Vulnerability Assessment and Experimentation of Smart Grid DNP3
Keywords:Smart-Grid, SCADA, DNP3, IED, Malicious Attacks, MITM, DoS, and Game Theory
Smart-grids security is becoming a challenging research area that has emerged in recent years facing the energy sector. Threats are arising every day that could cause great scale of damages in critical infrastructure. Our paper will assess vulnerabilities pertaining to internal security threats associated with the smart grid.We will perform penetration testing using various attack scenarios in a simulated virtual environment involving DNP3 protocol. Vulnerability analysis and penetration testing involving Man-in-the-middle (MITM) attack will be addressed. Ultimately, by utilizing theoretical modeling of smart-grid attacks using game theory, we will be able to optimize our detection and mitigation strategies to reduce cyber threats in DNP3 environment. Intrusion detection system (IDS) will be necessary to identify attackers targeting the smart grid infrastructure. Mitigation techniques will ensure a healthy check of the network. Performing DNP3 vulnerabilities assessment, security attacks, detections, preventions and counter measures will be our goals to achieve in this research paper.
Miles H. F. Wen, Ka-Cheong Leung, Victor O. K. Li, Xingze He and C.-C. Jay Kuo (2015). A survey on smart grid communication system. APSIPA Transactions on Signal and Information Processing, 4, e5 doi:10.1017/ATSIP.2015.9
C. Feltus, M. Ouedraogo and D. Khadraoui, “Towards cyber-security protection of critical infrastructures by generating security policy for SCADA systems,” Information and Communication Technologies for Disaster Management (ICT-DM), 2014 1st International Conference on, Algiers, 2014, pp. 1–8.
Cyber security risk assessment for SCADA and DCS networks, ISA Trans. 2007 Oct; 46(4): 583–94. pub 2007 Jul 10.
Quadrennial Technology Review 2015 Ch3: Enabling Modernization of the Electric Power System Technology Assessments – U.S. Department of Energy – http://energy.gov/sites/prod/files/2015/09/f26/QTR2015-3A-Cyber-and-Physical-Security 0 0.pdf
R. Brown, “Impact of smart grid on distribution system design,” in Proc. IEEE Power Energy Soc. Gen. Meeting, 2008, pp. 1–4.
P. Parikh, M. Kanabar, and T. Sidhu, “Opportunities and challenges of wireless communication technologies for smart grid applications,” in Proc. CCECS Power Energy Soc. Gen. Meeting, 2010, pp. 1–7.
IEEE Standard for Intelligent Electronic Devices Cyber Security Capabilities – Redline,” in IEEE Std 1686–2013 (Revision of IEEE Std 1686–2007) – Redline, vol., no., pp. 1–49, Jan. 13 2014.
D. C. Mazur, R. A. Entzminger and J. A. Kay, “Enhancing Traditional Process SCADA and Historians for Industrial and Commercial Power Systems With Energy (Via IEC 61850),” in IEEE Transactions on Industry Applications, vol. 52, no. 1, pp. 76–82, Jan.–Feb. 2016. doi: 10.1109/TIA.2015.2463792
J. Wiles, “Techno Security’s Guide to Securing SCADA: A Comprehensive Handbook On Protecting The Critical Infrastructure”, Elsevier, 2008.
John D. McDonald “ELECTRIC POWER SUBSTATIONS ENGINEERING”, Second Edition, 2007, ISBN-13: 978-0-8493-7383-1 (alk. paper)
Gordon Clarke, Deon Reynders, “Practical Modern SCADA protocols”, 2004, Newnes, ISBN 978-0-7506-5799-0
modbus.org/docs/PI MBUS 300.pdf
IEEE Standard for Electric Power Systems Communications-Distributed Network Protocol (DNP3) – IEEE Std 1815–2012 (Revision of IEEE Std 1815–2010) -, vol., no., pp. 1,821, Oct. 10 2012.
A. Khavnekar, S. Wagh and A. More, “Comparative analysis of IEC 61850 Edition-I and II standards for substation automation,” 2015 IEEE International Conference on Computational Intelligence and Computing Research (ICCIC), Madurai, 2015, pp. 1–6.
Samuel East, Jonathan Butts, Mauricio Papa, and Sujeet Shenoi, “A Taxonomy of Attacks on the DNP3 Protocol,” Critical Infrastructure Pretection III, Springer Berlin Heidelberg, 2009. 67–68.
Z. Drias, A. Serhrouchni and O. Vogel, “Taxonomy of attacks on industrial control protocols,” 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS), Paris, 2015, pp. 1–6.
C.-W. Ten, J. Hong, and C.-C. Liu, “Anomaly detection for cyber security of the substations,” IEEE Trans. Smart Grid, vol. 2, no. 4, pp. 865–873, Dec. 2011.
DNP USers Group, “DNP3 Protocol Primer”, http://www.dnp.org/about us/dnp3%20primer%20rev%20a.pdf
1815–2012 – IEEE Standard for Electric Power Systems Communications-Distributed Network Protocol (DNP3).
SCAPY – www.secdev.org/projects/scapy
Noam Nisan, Tim Roughgarden, Eva Tardos and Vijay V. Vazirani “Algorithmic Game Theory” Cambridge (Sep 24, 2007).
William Stallings, “HIGH-SPEED NETWORK AND INTERNETS”, 2/e, 2001, William Stallings, ISBN 0-13-032221-0