Check out latest IDS for smart grid: A multivariate and efficient tool for modern energy systems, published in Sensors!

The advent of the Smart Grid (SG) raises severe cybersecurity risks that can lead to devastating consequences. Electrical engineering processes rely on legacy industrial devices, such as Supervisory Control and Data Acquisition (SCADA) systems that do not include the sufficient authentication and authorisation mechanisms since the corresponding communication protocols have not been developed having cybersecurity in mind. Characteristic examples are Modbus, Distributed Network Protocol 3 (DNP3), IEC 60870-5-104, Generic Object Oriented Substation Events (GOOSE), Manufacturing MessageSpecification (MMS) and Profinet.

Our latest work, published in Sensors (available in ResearchGate too), presents a novel anomaly-based Intrusion Detection System (IDS), called ARIES (smArt gRid Intrusion dEtection System), which is capable of protecting efficiently SG communications. ARIES combines three detection layers that are devoted to recognising possible cyberattacks and anomalies against (a) network flows, (b) Modbus/Transmission ControlProtocol (TCP) packets and (c) operational data. Each detection layer relies on a Machine Learning(ML) model trained using data originating from a power plant.

The proposed IDS is thoroughly evaluated, by using real data stemming from a power plant in Greece. Our scheme excels in terms of accuracy, F1, and Precision under various evaluation scenarios.

This work has been developed in the context of the H2020 DS-07-2017, SPEAR: Secure and PrivatE smArt gRid, which is coordinated by the University of Western Macedonia. SPEAR aims at developing an integrated platform of methods, processes, and tools for:

a) timely detecting evolved security attacks using big data analytics, advanced visual-aided anomaly detection tools, and smart node trust management schemes;

b) developing an advanced forensic readiness framework for collecting attack traces and preparing the necessary legal evidence in court, while preserving user private information;

c) implementing an anonymous smart grid channel for mitigating the lack of trust in exchanging sensitive information about cyberattack incidents;

d) performing risk analysis and awareness through cyber hygiene frameworks, while empowering EU-wide consensus, by collaborating with European and global security organizations, standardization bodies, industrial groups and smart grid operators;

e) exploiting the research outcomes to more critical infrastructure domains, while creating competitive business models for utilizing the implemented security tools in smart grid operators and actors across Europe.

Proud to share our research work with you :)