G. Manimaran

Bio: G. Manimaran is an academic researcher from Iowa State University. The author has contributed to research in topics: Network packet & Scheduling (computing). The author has an hindex of 13, co-authored 25 publications receiving 1438 citations.

Vulnerability Assessment of Cybersecurity for SCADA Systems

Abstract: Vulnerability assessment is a requirement of NERC's cybersecurity standards for electric power systems. The purpose is to study the impact of a cyber attack on supervisory control and data acquisition (SCADA) systems. Compliance of the requirement to meet the standard has become increasingly challenging as the system becomes more dispersed in wide areas. Interdependencies between computer communication system and the physical infrastructure also become more complex as information technologies are further integrated into devices and networks. This paper proposes a vulnerability assessment framework to systematically evaluate the vulnerabilities of SCADA systems at three levels: system, scenarios, and access points. The proposed method is based on cyber systems embedded with the firewall and password models, the primary mode of protection in the power industry today. The impact of a potential electronic intrusion is evaluated by its potential loss of load in the power system. This capability is enabled by integration of a logic-based simulation method and a module for the power flow computation. The IEEE 30-bus system is used to evaluate the impact of attacks launched from outside or from within the substation networks. Countermeasures are identified for improvement of the cybersecurity.

Cybersecurity for Critical Infrastructures: Attack and Defense Modeling

Abstract: Disruption of electric power operations can be catastrophic on national security and the economy. Due to the complexity of widely dispersed assets and the interdependences among computer, communication, and power infrastructures, the requirement to meet security and quality compliance on operations is a challenging issue. In recent years, the North American Electric Reliability Corporation (NERC) established a cybersecurity standard that requires utilities' compliance on cybersecurity of control systems. This standard identifies several cyber-related vulnerabilities that exist in control systems and recommends several remedial actions (e.g., best practices). In this paper, a comprehensive survey on cybersecurity of critical infrastructures is reported. A supervisory control and data acquisition security framework with the following four major components is proposed: (1) real-time monitoring; (2) anomaly detection; (3) impact analysis; and (4) mitigation strategies. In addition, an attack-tree-based methodology for impact analysis is developed. The attack-tree formulation based on power system control networks is used to evaluate system-, scenario -, and leaf-level vulnerabilities by identifying the system's adversary objectives. The leaf vulnerability is fundamental to the methodology that involves port auditing or password strength evaluation. The measure of vulnerabilities in the power system control framework is determined based on existing cybersecurity conditions, and then, the vulnerability indices are evaluated.

Internet infrastructure security: a taxonomy

Abstract: The pervasive and ubiquitous nature of the Internet coupled with growing concerns about cyber terrorism demand immediate solutions for securing the Internet infrastructure. So far, the research in Internet security primarily focused on. securing the information rather than securing the infrastructure itself. Given the prevailing threat situation, there is a compelling need to develop architectures, algorithms, and protocols to realize a dependable Internet infrastructure. In order to achieve this goal, the first and foremost step is to develop a comprehensive understanding of the security threats and existing solutions. This article attempts to fulfill this important step by providing a taxonomy of security attacks, which are classified into four main categories: DNS hacking, routing table poisoning, packet mistreatment, and denial-of-service attacks. The article discusses the existing solutions for each of these categories, and also outlines a methodology for developing secure protocols.

Application of Sensor Network for Secure Electric Energy Infrastructure

Abstract: Wireless sensor networks are becoming the technology of choice for sensing applications mostly due to their ease of installation and associated lower costs. This paper proposes a novel conceptual design for an application of wireless sensor technology for assessing the structural health of transmission lines and their implementation to improve the observability and reliability of power systems. A two-layer sensor network model is presented for overcoming the communication range limitations of smart sensors, and two operational modes for enhanced energy efficiency are introduced. Simulations integrating the output of the sensor network with an energy-management system were conducted, obtaining improvement in the security of the power system

An information architecture for future power systems and its reliability analysis

Abstract: Analysis of 162 disturbances from 1979 to 1995 reported by the North American Electric Reliability Council (NERC) indicates the importance of information systems under the regulated and competitive environment. This paper points out the major deficiencies in current communication and information systems and proposes a new power system information architecture aimed at correcting these deficiencies. The proposed architecture includes automation and control systems at all levels, from substation control system to independent system operator (ISO) operating center, taking into account the requirements of real-time data, security, availability, scalability, and appropriate Quality of Service (QoS). It uses multiple communication channels employing a wide variety of technologies to transmit real-time operating data and control signals. The real-time operating and control system is modeled with various redundancy configurations; the reliabilities of different configurations are studied and compared for practical values of component failure rates and repair rates.

Smart Grid — The New and Improved Power Grid: A Survey

Abstract: The Smart Grid, regarded as the next generation power grid, uses two-way flows of electricity and information to create a widely distributed automated energy delivery network. In this article, we survey the literature till 2011 on the enabling technologies for the Smart Grid. We explore three major systems, namely the smart infrastructure system, the smart management system, and the smart protection system. We also propose possible future directions in each system. colorred{Specifically, for the smart infrastructure system, we explore the smart energy subsystem, the smart information subsystem, and the smart communication subsystem.} For the smart management system, we explore various management objectives, such as improving energy efficiency, profiling demand, maximizing utility, reducing cost, and controlling emission. We also explore various management methods to achieve these objectives. For the smart protection system, we explore various failure protection mechanisms which improve the reliability of the Smart Grid, and explore the security and privacy issues in the Smart Grid.

Cyber–Physical System Security for the Electric Power Grid

Abstract: The development of a trustworthy smart grid requires a deeper understanding of potential impacts resulting from successful cyber attacks. Estimating feasible attack impact requires an evaluation of the grid's dependency on its cyber infrastructure and its ability to tolerate potential failures. A further exploration of the cyber-physical relationships within the smart grid and a specific review of possible attack vectors is necessary to determine the adequacy of cybersecurity efforts. This paper highlights the significance of cyber infrastructure security in conjunction with power application security to prevent, mitigate, and tolerate cyber attacks. A layered approach is introduced to evaluating risk based on the security of both the physical power applications and the supporting cyber infrastructure. A classification is presented to highlight dependencies between the cyber-physical controls required to support the smart grid and the communication and computations that must be protected from cyber attack. The paper then presents current research efforts aimed at enhancing the smart grid's application and infrastructure security. Finally, current challenges are identified to facilitate future research efforts.

Secure Control: Towards Survivable Cyber-Physical Systems

Abstract: In this position paper we investigate the security of cyber-physical systems. We (1) identify and define the problem of secure control, (2) investigate the defenses that information security and control theory can provide, and (3) propose a set of challenges that need to be addressed to improve the survivability of cyber-physical systems.