In recent years, the structure of the electricity grids has changed remarkably because of developing technology and smart grids have started to be used instead of classical ones. IEC 61850 standard is widely used in communication of smart grids. Smart grids bring additional risks along with the many benefits they provide. One of these risks is the vulnerabilities in communication systems; they are vulnerable to cyber-attacks, weakening the security. There are numerous studies in the literature about the detection and the prevention of the vulnerabilities caused by the communication network. However, there are no detailed studies on the investigation and the detection of cyber-attacks that can be made through physical access to smart grids spread over a wide area. Furthermore, difficulties in validation of intrusion detection system (IDS) and a number of problems in IDSs cause vulnerabilities, which make smart grids vulnerable to cyber-attacks. In this study, physical access cyber-attacks are examined and an intrusion test is done within Istanbul Technical University (ITU) Electrical Distribution Automation Laboratory, which is a modern testbed and communicates with IEC 61850 standard, Supervisory Control and Data Acquisition (SCADA) system. In order to determine the physical access cyber-attacks on time and to take necessary precautions, open source software is used. It is shown that physical access cyber-attacks to smart grids can be prevented with the established testbed.
Copyright © 2021 Praise Worthy Prize - All rights reserved.

M. D. Smith and M. E. Paté-Cornell, Cyber Risk Analysis for a Smart Grid: How Smart is Smart Enough? A Multiarmed Bandit Approach to Cyber Security Investment, IEEE Transactions on Engineering Management, vol. 65, n. 3, August 2018, pp. 434-447.
https://doi.org/10.1109/tem.2018.2798408

D. He, S. Chan and M. Guizani, Cyber Security Analysis and Protection of Wireless Sensor Networks for Smart Grid Monitoring, IEEE Wireless Communications, vol. 24, no. 6, December 2017, pp. 98-103.
https://doi.org/10.1109/mwc.2017.1600283wc

Thararak, P., Jirapong, P., Quaternary Protection Scheme with Optimal Dual-Directional Overcurrent Relay Setting for Smart Microgrids, (2020) International Review of Electrical Engineering (IREE), 15 (2), pp. 174-187.
https://doi.org/10.15866/iree.v15i2.18169

IEC standard for communication network and systems in substations, IEC 61850 Std. 2003-04.

J. Gao, Y. Xiao, J. Liu et al, A survey of communication/networking in Smart Grids, Future Generation Computer Systems, vol.28, n.2, February 2012, pp.391-404.
https://doi.org/10.1016/j.future.2011.04.014

A.Stefanov, C.C. Liu, M. Govindaras et al, SCADA Modeling for Performance and Vulnerability Assessment of Integrated Cyber-Physical Systems, International Transactions on Electrical Energy Systems vol. 25, n.3, March 2015, pp. 498-519.
https://doi.org/10.1002/etep.1862

J. Zhang, J. Li, X. Chen et al, A security scheme for intelligent substation communications considering real-time performance, Journal of Modern Power Systems and Clean Energy, vol. 7, n. 4, July 2019, pp. 948 – 961.
https://doi.org/10.1007/s40565-019-0498-5

N. Nezamoddini, S. Mousavian, M. Erol-Kantarci, A risk optimization model for enhanced power grid resilience against physical attacks, Electric Power Systems Research, vol.143, 2017, pp. 329–338.
https://doi.org/10.1016/j.epsr.2016.08.046

G. N. Ericsson, Cyber Security and Power System Communication-Essential Parts of a Smart Grid Infrastructure, IEEE Transactions on Power Delivery, vol. 25, n. 3, July 2010, pp. 1501-1507.
https://doi.org/10.1109/tpwrd.2010.2046654

K. Tazi, F. Abdi and M. F. Abbou, Review on cyber-physical security of the smart grid: Attacks and defense mechanisms, 3rd International Renewable and Sustainable Energy Conference, 10-13 December 2015, Marrakech, Morocco.
https://doi.org/10.1109/irsec.2015.7455127

S.S. Wu, C.C. Liu, A.F. Shosha et al, Cyber security and information protection in a smart grid environment, IFAC Proceedings, vol.44, n.1, January 2011, pp. 13696-13704.
https://doi.org/10.3182/20110828-6-it-1002.02140

Laaksonen, H., Future-Proof MV Distribution Network Short-Circuit Protection Scheme, (2015) International Review of Electrical Engineering (IREE), 10 (1), pp. 98-108.
https://doi.org/10.15866/iree.v10i1.5100

M. M. A. Faisal and M. A. I. Chowdhury, Bio inspired cyber security architecture for smart grid, International Conference On Innovations In Science, Engineering And Technology (ICISET), 28-29 Oct. 2016, Dhaka, Banglades.
https://doi.org/10.1109/iciset.2016.7856506

K. Srivastava, T.A. Ernster, R. Liu, Graph-Theoretic Algorithms for Cyber-Physical Vulnerability Analysis of Power Grid With Incomplete Information, Journal of Modern Power Systems and Clean Energy, vol.6, n.5, pp.887-899.
https://doi.org/10.1007/s40565-018-0448-7

J. Tian, B. Wang, T. Li, F. Shang, K. Cao, A new model approach of electrical cyber physical systems considering cyber security, International Journal of Robust and Nonlinear Control, vol. 30, n. 11, November 2019, pp.4345-4358.
https://doi.org/10.1002/rnc.4801

M. Kim, Y. Kim, N. Myoung, A Multi-Level Hierarchical Communication Network Architecture for Distributed Generators, Electrical Engineering, vol.97, n.4, April 2015, pp.303-312.
https://doi.org/10.1007/s00202-015-0332-7

A. R. Metke and R. L. Ekl, Security Technology for Smart Grid Networks, IEEE Transactions on Smart Grid, vol. 1, n. 1, June 2010, pp. 99-107.
https://doi.org/10.1109/tsg.2010.2046347

R. Leszczyna, Standards on cyber security assessment of smart grid, International Journal of Critical Infrastructure Protection, vol. 22, September 2018, pp. 70-89.
https://doi.org/10.1016/j.ijcip.2018.05.006

L. Kotut and L. A. Wahsheh, Survey of Cyber Security Challenges and Solutions in Smart Grids, Cybersecurity Symposium, 18-20 April 2016, Coeur d'Alene, ID, USA.
https://doi.org/10.1109/cybersec.2016.013

SANS and Electricity Information Sharing and Analysis Center 2016. Analysis of the cyber attack on the Ukrainian power grid. Accessed 10 Dec. 2019.
http:// www.nerc.com

M. Zafirovic-Vukotic, R. Moore, M. Leslie, R. Midence and M. Pozzuoli, Secure SCADA network supporting NERC CIP, IEEE Power & Energy Society General Meeting, 26-30 July 2009, Calgary, AB, Canada.
https://doi.org/10.1109/pes.2009.5275559

IEEE Guide for Electric Power Substation Physical and Electronic Security, IEEE Std 1402-2000.

Y. Xiang, L. Wang, Y. Zhang, Adequacy evaluation of electric power grids considering substation cyber vulnerabilities, International Journal of Electrical Power & Energy Systems, vol. 96, March 2018, pp. 368-379.
https://doi.org/10.1016/j.ijepes.2017.10.004

N.H. Ali, H. B.M. Ali, M. Othman et al, Performance of Communication Networks for Integrity Protection Systems based on Travelling Wave with IEC 61850, Int. J. Electr. Power Energy Syst. Vol. 95, February 2018, pp. 664-675.
https://doi.org/10.1016/j.ijepes.2017.09.024

Y. Yan, Y. Qian, H. Sharif and D. Tipper, A Survey on Cyber Security for Smart Grid Communications, IEEE Communications Surveys & Tutorials, vol. 14, no. 4, 2012, pp. 998-1010.
https://doi.org/10.1109/surv.2012.010912.00035

S. Poudel, Z. Ni, N. Malla, Real-Time Cyber Physical System Testbed for Power System Security and Control, International Journal of Electrical Power & Energy Systems, vol. 90, September 2017, pp.124-133.
https://doi.org/10.1016/j.ijepes.2017.01.016

A. Hahn, A. Ashok, S. Sridhar and M. Govindarasu, Cyber-Physical Security Testbeds: Architecture, Application, and Evaluation for Smart Grid, IEEE Transactions on Smart Grid, vol. 4, no. 2, June 2013, pp. 847-855.
https://doi.org/10.1109/tsg.2012.2226919

The U.S. Department of Energy 2016. Cyber threat and vulnerability analysis of the U.S. electric sector. Accessed 10 Dec. 2019.
https://energy.gov/sites/prod/files/2017

M.S. Thomas, J.D McDonald, Power system SCADA and smart grids (CRC Press, 2017).

Inductive automation, An Example of SCADA Diagram, Accessed 10 Dec. 2019.
https://inductiveautomation.com/what-is-scada

J. Chen, G. Liang, Z. Cai et al, Impact Analysis of False Data Injection Attacks on Power System Static Security Assessment, Journal of Modern Power Systems and Clean Energy, vol 4, n.3, 2016, pp. 496-505.
https://doi.org/10.1007/s40565-016-0223-6

Zhang H, Cheng P, Shi L, Chen J. Optimal DoS attack scheduling in wireless networked control system. IEEE Transactions on Control Systems Technology 2016; 24(3):843–852.
https://doi.org/10.1109/tcst.2015.2462741

S. Goose, J. Kirsch, D. Wei, SKYDA: Cloud‐Based, Secure SCADA as a Service, International Transactions on Electrical Energy Systems vol.25, n.11, October 2014, pp.3004-3016.
https://doi.org/10.1002/etep.2018

D. Wei, Y. Lu, M. Jafari et al, Protecting smart grid automation systems against cyberattacks, IEEE Transaction on Smart Grid, vol.2, n.4, December 2011, pp.782-795.
https://doi.org/10.1109/tsg.2011.2159999

B. Kang et al., Investigating cyber-physical attacks against IEC 61850 photovoltaic inverter installations, 20th Conference on Emerging Technologies & Factory Automation, 8-11 September 2015, Luxembourg.
https://doi.org/10.1109/etfa.2015.7301457

H. Yoo, T. Shon, Challenges and research directions for heterogeneous cyber-physical system based on IEC 61850: Vulnerabilities, security requirements, and security architecture, Future Generation Computer Systems, vol.61, August 2016, pp.128-136.
https://doi.org/10.1016/j.future.2015.09.026

N. Kush, E. Ahmed, M. Branagan et al, Poisoned GOOSE: Exploiting the GOOSE protocol, Australasian Information Security Conference, January 2014, Auckland, New Zealand.

Sandnes F. E., Zhang Y., Chunming R et al 2008. Ubiquitous Intelligence and Computing (Springer, 2008).

J. Hong, C. Liu and M. Govindarasu, Detection of cyber intrusions using network-based multicast messages for substation automation, Innovative Smart Grid Technologies, 19-22 Feb. 2014, Washington, DC, USA.
https://doi.org/10.1109/isgt.2014.6816375

D.C. Bergman, D. Jin, Nicol D. M et al, The virtual power system testbed and inter-testbed integration. 2nd conference on Cyber Security Experimentation And Test, August 2009, p.5.

M. Schonlau, M. Theus, Detecting masquerades in intrusion detection based on unpopular commands, Information Processing Letters, vol.76, n.1, November 2000, pp. 33-38.
https://doi.org/10.1016/s0020-0190(00)00122-8

R. A. Maxion and T. N. Townsend, Masquerade Detection Augmented with Error Analysis, IEEE Transactions on Reliability, vol. 53, n. 1, March 2004, pp. 124-147.
https://doi.org/10.1109/tr.2004.824828

Sun C. C., Hahn A. & Liu C. C 2018. Cyber security of a power grid: State-of-the-art. Int. J. Electr. Power Energy Syst. 99:45-56
https://doi.org/10.1016/j.ijepes.2017.12.020

H. Kluitenberg, Security risk management in IT small and medium enterprises, in Proceedings of 20th Twente Student Conference on IT, 2014, Twente, Netherlands.

S. Evans and J. Wallner, Risk-based security engineering through the eyes of the adversary, Sixth Annual IEEE SMC Information Assurance Workshop, 15-17 June 2005, NY, USA.
https://doi.org/10.1109/iaw.2005.1495947

Z. Liu, Q. Wang and Y. Tang, Design of a Cosimulation Platform With Hardware-in-the-Loop for Cyber-Attacks on Cyber-Physical Power Systems, IEEE Access, vol. 8, pp. 95997-96005, 2020.
https://doi.org/10.1109/access.2020.2995743

Yang Y., McLaughlin K., Littler T et al, Man-in-the-middle attack test-bed investigating cyber-security vulnerabilities in smart grid SCADA systems. International Conference on Sustainable Power Generation and Supply, 8-9 September 2012, Hangzhou, China.
https://doi.org/10.1049/cp.2012.1831

Suricata-IDS All Features. Accessed 10 Dec. 2019.
https://suricata-ids.org

Elasticsearch, A Distributed Restful Search Engine, Accessed 10 Dec. 2019.
https://github.com/elastic/elasticsearch

Logstash. Accessed 10 Dec. 2019.
https://github.com/elastic/

Kibana, Accessed 10 Dec. 2019.
https://github.com/elastic/kibana

Exploit-db. Easy File Sharing FTP Server 3.5 - Stack Buffer Overflow. Accessed 10 Dec. 2019.
https://www.exploit-db.com/exploits/33538