Implementation Aspects of Smart Grids Cyber-Security Cross-Layered Framework for Critical Infrastructure Operation
Abstract
:1. Introduction
- To the best of our knowledge, the first proposed three controllers distributed SDN architecture for the Smart Grid’s communication layer.
- Identification of cyber attacks against the power grid using a cross-layered framework.
2. Theoretical Background
2.1. State Estimation
2.2. Machine Learning
2.3. Software-Defined Networking
- Application Plane: It covers network management, policy implementation, and security services SDN applications.
- Control Plane: This is a logically centralized control framework that runs the network operating system, operates the network operating system, and provides hardware abstractions to SDN applications. A flow in SDN is described as a set of instructions followed by a sequence of packets between the source and destination. Controllers install the flows into the flow tables of the forwarding devices.
- Data Plane: A set of forwarding components used to move traffic flows in response to control plane instructions.
2.4. Network Performance Statistics
2.5. Communication Layer
2.5.1. Denial of Service Attack Simulation
Algorithm 1 Denial of Service Attack |
|
2.5.2. False Data Injection (FDI) Attack Simulation
Algorithm 2 False Data Injection Attack |
|
2.5.3. Man-in-the-Middle Attack Simulation
Algorithm 3 Man-in-the-Middle Attack Detection |
|
2.6. Power Grid: FDI and Parameter Attacks
3. Framework
3.1. Implementation of SDN
3.2. Details on the Apps: Cybersecurity Framework
4. Case Study
5. Conclusions and Future Work
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Conflicts of Interest
References
- Bretas, A.; Bretas, N.; London, J.; Carvalho, B. Cyber-Physical Power Systems State Estimation; Elsevier: Amsterdam, The Netherlands, 2021; Volume 1. [Google Scholar]
- Trevizan, R.D.; Ruben, C.; Nagaraj, K.; Ibukun, L.L.; Starke, A.C.; Bretas, A.S.; McNair, J.; Zare, A. Data-driven Physics-based Solution for False Data Injection Diagnosis in Smart Grids. In Proceedings of the 2019 IEEE Power Energy Society General Meeting (PESGM), Atlanta, GA, USA, 4–8 August 2019; pp. 1–5. [Google Scholar] [CrossRef]
- Ruben, C.; Dhulipala, S.; Nagaraj, K.; Zou, S.; Starke, A.; Bretas, A.; Zare, A.; McNair, J. Hybrid data-driven physics model-based framework for enhanced cyber-physical smart grid security. IET Smart Grid 2020, 3, 445–453. [Google Scholar] [CrossRef]
- Nagaraj, K.; Zou, S.; Ruben, C.; Dhulipala, S.; Starke, A.; Bretas, A.; Zare, A.; McNair, J. Ensemble CorrDet with adaptive statistics for bad data detection. IET Smart Grid 2020, 3, 572–580. [Google Scholar] [CrossRef]
- Nagaraj, K.; Aljohani, N.; Zou, S.; Ruben, C.; Bretas, A.; Zare, A.; McNair, J. State Estimator and Machine Learning Analysis of Residual Differences to Detect and Identify FDI and Parameter Errors in Smart Grids. In Proceedings of the 2020 52nd North American Power Symposium (NAPS), Tempe, AZ, USA, 11–13 April 2021; pp. 1–6. [Google Scholar]
- Starke, A.; Nagaraj, K.; Ruben, C.; Aljohani, N.; Zou, S.; Bretas, A.; McNair, J.; Zare, A. Cross-layered distributed data-driven framework for enhanced smart grid cyber-physical security. IET Smart Grid 2022. [Google Scholar] [CrossRef]
- Van Rossum, G.; Drake, F. Python 3 Reference Manual; CreateSpace: Scotts Valley, CA, USA, 2009. [Google Scholar]
- Berde, P.; Gerola, M.; Hart, J.; Higuchi, Y.; Kobayashi, M.; Koide, T.; Lantz, B.; O’Connor, B.; Radoslavov, P.; Snow, W.; et al. ONOS: Towards an open, distributed SDN OS. In Proceedings of the Third Workshop on Hot Topics in Software Defined Networking, Chicago, IL, USA, 22 August 2014; pp. 1–6. [Google Scholar]
- Kaur, S.; Singh, J.; Ghumman, N.S. Network programmability using POX controller. In Proceedings of the ICCCS International Conference on Communication, Computing & Systems, Chennai, India, 20–21 February 2014; Volume 138, p. 70. [Google Scholar]
- Sun, S.; Fu, X.; Luo, B.; Du, X. Detecting and mitigating ARP attacks in SDN-based cloud environment. In Proceedings of the IEEE INFOCOM 2020-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Toronto, ON, Canada, 6–9 July 2020; pp. 659–664. [Google Scholar]
- Ghosh, U.; Chatterjee, P.; Shetty, S. A security framework for SDN-enabled smart power grids. In Proceedings of the 2017 IEEE 37th International Conference on Distributed Computing Systems Workshops (ICDCSW), Atlanta, GA, USA, 5–8 June 2017; pp. 113–118. [Google Scholar]
- Qureshi, K.N.; Hussain, R.; Jeon, G. A distributed software defined networking model to improve the scalability and quality of services for flexible green energy internet for smart grid systems. Comput. Electr. Eng. 2020, 84, 106634. [Google Scholar] [CrossRef]
- Hussain, R.; Bashir, M.U. Model to Improve Scalability and Quality of Services in Software Define Networking. In Proceedings of the 2019 2nd International Conference on Communication, Computing and Digital systems (C-CODE), Islamabad, Pakistan, 6–7 March 2019; pp. 28–33. [Google Scholar]
- Bretas, A.; Rossoni, A.; Trevizan, R.; Bretas, N. Distribution networks nontechnical power loss estimation: A hybrid data-driven physics model-based framework. Electr. Power Syst. Res. 2020, 186, 10639. [Google Scholar] [CrossRef]
- Bretas, A.S.; Bretas, N.G.; Carvalho, B.E. Further contributions to smart grids cyber-physical security as a malicious data attack: Proof and properties of the parameter error spreading out to the measurements and a relaxed correction model. Int. J. Electr. Power Energy Syst. 2019, 104, 43–51. [Google Scholar] [CrossRef]
- Bretas, N.G.; Bretas, A.S. The extension of the Gauss approach for the solution of an overdetermined set of algebraic non linear equations. IEEE Trans. Circuits Syst. II Express Briefs 2018, 65, 1269–1273. [Google Scholar] [CrossRef]
- Bretas, N.G.; Bretas, A.S.; Martins, A.C.P. Convergence Property of the Measurement Gross Error Correction in Power System State Estimation, Using Geometrical Background. IEEE Trans. Power Syst. 2013, 28, 3729–3736. [Google Scholar] [CrossRef]
- Alvey, B.; Zare, A.; Cook, M.; Ho, D.K.C. Adaptive coherence estimator (ACE) for explosive hazard detection using wideband electromagnetic induction (WEMI). Proc. SPIE 2016, 9823, 58–64. [Google Scholar] [CrossRef] [Green Version]
- Kreutz, D.; Ramos, F.M.; Verissimo, P.E.; Rothenberg, C.E.; Azodolmolky, S.; Uhlig, S. Software-defined networking: A comprehensive survey. Proc. IEEE 2014, 103, 14–76. [Google Scholar] [CrossRef] [Green Version]
- Kaur, K.; Singh, J.; Ghumman, N.S. Mininet as software defined networking testing platform. In Proceedings of the International Conference on Communication, Computing & Systems (ICCCS), Chennai, India, 20–21 February 2014; pp. 139–142. [Google Scholar]
- Mininet/Mininet: Emulator for Rapid Prototyping of Software Defined Networks. Available online: https://github.com/mininet/mininet (accessed on 1 June 2022).
- POX Controller Manual Current Documentation. Available online: https://noxrepo.github.io/pox-doc/html/ (accessed on 1 June 2022).
- Gude, N.; Koponen, T.; Pettit, J.; Pfaff, B.; Casado, M.; McKeown, N.; Shenker, S. NOX: Towards an operating system for networks. ACM SIGCOMM Comput. Commun. Rev. 2008, 38, 105–110. [Google Scholar] [CrossRef]
- Floodlight. Floodlight Sdn Openflow Controller. Available online: https://github.com/floodlight/floodlight (accessed on 1 June 2022).
- OpenDaylight: A Linux Foundation Collaborative Project. 2022. Available online: https://www.opendaylight.org/ (accessed on 1 June 2022).
- Faucetsdn. Ryu Component-Based Software Defined Networking Framework. Available online: https://ryu-sdn.org/ (accessed on 1 June 2022).
- Jain, R.; Routhier, S. Packet trains–Measurements and a new model for computer network traffic. IEEE J. Sel. Areas Commun. 1986, 4, 986–995. [Google Scholar] [CrossRef] [Green Version]
- Haviv, M. Queues—A Course in Queueing Theory; The Hebrew University of Jerusalem: Jerusalem, Israel, 2009; 219p. [Google Scholar]
- Gao, J.; Chai, S.; Zhang, B.; Xia, Y. Research about DoS attack against ICPS. Sensors 2019, 19, 1542. [Google Scholar] [CrossRef] [PubMed] [Green Version]
- Dowling, B.; Hale, B. Secure Messaging Authentication against Active Man-in-the-Middle Attacks. In Proceedings of the 2021 IEEE European Symposium on Security and Privacy (EuroS P), Vienna, Austria, 6–10 September 2021; pp. 54–70. [Google Scholar] [CrossRef]
- Aljohani, N.; Bretas, A. A Bi-Level Model for Detecting and Correcting Parameter Cyber-Attacks in Power System State Estimation. Appl. Sci. 2021, 11, 6540. [Google Scholar] [CrossRef]
- Zou, T.; Aljohani, N.; Nagaraj, K.; Zou, S.; Ruben, C.; Bretas, A.; Zare, A.; McNair, J. A Network Parameter Database False Data Injection Correction Physics-Based Model: A Machine Learning Synthetic Measurement-Based Approach. Appl. Sci. 2021, 11, 8074. [Google Scholar] [CrossRef]
- Bretas, A.S.; Bretas, N.G.; Carvalho, B.; Baeyens, E.; Khargonekar, P.P. Smart grids cyber-physical security as a malicious data attack: An innovation approach. Electr. Power Syst. Res. 2017, 149, 210–219. [Google Scholar] [CrossRef]
- Cluster Configuration in Owl (1.14). Available online: https://wiki.onosproject.org/pages/viewpage.action?pageId=28836788#:~:text=The%20Owl%20release%20(1.14)%20features,of%20a%20separate%20Atomix%20cluster (accessed on 1 June 2022).
- Openvswitch. Openvswitch/OVS: Open Vswitch. Available online: https://www.openvswitch.org/ (accessed on 1 June 2022).
- CBench: An Dedicated OpenFlow Controller Implementation for “Cbench” OpenFlow Controller Benchmark Suite. Available online: https://github.com/trema/cbench (accessed on 1 June 2022).
- Programming Protocol-Independent Packet Processors (P4). 2022. Available online: https://opennetworking.org/p4/ (accessed on 1 June 2022).
- Stratum—Enabling the Era of Next-Generation SDN. 2022. Available online: https://opennetworking.org/stratum/ (accessed on 1 June 2022).
Attack Type | Accuracy | Precision | Recall | F1-Score |
---|---|---|---|---|
± | ± | ± | ± | |
MITM | 92.48 ± 00.20 | 91.65 ± 00.29 | 86.41 ± 00.28 | 88.91 ± 00.24 |
FDI | 99.95 ± 00.01 | 99.46 ± 00.34 | 99.87 ± 00.13 | 99.61 ± 00.17 |
DoS | 99.88 ± 00.07 | 99.75 ± 00.09 | 99.80 ± 00.16 | 99.78 ± 00.08 |
FDI-DoS | 99.63 ± 00.08 | 98.42 ± 00.26 | 99.95 ± 00.04 | 99.20 ± 00.15 |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Agnew, D.; Aljohani, N.; Mathieu, R.; Boamah, S.; Nagaraj, K.; McNair, J.; Bretas, A. Implementation Aspects of Smart Grids Cyber-Security Cross-Layered Framework for Critical Infrastructure Operation. Appl. Sci. 2022, 12, 6868. https://doi.org/10.3390/app12146868
Agnew D, Aljohani N, Mathieu R, Boamah S, Nagaraj K, McNair J, Bretas A. Implementation Aspects of Smart Grids Cyber-Security Cross-Layered Framework for Critical Infrastructure Operation. Applied Sciences. 2022; 12(14):6868. https://doi.org/10.3390/app12146868
Chicago/Turabian StyleAgnew, Dennis, Nader Aljohani, Reynold Mathieu, Sharon Boamah, Keerthiraj Nagaraj, Janise McNair, and Arturo Bretas. 2022. "Implementation Aspects of Smart Grids Cyber-Security Cross-Layered Framework for Critical Infrastructure Operation" Applied Sciences 12, no. 14: 6868. https://doi.org/10.3390/app12146868