• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Energy Informatics >Load balancing of renewable energy: a cyber security analysis
【24h】

Load balancing of renewable energy: a cyber security analysis

机译:可再生能源的负载平衡:网络安全分析

获取原文
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

In the coming years, the increase of automation in electricity distribution grids, controlled by ICT, will bring major consequences to the cyber security posture of the grids. Automation plays an especially important role in load balancing of renewable energy where distributed generation is balanced to load in a way that the grid stability is ensured. Threats to the load balancing and the smart grid in general arise from the activities of misbehaving or rouge actors in combination with poor design, implementation, or configuration of the system that makes it vulnerable. It is urgent to conduct an in-depth analysis about the feasibility and imminency of these potential threats ahead of a cyber catastrophy. This paper presents a cyber security evaluation of the ICT part of the smart grid with a focus on load balancing of renewable energy. The work builds on a load balancing centered smart grid reference architecture model that is designed as part of the evaluation with the help of SCADA system and smart grid experts. The smart grid load balancing architecture represented by the model is then analyzed using a threat modelling approach that is encapsulated in a tool called securiCAD. Countermeasures are introduced in the model to measure how much each improve the cyber security of the smart grid. The analysis shows that the main threat comes from the internet and is directly dependant on the level of internet access office users have coupled with their level of access on the OT zone. Supply chain attacks are also of great concern, i.e. the compromising of the software/hardware vendor with the objective of feeding rogue updates to assets, typically to install a backdoor. The general takeaway defense-wise is that it is of the utmost importance to increase efforts in securing the smart Grid in all the ways possible as they appear to be generally complementary. The obtained results raise concerns whether the architecture of the smart grid still remains satisfactory in today’s state of the cyberspace and the increased presence and sophistication of cyber threats. There are also concerns whether the proposed security measures, regardless of their evaluated effectiveness, are realistically implementable from both financial and practical point of view. There is no silver bullet available to achieve full protection against cyber attacks. The smart grid remains a network of IT/OT machines with dataflows going between them. State-sponsored hackers given enough time and regardless of the defences in place will eventually make their way into a critical infrastructure such as the smart grid. While mitigations will not eliminate the threats, they will increase the cyber resilience of the infrastructure by increasing both its time frame and effectiveness. As such, in a time where usability, efficiency and practicality are at the front of every domain, innovations regarding these aspects should really be carried out with strong security in mind.
机译:未来几年,受ICT控制的配电网自动化程度的提高,将对电网的网络安全态势产生重大影响。自动化在可再生能源的负载平衡中起着特别重要的作用,在分布式负载中,分布式发电以确保电网稳定性的方式平衡负载。通常,负载平衡和智能电网的威胁来自行为不当或行为不当的行为,加上糟糕的系统设计,实施或配置,使其变得脆弱。迫切需要在网络灾难之前对这些潜在威胁的可行性和迫在眉睫的问题进行深入分析。本文介绍了智能电网ICT部分的网络安全评估,重点是可再生能源的负载平衡。该工作建立在以负载平衡为中心的智能电网参考架构模型的基础上,该模型是在SCADA系统和智能电网专家的帮助下进行评估的一部分。然后使用封装在称为securiCAD的工具中的威胁建模方法来分析该模型代表的智能电网负载平衡架构。该模型中引入了对策,以衡量每种对提高智能电网的网络安全性的程度。分析表明,主要威胁来自互联网,并且直接取决于办公室用户的互联网访问水平及其在OT区域的访问水平。供应链攻击也非常令人担忧,即以向服务器提供恶意更新为目标的软件/硬件供应商的妥协,通常是为了安装后门。一般而言,从防御角度来说,最重要的是要加大努力以所有可能的方式保护智能电网,因为它们看起来通常是互补的。获得的结果令人担忧,在当今的网络空间状态下,智能电网的体系结构是否仍然令人满意,网络威胁的存在和复杂程度也在不断提高。从财务和实践的角度来看,无论所评估的有效性如何,拟议的安全措施是否切实可行地令人担忧。没有万能的灵丹妙药可以完全抵御网络攻击。智能电网仍然是IT / OT计算机的网络,它们之间有数据流。由国家资助的黑客有足够的时间,无论采取何种防御措施,最终都将进入关键的基础架构,例如智能电网。虽然缓解措施无法消除威胁,但它们可以通过增加时间框架和有效性来提高基础架构的网络弹性。因此,在可用性,效率和实用性是每个领域的当务之急的时代,有关这些方面的创新应真正在牢记安全性的前提下进行。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号