Abstract
In this paper, we propose a realistic malware attack against the smart grid. The paper first briefs the architecture of the smart grid in general. And then we explain our proposed attack that is specifically tailored for the smart grid infrastructures. The attack considers the characteristics of recent real malware attacks such as deceptive hardware attack and multi-stage operation. We believe this analysis will benefit the design and implementation of secure smart grid infrastructures by demonstrating how a sophisticated malware attack can damage the smart grid.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
These operation systems logically belong to operator/service provider, and some of them may not be physically installed at operator/service provider premises.
References
Momoh, J.: Smart Grid: Fundamentals of Design and Analysis. Wiley, Hoboken (2012)
U.S. Government: NIST framework and roadmap for Smart Grid interoperability standards, release 1.0. NIST, January 2010
Cyber Security Working Group: Guidelines for Smart Grid Cyber Security: vol. 1, Smart Grid Cyber Security Strategy, Architecture, and High-Level Requirements. NIST, August 2010
McDaniel, P., McLaughlin, S.: Security and privacy challenges in the smart grid. IEEE Security & Privacy 7(3), 75–77 (2009)
Liu, J., Xiao, Y., Li, S., Liang, W., Philip Chen, C.L.: Cyber security and privacy issues in smart grids. IEEE Commun. Surv. Tutorials 14(4), 981–997 (2012)
Fang, X., Misra, S., Xue, G., Yang, D.: Smart grid - the new and improved power grid: a survey. IEEE Commun. Surv. Tutorials 14(4), 944–980 (2012)
Li, X., Liang, X., Rongxing, L., Shen, X., Lin, X., Zhu, H.: Securing smart grid: cyber attacks, countermeasures, and challenges. IEEE Commun. Mag. 50(8), 38–45 (2012)
Sridhar, S., Hahn, A., Govindarasu, M.: Cyber-physical system security for the electric power grid. Proc. IEEE 100(1), 210–224 (2012)
Falliere, N., Murchu, L.O., Chien, E.: W32.Stuxnet dossier. White paper, Symantec Corp., Security Response (2011)
Ganesalingam, M.: Type. In: Ganesalingam, M. (ed.) The Language of Mathematics. LNCS, vol. 7805, pp. 113–156. Springer, Heidelberg (2013)
Luigi Auriemma, Bugtraq: Vulnerabilities in some SCADA server softwares, March 2011. http://seclists.org/bugtraq/2011/Mar/187, Last Accessed on 15 May 2013
Secunia Vulnerability Review 2013, Secunia, March 2013
Gao, J., Xiao, Y., Liu, J., Liang, W., Philip Chen, C.L.: A survey of communication/networking in Smart Grids. Future Gener. Comput. Syst. 28(2), 391–404 (2012)
Kolhe, M.: Smart grid: charting a new energy future: research, development and demonstration. Electricity J. 25(2), 88–93 (2012)
Ernst & Young: Attacking the smart grid, December 2011
Byres, E.: Unicorns and Air Gaps - Do They Really Exist? Living with Reality in Critical Infrastructures, Tofino, July 2012
Symantec: The Symantec Intelligence Report: June 2012, June 2010
McDonald, G., O Murchu, L., Doherty, S., Chien, E.: Stuxnet 0.5: The Missing Link. White paper, Symantec Corp., Security Response, February 2013
Wightman, K.R.: Schneider Modicon Quantum, January 2012. http://www.digitalbond.com/tools/basecamp/schneider-modicon-quantum/, Last Accessed on 15 May 2013
Zetter, K.: SCADA System’s Hard-Coded Password Circulated Online for Years, July 2010. http://www.wired.com/threatlevel/2010/07/siemens-scada/, Last Accessed on 15 May 2013
Global Research & Analysis Team, Kaspersky Lab: What was that Wiper thing? August 2012. https://www.securelist.com/en/blog/208193808/What_was_that_Wiper_thing, Last Accessed on 15 May 2013
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Min, B., Varadharajan, V. (2015). Design and Analysis of a Sophisticated Malware Attack Against Smart Grid. In: Desmedt, Y. (eds) Information Security. Lecture Notes in Computer Science(), vol 7807. Springer, Cham. https://doi.org/10.1007/978-3-319-27659-5_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-27659-5_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-27658-8
Online ISBN: 978-3-319-27659-5
eBook Packages: Computer ScienceComputer Science (R0)