Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - SeReCP
T2 - A secure and reliable communication platform for the smart grid
AU - Demir, K.
AU - Suri, Neeraj
A2 - M., Kitakami
A2 - D.S., Kim
A2 - V., Varadharajan
PY - 2017/1/22
Y1 - 2017/1/22
N2 - The management of a complex cyber-physical system such as the Smart Grid (SG) requires responsive, scalable and high-bandwidth communication, which is often beyond the capabilities of the classical closed communication networks of the power grid. Consequently, the use of scalable public IP-based networks is increasingly being advocated. However, a direct consequence of the use of public networks is the exposure of the SG to varied reliability/security risks, e.g., distributed denial-of-service (DDoS). Thus the need exists for new lightweight mechanisms that can provide both cost-effective communication along with proactive DDoS attack protection. We fill this gap by proposing a novel approach termed as SeReCP, which leverages: (1) a semi-trusted P2P-based publish-subscribe (pub-sub) system providing a proactive countermeasure for DDoS attacks and secure group communications by aid of a group key management system, (2) a data diffusion mechanism that sustains the network availability in the case of both randomly sweeping and targeted DDoS attacks on pub-sub brokers, and (3) a multi-homing-based fast recovery mechanism for detecting and requesting the dropped packets, thus paving the way for meeting the stringent laency requirements os SG applications. Our evaluation on a real testbed demonstrates that SG applications. Our evaluation on a real testbed demonstrates that SeReCP provides the required security and availability of SG applications with up to 30% failures of the pnb-snb brokers. Overall, we show that SeReCP helps enable the secure use of public network based communication for safety-critical cyber-physical systems such as the SG.
AB - The management of a complex cyber-physical system such as the Smart Grid (SG) requires responsive, scalable and high-bandwidth communication, which is often beyond the capabilities of the classical closed communication networks of the power grid. Consequently, the use of scalable public IP-based networks is increasingly being advocated. However, a direct consequence of the use of public networks is the exposure of the SG to varied reliability/security risks, e.g., distributed denial-of-service (DDoS). Thus the need exists for new lightweight mechanisms that can provide both cost-effective communication along with proactive DDoS attack protection. We fill this gap by proposing a novel approach termed as SeReCP, which leverages: (1) a semi-trusted P2P-based publish-subscribe (pub-sub) system providing a proactive countermeasure for DDoS attacks and secure group communications by aid of a group key management system, (2) a data diffusion mechanism that sustains the network availability in the case of both randomly sweeping and targeted DDoS attacks on pub-sub brokers, and (3) a multi-homing-based fast recovery mechanism for detecting and requesting the dropped packets, thus paving the way for meeting the stringent laency requirements os SG applications. Our evaluation on a real testbed demonstrates that SG applications. Our evaluation on a real testbed demonstrates that SeReCP provides the required security and availability of SG applications with up to 30% failures of the pnb-snb brokers. Overall, we show that SeReCP helps enable the secure use of public network based communication for safety-critical cyber-physical systems such as the SG.
KW - Availability
KW - Key mnoagement
KW - Pub-sub
KW - Security
KW - Cost effectiveness
KW - Denial-of-service attack
KW - Electric power transmission networks
KW - Information management
KW - Peer to peer networks
KW - Public risks
KW - Smart power grids
KW - Group key management
KW - High bandwidth communication
KW - Network availability
KW - Reliable communication
KW - Secure group communications
KW - Network security
U2 - 10.1109/PRDC.2017.31
DO - 10.1109/PRDC.2017.31
M3 - Conference contribution/Paper
SN - 9781509056538
SP - 175
EP - 184
BT - 2017 IEEE 22nd Pacific Rim International Symposium on Dependable Computing (PRDC)
PB - IEEE
ER -