Table 4.3. The assets of the system.
ID Tangible Intangible Description
A1 Information Information about customers may be of interest by many adversaries.
A2 Property/
people
Customers have a lot of different equipment to protect, like resources, home security equipment and such. Also, Smart Grid is for people and must not compromise human lives or their well-being.
A3 Feel of security If the end users do not trust Smart Grid or feel safe at their home, this will ultimately destroy the im- plementation of SG.
Besides information, customers also have resources, devices and property that can be harmed, robbed, destroyed, or used without permission for various motives. An un- authorized use of user´s home devices may result in melting of fridge, or in the worst case, cause fires or other accidents that can take lives. Also, as the users‘ resources are part of controlling the grid, they might be attacked in order to cause trouble to the whole grid. HEMS will also provide the most accessible path to the Smart Grid, and thus, it will be under attacks.
Successful attacks can change the attitudes against Smart Grid, especially if people start to think that their security as well as dependability of their electricity is in danger.
The feel of security can actually be one of the biggest assets that the end users have. The lost of trust and confidence on the system can result in many issues, for instance, avoid- ing the use of the equipment leading to the unsuccessful implementation of Smart Grid.
Table 4.3 gathers all assets of the end users and categorizes them into tangible and in- tangible groups.
The third asset, feel of security, is rather connected to the other assets. In other words, successful attacks targeted to assets A1 and A2 can lead also to asset A3, even though not intended.
To make the data flow more complete the following lists describe what exactly the requests and responses could contain [53]:
Request 1; Messages from aggregator to HEMS:
- Parameter change
- Query to check if the communication and automation system are alive - Distribution of contract and tariff data to resources
- Query of missing or bad quality data Reply 1; Messages from HEMS to aggregator:
- Disturbance event (real-time data) - Disturbance recording
- Monitoring of resources (real-time data) - Statistics of resources
- EV started charging (real-time data) - EV stopped charging (real-time data) - Registration of new resource
- Customer query about its own resource Request 2; Messages from ICS to aggregator
- Query to check if communication system is alive Reply 2; Messages from aggregator to ICS:
- Disturbance report to SCADA
- Summary of real-time information about resources to SCADA - Query to check if communication system is alive
Figure 4.2. The data flow of the demonstration system from devices to ICS.
Config
Reply 2 Request 2
Reply 1 Request 1
Trust boundary Trust boundary
[Type a quote from the docume nt or the summar y of an interesti ng point.
You can position the text box anywher e in the docume nt. Use the Text Box Tools tab to change the formatti ng of the pull quote text box.]
Aggre- gator
[Type a quote from the docume nt or the summar y of an interesti ng point.
You can position the text box anywhe re in the docume nt. Use the Text Box Tools tab to change the formatti ng of the pull quote text box.]
[Type a ICS quote from the docume nt or the summar y of an interesti ng point.
You can position the text box anywher e in the docume nt. Use the Text Box Tools tab to change the formatti ng of the pull quote text box.]
HEMS
Customer Devices
Enquiry
Status info
UI
As mentioned, this architecture is one possible solution. The business idea behind this model is that aggregator has some control over customers´ devices like, electric car batteries, and can thus provide this controlling service to grid operator.
4.3.1 Implementation of the system
There are many ideas and plans of how the information infrastructure of Smart Grid can be carried out. Especially, the collection, aggregation, and distribution of information from customer domain are still open questions. One possible solution for information infrastructure is a decentralized plan, where the idea is to distribute the decision making devices to many levels. The decentralized plan enables local generation and consump- tion of energy, as well as other functionality.
In the decentralized model, the aggregator plays an important role. The aggregator itself can be divided into several software components that are running and working in different computers, and in different places of the grid. LV automation system is one very plausible place for the aggregator component, having connections with the HEMS, and with other main aggregator components. Especially in a rural environment, these centres might be easy targets for adversaries, and require some sort of surveillance. In order to communicate with each other, these components need a network.
In Finland, many entities, such as electric distributor companies and teleoperators have been installing a great deal of optical fibre. In fact, Finnish communications regu- latory authority, FICORA, set a goal that by the end of 2015, a national broadband net- work will be installed [59]. As HEMS will be at the customer´s premises, wired solu- tions, such as cable or optical fibre, provide a natural way for HEMS to be connected to other components of the Smart Grid system. However, there are also components, for instance, smart meters, in the Smart Grid that will use additional techniques for com- munication. In Finland, for example, all smart meters use tunnelled general packet radio service (GPRS) which the ISPs are providing to the DSOs [60]. This threat model con- centrates on the connections of the HEMS.
Since the HEMS will utilize the Internet as communication media, it might also act as an enhanced WLAN router. In order for customers to easily manage and configure both WLAN settings and home devices, the HEMS will offer a UI [53]. There are vul- nerabilities with WLAN, even when configured and used properly. The risk differs greatly depending on the location and type of use. For example, using WLAN in house- holds in a rural area is a bit different than using it in apartments in cities. Despite this, the vulnerabilities and threats remain the same; only the likelihood differs. Same goes for other wireless networks that the HEMS provides, such as Z-Wave among others.
In apartment buildings, the network structure is a bit different from private house- holds. It is typical that the communication and data of all apartments are gathered, and sent via optical fibre that comes into the building. The communication technique to each apartment can vary. Home PNAs, for example, are used in many places utilizing the old installed twin cables [61]. The Smart Grid implementation in these kinds of environ- ments can be done utilizing the already existing network structure or with, for example,
using GPRS. However, with the Smart Grid too, the information is first gathered from all the apartments, and then sent forward, even with GPRS technique. In any case, the information is sent using the same cable or optical fibre that the Internet uses. From an information security point of view, this may raise new threats, such as possibility of information leakage via eavesdropping.