Abstract
The electric power infrastructure in the United States is undergoing a significant transformation. To enhance the ability of the grid to support the use of diverse and renewable energy resources and to respond to problems more quickly, the infrastructure is being redesigned to include greater options for automation, measurement and control. An enormous communications system will underlie the network of smart grid sensors and actuators. Devices will send messages to each other to coordinate control activity and formulate corrective strategies. The diversity and scale of this network will pose significant security challenges, especially since the number of entities charged with managing the grid will be large. A means for sharing information about cyber risks within the smart grid communications infrastructure is sorely needed. This paper proposes a strategy for sharing cyber security risks among smart grid stakeholders to enable them to identify attacks and mitigate their effects. The approach is inspired by the federated model, a cyber risk communications strategy employed by several U.S. national laboratories.
Chapter PDF
References
Argonne National Laboratory, Federated model for cyber security: Collaborative effort to combat Internet attackers, Argonne, Illinois (webapps .anl.gov/federated), 2009.
N. Balu, T. Bertram, A. Bose, V. Brandwajn, G. Cauley, D. Curtice, A. Fouad, L. Fink, M. Lauby, B. Wollenberg and J. Wrubel, On-line power system security analysis, Proceedings of the IEEE, vol. 80(2), pp. 262–282, 1992.
R. Bobba, E. Heine, H. Khurana and T. Yardley, Exploring a tiered architecture for NASPInet, presented at the First IEEE PES Conference on Innovative Smart Grid Technologies, 2010.
E. Byres and D. Hoffman, The Myths and Facts behind Cyber Security Risks for Industrial Control Systems, Technical Report, Department of Computer Science, University of Victoria, Victoria, Canada, 2004.
E. Byres, A. Paller and B. Geraldo, Special webcast: Cyber attacks against SCADA and control systems, SANS Institute, Bethesda, Maryland, 2009.
H. Debar, D. Curry and B. Feinstein, The Intrusion Detection Message Exchange Format (IDMEF) (www.ietf.org/rfc/rfc4765.txt), 2007.
DShield, DShield Cooperative Network Security Community (www.dshield .org).
M. LaMonica, Smart grid will eclipse size of Internet, CNET News (news .cnet.com/8301-11128_3-10241102-54.html), May, 18, 2009.
M. Locasto, J. Parekh, A. Keromytis and S. Stolfo, Towards collaborative security and P2P intrusion detection, Proceedings of the IEEE Workshop on Information Assurance and Security, pp. 30–36, 2005.
M. Locasto, J. Parekh, S. Stolfo, A. Keromytis, T. Malkin and V. Misra, Collaborative Distributed Intrusion Detection, Technical Report CUCS-012-04, Department of Computer Science, Columbia University, New York, 2004.
T. Martin, Federated model for cyber security: Sharing intrusion detection results, Argonne National Laboratory, Argonne, Illinois (webapps.anl.gov /federated/site_media/docs/Presentations/DOETechSummit.pdf), 2008.
National Institute for Standards and Technology, NIST Framework and Roadmap for Smart Grid Interoperability Standards, Release 1.0, NIST Special Publication 1108, Gaithersburg, Maryland, 2010.
North American Electric Reliability Corporation, Reliability Standards for the Bulk Electric Power Systems of North America, Princeton, New Jersey, 2010.
North American Synchrophasor Initiative, Phasor Applications Taxonomy, Pacific Northwest National Laboratory, Richland, Washington, 2007.
North American Synchrophasor Initiative, Data Bus Technical Specifications for North American Synchrophasor Initiative Network, Pacific Northwest National Laboratory, Richland, Washington, 2009.
North American Synchrophasor Initiative, Phasor Gateway Technical Specifications for North American Synchrophasor Initiative Network, Pacific Northwest National Laboratory, Richland, Washington, 2009.
North American Synchrophasor Initiative, Synchrophasor Technology Roadmap, Pacific Northwest National Laboratory, Richland, Washington, 2009.
S. Pinkerton, A federated model for cyber security, presented at the Cyberspace Research Workshop, 2007.
K. Rogers, R. Klump, H. Khurana and T. Overbye, Smart-grid-enabled load and distributed generation as a reactive resource, presented at the First IEEE PES Conference on Innovative Smart Grid Technologies, 2010.
J. St. John, Duke Energy enlists Cisco in smart grid efforts, Greentech Media, Cambridge, Massachusetts (www.greentechmedia.com/articles/read /duke-energy-enlists-cisco-in-smart-grid-efforts), June 9, 2009.
S. Stolfo, Worm and attack early warning, IEEE Security and Privacy, vol. 2(3), pp. 73–75, 2004.
U.S. Department of Energy, Recovery Act – Smart Grid Investment Grant Program, DE-FOA-0000058, Washington, DC, 2009.
U.S. Government, Energy Independence and Security Act of 2007, Public Law 110–140, United States Statutes at Large, vol. 121, pp. 1492–1801, 2007.
C. Wilson, Computer Attack and Cyber Terrorism: Vulnerabilities and Policy Issues for Congress, CRS Report for Congress, RL32114, Congressional Research Service, Washington, DC (www.fas.org/irp/crs/RL32114.pdf), 2003.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP International Federation for Information Processing
About this paper
Cite this paper
Klump, R., Kwiatkowski, M. (2010). Distributed IP Watchlist Generation for Intrusion Detection in the Electrical Smart Grid. In: Moore, T., Shenoi, S. (eds) Critical Infrastructure Protection IV. ICCIP 2010. IFIP Advances in Information and Communication Technology, vol 342. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16806-2_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-16806-2_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16805-5
Online ISBN: 978-3-642-16806-2
eBook Packages: Computer ScienceComputer Science (R0)