Title: Malware propagation in smart grid monocultures
Language: English
Authors: Eder-Neuhauser, Peter
Zseby, Tanja
Fabini, Joachim 
Category: Research Article
Forschungsartikel
Issue Date: 2018
Journal: e & i Elektrotechnik und Informationstechnik
ISSN: 0932-383X
Abstract: 
Intelligente Stromnetze benötigen Kommunikationstechnologien, um Sensordaten und Kontrollinformationen zu übertragen. Der modulare Aufbau von Hardware, Firmware und Software sowie deren teilweise Wiederverwendung in verschiedenen Komponenten des Smart Grids ermöglichen eine Senkung der Herstellungs- und Investitionskosten. Je geringer die Anzahl ausgerollter Hardware-, Firmware- und Softwareversionen im Feld ist, desto geringer sind die zu erwartenden Betriebskosten wie etwa für automatisierte Updates, Gerätewartung, Geräteersatz und Schulung. Diese finanziellen Anreize haben eine äußerst homogene Gerätebasis im Smart Grid zur Folge. Das führt zu optimalen Bedingungen für die Ausbreitung von Malware in Smart Grid-Kommunikationsnetzen.

Smart power grids require a communication infrastructure to collect sensor data and to send control commands. The common trend for cost reduction influences the architecture, implementation, networking, and operation of smart grid devices. Whereas hardware and software reuse are imperative for vendors to lower device costs, utility companies substantially decrease their operational costs by deploying a homogeneous device base. Thousands of smart meters that feature identical hardware, firmware, and software, are one main prerequisite for automated maintenance, support, and device replacement. However, these cost savings create optimum conditions for malware propagation and infection in the grids’ control networks.

In this paper we show how monocultures in device types can lead to critical situations if malware exploits a common vulnerability. Although we assume that classical defensive measures, e.g., firewalls, virtual networks, and intrusion detection, are in place, we argue that new or unpatched vulnerabilities cannot be ruled out and may lead to a very fast distribution of malware in large parts of the smart grids’ control network. Besides showing how fast malware can spread in device monocultures, we also discuss effective defensive measures that can support utility companies in preventing or containing malware distribution.
Keywords: Malware-Attacken; Smart Grids; Kommunikationsnetze; Netzwerksicherheit
malware attacks; smart grids; communication networks; network security
DOI: 10.1007/s00502-018-0616-5
Library ID: AC15324303
URN: urn:nbn:at:at-ubtuw:3-5256
Organisation: E389 - Telecommunications 
Publication Type: Article
Artikel
Appears in Collections:Article

Files in this item:


Page view(s)

56
checked on Jul 11, 2021

Download(s)

87
checked on Jul 11, 2021

Google ScholarTM

Check


This item is licensed under a Creative Commons License Creative Commons