Inteligencia de Fuentes Abiertas para Redes Eléctricas Inteligentes Seguras
Inteligencia de Fuentes Abiertas para Redes Eléctricas Inteligentes Seguras
MINISTERIO DE ECONOMÍA, COMERCIO Y EMPRESA
Retos I+D+I
(Ref. TEC2017-84197-C4-1-R)
1/ 2018
--
9/ 2021
Los nuevos contadores eléctricos inteligentes con capacidades de comunicación y control contribuirán a adaptar y afinar el suministro eléctrico de forma muy eficiente. El camino de un sistema cerrado de las eléctricas tradicionales a un nuevo ecosistema complejo y altamente interconectado como son las redes eléctricas inteligentes, ha venido dirigido por la eficiencia y la solidez del sistema. Ahora se le requiere además reforzar su solidez frente a la aparición de nuevas amenazas cibernéticas. Las tendencias actuales sitúan la gestión de riesgos en el centro de las estrategias de seguridad cibernéticas. La gestión de riesgos es la encargada de orquestar el resto de los procesos implicados: identificación de amenazas; análisis de riesgo del potencial impacto en los activos; implementación y despliegue de contramedidas; y la sintonización y establecimiento de los controles de seguridad que a su vez permitirán una mejor detección de amenazas, cerrando así el ciclo de estos procesos. La mayoría de las amenazas cibernéticas incluyen necesariamente la explotación de alguna vulnerabilidad del sistema, y prácticamente a diario aparecen nuevas vulnerabilidades. Los rápidos ciclos de vida de firmware y software son factores favorecedores de dicha tasa de aparición de vulnerabilidades. Esto explica la necesidad del papel de las operadoras de smart grids en las auditorías de vulnerabilidades, incluso con la ayuda de los fabricantes y los procesos de certificación. El proyecto MAGOS ayudará a las operadoras a construir entornos seguros para llevar a cabo las auditorías de vulnerabilidades a un coste menor, minimizando la exposición de los elementos del sistema a fallos y amenazas cibernéticas. En el proyecto se investigarán distintos aspectos relacionados con la seguridad, privacidad y prestaciones de protocolos, redes y sistemas propios de las redes eléctricas inteligentes."
Publications
Marín-López, Andrés; Chica-Manjarrez, Sergio; Arroyo, David; Almenares-Mendoza, Florina; Díaz-Sánchez, Daniel
Security Information Sharing in Smart Grids: Persisting Security Audits to the Blockchain Journal Article
In: Electronics, vol. 9, pp. 1865, 2020, ISSN: 2079-9292.
@article{marin002,
title = {Security Information Sharing in Smart Grids: Persisting Security Audits to the Blockchain},
author = {Andrés Marín-López and Sergio Chica-Manjarrez and David Arroyo and Florina Almenares-Mendoza and Daniel Díaz-Sánchez },
url = {https://www.mdpi.com/2079-9292/9/11/1865
},
doi = {https://doi.org/10.3390/electronics9111865},
issn = {2079-9292},
year = {2020},
date = {2020-11-06},
urldate = {2020-11-06},
journal = {Electronics},
volume = {9},
pages = {1865},
abstract = {With the transformation in smart grids, power grid companies are becoming increasingly
dependent on data networks. Data networks are used to transport information and commands for
optimizing power grid operations: Planning, generation, transportation, and distribution. Performing
periodic security audits is one of the required tasks for securing networks, and we proposed in a
previous work AUTOAUDITOR, a system to achieve automatic auditing. It was designed according
to the specific requirements of power grid companies, such as scaling with the huge number of
heterogeneous equipment in power grid companies. Though pentesting and security audits are
required for continuous monitoring, collaboration is of utmost importance to fight cyber threats.
In this paper we work on the accountability of audit results and explore how the list of audit result
records can be included in a blockchain, since blockchains are by design resistant to data modification.
Moreover, blockchains endowed with smart contracts functionality boost the automation of both
digital evidence gathering, audit, and controlled information exchange. To our knowledge, no such
system exists. We perform throughput evaluation to assess the feasibility of the system and show
that the system is viable for adaptation to the inventory systems of electrical companies.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
With the transformation in smart grids, power grid companies are becoming increasingly
dependent on data networks. Data networks are used to transport information and commands for
optimizing power grid operations: Planning, generation, transportation, and distribution. Performing
periodic security audits is one of the required tasks for securing networks, and we proposed in a
previous work AUTOAUDITOR, a system to achieve automatic auditing. It was designed according
to the specific requirements of power grid companies, such as scaling with the huge number of
heterogeneous equipment in power grid companies. Though pentesting and security audits are
required for continuous monitoring, collaboration is of utmost importance to fight cyber threats.
In this paper we work on the accountability of audit results and explore how the list of audit result
records can be included in a blockchain, since blockchains are by design resistant to data modification.
Moreover, blockchains endowed with smart contracts functionality boost the automation of both
digital evidence gathering, audit, and controlled information exchange. To our knowledge, no such
system exists. We perform throughput evaluation to assess the feasibility of the system and show
that the system is viable for adaptation to the inventory systems of electrical companies.
Chica-Manjarrez, Sergio; Marín-López, Andrés; Díaz-Sánchez, Daniel; Almenares-Mendoza, Florina
On the Automation of Auditing in Power Grid Companies Proceedings Article
In: Actas de congreso internacional, Citas Google 2, CORE C, pp. 331 - 340, 2020, ISBN: ISSN/ISBN) 978-1-4503-5988-7.
@inproceedings{pa054,
title = {On the Automation of Auditing in Power Grid Companies},
author = {Sergio Chica-Manjarrez and Andrés Marín-López and Daniel Díaz-Sánchez and Florina Almenares-Mendoza},
doi = {10.3233/AISE200057},
isbn = {ISSN/ISBN) 978-1-4503-5988-7},
year = {2020},
date = {2020-07-23},
urldate = {2020-07-23},
booktitle = {Actas de congreso internacional, Citas Google 2, CORE C},
pages = {331 - 340},
abstract = {Auditing is a common task required to secure networks. This becomes of utter importance in power grid companies, the authorities of electricity supply. An increasing number of connected devices makes the use of semi automatic or fully automated auditing imperative. The inventory system has to incorporate the auditing results and subsequently integrate them in the security assessment of the company. The risk metrics incorporate the severity of exposures and facilitate the selection of vulnerabilities that have to be mitigated, according to the risk appetite of the company. This automatic approach has to address scale and privacy issues of large companies. In addition, connections from foreign domains that carry out the auditing involve additional risks that must be considered to effectively test the likelihood and depth of the found vulnerabilities.
In this paper we discuss the requirements of an automatic auditing system and present AUTOAUDITOR, a highly configurable module which allow companies to automatically perform pentesting in specific assets.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Auditing is a common task required to secure networks. This becomes of utter importance in power grid companies, the authorities of electricity supply. An increasing number of connected devices makes the use of semi automatic or fully automated auditing imperative. The inventory system has to incorporate the auditing results and subsequently integrate them in the security assessment of the company. The risk metrics incorporate the severity of exposures and facilitate the selection of vulnerabilities that have to be mitigated, according to the risk appetite of the company. This automatic approach has to address scale and privacy issues of large companies. In addition, connections from foreign domains that carry out the auditing involve additional risks that must be considered to effectively test the likelihood and depth of the found vulnerabilities.
In this paper we discuss the requirements of an automatic auditing system and present AUTOAUDITOR, a highly configurable module which allow companies to automatically perform pentesting in specific assets.
Rubio-Drosdov, Eugenio; Díaz-Sánchez, Daniel; Marín-López, Andrés; Almenares-Mendoza, Florina
A Framework for Microservice Migration and Performance Assessment Proceedings Article
In: pp. 291 - 299, 2020, ISBN: 978-1-4503-5988-7.
@inproceedings{pa059,
title = {A Framework for Microservice Migration and Performance Assessment},
author = {Eugenio Rubio-Drosdov and Daniel Díaz-Sánchez and Andrés Marín-López and Florina Almenares-Mendoza},
doi = {doi:10.3233/AISE200053},
isbn = {978-1-4503-5988-7},
year = {2020},
date = {2020-06-25},
pages = {291 - 299},
abstract = {In a large Smart Grid, smart meters produce tremendous amount of data that are hard to process, analyze and store. Fog computing is an environment that offers a place for collecting, computing and storing smart meter data before transmitting them to the cloud. Due to the distributed, heterogeneous and resource constrained nature of the fog computing nodes, fog applications need to be developed as a collection of interdependent, lightweight modules. Since this concept aligns with the goals of microservices architecture (MSA), efficient placement of microservices-based Smart Grid applications within fog environments has the potential to fully leverage capabilities of fog devices. Microservice architecture is an emerging software architectural style. It is based on microservices to provide several advantages over a monolithic solution, such as autonomy, composability, scalability, and fault-tolerance. However, optimizing the migration of microservices from one fog environment to other while assuring certain quality is still a big issue that needs to be addressed. In this paper, we propose an approach for assisting the migration of microservices in MSA-based Smart Grid systems, based on the analysis of their performance within the possible candidate destinations. Developers create microservices that will be eventually deployed at a given infrastructure. Either the developer, cosidering the design, or the entity deploying the service have a good knowledge of the quality required by the microservice. Due to that, they can create tests that determine if a destination meets the requirements of a given microservice and embed these tests as part of the microservice. Our goal is to automate the execution of performance tests by attaching a specification that contains the test parameters to each microservice.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
In a large Smart Grid, smart meters produce tremendous amount of data that are hard to process, analyze and store. Fog computing is an environment that offers a place for collecting, computing and storing smart meter data before transmitting them to the cloud. Due to the distributed, heterogeneous and resource constrained nature of the fog computing nodes, fog applications need to be developed as a collection of interdependent, lightweight modules. Since this concept aligns with the goals of microservices architecture (MSA), efficient placement of microservices-based Smart Grid applications within fog environments has the potential to fully leverage capabilities of fog devices. Microservice architecture is an emerging software architectural style. It is based on microservices to provide several advantages over a monolithic solution, such as autonomy, composability, scalability, and fault-tolerance. However, optimizing the migration of microservices from one fog environment to other while assuring certain quality is still a big issue that needs to be addressed. In this paper, we propose an approach for assisting the migration of microservices in MSA-based Smart Grid systems, based on the analysis of their performance within the possible candidate destinations. Developers create microservices that will be eventually deployed at a given infrastructure. Either the developer, cosidering the design, or the entity deploying the service have a good knowledge of the quality required by the microservice. Due to that, they can create tests that determine if a destination meets the requirements of a given microservice and embed these tests as part of the microservice. Our goal is to automate the execution of performance tests by attaching a specification that contains the test parameters to each microservice.
Almenarez, Florina; Alonso, Lucía; Marín, Andrés; Díaz-Sánchez, Daniel; Arias, Patricia
Assessment of fitness tracker security: a case of study Proceedings Article
In: 2018, ISSN: 2504-3900.
@inproceedings{pa058,
title = {Assessment of fitness tracker security: a case of study},
author = {Florina Almenarez and Lucía Alonso and Andrés Marín and Daniel Díaz-Sánchez and Patricia Arias},
url = {https://www.mdpi.com/2504-3900/2/19/1235},
doi = {https://doi.org/10.3390/proceedings2191235},
issn = {2504-3900},
year = {2018},
date = {2018-10-26},
abstract = {The wearable industry has experienced a notable growth over the last decade, especially in fitness or e-health trackers. These trackers bring new functionalities that require collecting a great amount of sensitive information about the user. This fact has made fitness trackers the target of deliberate attacks, e.g., eavesdropping, unauthorized account access, fake firmware update, and so on. For this reason, this paper describes a vulnerability study on one of the most popular fitness trackers in 2017, together with the mobile application associated to the tracker. The study results show what vulnerabilities of the communications among agents (i.e., wearable device, mobile application and server) could put at risk users sensitive information and privacy.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
The wearable industry has experienced a notable growth over the last decade, especially in fitness or e-health trackers. These trackers bring new functionalities that require collecting a great amount of sensitive information about the user. This fact has made fitness trackers the target of deliberate attacks, e.g., eavesdropping, unauthorized account access, fake firmware update, and so on. For this reason, this paper describes a vulnerability study on one of the most popular fitness trackers in 2017, together with the mobile application associated to the tracker. The study results show what vulnerabilities of the communications among agents (i.e., wearable device, mobile application and server) could put at risk users sensitive information and privacy.
Díaz-Sánchez, Daniel; Marín-López, Andrés; Almenares-Mendoza, Florina; Arias-Cabarcos, Patricia
DNS-Based Dynamic Authentication for Microservices in IoT Proceedings Article
In: pp. 1-11, 2018, ISSN: 2504-3900.
@inproceedings{pa055,
title = {DNS-Based Dynamic Authentication for Microservices in IoT},
author = {Daniel Díaz-Sánchez and Andrés Marín-López and Florina Almenares-Mendoza and Patricia Arias-Cabarcos},
url = {https://www.mdpi.com/2504-3900/2/19/1233},
doi = {https://doi.org/10.3390/proceedings2191233},
issn = {2504-3900},
year = {2018},
date = {2018-10-25},
pages = {1-11},
abstract = {IoT devices provide with real-time data to a rich ecosystems of services and applications that will be of uttermost importance for ubiquitous computing. The volume of data and the involved subscribe/notify signaling will likely become a challenge also for access and core netkworks. Designers may opt for microservice architectures and fog computing to address this challenge while offering the required flexibility for the main players of ubiquitous computing: nomadic users. Microservices require strong security support for Fog computing, to rely on nodes in the boundary of the network for secure data collection and processing. IoT low cost devices face outdated certificates and security support, due to the elapsed time from manufacture to deployment. In this paper we propose a solution based on microservice architectures and DNSSEC, DANE and chameleon signatures to overcome these difficulties. We will show how trap doors included in the certificates allow a secure and flexible delegation for off-loading data collection and processing to the fog. The main result is showing this requires minimal manufacture device configuration, thanks to DNSSEC support.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
IoT devices provide with real-time data to a rich ecosystems of services and applications that will be of uttermost importance for ubiquitous computing. The volume of data and the involved subscribe/notify signaling will likely become a challenge also for access and core netkworks. Designers may opt for microservice architectures and fog computing to address this challenge while offering the required flexibility for the main players of ubiquitous computing: nomadic users. Microservices require strong security support for Fog computing, to rely on nodes in the boundary of the network for secure data collection and processing. IoT low cost devices face outdated certificates and security support, due to the elapsed time from manufacture to deployment. In this paper we propose a solution based on microservice architectures and DNSSEC, DANE and chameleon signatures to overcome these difficulties. We will show how trap doors included in the certificates allow a secure and flexible delegation for off-loading data collection and processing to the fog. The main result is showing this requires minimal manufacture device configuration, thanks to DNSSEC support.
