Journal of Communications and Networks

The Korean Institute of Commucations and Information Sciences (한국통신학회)
권호 표지

Wide-Area SCADA System with Distributed Security Framework

  • Zhang, Yang (State Key laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications) ;
  • Chen, Jun-Liang (State Key laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications)
  • Received : 2012.04.29
  • Published : 2012.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

With the smart grid coming near, wide-area supervisory control and data acquisition (SCADA) becomes more and more important. However, traditional SCADA systems are not suitable for the openness and distribution requirements of smart grid. Distributed SCADA services should be openly composable and secure. Event-driven methodology makes service collaborations more real-time and flexible because of the space, time and control decoupling of event producer and consumer, which gives us an appropriate foundation. Our SCADA services are constructed and integrated based on distributed events in this paper. Unfortunately, an event-driven SCADA service does not know who consumes its events, and consumers do not know who produces the events either. In this environment, a SCADA service cannot directly control access because of anonymous and multicast interactions. In this paper, a distributed security framework is proposed to protect not only service operations but also data contents in smart grid environments. Finally, a security implementation scheme is given for SCADA services.

Keywords

References

  1. P. Eugster, P. Felber, R. Guerraoui, and A. Kermarrec, "The many faces of publish/subscribe," ACM Comput. Surveys (CSUR), vol. 35, no. 2, pp. 114-131, 2003. https://doi.org/10.1145/857076.857078
  2. G. Muhl, L. Fiege, and P. Pietzuch, Distributed Event-Based Systems. Springer-Verlag, Berlin, Heidelberg, 2006.
  3. G. L. Li, V. Muthusamy, and H. A. Jacobsen, "A distributed serviceoriented architecture for business process execution," ACM Trans. Web, vol. 4, no. 1, 2010.
  4. (2006, Oct.). OASIS web services notification (WSN) TC. OASIS. [Online]. Available: http://www.oasis-open.org/committees/wsn/
  5. (2006, Mar.). Web services eventing. W3C. [Online]. Available: http://www.w3.org/Submission/WS-Eventing/
  6. Z. Brakerski and C. Gentry. (2011, May). Fully homomorphic encryption without bootstrapping. Cryptology ePrint Archive. [Online]. Available: http://eprint.iacr.org/2011/277
  7. K. Lauter, M. Naehrig, and V. Vaikuntanathan. Can homomorphic encryption be practical. [Online]. Available: http://research.microsoft.com/pubs/148825/ccs2011_submission_412.pdf
  8. S. Chen and F.Y. Liu, "Web based simulations of power systems," IEEE Trans. Comput. Appl. Power, vol. 15, no. 1, pp. 35-40, Jan 2002. https://doi.org/10.1109/67.976990
  9. B. Qiu. "Internet based SCADA display system," IEEE Trans Comput. Appl. Power, vol. 15, no. 1, pp. 14-19, 2002. https://doi.org/10.1109/67.976986
  10. K. Nithiyanatan and V. Ramachandran, "RMI based multi-area power system load flow monitoring," IJECE, vol. 3, no. 1, pp. 28-30, 2004.
  11. M. Irving, G. Taylor, and P. Hobson, "Plug into Grid computing," IEEE Trans. Power Energy Mag., vol. 2, no. 2, pp 40-44, 2004. https://doi.org/10.1109/MPAE.2004.1269616
  12. M. Di Santo, N. Ranaldo, D.Villacci, and E. Zimeo. "Performing security analysis of large scale power systems with a broker-based computational grid," in Proc. IEEE ITCC, 2004, pp. 77-82.
  13. A. Masaud-Wahaishi and A. Gaouda. "Intelligent monitoring and control architecture for future electrical power systems," in Proc. ANT, 2011.
  14. D. E. Bakken, A. Bose, C. H. Hauser, D. E. Whitehead, and G. C. Zweigle. Smart generation and transmission with coherent. Real-Time Data. [Online]. Available: http://www.gridstat.net/trac/
  15. F. Li, B. Luo, and P. Liu, "Secure information aggregation for smart grids using homomorphic encryption," IEEE SmartGridComm, 2010, pp. 327- 332.
  16. F. Garcia and B. Jacobs, "Privacy-friendly energy-metering via homomorphic encryption," Lecture Notes Comput. Sci., vol. 6710, pp. 226-238, 2011.
  17. A. Anderson. (2007). Web services profile of XACML (WS-XACML), version 1.0, OASIS standard specification. [Online]. Available: http://www.oasis-open.org/committees/download.php/24951/xacml-3.0-profilewebservices-spec-v1-wd-10-en.pdf.
  18. R. Wonohoesodo and Z. Tari. "A role based access control for Web services," in Proc. IEEE SCC, 2004.
  19. R. Bhatti, E. Bertino, and A. Ghafoor, "A trust-based context-aware access control model for Web-services," in Proc. IEEE ICWS, 2004.
  20. L. Kagal, M. Paolucci, N. Srinivasan, G. Denker, T. Finin, and K. Sycara, "Authorization and privacy for semantic Web services," IEEE Intell. Syst., vol. 19, no. 4, pp. 50-56, 2004. https://doi.org/10.1109/MIS.2004.23
  21. E. Bertino, A. C. Squicciarini, L. Maritino, and F. Paci. "An adaptive access control model for Web services," Int. J. Web Serv. Res., vol. 3, no. 3, pp. 27-60, 2006. https://doi.org/10.4018/jwsr.2006070102
  22. Q. H. Wang and N.H. Li, "Satisfiability and resiliency in workflow authorization systems," ACM Trans. Inf. Syst. Security, vol. 13, no. 4, Dec. 2010.
  23. Smart Grid Policy, [Docket No. PL09-4-000], Issued July 16, 2009, Federal Energy Regulatory Commission, USA.
  24. Title XIII - Smart Grid. Sec. 1301, Statement of Policy on Modernization of Electricity Grid, Energy Independence and Security Act of 2007 (EISA), USA.