888 resultados para Supervisory Control and Data Acquisition (SCADA) Topology
Resumo:
Cyber threats in Supervisory Control and Data Acquisition (SCADA) systems have the potential to render physical damage and jeopardize power system operation, safety and stability. SCADA systems were originally designed with little consideration of escalating cyber threats and hence the problem of how to develop robust intrusion detection technologies to tailor the requirements of SCADA is an emerging topic and a big challenge. This paper proposes a stateful Intrusion Detection System (IDS) using a Deep Packet Inspection (DPI) method to improve the cyber-security of SCADA systems using the IEC 60870-5-104 protocol which is tailored for basic telecontrol communications. The proposed stateful protocol analysis approach is presented that is designed specifically for the IEC 60870-5-104 protocol. Finally, the novel intrusion detection approach are implemented and validated.
Resumo:
The implementation of smart homes allows the domestic consumer to be an active player in the context of the Smart Grid (SG). This paper presents an intelligent house management system that is being developed by the authors to manage, in real time, the power consumption, the micro generation system, the charge and discharge of the electric or plug-in hybrid vehicles, and the participation in Demand Response (DR) programs. The paper proposes a method for the energy efficiency analysis of a domestic consumer using the SCADA House Intelligent Management (SHIM) system. The main goal of the present paper is to demonstrate the economic benefits of the implemented method. The case study considers the consumption data of some real cases of Portuguese house consumption over 30 days of June of 2012, the Portuguese real energy price, the implementation of the power limits at different times of the day and the economic benefits analysis.
Resumo:
O atual modelo do setor elétrico brasileiro permite igualdade de condições a todos os agentes e reduz o papel do Estado no setor. Esse modelo obriga as empresas do setor a melhorarem cada vez mais a qualidade de seu produto e, como requisito para este objetivo, devem fazer uso mais efetivo da enorme quantidade de dados operacionais que são armazenados em bancos de dados, provenientes da operação dos seus sistemas elétricos e que tem nas Usinas Hidrelétricas (UHE) a sua principal fonte de geração de energia. Uma das principais ferramentas para gerenciamento dessas usinas são os sistemas de Supervisão, Controle e Aquisição de Dados (Supervisory Control And Data Acquisition - SCADA). Assim, a imensa quantidade de dados acumulados nos bancos de dados pelos sistemas SCADA, muito provavelmente contendo informações relevantes, deve ser tratada para descobrir relações e padrões e assim ajudar na compreensão de muitos aspectos operacionais importantes e avaliar o desempenho dos sistemas elétricos de potência. O processo de Descoberta de Conhecimento em Banco de Dados (Knowledge Discovery in Database - KDD) é o processo de identificar, em grandes conjuntos de dados, padrões que sejam válidos, novos, úteis e compreensíveis, para melhorar o entendimento de um problema ou um procedimento de tomada de decisão. A Mineração de Dados (ou Data Mining) é o passo dentro do KDD que permite extrair informações úteis em grandes bases de dados. Neste cenário, o presente trabalho se propõe a realizar experimentos de mineração de dados nos dados gerados por sistemas SCADA em UHE, a fim de produzir informações relevantes para auxiliar no planejamento, operação, manutenção e segurança das hidrelétricas e na implantação da cultura da mineração de dados aplicada a estas usinas.
Resumo:
Emerging cybersecurity vulnerabilities in supervisory control and data acquisition (SCADA) systems are becoming urgent engineering issues for modern substations. This paper proposes a novel intrusion detection system (IDS) tailored for cybersecurity of IEC 61850 based substations. The proposed IDS integrates physical knowledge, protocol specifications and logical behaviours to provide a comprehensive and effective solution that is able to mitigate various cyberattacks. The proposed approach comprises access control detection, protocol whitelisting, model-based detection, and multi-parameter based detection. This SCADA-specific IDS is implemented and validated using a comprehensive and realistic cyber-physical test-bed and data from a real 500kV smart substation.
Resumo:
This research is aimed at addressing problems in the field of asset management relating to risk analysis and decision making based on data from a Supervisory Control and Data Acquisition (SCADA) system. It is apparent that determining risk likelihood in risk analysis is difficult, especially when historical information is unreliable. This relates to a problem in SCADA data analysis because of nested data. A further problem is in providing beneficial information from a SCADA system to a managerial level information system (e.g. Enterprise Resource Planning/ERP). A Hierarchical Model is developed to address the problems. The model is composed of three different Analyses: Hierarchical Analysis, Failure Mode and Effect Analysis, and Interdependence Analysis. The significant contributions from the model include: (a) a new risk analysis model, namely an Interdependence Risk Analysis Model which does not rely on the existence of historical information because it utilises Interdependence Relationships to determine the risk likelihood, (b) improvement of the SCADA data analysis problem by addressing the nested data problem through the Hierarchical Analysis, and (c) presentation of a framework to provide beneficial information from SCADA systems to ERP systems. The case study of a Water Treatment Plant is utilised for model validation.
Resumo:
This paper investigates how to interface the wireless application protocol (WAP) architecture to the SCADA system running distributed network protocol (DNP) in a power process plant. DNP is a well-developed protocol to be applied in the supervisory control and data acquisition (SCADA) system but the system control centre and remote terminal units (RTUs) are presently connected through a local area network. The conditions in a process plant are harsh and the site is remote. Resources for data communication are difficult to obtain under these conditions, thus, a wireless channel communication through a mobile phone is practical and efficient in a process plant environment. The mobile communication industries and the public have a strong interest in the WAP technology application in mobile phone networks and the WAP application programming interface (API) in power industry applications is one area that requires extensive investigation.
Resumo:
A new era of cyber warfare has appeared on the horizon with the discovery and detection of Stuxnet. Allegedly planned, designed, and created by the United States and Israel, Stuxnet is considered the first known cyber weapon to attack an adversary state. Stuxnet's discovery put a lot of attention on the outdated and obsolete security of critical infrastructure. It became very apparent that electronic devices that are used to control and operate critical infrastructure like programmable logic controllers (PLCs) or supervisory control and data acquisition (SCADA) systems lack very basic security and protection measures. Part of that is due to the fact that when these devices were designed, the idea of exposing them to the Internet was not in mind. However, now with this exposure, these devices and systems are considered easy prey to adversaries.
Resumo:
This thesis evaluates the security of Supervisory Control and Data Acquisition (SCADA) systems, which are one of the key foundations of many critical infrastructures. Specifically, it examines one of the standardised SCADA protocols called the Distributed Network Protocol Version 3, which attempts to provide a security mechanism to ensure that messages transmitted between devices, are adequately secured from rogue applications. To achieve this, the thesis applies formal methods from theoretical computer science to formally analyse the correctness of the protocol.
Resumo:
The BDI architecture, where agents are modelled based on their beliefs, desires and intentions, provides a practical approach to develop large scale systems. However, it is not well suited to model complex Supervisory Control And Data Acquisition (SCADA) systems pervaded by uncertainty. In this paper we address this issue by extending the operational semantics of Can(Plan) into Can(Plan)+. We start by modelling the beliefs of an agent as a set of epistemic states where each state, possibly using a different representation, models part of the agent's beliefs. These epistemic states are stratified to make them commensurable and to reason about the uncertain beliefs of the agent. The syntax and semantics of a BDI agent are extended accordingly and we identify fragments with computationally efficient semantics. Finally, we examine how primitive actions are affected by uncertainty and we define an appropriate form of lookahead planning.
Resumo:
With the development and deployment of IEC 61850 based smart substations, cybersecurity vulnerabilities of supervisory control and data acquisition (SCADA) systems are increasingly emerging. In response to the emergence of cybersecurity vulnerabilities in smart substations, a test-bed is indispensable to enable cybersecurity experimentation. In this paper, a comprehensive and realistic cyber-physical test-bed has been built to investigate potential cybersecurity vulnerabilities and the impact of cyber-attacks on IEC 61850 based smart substations. This test-bed is close to a real production type environment, and has the ability to carry out end-to-end testing of cyber-attacks and physical consequences. A fuzz testing approach is proposed for detecting IEC 61850 based intelligent electronic devices (IEDs) and validated in the proposed test-bed.
Resumo:
With the current increase of energy resources prices and environmental concerns intelligent load management systems are gaining more and more importance. This paper concerns a SCADA House Intelligent Management (SHIM) system that includes an optimization module using deterministic and genetic algorithm approaches. SHIM undertakes contextual load management based on the characterization of each situation. SHIM considers available generation resources, load demand, supplier/market electricity price, and consumers’ constraints and preferences. The paper focus on the recently developed learning module which is based on artificial neural networks (ANN). The learning module allows the adjustment of users’ profiles along SHIM lifetime. A case study considering a system with fourteen discrete and four variable loads managed by a SHIM system during five consecutive similar weekends is presented.
Resumo:
This paper provides an overview of IDS types and how they work as well as configuration considerations and issues that affect them. Advanced methods of increasing the performance of an IDS are explored such as specification based IDS for protecting Supervisory Control And Data Acquisition (SCADA) and Cloud networks. Also by providing a review of varied studies ranging from issues in configuration and specific problems to custom techniques and cutting edge studies a reference can be provided to others interested in learning about and developing IDS solutions. Intrusion Detection is an area of much required study to provide solutions to satisfy evolving services and networks and systems that support them. This paper aims to be a reference for IDS technologies other researchers and developers interested in the field of intrusion detection.
Resumo:
The electric power systems are getting more complex and covering larger areas day by day. This fact has been contribuiting to the development of monitoring techniques that aim to help the analysis, control and planning of power systems. Supervisory Control and Data Acquisition (SCADA) systems, Wide Area Measurement Systems and disturbance record systems. Unlike SCADA and WAMS, disturbance record systems are mainly used for offilne analysis in occurrences where a fault resulted in tripping of and apparatus such as a transimission line, transformer, generator and so on. The device responsible for record the disturbances is called Digital Fault Recorder (DFR) and records, basically, electrical quantities as voltage and currents and also, records digital information from protection system devices. Generally, in power plants, all the DFRs data are centralized in the utility data centre and it results in an excess of data that difficults the task of analysis by the specialist engineers. This dissertation shows a new methodology for automated analysis of disturbances in power plants. A fuzzy reasoning system is proposed to deal with the data from the DFRs. The objective of the system is to help the engineer resposnible for the analysis of the DFRs’s information by means of a pre-classification of data. For that, the fuzzy system is responsible for generating unit operational state diagnosis and fault classification.
Resumo:
Os controladores de caudal, normalmente implementados em sistemas Supervisory control and data acquisition (SCADA), apresentam uma grande relevância no controlo automático de canais de adução. Para garantir que os controladores de caudal sejam fiáveis em todo o seu domínio de funcionamento (em situações de escoamento com ressalto livre ou submerso e de transição entre escoamentos com ressalto livre e ressalto submerso) foram comparados os resultados dos ensaios experimentais com diferentes métodos de cálculo da vazão em comportas e/ou sobre soleiras. O programa de ensaios foi realizado nos canais laboratorial e experimental da Universidade de Évora. Foram realizados ensaios em comportas planas verticais e em soleiras do tipo Waterways Experiment Station (WES) controladas ou não por comportas planas verticais. Em ambos os casos, foram contempladas as situações de escoamento com ressalto livre e submerso. Os resultados obtidos mostram que: a) para as comportas, o método Rajaratnam e Subramanya (1967a) conduz a bons resultados com um erro percentual médio absoluto MAPE < 1% para o escoamento com ressalto livre e MAPE < 4% para o submerso; a transição entre escoamentos foi identificada corretamente por este método; b) para as soleiras, obtiveram-se bons resultados para o escoamento com ressalto livre para o método USACE (1987), com MAPE < 2%, e para o submerso através do método Alves e Martins (2011), com MAPE < 5%; a transição entre escoamentos pode ser considerada adequada de acordo com a curva experimental de Grace (1963); c) para soleiras controladas por comporta, conseguiram-se bons resultados para o escoamento com ressalto livre recorrendo à equação dos orifícios de pequenas dimensões, com MAPE < 1, 5%, e para o submerso com a equação dos orifícios totalmente submersos com MAPE < 1, 6%; em ambos os casos foi necessária calibração do coeficiente de vazão; a transição entre escoamentos foi adequada pelo método de Grace (1963). Com base nos resultados obtidos, foi possível definir um algoritmo de vazão generalizado para comportas e/ou soleiras que permite a determinação da vazão para as situações de escoamento com ressalto livre e submerso incluindo a transição entre escoamentos; ABSTRACT: Flow controllers, usually implemented in Supervisory Control and Data Acquisition (SCADA) systems, are very important in the automatic control of irrigation canal systems. To ensure that flow controllers are reliable for the entire operating range (free or submerged flow and flow transitions) the experimental results were compared with different methods of flow measurement for gates and/or weirs. The test program was conducted in the laboratory flume and in the automatic canal of the University of ´Evora. Tests were carried in sluice gates and in broad-crested weirs controlled or not by sluice gate. In both cases free and submerged flow conditions were analyzed. The results show that: a) for the sluice gates, the method of Rajaratnam e Subramanya (1967a) leads to good results with a mean absolute percentage error (MAPE) < 1% for free flow and MAPE < 4% for submerged flow. The transition between flows is correctly identified by this method; b) for the uncontrolled weir, good results were obtained for free flow with the method USACE (1987) with MAPE < 2%, and for submerged flow by the method Alves e Martins (2011) with MAPE < 5%. The transition between flows can be accurately defined by the experimental curve of Grace (1963); c) for the controlled weir, good results were achieved for the free flow with the small orifice equation with MAPE < 1.5% and for submerged flow with the submerged orifice equation with MAPE < 1.6%; in both cases the calibration of the discharge coefficient is needed. The transition between flows can be accomplished through Grace (1963) method. Based on the obtained results, it was possible to define a generalized flow algorithm for gates and/or weirs that allows flow determination for free and submerged flow conditions including the transition between flows.
Resumo:
The operation of power systems in a Smart Grid (SG) context brings new opportunities to consumers as active players, in order to fully reach the SG advantages. In this context, concepts as smart homes or smart buildings are promising approaches to perform the optimization of the consumption, while reducing the electricity costs. This paper proposes an intelligent methodology to support the consumption optimization of an industrial consumer, which has a Combined Heat and Power (CHP) facility. A SCADA (Supervisory Control and Data Acquisition) system developed by the authors is used to support the implementation of the proposed methodology. An optimization algorithm implemented in the system in order to perform the determination of the optimal consumption and CHP levels in each instant, according to the Demand Response (DR) opportunities. The paper includes a case study with several scenarios of consumption and heat demand in the context of a DR event which specifies a maximum demand level for the consumer.
