2. Cyber-Physical Security Vulnerabilities and Challenges in IoT-Enabled Smart Grids
2.1. General Definitions, Framework, and Guidelines
The energy grid systems have become more intelligent and interactive with the widespread use of IoT-based technologies, which improves the system’s consistency, efficiency, and adaptability. Cybersecurity vulnerabilities, on the other hand, are becoming increasingly common. Thus, this section will discuss the security issues in IoT-connected smart energy systems and their corresponding mitigation strategies.
Figure 8 portrays the general paradigm of cyber-physical security in smart energy grids [
[18]]. Five significant causes make smart grids vulnerable to cyberattacks [
[19]]:
Figure 8. General paradigm of cybersecurity in smart grids.
- (1)
-
Ever-increasing development of intelligent electronic devices (IEDs): The number of attack sites grows in lockstep with the number of devices in the network. Even if a single point’s security is breached, the entire network system is affected.
- (2)
-
Unregulated installation of third-party components: Experts advise against using third-party components because they make the network more vulnerable to hacking. These devices might be infected with Trojans, which could then spread to other network devices.
- (3)
-
Insufficient personal training: To use any technology, appropriate training is required. When employees are not properly trained, they are more likely to fall prey to phishing scams.
- (4)
-
Insecure Internet protocols: In terms of data transfer, not all protocols are secure. Unencrypted data transport is used by several protocols. As a result, they are easy targets for man-in-the-middle attacks that extract data.
- (5)
-
Maintenance: The primary objective of maintenance is to keep things running smoothly. It can also be used as a vector for cyberattacks. Operators frequently deactivate a security system during maintenance to undertake tests.
The abovementioned five causes may compromise one of the five main goals of the cybersecurity framework in smart grids [
[20],
[21],
[22]]:
- (1)
-
Authentication: The ability to verify the identity of any smart grid communication device. For example, to bill the relevant user, the energy provider must validate each smart meter.
- (2)
-
Authorization: Ensures that an authenticated person or an object is authorized to accomplish certain tasks or has been granted the necessary privileges to access a certain category of resources. For example, an agent requires authorization to access and conduct manual configuration on a smart meter.
- (3)
-
Availability: Ensures that when a user needs some resources and/or data, they are always available for usage.
- (4)
-
Confidentiality: Guarantees that only the intended recipients have access to data that has been stored or transmitted. For example, only smart grid operators and energy providers should be aware of the end users’ consumption patterns and data.
- (5)
-
Integrity: Certifies that received data have not been tampered with in any manner. For example, smart meters must ensure the integrity of software updates as well as the source origin.
2.2. Main Cyberattack Strategies in IoT-Enabled Smart Grids
Cyber adversaries utilize four key access and control methods to target devices: scanning, surveillance, maintenance, and manipulation. During the first step, reconnaissance, the attacker collects and acquires information about their target. They seek to discover the system’s weaknesses in the second step. These moves are intended to help understand and recognize the services available and running on the open ports and the hosting device characteristics (e.g., operating system, manufacturer). During the target exploitation time, they aim to gain concession control over the entire system. After gaining target administrator access, the final step must be completed so that access may be maintained indefinitely. This is accomplished by installing a covert and undetectable application that allows them to quickly return to the target system. Security requirements are a concession in the smart grid, as attackers take the same procedures. At each stage, they use a variety of tactics to breach a specific system [
[23]].
Figure 9 demonstrates a stepwise procedure of cyberattacks during the exploitation of cyber adversaries [
[24]], where
Table 7 presents how each type of attack can compromise system security [
[25]].
Figure 10 vividly shows how cyber attackers can breach systems’ security.
Figure 9. Stepwise cyberattack strategies in IoT-enabled smart grids.
Figure 10. Different cyberattack approaches in IoT-enabled smart grids.
Table 7. Goals of security that have been jeopardized because of an attack.
2.2.1. Reconnaissance Definition and Strategies
The reconnaissance procedure includes attacks such as traffic analysis and social engineering. In social engineering, instead of focusing on technology abilities, the focus is on the human connection and social engineering that revolves around it. Persuasion and communication gain are used by an attacker to earn the user’s trust in order to access private and credential information, such as PINs or passwords, to log in to the server. Password and phishing attempts, for example, have become commonplace in social engineering. The traffic analysis monitors and analyzes network traffic to determine which machines and hosts connect to the network, obtaining their IP addresses. Social engineering and traffic analysis are the main threats to information security [
[36]].
2.2.2. Scanning Strategies
Scanning is the next step in detecting all the available network machines and hosts. IP addresses, ports, utilities, and security issues are all factors to consider while scanning. An intruder would normally start identifying the network by scanning the hosts connected to their newly acquired IP addresses. Then, they examine each port to establish which ones are available. This scan is performed on any found host network. The attacker then runs a service scan to see what service or device is running behind each open port. Vulnerability scanning is the final stage, which identifies defects, goals, and vulnerabilities associated with each service system on the target devices to be attacked at a later stage. Modbus and DNP3 are two industrial protocols that are vulnerable to scan attacks. Instead of utilizing the scanning Modbus network approach, TCP/Modbus was created to safeguard it. The attack involves delivering an innocuous message to all networked computers to capture their data. On the SCADA Modbus network, Mods scan is a well-known scanner that can discover and open TCP/Modbus connections, and identify system IP addresses and slave IDs [
[37]].
2.2.3. Exploitation Strategies
The third step, exploitation, involves hostile operations attempting to acquire control of the IoT-enabled smart energy system components and exploiting vulnerabilities. Viruses, worms, and Trojan horses infect the human–machine interface (HMI). Privacy violations, channel jamming, integrity breaches, and other assaults, such as denial of service (DOS), man-in-the-middle (MITM), and replay attacks, are all instances of these activities. Viruses are programs that infect computers, devices, and/or machines in smart energy systems. A worm is a self-replicating program. It infects the system and other devices by spreading across the network, copying itself, and infecting them. A Trojan horse is computer software that impersonates a beneficial function on the target computer [
[38]].
2.2.4. Maintaining Access
In the final step, the attacker utilizes a specific attack to gain permanent access to the target, such as backdoors, infections, and Trojan horses. Undetectable software, such as a backdoor, is installed on the target surreptitiously so that it may be accessed fast and simply. Assume that the attacker has successfully created a backdoor into the SCADA server control: in such a situation, they will be able to launch a series of attacks against the system, having a severe impact on the entire power system. On the IT network, the security requirements are established in order of importance: (1) confidentiality, (2) integrity, and (3) availability [
[39]].
2.3. Adverse Impacts of Cyberattacks on Smart Grids
In the following, several examples related to the negative impacts of cyberattacks on the safe operation (from economic and stability points of view) of IoT-enabled smart grids will be discussed.
2.3.1. Electricity Market Losses
Cyberattacks on smart energy systems have significant potential economic and physical consequences. Even though the current study has focused on cyber technical/physical attacks on smart grids, it is also critical to pay greater attention to cyberattacks in terms of associated economic risks. Smart grids have had severe economic difficulty with cyberattacks, particularly renewable energy resources with a high penetration level. Electricity markets are a mix of real-time and day-ahead trading [
[40]]. The day-ahead market is primarily concerned with finding the most cost-effective solution to optimization and load forecasting problems. Since load forecasting is impacted by fake data injection (FDI) cyberattacks in the day-ahead market, the optimization algorithms would be unable to accurately determine the location marginal prices (LMPs) of the grid [
[41]]. On the other hand, the real-time market assesses the dispatched power from each generating unit to meet the required load demand of each bus [
[42]]. It is also necessary to calculate the power that flows through transmission lines to achieve the congestion pattern and consequently evaluate real-time LMPs. Thus, FDI attacks can impact precise state estimation of the power grids in the real-time electricity markets [
[43],
[44]].
2.3.2. Power System Stability
The FDI attacks have had major technological and physical consequences for IoT-enabled smart grids. In the case of FDI attacks, smart grids must usually deal with steady-state stability and transient effects. The impact of FDI attacks on steady-state stability on voltage control demands current/voltage/power management and energy management of smart grids is very significant. Furthermore, cyberattacks have a negative influence on electrical grid steady-state functioning, whereas the FDI attacks have harmed the dynamic and transient stability of smart grids. FDI can also impact the smart grid frequency control system. However, the goal will be to maintain rotor angle stability [
[45]].
2.3.3. Energy Theft
The widespread use of IoT-aided AMI in the smart energy grid allows for the transmission of massive energy data and information in a more reliable, efficient, and effective manner for smart grid system management. It replaced the existing analog meter reading and data gathering system with a digital system. Those massive volumes of acquired data and information are wirelessly transferred for further processing with the help of IoT technology, which significantly reduces labor-intensive operations. In the energy sector, energy theft has become a major cause of concern. Both energy service providers and consumers have suffered significant financial losses because of energy theft. The most basic kind of energy theft is tampering with an energy meter so that it can no longer record real energy use and thereby alter the energy bill. Energy theft usually entails circumventing the energy meter so that energy may be consumed without being recorded for billing purposes [
[46][47][48]].
2.3.4. Disruption of Service in Critical and Non-Critical Facilities
Cyberattacks against automation equipment in critical and non-critical facilities can be conducted to achieve the goals listed below [
[49]]:
- (1)
-
To gain initial access, for example, via hacking smart lights, to gain Wi-Fi authentication and eventually control of Wi-Fi network devices.
- (2)
-
To cause an indirect service disruption, for example, by using a thermostat to manage the building’s air conditioning system from afar.
- (3)
-
To obtain and disseminate information. Use an application that hacks smart gadgets, such as smart televisions, to make them act as though they are turned off and then use the microphone to record and leak conversations surrounding them.
- (4)
-
System abuse, such as producing light flashing at a certain frequency, might trigger epileptic seizures in individuals.
- (5)
-
To initiate an intensified attack against critical facilities such as hospitals through a number of targeted smart devices. To deactivate smart home automation systems by targeting a large number of IoT-enabled smart home automation devices in a short amount of time.
2.3.5. Disruption of Transactive Energy Systems
The transactive energy system employs this integrated notion of economic and operational mechanisms to dynamically maintain demand and supply balance across the grid system, hence improving the energy grid’s efficiency and reliability. For decision-making and demand response programs, the transactive energy control mechanism is heavily reliant on the cyber system of distributed edge computing and IoT-enabled technologies. This system necessitates a large amount of data to be transmitted across various market processes. Cyberattacks can be performed through the following procedure in order to disrupt the safe operation of transactive energy systems [
[50]]:
- (1)
-
Malware injection in the system can result in a large-scale power outage or data theft.
- (2)
-
Cybercriminals can tamper with or damage smart meters for several purposes.
- (3)
-
To interrupt the transactive system by manipulating the control signals of the relay and circuit breaker.
2.3.6. Environmental Security
Environmental security is critical in the implementation of smart energy grids because it aids in the control and avoidance of potentially catastrophic effects on infrastructures caused by natural or artificially induced environmental hazards such as floods, tremors, earthquakes, landslides, falling trees, and bushfires. In such circumstances, smart action based on environmental concerns is performed primarily by delivering appropriate threat alerts based on collected data and providing alternate feeders for vital infrastructure. Although this feature of smart grids’ security is classified as non-technical in this study, it has both technical and non-technical ramifications in some areas.
The capacity of a system’s response to failure, in terms of its ability to restore service (by utilizing an improvised alternate feeder if appropriate) or provide adequate data to enable system operators to restore service, is of the highest importance in smart grids. This is accomplished mostly by automatic switching in the event of outages or failures. Natural catastrophes, harsh temperatures, peak, and fossil oil depletion, global energy market instability, terrorism, sabotage, vandalism, and other similar variables all have adverse impacts on the system’s resiliency [
[51]]. A geographic information system (GIS) is based on the real-time data that are captured by deployed IoT devices such as smart meters to aid data analytics methods that predict natural disasters and thus have a crucial role in providing timely and accurate environmental threat alerts.
2.4. Detection and Mitigation of IoT-Enabled Cyberattacks
Customers (consumers and prosumers), electric utilities, power system operators, and third-party service providers can be assumed to be stakeholders of smart grids. The data administration of smart grids, particularly in terms of smart meters, becomes a demanding task due to the participation of various stakeholders. There are several frameworks that provide guidelines for integrating security and privacy across several domains to enhance the security and privacy protection of all involved entities. Security is divided into three categories by the framework: communication security, secure computing, and system control security. Cryptography, route security, and network privacy are all aspects of communication security.
A key goal in the management of communication security is to successfully achieve end-to-end encryption and multiple hop routing that can assure the security of transferred data. In [
[52]], the authors described the major functionalities of smart meters, which includes tracking the quantity of utilized energy as well as voltage and frequency. The implemented smart meters are also in charge of providing data to the grid via a secure communication channel, as well as managing load switches by operators to prevent blackouts in emergency situations. Additionally, this research showed that high-assurance smart meters could be implemented (HASM).
Various techniques have been proposed in the literature to address cybersecurity backgrounds, elements, challenges, and potential solutions for smart energy grids. However, as the complexity of the grid increases with the significant deployment of smart IoT devices, most recent studies have found that the integration of AI techniques is one of the most effective solutions. According to several research findings, the smart grid is similarly vulnerable to human errors, which can be caused by social engineering attacks. Therefore, to investigate the most promising recent methods for safeguarding IoT-enabled smart grids, these methods are divided into two main categories: non-human-centric and human-centric methods.
2.4.1. Non-Human-Centric Methods
The non-human-centric methods can be categorized into three classes: (1) machine-learning-based methods, (2) cloud-computing-based methods, and (3) blockchain-based methods.
Machine-Learning-Based Methods
In the smart grid infrastructure, thousands of sensors are deployed. These sensors continually monitor the states of the devices to which they are connected, generating a massive quantity of data in the form of log files or time-series data. The data that are produced by sensors are saved on a cloud server, which must be preprocessed before being sent. Local servers are another option for servers. However, the maximum level of data security is achieved by storing data on a local server. Nevertheless, they constrain the ability of pattern recognition features or forecasts by advanced optimization algorithms.
In the past few years, machine-learning methods have proved to be effective in detecting cyberattacks. Machine learning identifies intrusions based on past data, as opposed to rule-based techniques. To anticipate power system disruptions, a combination of JRipper and Adaboost was formulated in [
[53]]. The model generated three groups based on the attack data, natural disturbances, and the state of no event. False data injection attack (FDIA) is another popular type of attack that can seriously damage smart energy systems. By tampering with data that are collected from smart meters, FDIA can financially impact utilities and consumers. In [
[54]], a model was analyzed on an IEEE 14-bus test system. The efficiency and performance of the ensemble-based learning (EBL) model were compared with several algorithms such as linear regression (LR), naïve-Bayes (NB), decision tree (DT), and support vector machine (SVM), where the obtained results demonstrated that the unsupervised EBL model outperformed all the other algorithms with an accuracy of 73%. In [
[55]], the authors proposed a robust deviation-based detection method to efficiently defend the system against an FDIA. Additionally, an exponential weighting function in combination with a Kalman filter was implemented to retain the original weighted least squares estimator. The experimental results confirmed the efficacy of the proposed detection method against FDIA attacks. In this study, the influence of various attack strengths and noise on detection performance was also investigated. In [
[56]], a deep learning technique based on a conditional deep belief network model was proposed to identify the behavioral characteristics of FDI attacks on a real-time basis. In the presented method, the detection mechanism relaxes the beliefs for the potential attack scenarios and attains high accuracy. Moreover, the formulated optimization model was able to distinguish similar behavior that takes place in the process of energy theft. The performance of the presented method was illustrated through two simulation cases on IEEE 118-bus and IEEE 300-bus test systems, where the scalability of the proposed model was also examined.
Occasionally, a smart grid may be subjected to distributed denial-of-service (DDoS) attacks. DDoS attacks jeopardize the availability of communication servers. The fundamental goal of a DDoS attack is to flood the communication server with false requests, causing it to become unusable for communication. In [
[57]], the authors proposed a DDoS attack detection method based on a multilevel auto-encoder formulation. Multiple levels of shallow and deep auto-encoders were trained in an unsupervised approach which was employed to encode training and test data for feature extraction and generation purposes. In the final stage of the algorithm, a unified detection model was constructed by combining the multilevel features using a kernel learning algorithm. The obtained results of their algorithm showed its functionality by achieving high prediction accuracy where it outperforms all the other compared methods.
Cloud-Computing-Based Methods
In [
[58]], to ease the inconvenience of working on encrypted data, an attribute-based online/offline searchable encryption scheme was proposed. In the first step, encryption and trapdoor algorithms were divided into two phases. In the second step, both the encryption and attribute control policy were performed in the offline mode. In the next step, the proposed scheme was secured against two attacks: (1) chosen plaintext and (2) chosen keyword attacks. Ultimately, the applicability of the presented method in a cloud-based smart grid was tested. In [
[59]], the authors analyzed a fundamental security problem in the scalable architecture of smart grid cloud services. They evaluated risks involved in IoT-enabled smart grid security in terms of five distinctive features: (1) policy and organizational risks, (2) general technical risks, (3) SaaS risks, (4) PaaS risks, and (5) IaaS risks. The presented evaluation model was based on deep belief networks, which comprised multiple RBMs and a BP neural network (BPNN). The RBMs were trained by means of a greedy training algorithm, and then BPNN was employed for fine-tuning purposes. Their obtained results found that the mean absolute error (MAE), mean relative error (MRE), and mean square error (MSE) of the proposed model are the lowest in comparison to all the other methods [
[60]].
Blockchain-Based Methods
The integration of blockchain with IoT-enabled smart grids is becoming a complicated key solution for accelerating a broad range of security functionalities in smart energy systems [
[61]]. The current centralized ledger system can be transferred by blockchain-based techniques into a distributed ledger thanks to the existence of public key algorithms. Blockchain methods offer end-to-end encryption technology based on their distributed processing structure that guarantees the safety and reliability of communication [
[62]]. In [
[63]], a blockchain-based security method that facilitates secure and authorized access to smart city resources was presented. The proposed method comprised an authentication and authorization process for constrained environments based on two models: (1) a blockchain model and (2) object security architecture (OSCAR) for the IoT. The blockchain-based method laid out an adaptable and untrustworthy authorization system, while OSCAR used a public ledger to construct multicast classes for authorized customers. Furthermore, a meteor-based application was created to provide a user-friendly interface for heterogeneous smart city technology. Through this application, users were able to interact and operate with smart city resources such as traffic lights, smart energy meters, and security cameras. In [
[64]], a new distributed authentication and authorization protocol for IoT-enabled smart grids based on blockchain-based methods was proposed to address information leaks, illegal access, and identity theft issues. The protocol introduced combined the decentralized authentication and immutable ledger properties of blockchain architectures that are applicable for power systems to achieve both identity authentication and resource authorization for smart energy systems. In [
[65]], a model-based architecture was proposed that considered an interoperable blockchain-based local energy market for consumers and prosumers in a residential microgrid (MG) framework. The research identified 21 organizational, informational, technological, and blockchain needs for a local energy market and its underlying information system using the IoT-enabled smart grid architecture. According to the Landau Microgrid case study, the biggest hurdle was a clear value proposition for key stakeholders, standardization of data exchange, and appropriate physical implementation [
[66]].
2.4.2. Human-Centric Methods
When two successive authentication procedures are combined, the password-breaking algorithm becomes exponentially more complicated. Unauthorized users will have less access to the data because of the multifactor authentication process. Multifactor authentication approaches include SMS token authentication, email token authentication, hardware token authentication, software token authentication, and phone authentication.
Hackers are increasingly targeting humans because of technological advancements that have made attacks on smart equipment more complicated. Attackers are using machine-learning technologies to recognize human behaviors and create a variety of scenarios. Thus, employee training plays a critical role in limiting the hackers’ success in their malicious intent.
The use of strong passwords minimizes the likelihood of an attack on the integrity or confidentiality of data. Password-guessing attacks are more likely with weak passwords. Password guessing is a method of gaining access to a system by guessing passwords and gaining access to a targeted device. In addition, the attacker consumes network resources and bandwidth to carry out several attacks that consequently limit the access of legitimate users to the resources.
Users are one of the weakest links in the context of cybersecurity, and one of the biggest challenges with users is that they cannot be taught in the same way as staff. Thus, smart devices such as smart meters and smart inverters must be protected against cyberattacks. Tamper-proofing the devices’ internal operating systems is one of the most effective approaches for protecting devices against cybercriminals.
Customers should always be wary of applications that request authorization. Customers keep sensitive data on their devices, and some third-party apps request more information than they require. Around 98.5 percent of consumers ignore or just sometimes accept the permissions requested by applications without thinking twice. It has been reported that 93.6 percent of users accept the applications’ terms and conditions instantaneously or within one minute.
Customers should be able to readily report any suspected attack on a platform created by utilities. The destruction would grow exponentially as the time gap between the attack and the time of the report increases. A delay in reporting an attack jeopardizes not only the privacy of one client but also the privacy of other connected customers in the grid.