Power System Peer-to-Peer Networking Data Object Based Security

2006 Large Engineering Systems Conference on Power Engineering Pub Date : 2006-07-01 DOI:10.1109/LESCPE.2006.280367

T. Mander, R. Cheung, F. Nabhani

{"title":"Power System Peer-to-Peer Networking Data Object Based Security","authors":"T. Mander, R. Cheung, F. Nabhani","doi":"10.1109/LESCPE.2006.280367","DOIUrl":null,"url":null,"abstract":"There has been increasing peer-to-peer networking among intelligent electronic devices (IEDs) with communication capabilities for efficient power system protection, control and monitoring with connections to external networks. This facilitates cyber-attackers' capability to assume control over power system operations that could cause serious blackouts. This paper proposes a new data-object-rule-based (DORB) cyber-security implemented as a pseudo-layer below the DNP3 application layer, a commonly used protocol for power systems communications, to strengthen the power system computer network security. The DORB cyber-security limits effectiveness of cyber-attacks by implementing rule-based cyber-security for the usage of DNP3 function codes, object types, and data sets. Any data transmission that does not conform to the allowed data object usage is blocked from being transmitted or received by the DNP3 devices. The DORB security also incorporates authentication between peers for particular function codes, object types, and data sets, to improve the power system communication security.","PeriodicalId":225654,"journal":{"name":"2006 Large Engineering Systems Conference on Power Engineering","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2006 Large Engineering Systems Conference on Power Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/LESCPE.2006.280367","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

There has been increasing peer-to-peer networking among intelligent electronic devices (IEDs) with communication capabilities for efficient power system protection, control and monitoring with connections to external networks. This facilitates cyber-attackers' capability to assume control over power system operations that could cause serious blackouts. This paper proposes a new data-object-rule-based (DORB) cyber-security implemented as a pseudo-layer below the DNP3 application layer, a commonly used protocol for power systems communications, to strengthen the power system computer network security. The DORB cyber-security limits effectiveness of cyber-attacks by implementing rule-based cyber-security for the usage of DNP3 function codes, object types, and data sets. Any data transmission that does not conform to the allowed data object usage is blocked from being transmitted or received by the DNP3 devices. The DORB security also incorporates authentication between peers for particular function codes, object types, and data sets, to improve the power system communication security.

查看原文本刊更多论文

电力系统点对点网络基于数据对象的安全性

具有通信能力的智能电子设备(ied)之间的点对点网络越来越多，可以有效地保护电力系统，控制和监测与外部网络的连接。这使得网络攻击者有能力控制可能导致严重停电的电力系统运行。为了加强电力系统计算机网络的安全性，本文提出了一种新的基于数据对象规则(DORB)的网络安全方案，该方案作为电力系统通信常用协议DNP3应用层下的伪层实现。DORB网络安全通过对DNP3功能码、对象类型和数据集的使用实施基于规则的网络安全，限制了网络攻击的有效性。任何不符合允许的数据对象使用方式的数据传输，都将被DNP3设备阻止发送或接收。DORB安全还包括针对特定功能码、对象类型和数据集的对等体之间的身份验证，以提高电力系统通信的安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2006 Large Engineering Systems Conference on Power Engineering

自引率

0.00%

发文量