Analysis of Security Issues in Cloud based Smart 3).pdfAnalysis of Security Issues in Cloud based Smart Grid ... found that SCADA systems are extremely ... home appliances interact with service

Download Analysis of Security Issues in Cloud based Smart  3).pdfAnalysis of Security Issues in Cloud based Smart Grid ... found that SCADA systems are extremely ... home appliances interact with service

Post on 22-Mar-2018




1 download

Embed Size (px)


  • Impact factor 1.472

    International Journal for Science and Emerging ISSN No. (Online):2250-3641 Technologies with Latest Trends 18(1): 12- 21(2014) ISSN No. (Print): 2277-8136

    Analysis of Security Issues in Cloud based Smart Grid Sandeep Mehmi*, Harsh K Verma** and A L Sangal***

    *Department Of Computer Science And Engineering, Punjab Technical University

    **, ***Department Of Computer Science and Engineering, Dr. B.R Ambedkar National Institute of

    Technology, Jalandhar, Punjab, India

    (Received 27 August 2014 Accepted 28 September 2014)

    Abstract-Smart grid is maximum optimization of energy management achieved through transmission

    and distribution automation, efficient use of existing network and integration of smart devices. Due to

    electric power systems own characteristics, it cannot store energy in a large scale therefore electric

    generation, transmission, distribution and usage operations must be completed simultaneously. Due to

    its unprecedented advantages like on demand self-service, ubiquitous computing, pay-per-use model

    and scalable resources, cloud computing has become a promising model that can be integrated with

    smart grid to resolve this issue. Though the advantages of cloud computing have revolutionized the IT

    industry but they have also brought inherent cloud-specific security issues. Outsourcing, multitenancy

    and massive data storage and intense computation abilities have posed challenges to network & web

    application, availability reliability, integrity, confidentiality, virtualization, privacy, authorization,

    authentication, accountability and legal & regulatory compliance. This article focuses on security

    issues and countermeasures in smart grid and smart grid cloud.

    Keywords- Cloud computing, Smart grid, Availability, Integrity, Confidentiality, Privacy, Repudiation

    of information.


    The objective to make the traditional grid

    infrastructure efficient, robust, intelligent

    and automated by encouraging active

    supply-side and demand-side participation,

    promoting innovative business practices

    and regulatory environments across the

    entire value chain has facilitated the

    emergence of Smart grid (SG). SG is

    composed of a power grid and a

    communication network atop the power

    grid for data retrieval to fully facilitate its

    functionality [1]. The smart devices in the

    communication network send continuous

    feedback to the SG cloud for data analysis

    and decision making. The cloud fulfills the

    infrastructure demand of analytic tools and

    control and optimization algorithms for

    self-healing, fault tolerance, load balancing,

    demand response and optimal power flow

    features. Moreover it also caters the

    designing and deployment tools

    requirement for real-time consumption

    patterns, flexible tariffs and online bill

    payment web applications. Strong

    dependence between the power grid, SG

    communication networks and SG cloud

    induce new threats on this cyber-physical

    system, as the adversaries may exploit the

    vulnerabilities to disrupt the operations of

    the SG by paralyzing or manipulating the

    system. SGs are a major resource to the

    national defense, and any form of attack on

    these can cause havoc. The remainder of

    paper is organized as follows: Section 2

    mentions SG and its components. The

    cloud computing and its types are reviewed

    in Section 3. In Section 4 and Section 5 we

    have described the security

    issues/vulnerabilities and countermeasures

    in SG and SG cloud respectively. Finally,

    we conclude in Section 6.


    SG can be defined as an interconnected

    system of information communication

    technologies and control systems used to

    interact with automation and business

    processes across the entire power sector

    encompassing electricity generation,

    transmission, distribution and the consumer

  • Impact factor 1.472

    [2]. The SG is considered as critical

    information infrastructure (CII) the

    incapacitation or destruction of which, shall

    have debilitating impact on national

    security, economy, public health or safety.

    SG is the next generation electricity grid

    which in contrast to traditional electricity

    system provides two-way flow of electricity

    and information to create an automated

    distribution and transmission network.

    NIST has divided the SG into seven

    domains: customers, markets, service

    providers, operations, bulk generation,

    transmission and distribution where each

    domain comprises of actors and

    applications. The key components of SG

    include advanced metering infrastructure

    (AMI), supervisory control and data

    acquisition (SCADA), smart monitoring

    sensors and powerline communications



    Cloud computing is a model for enabling

    ubiquitous, convenient, on-demand network

    access to a shared pool of configurable

    computing resources (e.g. networks,

    servers, storage, applications, and services)

    that can be rapidly provisioned and released

    with minimal management effort or service

    provider interaction [3]. It is the realization

    of dream of delivering the computing as a

    utility which has emerged from the

    advances in field of hardware (e.g.

    virtualization), internet technologies (e.g.

    service-oriented architecture), distributed

    computing (e.g. utility computing) and

    system management (e.g. autonomic

    computing). The cloud computing stack

    consists of 3 layers, each representing one

    service model. Infrastructure-as-a-Service

    (IaaS) offered in the bottom layer is

    responsible for resource aggregation,

    physical management (e.g., Emulab) or

    virtual management (e.g., Amazon EC2),

    and service delivery in form of storage

    (e.g., GoogleFS), network (e.g., Openflow),

    or computational capability (e.g., Hadoop

    MapReduce). The middle layer Platform-

    as-a- Service (PaaS) provides capability to

    the consumer to deploy onto the cloud

    infrastructure acquired or consumer-created

    applications using programming languages,

    libraries, Mashup editors, Frameworks,

    services, and tools supported by the

    provider (e.g. Django, Google App Engine).

    Software as a Service (SaaS) locates in the

    top layer, in which a cloud provider further

    confines client flexibility by merely

    offering software applications as a service

    [4]. In March 2009, Gartner [5] forecasted

    that the worldwide cloud service market

    was expected to reach $150.1 billion in

    2013. Countries throughout the world

    realizing the remarkable benefits and

    importance of this field, are investing in

    research and development of cloud

    computing models. The major efforts taken

    by countries include USs Federal Cloud

    Computing Strategy in February 2011,

    Germanys establishment of Europes

    largest cloud computing centre in

    Magdeburg for implementation of cloud

    computing through a satellite program and

    National Knowledge Network Cloud

    project in India. The cloud provides the

    ability to store/process enormous amount of

    heterogeneous type of data generated by SG

    hence can facilitate the simultaneous

    execution of transmission, distribution and

    usage operations.



    SG like other well developed IT and

    telecommunication systems, will be a

    potential target for malicious, well-

    equipped, and well-motivated adversaries.

    In October 2013 National Geographic

    released a docudrama titled, "American

    Blackout" which dealt with a large scale

    cyber attack and consequences on USs

    electrical grid. Many organizations are

    currently involved with the development of

    SG security requirements, including NERC

    CIP (North American Electrical Reliability

    Corporation Critical Infrastructure

    Protection), ISA (International Society of

    Automation), NIPP (National Infrastructure

    Protection Plan), IEEE (1402), and NIST-

    CSCTG (Cyber Security Coordination

    Task Group) [6]. The security issues in SG

    can be categorized into:

    13. Sandeep Mehmi*, Harsh K Verma** and A L Sangal***

  • Impact factor 1.472

    4.1. Legacy Systems and Equipment

    Most of the legacy systems and equipments

    are installed and designed without cyber

    security in mind and hence are often

    integrated with other systems through

    relatively unsecured modes that provides

    opportunity to the attackers to exploit those

    loopholes. In certain cases compatibility

    issues may also be encountered during

    integration [2]. Current power systems are

    usually proprietary systems that provide

    specific performances and functionalities

    but not security [7]. Avoiding early

    obsolescence is essential in SG security

    development. The possible solution

    includes maximizing the life-cycle of assets

    through cooperation among relevant

    operators and enabling backward

    compatibility [6].

    4.2. Device Issues

    Devices like AMIs, Programmable Logical

    Controllers, RTUs, and IEDs are widely

    deployed in power delivery systems to

    allow administrators to perform

    maintenance or to dispatch functionalities

    from a remote location [7]. This

    arrangement provides avenues to attackers

    to manipulate the device (e.g. meter

    inversion) and disrupt normal operations of

    the grid, such as shutting down running

    devices (switching off meters) causing

    blackouts. Mohammadi et al. [8] proposed a

    combined anomaly and signature-based

    IDS solution to monitor the smart metering

    communication network by considering

    various attacks targeting physical, MAC,

    transport, and network layers. IEEE 1686-

    2007 standard defines the functions and

    features to be provided in substation

    intelligent electronic devices (IEDs) to

    accommodate critical infrastructure

    protection programs [9]. Plug-in hybrid

    electric vehicle (PHEV) can be charged at

    different locations. Inaccurate billing or

    unwarranted service can disrupt operations

    of the market [6]. Electric vehicle standards

    need to be established to overcome this


    4.3. Vulnerability in SCADA Systems

    The paradigm shift from proprietary

    technologies to open standards and

    increased web interfaces to SCADA

    systems has made SCADA systems more

    vulnerable to various types of network

    attacks. In April 2008, the Commission to

    assess the threat to the United States from

    electromagnetic pulse (EMP) attack issued

    a Critical Infrastructures Report which

    found that SCADA systems are extremely

    vulnerable to EMP event. In June 2010,

    anti-virus security company VirusBlokAda

    reported the first detection of malware

    called Stuxnet attacking SCADA systems

    (Siemens' WinCC/PCS 7 systems) running

    on Windows OS that first installs a rootkit,

    logs into the SCADA's database and steals

    design and control files and then hides the

    changes [10]. Distribution control

    commands and access logs are critical for

    SCADA systems. Intercepting, tampering

    or forging of data damages the grid [6] [7].

    Distinct and improper SCADA models may

    also lead to compatibility issues and

    mislead operator actions [6]. Synchronizing

    time-tagged data in wide areas is also

    essential for reliability of the SCADA. The

    measures to overcome the mentioned issues

    include ensuring all commands and log files

    to be accurate and secure, use of common

    time reference (GPS time stamped) for time

    synchronization [6], and multi-layer

    intrusion detection system implementation


    4.4. Vulnerability in Customer


    Vulnerability in customer interfaces can also cause security problems in SG. Smart

    home appliances interact with service

    providers or other AMI devices through

    Home area network (HAN). Once

    manipulated by malicious intruders, they

    could be unsafe factors in residential areas

    [6]. Also energy-related information can be

    revealed on IEDs or on the Internet.

    Unwarranted data may misguide users

    decisions [6]. The possible solution to these

    issues includes providing access control to

    all customer interfaces, validation of

    14. Sandeep Mehmi*, Harsh K Verma** and A L Sangal***

  • Impact factor 1.472

    notified information and security

    improvement of hardware and software

    upgrades [6].

    4.5. Networking Issues

    Potential security problems of networking

    in SGs mainly focus on issues of the

    Internet, wireless networks, and sensor

    networks. Just like the Internet, multiple

    networking technologies [11] (fiber optics,

    land mobile radio (LMR), 3G/4G (WiMax),

    RS-232/RS-485 serial links, WiFi) and

    protocols [7] (ModBus, ModBus+,

    ProfiBus (Process Field Bus) , ICCP (Inter-

    control Center Communication Protocol),

    DNP3, etc) can be utilized for the SG. But

    most of them were designed for

    connectivity without cyber security.

    Wireless networks utilizing radio waves can

    prove to be unprotected physical medium if

    unauthorized users access the data causing

    privacy invasion. The topological features,

    Intrusion Detection System (IDS) &

    Intrusion Prevention System (IPS) play an

    important role in determining the network

    robustness in event of cyber attack on SG

    communication network. The possible

    solutions include adoption of TCP/IP and

    802.11i standard, VPN (IPSec), SSH,

    SSL/TLS and Advanced Encryption

    Standard (AES) for SG networks [6].



    As enterprise boundaries have been

    extended to the cloud, traditional security

    mechanisms are no longer suitable for

    applications and data in cloud. Wikipedia

    defines Cloud Computing Security as

    Cloud computing security (sometimes

    referred to simply as "cloud security") is an

    evolving sub-domain of computer security,

    network security, and, more broadly,

    information security. It refers to a broad set

    of policies, technologies, and controls

    deployed to protect data, applications, and

    the associated infrastructure of cloud

    computing. Garters survey in 2009 found

    that more than 70% CTOs believed that the

    primary reason not to use cloud computing

    services is that there are data security and

    privacy concerns. According to Gartner,

    before making a choice of cloud vendors,

    cloud service users (CSU) should ask the

    vendors for seven specific safety issues:

    Privileged user access, regulatory

    compliance, data location, data segregation,

    recovery, investigative support and long-

    term viability [12]. The Cloud Security

    Alliance (CSA) has identified thirteen

    domains of concerns on cloud computing

    security and is gathering solution providers,

    non-profits and individuals to enter into

    discussion about the current and future best

    practices for information assurance in the

    cloud [13]. The main Security Issues in SG

    Cloud include:

    5.1. Availability & Reliability

    The availability feature ensures that

    applications or resources in cloud remains

    functional even in case of intrusion. The

    system should be resilient to any attack and

    doesnt completely shut down in such

    event. The events like Denial of Service

    (DoS) or Distributed DoS (DDoS) attack

    can make the information unavailable when

    it is needed the most. One way to achieve

    high availability is to apply redu...