Below is the list of public project deliverables and whitepapers that have been produced by the project to-date. We have organised them around the major objectives of the project: (i) smart grid security and risk assessment; (ii) security architectures, guidance and standards for the smart grid; (iii) key smart grid security and resilience technologies; and (iv) the cost of smart grid security and legal aspects.
Smart Grid Security and Risk Assessment
In this series of deliverables, we present an approach to security analysis and risk assessment for the smart grid. At the core of this approach, is an ISO 27005-inspired risk management process, which accounts for the specific challenges of the smart grid environment. To support the implementation of this process, the project has developed a number of tools (analytical and software-based) and co-simulation environments; the latter can be used to analyse the operational consequences of a cyber-attack.
Threat and Risk Assessment Methodology
Published: September, 2015 | Download: [PDF] | Executive Summary: In this deliverable, we present a risk management process for the smart grid, which draws inspiration from the well-established ISO/IEC 27005 information security risk management standard. The process is tailored to address the specific challenges of performing risk management for the smart grid, providing implementation guidance for this context. It leverages previous standards work from CEN-CENELEC-ETSI and the Smart Grid Information Security (SGIS) working group, amongst others.
Tools for Smart Grid Security
Published: March, 2016 | Download: [PDF] | Executive Summary: In this deliverable, we report the tool-chain developed to implement some of the core steps of the SPARKS risk management process for smart grids. The tool-chain supports important stages of the risk management process such as: Context Establishment, which characterizes the use case across all layers of the smart grid model; Threat Identification and Likelihood Assessment, which identify threats and analyze their likelihood; Consequence Identification and Impact Assessment, which assess the threats consequences and their severity level.
Smart Grid Cyber Security Simulation Environment
Published: March, 2016 | Download: [PDF] | Executive Summary: In this deliverable four building blocks are introduced that describe the key components of a future smart grid. With those blocks, the challange of establishing a model of a smart grid is split in smaller parts, and available and tested methods can be used in combination to analyse impacts of cyber attacks on such an infrastructure. The power grid is realised by a software simulation using the IEEE low voltage reference feeder. An additional model for simulating a communication network is developed to handle the exchange of control messages in the grid. Both simulation environments are interconnected in a software-software co-simulation. Based on reference measurements, the effects of two different attackers are analysed. The software based simulations are supplemented with the description of an approach of how real hardware components can be used as a part of a simulation environment (Hardware-in-the-loop (HIL)).
Security Architectures, Guidance and Standards for the Smart Grid
The smart grid security architecture, guidelines and standards landscape is complicated. In this series of deliverables, we summarise and analyse the major contributions in this space, such as NISTIR 7628. Additionally, we provide guidance on how current standards and best-practice guidelines can be applied by smart grid security practitioners. Finally, based on our experience in the SPARKS project, we have developed a set of recommendations on future directions for standardisation in the smart grid.
Smart Grid Security Standards and Recommendations
Published: March, 2016 | Download: [PDF] | Executive Summary: This document provides recommendations regarding existing and new standards relevant to securing smart grid environments. It begins by describing the smart grid security standards landscape, referencing major surveys of this landscape that have been created by the European Union Agenda for Network and Information Security (ENISA), by CEN/CENELEC/ETSI, including recommendations in that survey related to the Smart Grid security standards landscape, and by the US National Institute of Standards and Technology (NIST). In the following sections, the document examines standards that are related to each of the major areas covered in the SPARKS project work packages. For each of these areas, the most significant gaps in the relevant standards are identidied, along with recommendations for addressing these gaps.
Smart Grid Security Guidance
Published: September, 2015 | Download: [PDF] | Executive Summary: This deliverable gives guidance that organizations can use in defining, designing and implementing security-related technologies, processes and organizational capabilities for Smart Grid environments. The deliverable builds on the assessment of the Smart Grid reference architectures that is provided in our previous whitepaper.
An Assessment of Smart Grid Reference Architectures
Published: March, 2015 | Download: [PDF] | Executive Summary: This whitepaper provides guidance on reference architectures and other resources that organizations can use in defining, designing and implementing security-related technologies, processes and organizational capabilities for smart grid environments.
Smart Grid Security and Resilience Technologies
The SPARKS project is developing a number of key security and resilience technologies. Specifically, these relate to PUF-based authentication for smart meters and metering gateways; intrusion detections systems that focus on the IEC 61850 protocol; a security analytics tool that can be used to identify cyber-attacks in big data; and approaches to resilient control. This set of deliverables describe these key smart grid security and resilience technologies.
PUF enhanced smart meter hardware architecture and an authentication/key management deployment architecture (interim)
Published: August, 2015 | Download: [PDF] | Executive Summary: This deliverable summarizes the recent developments in Physical Unclonable Function (PUF) research, and highlights the implication for the smart meter hardware architecture and authentication schemes. Based on the application scenario, evaluation criteria for PUF designs are defined. The design and construction of the evaluation testbed are also described. Several PUF candidate designs are outlined, along with the justification of why they were selected. This deliverable concludes with an outlook on the evaluation activities and development of the PUF authentication demonstrator.
High-level Design Documentation and Deployment Architecture for Multi-Attribute SCADA Intrusion Detection System
Published: August, 2015 | Download: [PDF] | Executive Summary: In this report, several attack capabilities are highlighted along with a case study of cyber-attacks against a substation. These attack capabilities work over application protocols, e.g. IEC 61850, and will affect end devices directly that may cause cascading damages to the entire smart grid system. Following on from this, the report presents a multi-attribute SCADA Intrusion Detection System (IDS) using whitelist, stateful analysis and machine learning based anomaly detection approaches to improve the cyber-protection of SCADA systems that use IEC 61850 protocol, which is an object oriented substation automation standard that defines how to describe the devices in an electrical substation and how to exchange the information about these devices.
High-level Design Documentation and Deployment Architecture for Security Information Analytics
Published: June, 2015 | Download: [PDF] | Executive Summary: Even with the most resilient security system in place to protect smart grids, some threats will elude those defensive measures with potential catastrophic results. It is therefore paramount to detect and understand those kinds of threats to shorten response time, minimize damage, and highlight potential latent threats and deficiencies in the security system. In this report, several incidents are highlighted along with numerous known methods for intrusion, and potential deficiencies in both the communications infrastructure, (software security hole) and the power infrastructure (insecure monitoring and control systems). All of these factors, along with the increase in attack sophistication and attacker knowledge, underline the need for a holistic approach to data analytics, in order to reduce response time, improve recovery or remediation efforts, expose potential security deficiencies and provide accurate and relevant insight to inform governance and policy making.
The Cost of Smart Grid Security and Legal Aspects
There are potential societal costs associated with not implementing security for the smart grid, in case of a successful attack. Conversely, there is a financial cost to implementing security technology. In this series of deliverables, we explore these costs, in order to demonstrate the societal benefit of implementing security measures for the smart grid, on the one hand, and the financial costs to smart grid stakeholders (such as DSOs), on the other. Additionally, there are emerging legal frameworks that relate to the smart grid, e.g., the NIS Directive and Data Protection Regulation. We analyse these legal frameworks in the context of the smart grid, in order to provide recommendations regarding their implementation.
Understanding the Societal Cost of Smart Grid Cyber Attacks
Published: September, 2015 | Download: [PDF] | Executive Summary: This deliverable outlines the societal costs, in addition to the direct costs incurred by network providers, of smart grid cyber-attacks. Amongst other uses, this information can be used by policy makers in order to set priorities with respect to minimum required security standards.
Overview of Research Projects in the area of Smart Grids
Published: March, 2015 | Download: [PDF] | Executive Summary: This short deliverable contains a directory of projects, finished and currently running, that relate to smart grid security that are operating at a European level, for example, in the context of Framework Programme 7, and national research initiatives. This includes short description of the project’s objectives and expected results. Using the consortium’s international reach, this deliverable also attempts to summarise the research activities outside of Europe. An update of this deliverable will appear in the project’s final report.