دانلود کتاب Smart Grid Security: Innovative Solutions for a Modernized Grid

فهرست مطالب :

Cover
Title Page
Copyright Page
Contents
List of Contributors
Foreword
Chapter 1 - Introduction
1.1 - What is a Smart Grid?
1.2 - The Structure of a Smart Grid System
1.3 - The Two Key Challenges to be solved by Smart Grids
1.4 - Smart Grid Applications and their Critical Nature
1.5 - Challenges in Smart Grid Security
1.6 - The Storyline of this Book
References
Chapter 2 - Assessing the European Approach to Privacy and Data Protection in Smart Grids. Lessons for Emerging Technologiesa
2.1 - Introduction
2.2 - The Dutch Case Study: a smart grid roll-out that neglected individual interests
2.3 - The Smart Grid: a socially complex phenomenon with a surveillance dimension
2.4 - Privacy and Personal Data Protection in the European Legal Order
2.5 - Privacy Testing and Data Protection Testing of Smart Grids
2.6 - Regulating Smart Grids in Europe: a “light” approach to personal data protection
2.6.1 - Supplementing the legally binding data protection framework
2.6.2 - A data protection impact assessment framework is the core element
2.6.2.1 - The First Regulatory Experiment: The RFID PIA Framework
2.6.2.2 - The Second Regulatory Experiment: The DPIA Framework for Smart Grids and Smart Metering Systems
2.7 - The EU “light” regulatory approach to Personal Data Protection in Smart Grids: an evaluation
2.8 - Conclusion: DPIA Testing is a First Good Step but a more inclusive, easy to apply and flexible solution is necessary
2.8.1 - A missed opportunity?
2.8.2 - Recommendation 1: the governance of emerging technologies should carefully combine regulatory strategies
2.8.3 - Recommendation 2: Impact assessments of emerging technologies should be inclusive, easy to use and flexible
Acronyms
References
Chapter 3 - The Evolution of the Smart Grid Threat Landscape and Cross-Domain Risk Assessment
3.1 - Introduction
3.2 - Smart Grid Architectures: The Basics
3.2.1 - GridWise Interoperability Context-Setting Framework
3.2.2 - NIST Smart Grid Framework
3.2.3 - Smart Grid Architecture Model and EU Mandate M490
3.3 - Smart Grid Threat Landscape
3.3.1 - Threat Types
3.3.2 - Threat Agents
3.3.3 - Attack Vectors
3.3.4 - Case Studies
3.3.4.1 - Advanced Metering Infrastructure (AMI)
3.3.4.2 - Wide Area Monitoring, Protection, and Control (WAMPAC)
3.3.4.3 - Distribution Grid Management (DGM)
3.4 - Smart Grid Risk Assessment
3.4.1 - Basic Concepts
3.4.2 - Main Challenges
3.4.2.1 - Managing Safety and Security Risks
3.4.2.2 - Analysing Cyber-physical Risks
3.4.2.3 - Understanding the Risks to Legacy Systems
3.4.2.4 - Complex Organisational Dependencies
3.4.2.5 - Understanding Cascading Effects
3.4.3 - Existing Risk Assessment Frameworks
3.5 - Conclusion
Acronyms
References
Chapter 4 - Resilience Against Physical Attacks
4.1 - Introduction
4.2 - Physical Attacks
4.2.1 - Goals of physical attacks in the context of smart grid devices
4.2.1.1 - Information Gathering
4.2.1.2 - Manipulating the Device Under Attack
4.2.2 - Overview of physical attacks
4.2.3 - Access to local storage (non-invasive)
4.2.4 - Accessing open interfaces (non-invasive)
4.2.5 - Bus probing (non-invasive)
4.2.6 - Fault/signal injection (non-invasive)
4.2.7 - Glitching attacks
4.2.7.1 - Clock Glitching
4.2.7.2 - Voltage Glitching
4.2.8 - Side-channel attacks
4.2.8.1 - Timing Attacks
4.2.8.2 - Power Analysis Attacks
Simple Power Analysis (SPA)
Differential Power Analysis (DPA)
Template and Other Profiling Attacks
4.2.8.3 - EM Attacks
4.2.9 - IC Decapsulation
4.2.10 - Limited optical access to internal storage
4.2.11 - (Optical) fault injection (semi-invasive)
4.2.12 - IC reverse engineering
4.3 - Basic Protection Mechanisms
4.4 - Hardware security modules
4.5 - Integrity protection and attestation
4.6 - Physical Uncloneable Functions
4.6.1 - Motivation
4.6.2 - Classification of PUFs and related concepts
4.6.2.1 - Unique Objects
4.6.2.2 - Physical Uncloneable Functions (PUFs)
4.6.3 - Properties of PUFs
4.6.4 - Example implementations of PUFs
4.6.4.1 - SRAM PUF
4.6.4.2 - Ring Oscillator PUF
4.6.4.3 - Arbiter PUF
4.6.4.4 - Bistable Ring
4.7 - Conclusion
Acronyms
References
Chapter 5 - Secure Communications in Smart Grid: Networking and Protocols
5.1 - Introduction
5.1.1 - An Overview of the Communication Network
5.1.2 - The Communications Network as an Attack Surface
5.2 - Smart Grid Communication Standards
5.2.1 - Functional Groups of Smart Grid Communications
5.2.1.1 - Advanced Metering Infrastructure
5.2.1.2 - Field Devices and Substation Communication
5.2.1.3 - Control Centre Communication
5.2.2 - Communication Standards
5.2.2.1 - IEC 61850
5.2.2.2 - IEC 60870-5
5.2.2.3 - IEEE C37.118
5.2.2.4 - DNP3
5.2.2.5 - Modbus
5.2.3 - IEC 62351: Security
5.3 - Attacking Smart Grid Network Communications
Reconnaissance
Scan
Enumeration
Disruption
Penetration
5.3.1 - Basic Attacks on Communications
5.3.1.1 - Denial of Service (DoS)
5.3.1.2 - DoS on Communication Mediums
5.3.1.3 - ARP Spoofing and MAC Flooding
5.3.1.4 - Man-In-The-Middle (MITM) Attacks
5.3.1.5 - Replay
5.3.1.6 - Session Hijacking
5.3.1.7 - Injection
5.3.1.8 - Miscellaneous Attacks
5.3.2 - Attacks on Smart Grid Communication Protocols
5.4 - Approaches to Smart Grid Network Communication Security
5.4.1 - Minimal Vulnerabilities
5.4.2 - Visibility of Attacker Activities
5.4.3 - Protection
5.4.4 - Detection
5.4.5 - Current Research
5.5 - Conclusion
Acronyms
References
Chapter 6 - Cyber-Secure and Resilient Architectures for Industrial Control Systems
6.1 - Introduction
6.1.1 - Cyber Security Challenges in Industrial Control Systems
6.1.2 - Threats against Industrial Control Systems
6.1.3 - Illustrative Attack Case: Stuxnet
6.2 - Design of Cyber-secure and Resilient Industrial Control Systems
6.2.1 - IT Security Reference Architecture
6.2.2 - Control-Centric Approaches
6.2.2.1 - Anomaly Detection in Control Systems
Model-Based Fault Detection and Isolation
Data-Driven Fault Detection and Isolation
6.2.2.2 - Resilient Control Framework
Robust Control
Active Fault-Tolerant Control
6.2.3 - Risk Assessment for Control Systems
6.2.3.1 - Adversary Model
Disclosure Resources
Disruption Resources
Model Knowledge
Adversary Goals and Constraints
6.3 - Cyber Security Challenges in Electric Power Systems
6.3.1 - New Control Loops in Smart Grids
CL1. Energy Balancing with Load Flexibility
CL2. Local Control with Substation Equipment
CL3. Local Control at Generator
CL4. Coordinated Control with Substation Equipment and Field Units
CL5. Medium Voltage Network Optimisation on Management System Level
CL6. Local Voltage Control with Substation Equipment
CL7. Coordinated Voltage Control with Substation Equipment and Field Units
CL8. Distribution Optimisation across Voltage Levels
6.3.2 - Vulnerabilities in feedback-controlled Smart Grids
F1. Local Active and Reactive Power Control
F2. Supply and Demand Balance
F3. Voltage Control
F4. Frequency Control
6.3.3 - Existing Control Loops in Modern Power Transmission Networks
6.3.3.1 - Vulnerabilities in Power Transmission Networks
6.4 - Case Studies: Risk Assessment for False-Data Injection Attacks on Power Systems
6.4.1 - Minimum-Resource Adversary Policies
6.4.1.1 - Case Study: The IEEE 14-bus Benchmark
6.4.1.2 - Incremental Improvements in Security: The Use of Security Metrics
6.4.2 - Maximum-Impact Resource-Constrained Adversary Policies
6.4.2.1 - Case Study: The IEEE 14-bus Benchmark
6.5 - Conclusion
acronyms
References
Chapter 7 - Establishing a Smart Grid Security Architecture
7.1 - Introduction
7.2 - Adopting a Smart Grid Security Architecture Methodology
7.3 - Defining your Smart Grid Security Architecture
7.3.1 - NISTIR 7628
7.3.1.1 - Summary of NISTIR 7628 Approach
7.3.1.2 - NISTIR 7628 Gaps and Limitations with Respect to Smart Grid Security
7.3.1.3 - Applying NISTIR 7628 to Smart Grid Security Architecture
7.3.2 - Response to EU Mandate M/490
7.3.2.1 - Summary of M/490 Approach
7.3.2.2 - M/490 Gaps and Limitations with Respect to Smart Grid Security
7.3.2.3 - Applying M/490 in EU Smart Grid Security Projects
7.3.3 - Microgrid Security Reference Architecture (MSRA)
7.3.3.1 - Summary of MSRA Security Reference Architecture Approach
7.3.3.2 - MSRA Gaps and Limitations with Respect to Security Architecture
7.3.3.3 - Applying MSRA in Smart Grid Security Projects
7.3.4 - Addressing Gaps in the Smart Grid Reference Architectures
7.4 - Moving from Architecture to Design
7.5 - Validating your Smart Grid Security Architecture
7.6 - Conclusion
Acronyms
References
Further Readings
Chapter 8 - Secure Development Life Cycle
8.1 - Introduction
8.1.1 - The Development of Software for the Smart Grid
8.2 - The Secure System Development Lifecycle
8.2.1 - NIST 800-64
8.2.2 - Microsoft Security Development Lifecycle
8.2.3 - Other Industry Best Practices
8.3 - Security Assurance Standards
8.4 - Safety-critical System Development and Best Practices
8.4.1 - The DO-178B Document
8.4.2 - The IEC 61508 Standard
8.4.3 - The PHASE principles
8.5 - Secure Development Activities
8.5.1 - Secure Programming
8.5.1.1 - The MISRA C Standard
8.5.1.2 - The ISO/IEC 25010 Standard Series
8.5.2 - Secure Code Review
8.5.3 - Static Code Analysis
8.5.4 - Dynamic Code Analysis
8.5.5 - Code Coverage Analysis
8.5.6 - Penetration Testing
8.6 - Conclusion
Acronyms
References
Chapter 9 - Operational Smart Grid Security
9.1 - Introduction to the Operational Smart Grid Security Model
9.2 - Visibility: Cyber Intelligence and Information Sharing
9.2.1 - Visibility into Risk
9.2.2 - Visibility into Infrastructure
9.2.3 - Visibility into Identities
9.2.4 - Visibility into Information
9.2.5 - Visibility into Applications
9.3 - Analytics: Deriving Patterns and Understanding Anomalies
9.3.1 - Analytics: Establishing Patterns of What is Normal
9.3.2 - Analytics: Detecting Anomalies within the Operational Environment
9.3.3 - Analytics: Detecting Anomalies within the Administrator Environment
9.3.4 - Analytics: Investigation and Prioritization
9.4 - Action: Mitigation, Remediation and Recovery
9.4.1 - Action: Recovering from and Managing Incidents
9.4.2 - Action: Remediating Vulnerabilities and Anomalies
9.4.3 - Action: Mitigating Risk
9.5 - The Human Factor as Asset
9.5.1 - Engaging the Employee Community
9.5.2 - Engaging the User Community
9.6 - Conclusion: Security Shared is Security Strengthened
Acronyms
References
Further readings
Chapter 10 - Implementation Experiences from Smart Grid Security Applications and Outlook on Future Research
10.1 - Smart Grid Evolution
10.1.1 - Documented Incidents
10.1.2 - Evolving Security Standards
10.2 - Sustainable Building Integrated Energy Test-Beds
10.2.1 - Tertiary (supervisory) control layer
10.2.2 - Secondary (coordination) control layer
10.2.3 - Primary (local) control layer
10.3 - Security Measures and Protection Mechanisms
10.3.1 - Intrusion Detection Systems
10.3.2 - Physical unclonable functions- PUFs
10.3.3 - Advanced Security Analytics
10.3.4 - Resilient Control Algorithms
10.4 - Anticipated Results: Smart Grid Test-Bed Use-Cases
10.4.1 - Network Vulnerabilities in IEC 61850 Smart Substations
10.4.2 - IEC 61850 based Smart Substation
10.4.3 - Security analytics in SCADA systems
10.5 - Conclusion and Look Ahead
Acronyms
References
Further Readings
Subject Index