A Cyber Security Architecture for Microgrid Deployments

Abstract : Microgrids enable the aggregation of various types of generating and non-generating sources as a unified control unit. Microgrid control networks are connected to external networks - SCADA networks for demand-response applications, enterprise networks and the Internet for remote monitoring and control. These external connections expose microgrids to serious threats from cyber attacks. This is a major concern for microgrids at sensitive installations such as military bases and hospitals. One of the challenges in protecting microgrids is that control networks require very low latency. Cryptographic protection, which adds additional latency to communications, is unacceptable in real-time control, especially with regard to synchronization and stability. Also, a complex network at a microgrid site with interconnected control and SCADA networks makes the process of acquiring security certifications (e.g., DIACAP) extremely difficult. To address these challenges, this chapter presents the SNAPE cyber security architecture, which segregates communications networks needed for fast, real-time control from networks used for external control signals and monitoring, thereby drastically reducing the attack surface of a microgrid control network. Network segregation is achieved by hardware devices that provide strong cryptographic separation. The segregation isolates control networks so that they can use lightweight cryptography to meet the low latency requirements. The novel approach minimizes the cyber security certification burden by reducing the scope of certification to a subset of a microgrid network.
Type de document :
Communication dans un congrès
Mason Rice; Sujeet Shenoi. 9th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2015, Arlington, VA, United States. IFIP Advances in Information and Communication Technology, AICT-466, pp.245-259, 2015, Critical Infrastructure Protection IX. 〈10.1007/978-3-319-26567-4_15〉
Liste complète des métadonnées

Littérature citée [11 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01431005
Contributeur : Hal Ifip <>
Soumis le : mardi 10 janvier 2017 - 14:56:04
Dernière modification le : mercredi 11 janvier 2017 - 16:03:39
Document(s) archivé(s) le : mardi 11 avril 2017 - 15:19:14

Fichier

978-3-319-26567-4_15_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Apurva Mohan, Gregory Brainard, Himanshu Khurana, Scott Fischer. A Cyber Security Architecture for Microgrid Deployments. Mason Rice; Sujeet Shenoi. 9th International Conference on Critical Infrastructure Protection (ICCIP), Mar 2015, Arlington, VA, United States. IFIP Advances in Information and Communication Technology, AICT-466, pp.245-259, 2015, Critical Infrastructure Protection IX. 〈10.1007/978-3-319-26567-4_15〉. 〈hal-01431005〉

Partager

Métriques

Consultations de la notice

576

Téléchargements de fichiers

132