A physical overlay framework for insider threat mitigation of power system devices

Formby, David

12 January 2015

Nearly every aspect of modern life today, from businesses, transportation, and healthcare, depends on the power grid operating safely and reliably. While the recent push for a “Smart Grid” has shown promise for increased efficiency, security has often been an afterthought, leaving this critical infrastructure vulnerable to a variety of cyber attacks. For instance, devices crucial to the safe operation of the power grid are left in remote substations with their configuration interfaces completely open, providing a vector for outsiders as well as insiders to launch an attack. This paper develops the framework for an overlay network of gateway devices that provide authenticated access control and security monitoring for these vulnerable interfaces. We develop a working prototype of such a device and simulate the performance of deployment throughout a substation. Our results suggest that such a system can be deployed with negligible impact on normal operations, while providing important security mechanisms. By doing so, we demonstrate that our proposal is a practical and efficient solution for retro-fitting security onto crucial power system devices.

SCADA security

Power grid security

PRIMA - Privilege Management and Authorization in Grid Computing Environments

Lorch, Markus

28 April 2004

Computational grids and other heterogeneous, large-scale distributed systems require more powerful and more flexible authorization mechanisms to realize fine-grained access-control of resources. Computational grids are increasingly used for collaborative problem-solving and advanced science and engineering applications. Usage scenarios for advanced grids require support for small, dynamic working groups, direct delegation of access privileges among users, procedures for establishing trust relationships without requiring organizational level agreements, precise management by individuals of their privileges, and retention of authority by resource providers. Existing systems fail to provide the necessary flexibility and granularity to support these scenarios. The reasons include the overhead imposed by required administrator intervention, coarse granularity that only allows for all-or-nothing access control decisions, and the inability to implement finer-grained access control without requiring trusted application code. PRIMA, the model and system developed in this research, focuses on management and enforcement of fine-grained privileges. The PRIMA model introduces novel approaches that can be used in place of, or in combination with existing access control mechanisms. PRIMA enables the users of a system to manage access to their own assets directly without the need for, and costs of intervention by technical personnel. System administrators benefit from more flexible and fine-grained definition of access privileges and policies. A novel access control decision and enforcement model with support for legacy applications has been developed. The model uses on-demand account leasing and implements expressive enforcement mechanisms built on existing low-overhead security primitives of the operating systems. The combination of the PRIMA components constitutes a comprehensive security model that facilitates highly dynamic authorization scenarios and increases security through least privilege access to resources. In summary, PRIMA mechanisms enable the use of fine-grained access rights, reduce administrative costs to resource providers, enable ad-hoc and dynamic collaboration scenarios, and provide improved security service to long-lived grid communities. / Ph. D.

Distributed Systems

Grid Security

Computer Security

On-demand Restricted Delegation : A Framework for Dynamic, Context-Aware, Least-Privilege Delegation in Grids

Ahsant, Mehran

January 2009

In grids, delegation is a key facility that can be used to authenticate and authorize requests on behalf of disconnected users. In current grid systems,delegation is either performed dynamically, in an unrestricted manner, or by a secure but static method. Unfortunately, the former compromises security and the latter cannot satisfy the requirements of dynamic grid application execution. Therefore, development of a delegation framework that enables a restricted and flexible delegation mechanism becomes increasingly urgent as grids are adopted by new communities and grow in size. The main barriers in development of such a mechanism are the requirements for dynamic execution of grid applications, which make it difficult to anticipate required access rights for completing tasks in advance. Another significant architectural requirement in grids is federated security and trust. A considerable barrier to achieving this is cross-organizational authentication and identification. Organizations participating in Virtual Organizations (VOs) may use different security infrastructures that implement different protocols for authentication and identification; thus, there exists a need to provide an architectural mechanism for lightweight, rapid and interoperable translation of security credentials from an original format to a format understandable by recipients. This thesis contributes the development of a delegation framework that utilizes a mechanism for determining and acquiring only required rights and credentials for completing a task, when they are needed. This is what we call an on-demand delegation framework that realizes a bottom-up delegation model and provides a just-in-time acquisition of rights for restricted and dynamic delegation. In this thesis, we further contribute the development of a credential mapping mechanism using off-the-shelf standards and technologies. This mechanism provides support for an on-the-fly exchange of different types of security credentials used by the security mechanisms of existing grids. / QC 20100622

Grid Security

Restricted and Context-Aware Delegation

Delegation Protocol

On-demand Delegation

Dynamic Trust Federation

Grid Interoperability

Credential Mapping

Computer science

Datalogi

Laststyrning av elvärmesystem i småhus i ett lokalt elnät med effekttaxa : Beräkning av ekonomiska konsekvenser för nätägaren och en utblick mot sårbarheter i smarta elnät

Rosenkvist, Mari

January 2021

Smarta elnät nämns ofta som ett sätt att hantera ökad elektrifiering av transporter och industri och en växande andel väderberoende elproduktion. Ett syfte med det här examensarbetet är att studera möjliga följder för lokalnätägaren Sala-Heby Energi Elnät AB, om småhuskunder använder smart styrning av elvärmesystem för att sänka sina elnätsfakturor. Med rådande tariffmodell betalar småhusägaren för den gångna månadens tre högsta timmedeleffekter kl. 07 till 19 helgfria vardagar. Hur nätägaren påverkas av styrning, är en central fråga för projektet Auto-Flex, som startade i januari 2021. Uppsatsens litteraturstudie pekar på att efterfrågeflexibilitet kan ge olika följder för elnätet och för elmarknadens parter, beroende på vilka incitament som används för att skapa ett flexibelt beteende. Med efterfrågeflexibilitet avses här kunders förmåga att flytta eller minska sitt lastuttag från elnätet. I det här examensarbetet utförs beräkningar i Excel för att undersöka följderna av laststyrning och analysen utgår från historiska elmätardata från ca 140 anonymiserade hushållskunder samt från data över effektuttag från regionnätet. Beräkningarna visar att styrning som gynnar kunden ekonomiskt blir en förlustaffärför Sala-Heby Energi Elnät AB, trots sänkt effektuttag från regionnätet. Det gäller, i de flesta fall, även när extra styrning läggs till under timmar då effektuttaget från regionnätet är högt. Resultaten bygger på förenklade beräkningar, där ingen hänsyn tagits till hur effektsänkning av elvärmesystem samspelar med väderfaktorer eller med styrningens varaktighet. Samma effektsänkning har antagits vid varje styrtillfälle och för alla hushåll. Ett andra syfte med det här examensarbetet är att undersöka hur huvudaktörerna i projektet Auto-Flex ser på säkerhetsfrågor i samband utvecklingen mot ett mer IT-beroende elnät. Därför genomfördes två semistrukturerade intervjuer, med integritet, leveranssäkerhet och affärsmodeller som teman. Intervjupersonerna lyfte inga allvarliga hot kopplade till projektet Auto-Flex. Samtidigt kunde de se teoretiska risker med storskalig smart laststyrning i kapacitetssvaga elnät. Mer forskning behövs om smarta elnät och hållbarhet. Kopplingen mellan incitament till flexibilitet och flexibilitetens inverkan på elnätet, hur sårbarheter kopplade till informationsteknik påverkar elnätets leveranssäkerhet och hur smartteknik står sig miljömässigt i förhållande till nätutbyggnad är tre intressanta områden. / By facilitating demand side management, smart grids are expected to smooth the way for a transition to cleaner electric energy. This bachelor’s thesis aims to analyse the consequences for a distribution system operator (DSO) of direct load control,which is set to minimize the consumer’s bill for power transmission. This is also a central theme in the recently initiated Auto-Flex smart grid project, with main actors DSO Sala-Heby Energi Elnät AB and tech company Ngenic AB. The included study of scientific articles points out that the impact of demand response on electric grids is largely determined by incentives used to harvest demand side flexibility. In this thesis, the consequences of direct load control are examined by means of simplified calculations in Excel, analysing electric meter data from approximately 140 anonymous customers, in addition to power supply data for the township connection to the regional distribution grid. If customers with electric heating systems would install load control equipment to lower their power transmission bills, the local DSO would experience reduced revenues. The reduction in revenues would not be offset economically by curbed peak power transmission from the regional grid, according to the executed calculations. Even if extra load control was added in peak days, the net economic result for the local DSO would still be negative in most of the studied cases. Individual characteristics of heating systems and buildings have not been accounted for in this study, neither has the correlation between load reduction, outdoor temperature and load control duration. A second aim of this thesis is to examine attitudes of the main actors in the Auto-Flex project on confidentiality, reliability and demand side management business models in relation to the development of smart grids. Through semi-structured interviews, it was revealed that neither chief executive officer of Ngenic AB, Björn Berg, nor chief grid officer of Sala-Heby Energi Elnät AB, Per-Erik Johansson, see any severe threats against customer confidentiality, nor against power reliability, when implementing direct load control within the project. However, it was pointed out that an electric grid with very low physical capacity could become vulnerable to load control failures. Further examination of the connection between business models, power reliability, and cyber security are crucial to ensure socially, economically, and environmentally sustainable smart grids.

demand response

direct load control

network tariff

smart grid security

efterfrågeflexibilitet

direkt styrning

elnätstariff

IT-säkerhet i smarta elnät

Energy Systems

Energisystem