Electrical Engineering from CCNY and a B.E. in Electrical and Electronics Engineering from Imo State University, Nigeria. Obinna has worked with the International Business Machines Corporation (IBM) and the Department of Instructional and Information Technology under New York’s Department of Education (DIIT-NYCDOE). He is currently working with Dr. Tarek Saadawi; his Ph.D. mentor and director of CCNY’s Center for Information Networking and Telecommunication (CINT) on a biological computation approach to intrusion detection in cloud computing environments.

Tarek Saadawi, City University of New York, City College, USA

T. Saadawi Directs the Center of Information Networking and Telecommunications (CINT) at the City University of New York, City College. He has published extensively in the area of information networks and network security. He is a co-editor of the book “Cyber Infrastructure Protection,” Strategic Study Institute, Volume 1, May 2011, Volume 2 May 2013, and Volume 3 (expected December 2016), and the Lead-author of the book, “Fundamentals of Telecommunication Networks,” John Wiley & Sons, 1994 (which has been translated into Chinese). His most recent research work has focused on vulnerability of wireless network, denial of service attacks and mitigation strategy, and resilient routing protocols for wireless mobile networks. He received the Ph.D. (EE) from the University of Maryland, College Park in 1980. His fundamental work in 2001, on the Wi-Fi development (IEEE 802.11) has been cited heavily in many standards committees and published work, then he followed on with the recent 2013 work on the security of Wi-Fi technology.

References

Miles H. F. Wen, Ka-Cheong Leung, Victor O. K. Li, Xingze He and C.-C. Jay Kuo (2015). A survey on smart grid communication system. APSIPA Transactions on Signal and Information Processing, 4, e5 doi:10.1017/ATSIP.2015.9

C. Feltus, M. Ouedraogo and D. Khadraoui, “Towards cyber-security protection of critical infrastructures by generating security policy for SCADA systems,” Information and Communication Technologies for Disaster Management (ICT-DM), 2014 1st International Conference on, Algiers, 2014, pp. 1–8.

Cyber security risk assessment for SCADA and DCS networks, ISA Trans. 2007 Oct; 46(4): 583–94. pub 2007 Jul 10.

Quadrennial Technology Review 2015 Ch3: Enabling Modernization of the Electric Power System Technology Assessments – U.S. Department of Energy – http://energy.gov/sites/prod/files/2015/09/f26/QTR2015-3A-Cyber-and-Physical-Security 0 0.pdf

R. Brown, “Impact of smart grid on distribution system design,” in Proc. IEEE Power Energy Soc. Gen. Meeting, 2008, pp. 1–4.

P. Parikh, M. Kanabar, and T. Sidhu, “Opportunities and challenges of wireless communication technologies for smart grid applications,” in Proc. CCECS Power Energy Soc. Gen. Meeting, 2010, pp. 1–7.

IEEE Standard for Intelligent Electronic Devices Cyber Security Capabilities – Redline,” in IEEE Std 1686–2013 (Revision of IEEE Std 1686–2007) – Redline, vol., no., pp. 1–49, Jan. 13 2014.

D. C. Mazur, R. A. Entzminger and J. A. Kay, “Enhancing Traditional Process SCADA and Historians for Industrial and Commercial Power Systems With Energy (Via IEC 61850),” in IEEE Transactions on Industry Applications, vol. 52, no. 1, pp. 76–82, Jan.–Feb. 2016. doi: 10.1109/TIA.2015.2463792

J. Wiles, “Techno Security’s Guide to Securing SCADA: A Comprehensive Handbook On Protecting The Critical Infrastructure”, Elsevier, 2008.

John D. McDonald “ELECTRIC POWER SUBSTATIONS ENGINEERING”, Second Edition, 2007, ISBN-13: 978-0-8493-7383-1 (alk. paper)

Gordon Clarke, Deon Reynders, “Practical Modern SCADA protocols”, 2004, Newnes, ISBN 978-0-7506-5799-0

modbus.org/docs/PI MBUS 300.pdf

motion.schneider-electric.com/downloads/manuals/modbus tcp.pdf

IEEE Standard for Electric Power Systems Communications-Distributed Network Protocol (DNP3) – IEEE Std 1815–2012 (Revision of IEEE Std 1815–2010) -, vol., no., pp. 1,821, Oct. 10 2012.

www.DNP3.org

http://www.iec.ch/smartgrid/standards/

www.iec.ch/smartgrid/standards/

A. Khavnekar, S. Wagh and A. More, “Comparative analysis of IEC 61850 Edition-I and II standards for substation automation,” 2015 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), Madurai, 2015, pp. 1–6.

Samuel East, Jonathan Butts, Mauricio Papa, and Sujeet Shenoi, “A Taxonomy of Attacks on the DNP3 Protocol,” Critical Infrastructure Pretection III, Springer Berlin Heidelberg, 2009. 67–68.

Z. Drias, A. Serhrouchni and O. Vogel, “Taxonomy of attacks on industrial control protocols,” 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS), Paris, 2015, pp. 1–6.

C.-W. Ten, J. Hong, and C.-C. Liu, “Anomaly detection for cyber security of the substations,” IEEE Trans. Smart Grid, vol. 2, no. 4, pp. 865–873, Dec. 2011.

DNP USers Group, “DNP3 Protocol Primer”, http://www.dnp.org/about us/dnp3%20primer%20rev%20a.pdf

1815–2012 – IEEE Standard for Electric Power Systems Communications-Distributed Network Protocol (DNP3).

www.ubuntu.com

https://github.com/automatak/dnp3

github.com/Ettercap/ettercap/issues/23

SCAPY – www.secdev.org/projects/scapy

Noam Nisan, Tim Roughgarden, Eva Tardos and Vijay V. Vazirani “Algorithmic Game Theory” Cambridge (Sep 24, 2007).

William Stallings, “HIGH-SPEED NETWORK AND INTERNETS”, 2/e, 2001, William Stallings, ISBN 0-13-032221-0

www.wireshark.org

Downloads

Published

2016-06-29

How to Cite

1.
Darwish I, Igbe O, Saadawi T. Vulnerability Assessment and Experimentation of Smart Grid DNP3. JCSANDM [Internet]. 2016 Jun. 29 [cited 2024 Mar. 29];5(1):23-54. Available from: https://journals.riverpublishers.com/index.php/JCSANDM/article/view/5203

Issue

Section

Articles