Reliable and secure information and communications systems for electrical utilities

  • John O'Raw

Student thesis: Doctoral ThesisDoctor of Philosophy

Abstract

Commercial Off-The-Shelf (COTS) systems have become pervasive. The underlying technologies of these systems were developed before security was a priority. Using conventional approaches, it is not possible to mitigate these systems adequately for use in Critical Infrastructure (CI).

Some strategies have been considered for legacy sites. A novel approach to asset identification is considered. Restricting data flows is a solution for security issues in certain classes of applications and the data diode is an example of such an implementation. This has been demonstrated in a smart grid context using standardized phasor measurement data. To make this approach more scalable, an OpenFlow Software-Defined Network (SDN) may be used. Vulnerabilities in this approach are identified and the attack surface minimised. Configuration and change as a vector for vulnerability is mitigated by automating provisioning, based on IEC 61850 data models. This solution is then generalized for provisioning any NETCONF/YANG compatible network devices.

Finally, these ideas are combined in the concept of a software-defined node, where the core functionality of a processing device is separated from its data communications functionality. There is no access path between the core processor and the external network.
Date of AwardDec 2020
Original languageEnglish
Awarding Institution
  • Queen's University Belfast
SupervisorDavid Laverty (Supervisor) & D John Morrow (Supervisor)

Keywords

  • Data Diode
  • IEC61850
  • SDN
  • SD-Node

Cite this

'