Design and Analysis of a Sophisticated Malware Attack Against Smart Grid

Min, Byungho; Varadharajan, Vijay

doi:10.1007/978-3-319-27659-5_9

Byungho Min¹⁴ &
Vijay Varadharajan¹⁴

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7807))

831 Accesses

Abstract

In this paper, we propose a realistic malware attack against the smart grid. The paper first briefs the architecture of the smart grid in general. And then we explain our proposed attack that is specifically tailored for the smart grid infrastructures. The attack considers the characteristics of recent real malware attacks such as deceptive hardware attack and multi-stage operation. We believe this analysis will benefit the design and implementation of secure smart grid infrastructures by demonstrating how a sophisticated malware attack can damage the smart grid.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

1.
These operation systems logically belong to operator/service provider, and some of them may not be physically installed at operator/service provider premises.

References

Momoh, J.: Smart Grid: Fundamentals of Design and Analysis. Wiley, Hoboken (2012)
Book Google Scholar
U.S. Government: NIST framework and roadmap for Smart Grid interoperability standards, release 1.0. NIST, January 2010
Google Scholar
Cyber Security Working Group: Guidelines for Smart Grid Cyber Security: vol. 1, Smart Grid Cyber Security Strategy, Architecture, and High-Level Requirements. NIST, August 2010
Google Scholar
McDaniel, P., McLaughlin, S.: Security and privacy challenges in the smart grid. IEEE Security & Privacy 7(3), 75–77 (2009)
Article Google Scholar
Liu, J., Xiao, Y., Li, S., Liang, W., Philip Chen, C.L.: Cyber security and privacy issues in smart grids. IEEE Commun. Surv. Tutorials 14(4), 981–997 (2012)
Article Google Scholar
Fang, X., Misra, S., Xue, G., Yang, D.: Smart grid - the new and improved power grid: a survey. IEEE Commun. Surv. Tutorials 14(4), 944–980 (2012)
Article Google Scholar
Li, X., Liang, X., Rongxing, L., Shen, X., Lin, X., Zhu, H.: Securing smart grid: cyber attacks, countermeasures, and challenges. IEEE Commun. Mag. 50(8), 38–45 (2012)
Article Google Scholar
Sridhar, S., Hahn, A., Govindarasu, M.: Cyber-physical system security for the electric power grid. Proc. IEEE 100(1), 210–224 (2012)
Article Google Scholar
Falliere, N., Murchu, L.O., Chien, E.: W32.Stuxnet dossier. White paper, Symantec Corp., Security Response (2011)
Google Scholar
Ganesalingam, M.: Type. In: Ganesalingam, M. (ed.) The Language of Mathematics. LNCS, vol. 7805, pp. 113–156. Springer, Heidelberg (2013)
Chapter Google Scholar
Luigi Auriemma, Bugtraq: Vulnerabilities in some SCADA server softwares, March 2011. http://seclists.org/bugtraq/2011/Mar/187, Last Accessed on 15 May 2013
Secunia Vulnerability Review 2013, Secunia, March 2013
Google Scholar
Gao, J., Xiao, Y., Liu, J., Liang, W., Philip Chen, C.L.: A survey of communication/networking in Smart Grids. Future Gener. Comput. Syst. 28(2), 391–404 (2012)
Article Google Scholar
Kolhe, M.: Smart grid: charting a new energy future: research, development and demonstration. Electricity J. 25(2), 88–93 (2012)
Article Google Scholar
Ernst & Young: Attacking the smart grid, December 2011
Google Scholar
Byres, E.: Unicorns and Air Gaps - Do They Really Exist? Living with Reality in Critical Infrastructures, Tofino, July 2012
Google Scholar
Symantec: The Symantec Intelligence Report: June 2012, June 2010
Google Scholar
McDonald, G., O Murchu, L., Doherty, S., Chien, E.: Stuxnet 0.5: The Missing Link. White paper, Symantec Corp., Security Response, February 2013
Google Scholar
Wightman, K.R.: Schneider Modicon Quantum, January 2012. http://www.digitalbond.com/tools/basecamp/schneider-modicon-quantum/, Last Accessed on 15 May 2013
Zetter, K.: SCADA System’s Hard-Coded Password Circulated Online for Years, July 2010. http://www.wired.com/threatlevel/2010/07/siemens-scada/, Last Accessed on 15 May 2013
Global Research & Analysis Team, Kaspersky Lab: What was that Wiper thing? August 2012. https://www.securelist.com/en/blog/208193808/What_was_that_Wiper_thing, Last Accessed on 15 May 2013

Download references

Author information

Authors and Affiliations

Advanced Cyber Security Research Centre, Macquarie University, Sydney, Australia
Byungho Min & Vijay Varadharajan

Authors

Byungho Min
View author publications
You can also search for this author in PubMed Google Scholar
Vijay Varadharajan
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Byungho Min .

Editor information

Editors and Affiliations

University of Texas at Dallas, Richardson, Texas, USA
Yvo Desmedt

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Min, B., Varadharajan, V. (2015). Design and Analysis of a Sophisticated Malware Attack Against Smart Grid. In: Desmedt, Y. (eds) Information Security. Lecture Notes in Computer Science(), vol 7807. Springer, Cham. https://doi.org/10.1007/978-3-319-27659-5_9

Download citation

DOI: https://doi.org/10.1007/978-3-319-27659-5_9
Published: 30 December 2015
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-27658-8
Online ISBN: 978-3-319-27659-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics