Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems

descriptionPublicationkeyboard_double_arrow_right Article 01 Jan 2019Publisher:Institute of Electrical and Electronics Engineers (IEEE)Journal:IEEE Access, volume 7, pages 46,595-46,620 (eissn: 2169-3536,

Copyright policy )Funded by:EC | SPEAR

Authors: Panagiotis I. Radoglou-Grammatikis; Panagiotis G. Sarigiannidis;

doi: 10.1109/access.2019.2909807

Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems

- Summary
- Subjects
- Metrics

Abstract

The smart grid (SG) paradigm is the next technological leap of the conventional electrical grid, contributing to the protection of the physical environment and providing multiple advantages such as increased reliability, better service quality, and the efficient utilization of the existing infrastructure and the renewable energy resources. However, despite the fact that it brings beneficial environmental, economic, and social changes, the existence of such a system possesses important security and privacy challenges, since it includes a combination of heterogeneous, co-existing smart, and legacy technologies. Based on the rapid evolution of the cyber-physical systems (CPS), both academia and industry have developed appropriate measures for enhancing the security surface of the SG paradigm using, for example, integrating efficient, lightweight encryption and authorization mechanisms. Nevertheless, these mechanisms may not prevent various security threats, such as denial of service (DoS) attacks that target on the availability of the underlying systems. An efficient countermeasure against several cyberattacks is the intrusion detection and prevention system (IDPS). In this paper, we examine the contribution of the IDPSs in the SG paradigm, providing an analysis of 37 cases. More detailed, these systems can be considered as a secondary defense mechanism, which enhances the cryptographic processes, by timely detecting or/and preventing potential security violations. For instance, if a cyberattack bypasses the essential encryption and authorization mechanisms, then the IDPS systems can act as a secondary protection service, informing the system operator for the presence of the specific attack or enabling appropriate preventive countermeasures. The cases we study focused on the advanced metering infrastructure (AMI), supervisory control and data acquisition (SCADA) systems, substations, and synchrophasors. Based on our comparative analysis, the limitations and the shortcomings of the current IDPS systems are identified, whereas appropriate recommendations are provided for future research efforts.

Related Organizations

University of Western Macedonia
Greece

Keywords

cyberattacks, intrusion prevention system, security, TK1-9971, Advanced metering infrastructure, intrusion detection system, SCADA, Electrical engineering. Electronics. Nuclear engineering

Impact byBIP!

	selected citations These citations are derived from selected sources. This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).	153
	popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.	Top 1%
	influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).	Top 1%
	impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.	Top 1%