“Secure Monitoring for a Secure Smart Grid”

From Navigators

Jump to: navigation, search

Rodrigo de Medeiros (advised by Fernando Ramos, Nuno Ferreira Neves)

Master’s thesis, Mestrado em Engenharia Informática, Departamento de Informática, Faculdade de Ciências da Universidade de Lisboa, Lisbon, Portugal, Sept. 2015

Abstract: Monitoring plays a fundamental role in current network deployments, supporting diverse activities such as traffic engineering, anomaly detection, and performance diagnosis. The Software Defined Networks - a new paradigm in networking - has become an enabler for precise monitoring. In SDN the control plane is separated from the forwarding plane, leading to the logical centralization of the network control in a controller that runs in a (cluster of) server(s). For this purpose, a layer of communication is added between the controller and devices, something traditionally done through the OpenFlow protocol. This communication protocol allows the controller to have remote access to the forwarding tables of network switches. With the advent of SDN an array of advanced monitoring primitives has emerged, exploring the centralized vantage point offered by the controller. Such primitives should be resilient from the ground-up, ensuring a correct view under attack. In this work we intend to demonstrate that security should be a first class citizen when building SDN network monitoring frameworks. To justify this need, we perform a threat assessment on common monitoring techniques and demonstrate experimentally that they are vulnerable to attacks, including relatively unsophisticated ones. This indicates that further work is needed in this area and, with that aim, we include an initial discussion on possible solutions for secure monitoring. We discuss the impact of these attacks on physical systems, more precisely we use a Smart Grid as a study case. Smart Grids differ from the traditional electric system by having an intelligent monitoring capability and network control. As a Smart Grid is a critical system, we discuss several solutions to make the monitoring system secure.

Download paper

Download Secure Monitoring for a Secure Smart Grid

Export citation

BibTeX

Project(s): Project:SEGRID

Research line(s): Fault and Intrusion Tolerance in Open Distributed Systems (FIT)

Personal tools
Navigators toolbox