Software Development Network Applied in the European Power Energy Systems
Written by Ramon Gallart Fernandez and Miriam Peñarroya Esteve
Clearly, the Electrical Power and Energy Systems (EPES) are strategical to the economy, as many other essential domains rely on electricity in a nearly completely electrified society. The European consortium SDN-microSENSE, enables the programming of network behaviour in a centrally controlled manner through software applications.
By implementing a common Software Development Network (SDN) control layer, the EPES can manage the entire network and its devices consistently, regardless of the complexity of the underlying network technology. The SDN-microSENSE enables consistent management of the network, which may be composed by complex technology developed by the partners that form the corresponding European consortium. There are four critical areas in which SDN-microSENSE technology can make a difference for an organization.
Regarding the network programmability, the SDN-microSENSE technology enables the network behaviour to be controlled by the software that resides beyond the networking devices that provide physical connectivity. As a result, the EPES can tailor the behaviour of their network to improve the current services and the new ones. Correspondingly of decoupling the hardware from the software, the EPES can introduce innovative, differentiated new services quickly.
Additionally, thanks to the centralized intelligence and control, based on logically centralized network topologies, which enable intelligent control and management of network resources, the devices can function autonomously with limited awareness of the state of the network. The project will demonstrate how a SDN-based network’s centralized control, with its bandwidth management, restoration, security, and policies, can be highly intelligent, enhanced and optimized.
Regarding the abstraction of the electrical infrastructure, both services and applications running under SDN-microSENSE technologies are abstracted from the underlying technologies and hardware that provide physical connectivity for the network control. Applications will interact with the network, instead of managing interfaces tightly coupled to the hardware. Finally, the SDN-microSENSE architectures show a new era of openness that enables interoperability as well as the fostering of EPES neutral ecosystem.
The smart grids, besides contributing towards a smart and sustainable energy management also encourage a respectful energy consumption mentality through the power grid so that it is required a dynamic information exchange between Distribution System Operators (DSO), and Transmission System Operators (TSO) due that are exposed to security threats inherited from the Information and Communication Technology (ICT) sector as well. Clearly, privacy issues and new vulnerabilities related to the specific characteristics of the smart grids infrastructure are emerging. Attacks to EPES and smart grids may conclude in cascading failures, entailing destruction of other interconnected critical infrastructures. .
Performing Massive Attacks
The SDN-microSENSE consortium is performing the pilots assuming that the attacker would have access to the power flow measurements of the several infrastructures, such as primary and secondary substations exchanging data with their SCADA systems located in the control room. One of the attacker’s objective would be to cause frequency deviations outside the safe operational limits. As the grid frequency is a safety-critical global parameter of the grid, an unsafe frequency deviation caused by the attack would propagate to the entire grid and trigger remedial actions, such as the disconnection of generators and/or customer loads.
The SDN microSENSE platform will be deployed in five countries where massive false data injection attacks will be launched concurrently in all domains. The attacks will target the data integrity of the analogue or status measurements from the RTUs to the control centre. The Cross-Layer Energy Prevention and Detection System (XL-EPDS) is the main component of the SDN microSENSE platform which will be deployed in the control centre room of the utilities involved. The pilot will take place in two steps:
During the first step there will be a simulation of a massive false data injection in the whole energy value chain sandbox environment using a Hardware in the Loop (HIL) simulation platform. By these simulation scenarios, the SDN-microSENSE platform will be validated in terms of accuracy (anomaly detection assessment), efficiency (anomaly detection time) and effectiveness (accuracy on detecting the real threats). Then the SDN-microSENSE platform will be validated in dry-run scenarios in the operational environment of the Bulgarian grid operators. XL-SIEM, the ultrafast logging tool for real time collection and analysis of security events, will capture the log files, the events, and the traces of the attack in a distributed manner. XL-SIEM is part of the main component (XL-EPDS). All recorded traces will also be sent to the National Dispatching Centre of DSO, where the full version of the XL-EPDS is deployed. The Learning Anomaly Detection System (L-ADS) is a machine learning based system for real-time network traffic monitoring and anomaly detection. It allows placing traffic-capturing probes on several nodes within the network and monitoring detailed parameters of the traffic performing deep-flow inspection and extracting relevant features .
Spanish Use Case (UC-4).
The Use Case that will take place in Spain will be divided into two different stages. Firstly, the SDN Architecture will be tested in a lab as a controlled environment and, as a second stage, in a real environment (Catalan DSO grid and a self-consumption plant in Seville). The purpose of the pilot is to validate the different components of SDN-microSense under coordinated cyber-attacks.
Different scenarios of cyber-attacks have been identified:
1. MiTM attack between the control centre and substation IEDs: This scenario will be performed in a laboratory simulating a primary substation.
2. DoS attack against the SDN-enabled RTU: This scenario will be performed in a real primary substation from the Catalan distribution grid.
3. Validation of the islanding mechanisms of the SDN-microSENSE platform: This scenario will be performed in a laboratory simulating a microgrid connected to a real substation (real simulation data).
4. Attack on a generation plant: This scenario will be performed in a real PV plant in Seville, which has been built for self supply of office buildings.
The intrusion activity will be detected by the different components of the SDN framework who will notify it to the Security Information and Event Management (SIEM), which should analyse the information and detect the cause of the attack and pass the information to a controller which would reconfigure the grid. Controlling the switches where the RTUs are connected, the controller will be able to isolate the attacked part of the grid and re-establish the communication with the control centre .
Because it is feasible to execute an attack by monitoring data from the various devices with their sensors connected to the electrical infrastructure, a successful cyberattack could be built based on sensor data. Consequently, a hacker could build attack vectors in a systematic and efficient way, identifying the optimal sequence attack before the network starts corrective actions such as disconnecting generators and customer loads.
Given the criticality, it is evident that the operation of the electrical network will require more and more security. While communication is the key to a smarter electrical grid, developing and securing the appropriate cyber infrastructures and their communication protocols is strategic. Simulated attacks were performed on project platform to validate the technology.
SDN microsense Project, has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 833955. The information contained in this website reflects only the authors’ view. EC is not responsible for any use that may be made of this information.
- Jung, O., Smith, P., Magin, J. and Reuter, L. Anomaly Detection in Smart Grids based on Software Defined Networks. Proceedings of the 8th International Conference on Smart Cities and Green ICT Systems (SMARTGREENS 2019), p.157-164
- SDN MicroSENSE Project. Horizons-EU 2020. 2019.
- Spanish HUB leading Use Case-4 of SDN MicroSENSE Project. Horizons-EU 2020. 2019
This article edited by Jose Medina