Instructor’s Comments:

Comments on Report:

Comments on PPT:
 Security Provisioning Techniques for Smart Grid Using
Blockchain, PUFs and Machine Learning

Birla Institute of Technology and Science, Pilani

Submitted By:
Ravi Singh Choudhary (2018H1400174P)
Sitapara Palak Narendrabhai (2018H1400177P)
Rohith Krishnan P (2018H1400180P)
 TABLE OF CONTENTS

i. LIST OF FIGURES………………………………………………………….i
ii ABSTRACT………………………………………………………………….1
1. INTRODUCTION…………………………………………………………...2
2. COMPONENTS OF SMART GRID......................................................…....4
3. ATTACKS ON SMART GRID……………………………………………..8
4. BLOCKCHAIN IN SMART GRIDS..……………………………………..27
5. IMPLEMENTATION OF BLOCKCHAIN FOR SECURITY…………….38
6. MACHINE LEARNING FOR SMART GRID SECURITY.................…...52
7. INTEGRATION OF PUFS INTO SMART GRIDS……………………….60
8. CONCLUSION…………………………………………………………….65
9. REFERENCES……………………………………………………………..66
 LIST OF FIGURES

S.No. Fig. No. Name of the Figure Page No. Reference No.
1 1.1 Traditional Grid 2 20
2 1.2 Smart Grid 2 20
3 1.3 Smart grid as whole 4 19
4 2.1 System components 4 19
5 2.2 Network components 5 21
6 2.3 Different Layers of smart grid. 6 22
7 2.4 Fault occurs 7 20
8 2.5 Comparison of old and smart grid 7 20
9 3.1 Classification of attacks 9 1
10 3.2 Injection attacks in smart grid 10 19
11 3.3 Time synchronisation attacks 11 19
12 3.4 DOS attack in SCADA system 12 19
13 3.5 Trace service based DdoS attack in AMI networks 12 19
14 3.6 Physical attack in California 13 23
15 3.7 Reconnaissance-Eavesdropping-attack-scenario- 15 19
on-synchrophasor-System
16 3.8 Ukraine Attack 16 20
17 3.9 Ukrainian Attack summary 17 20
18 3.10 Hacking Procedure 17 20
19 3.11 Prevention of attack 17 20
20 3.12 Hacking of smart meter 19 24
21 3.13 News of smart meter hacking and refund 20 25
22 3.14 Smart meters are exposed to various threats 20 25
23 3.15 The market and attack models 22 23
24 3.16 An illustration of the simulated distribution feeder 22 24
25 3.17 Price stabilization in the absence of attacks 23 25
26 3.18 Scaling attack 23 26
27 3.19 Delay attack 23 27
28 3.20 Solution 24 28
29 3.21 Analysis Result 25 29
30 4.1 Centralized vs Distributed transaction system 27 8
31 4.2 Process of addition of blocks into blockchain 28 7
32 4.3 Generation of Private key 29 7
33 4.4 Generation of Public Key 29 7
34 4.5 Generation of digital signature for each transaction 29 7
35 4.6 Overview of block header 30 7
36 4.7 Mining Process 31 7
37 4.8 Overview of the difference between current 32 8
scenario and Blockchain based Smart Grid
scenario

i
38 4.9 Representation of basic market level 34 7
implementation of Blockchain
39 4.10 Representation of Metering case 35 7
40 4.11 Representation of advanced metering case 36 7
41 4.12 Overview of the energy bill from the smart meter 36 7
42 4.13 Representation of the control case 37 7
43 5.1 Classification of Blockchain based on use-cases in 38 -
terms of security provisions
44 5.2 Overview of the use of Blockchain as a sovereign 39 26
monitoring entity
45 5.3 Overview of Parent Block 43 26
46 5.4 Side Block Structure 44 26
47 5.5 Data encryption and broadcast process 47 11
48 5.6 Data decryption and verification process 47 11
49 5.7 Simplified overview of SMIB system 49 10
50 5.8 Using Blockchain for security in SMIB system 49 10
51 5.9 Graph showing terminal voltage Vs time during 50 10
attack
52 5.10 A micro-grid distribution network with a 50 10
communication link provided by dApp
53 6.1 Fundamental building blocks 54 13
54 6.2 Flowchart of operation 56 13
55 6.3 Encryption Process 58 12
56 7.1 Unique Reponses generated by PUFS 61 15
57 7.2 Ring Oscillator with enable 62 16
58 7.3 ROPUF 63 15
59 7.4 ROPUF block Diagram 64 15

ii
 ABSTRACT

The traditional electrical power grid is currently evolving into the smart grid. Smart grid integrates
the traditional electrical power grid with information and communication technologies (ICT). Such
integration empowers the electrical utilities providers and consumers, improves the efficiency and
the availability of the power system while constantly monitoring, controlling and managing the
demands of customers. A smart grid is a huge complex network composed of millions of devices
and entities connected with each other. Such a massive network comes with many security
concerns and vulnerabilities. In this project we will be going to give overview about the smart
grids and security issues or threats that can be there. Also to mitigate these threats, solutions will
be provided which will be using the concept of blockchain, PUFS, Machine learning in smart grids
to overcome these security issues.

1
1. INTRODUCTION
1.1 Introduction about smart grid.
 Traditional Grid
Network of power lines and substations that carry electricity to us. It is one way
interaction between users and utility providers.

Fig. 1.1 Traditional Grid

 Smart Grid
Smart grid integrates the traditional electrical power grid with ICT. Via digital two-
way communications between consumers and electric power companies, these
technologies enable energy companies to seamlessly control the power demand and
allow for an efficient and reliable power delivery at reduced cost based on the received
consumer’s information

Fig.1.2 Smart Grid

2
 Difference with traditional grid
Adding sensor and software to the working traditional grid will give utilities and
individuals new information that will help them understand and react to changes
quickly.

 Three main security objectives required

1. availability of uninterrupted power supply according to user requirements,
2. Integrity of communicated information, and
3. Confidentiality of user’s data.

3
2. COMPONENTS OF SMART GRID
The grid can be viewed as having two main components, system and network

Fig. 2.1 smart grid as whole

2.1 System Component

The major system components in smart grid are:

Fig: 2.2 System components

 Electrical Household Appliance
Smart appliances and devices are assumed to be able to communicate with smart
meters via a Home Area Network (HAN)
 Renewable Energy resources
Solar and wind energy locally generated
 Smart Meter
It is stand-alone embedded system and contains a microcontroller. Smart meters
register the power consumption periodically and transmit it to the utility server,
connect or disconnect a customer power supply and send out alarms in case of
abnormality. It is also equipped with relays that can be interfaced directly with smart

4
 home appliances to control them, for example, turn OFF the air conditioner during
peak periods.
 Electric Utility Operation Centre
Centre interacts with smart meters to regulate power consumption. It also sends
consumption related instructions to smart meters and collects sub-hourly power usage
reports and emergency/error notifications using General Packet Radio Service (GPRS)
technology
 Service Providers
It establish contracts with users to provide electricity for individual devices. Service
providers interact with internal devices via messages relayed by the smart meter. To
establish such interaction, service providers should register with the electric utility
and obtain digital certificates for their identities and public keys. The certificates are
then used to facilitate secure communications with users.

2.2 Network Component

 Types of Communication
Smart grid incorporates three types of communication: Home Area Network (HANs)
(or Business Area Networks (BANs), neighborhood area networks (NANs) and
Industrial Area Networks (IANs) are used within business offices and industrial sites)
and Wide Area Network (WAN)

Fig: 2.3 network components

 HAN or BAN or IAN
HAN connects the in-house smart devices across the home with the smart meter. The
HAN can communicate using ZigBee, wired or wireless Ethernet, or Bluetooth. The
smart meter receives messages from devices within HAN and sends them to the
appropriate service provider.
 NAN
Beyond HAN, there is a broader network that is made up of various smart meters within
a locality and their corresponding APs. These meters communicate among themselves
through a mesh/hierarchical/hybrid connected wired (PLC)/wireless (Wi-Fi, ZigBee,
GPRS, etc.) network termed the NAN.

5
 WAN
It is a bigger network that connects the smart meters, service providers, and electric
utility. WAN can communicate using WiMAX, 3G/GSM/LTE, or fiber optics. Smart
meter acts as a gateway between the in-house devices and the external parties to provide
the needed information. The electric utility manages the power distribution within the
smart grid, collects sub-hourly power usage from smart meters, and sends notifications
to smart meters once required.

Fig.2.4 Different Layers of smart grid.

6
 2.3 Comparison with traditional grid using case study
 Case If power line break due to natural phenomenon and therefore fault occurs

Figure:2.5 Fault occurs

 Comparison Results

Fig 2.6 Comparison of old and smart grid

7
3. Attacks on smart grid
3.1 Attackers on smart grid
The various attackers can be grouped as under:
 Non-malicious attackers: who view the security and operation of the system as a
puzzle to be cracked? Those attackers are normally driven by intellectual challenge
and curiosity.
 Consumers driven by vengeance and vindictiveness towards other consumers
making them figure out ways to shut down their home’s power.
 Terrorists: who view the smart grid as an attractive target as it affects millions of
people making the terrorists’ cause more visible.
 Employees disgruntled on the utility/customers or ill-trained employees causing
unintentional errors.
 Competitors attacking each other for the sake of financial gain

3.2 Broad classification of attacks

Attacks can be classified into three main categories: Component-wise, protocol-wise,
and topology-wise
A. Component-wise attacks
These attacks target the field components that include Remote Terminal Unit
(RTU). RTUs are traditionally used by engineers to remotely configure and
troubleshoot the smart grid devices. This remote access feature can be subject to
an attack that enables malicious users to take control over the devices and issue
faulty states such as shutting down the devices.
B. Protocol-wise attacks
These attacks target the communication protocol itself using methods such as
reverse engineering and false data injections
C. Topology-wise attacks
These attacks target the topology of the smart grid by launching a Denial-of-
Service (DoS) attack that prevents operators from having a full view of the power
system causing inappropriate decision making
3.3 Description of various attacks on smart Grid
The different types of threats for the smart grid are as:
 Data injection attacks (DIAs),
 Deception attacks,
 Denial of service attacks,
 Replay attacks,
 Time synchronization attacks,
 Additional Dynamic System Attacks ,
 Supervisory Control and Data Acquisition (SCADA) attacks,

8
  Smart Meter Attacks ,
 Physical Layer Attacks ,
 Network-based Attacks etc.

Fig.3.1 Classification of attacks

A. Integrity
Integrity refers to the credibility of the data collected and transferred over the grid.
Attacks that target this integrity can cause false estimation of the real-time state
of operation of the system as well as lead to the unobservability or even instability
of the system.
 Data injection attacks (DIAs)
 Meaning of DIA attack
DIAs consists of an adversary manipulating exchanged data such as sensor
readings, feedback control signals, and electricity price signals. Such attacks
can be done by compromising the hardware components, or intercepting the
communication links.
 Most famous DIA attack
The most studied type of DIAs is the one that targets the grid’s state estimator.
The states of a power system consist of the voltage magnitudes and phase
angles at every bus. Manipulating is the collected measurements results in a
false estimate of the state of operation of the system.

9
 Fig.3.2 Injection attacks in smart grid

 Consequence of DIA attack

In turn, such false states can lead to incorrect operational actions whose effects
can range from inducing incorrect pricing to destabilizing the power system.
In practice, a bad data detection (BDD) mechanism is deployed to detect
outliers.
 Time synchronization attacks
 Role of PMUs
To better monitor the grid, there has been an increased use of Phase
Measurement Unit (PMUs) – high-speed measurement units (typically 30-60
samples/second) capable of measuring the voltage and current Phasor as well
as local frequencies.
 Need of time synchronisation
Given that the measurement devices are spread around the system, sending
their collected measurements to data concentrators or control centres is subject
to transmission delays. Therefore, in order to properly align and analyse the
measurements, all the collected PMU data are synchronized based on a time
reference provided by a global positioning system (GPS) signal. This time
referencing provides a timestamp to each collected measurement. The
synchronization between the collected measurements enable accurate real-
time wide area monitoring, protection, and control of the SG.
 Attack regarding time synchronization
Adversary can manipulate the time reference of the time stamped measured
Phasor to create a false visualization of the actual system conditions thus
yielding inaccurate control and protection actions. Attacks that target PMU
time synchronization are known as time synchronization attacks (TSAs).

10
  Consequence
Using TSAs, the GPS signal is spoofed and counterfeited by the attacker so
that PMU sampling is done at the wrong time hence generating measurements
with wrong time stamps.

Fig. 3.3 Time synchronisation attacks

 Case study of TSA : North American Northeast Blackout

in1965
Recent case studies have shown that TSAs can produce significant fault
location errors which can go up to 180 km for a line of length 400 km and even
trigger a false alarm regarding the presence of a fault. This false alarm can
result in a disconnection of a transmission line which can then trigger a
cascading chain of failures across the grid. Such a false disconnection was one
of the main culprits that led to the North American Northeast blackout in 1965

B. Availability
 Meaning of Availability
Availability pertains to the accessibility to every grid component as well as to
the information transmitted and collected, whenever needed.
 DoS Attacks
Attacks compromising this availability are known as denial of service (DoS)
attacks that can block key signals to compromise the stability of the grid and
observability of its states.

11
Fig. 3.4 DOS attack in SCADA Fig. 3.5 trace service based DdoS
system attack in AMI networks

C. Additional Dynamic System Attacks

 RA(Replay Attack)
 Launching of RA
In RAs, the adversary injects input data in the system without causing
changes to the measurable outputs. To launch this attack, an adversary
compromises sensors, monitors their outputs, learns from them, and
repeats them while injecting its attack signal.
 Consequence of RA
Replay attacks (RAs) which can have serious effects on system stability.
 DDIA(Dynamic Data Injection Attacks)
 Launching of DDIA
Another type of DSAs is known as dynamic data injection attacks
(DDIA) which uses knowledge of the grid’s dynamic model to inject data
that causes unobservability of unstable poles.
 Consequence of DDIA
As a result, a successful D-DIA prevents the grid’s operator from
detecting instability which, in turn, can lead to a system collapse. A
covert attack is one other type of DSAs that is basically a closed loop
version of an RA

12
D. Physical Threats
 First from of physical threat
Given the wide footprint over which the power system is physically spread, the
danger of physical attacks in which an adversary physically attacks a physical
component such as a generator, substation, or transmission line is prominent.
 Second form of physical threat
Another type of physical attacks consists of physical manipulation of smart
meters for energy theft purposes.
 Case Study: Snipper Attack in California Substation
Components were physically attacked remotely using a rifle in a sniper attack
which targeted a substation in California in 2013.

Fig. 3.6 physical attack in California

E. Coordinated Attacks
 Robustness of Grids
The power system typically incorporates robustness measures that help it
survive potential failures. Under typical system conditions, an attack leading to
the failure of one or few components might not always have significant effects
on the grid’s operation. For example, the power system follows the so-called
“N-1” security criterion which instils redundancies in the system design
allowing the preservation of the system’s state of normal operation even after
the loss of one of its components.

13
  Problem
However, coordinated attacks (CAs) can still be launched by resourceful
adversaries that exploit the dense interconnections between grid components to
launch simultaneous attacks of Different types targeting various components.
 Case Study : Blackout of Ukrainian Grid
For example, the recent CPA caused blackout of the Ukrainian grid is a CA
which concurrently targeted three power distribution companies. The adversary
compromised a number of their computers to gain control of the SCADA
system to simultaneously disconnect around 27 substations.
F. Modbus security issue:
 SCADA
The term SCADA refers to computer systems and protocols that monitor and
control industrial, infrastructure, or facility-based processes such as smart grid
processes.
 Modbus protocol
Modbus protocol is one piece of the SCADA system that is responsible for
exchanging SCADA information needed to control industrial processes.
 Attacks by taking advantage of loopholes of Modbus protocol
(a) Broadcast message spoofing :
Sending fake broadcast messages to slave devices.
(b) Baseline response replay:
Replaying genuine recorded messages back to the master.
(c) Direct slave control:
Locking out a master and controlling one or more field devices
(d) Modbus network scanning.
Sending benign messages to all possible addresses to collect devices’
information.
(e) Passive reconnaissance:
Reading Modbus messages.
(f) Response delay:
Delaying response messages intended for the masters.
(g) Rouge interloper:
Attacking a computer with the appropriate adapters.
G. Malware spreading
 Malware
Malware can be used to replace or add any function to a device or a system
such as sending sensitive information.

14
  Launch of attack
An attacker can develop malware and spread it to infect smart meters or
company servers.
H. Eavesdropping and traffic analysis
 Meaning and example of attack
An adversary can obtain sensitive information by monitoring network traffic.
Examples of monitored information include future price information, control
structure of the grid, and power usage.

Fig. 3.7 Reconnaissance-Eavesdropping-attack-scenario-on-synchrophasor-System

I. Access through database links:

 Role of Control System
Control systems record their activities in a database on the control system
network then mirror the logs into the business network.
 Attack
If the underneath database management systems are not properly configured, a
skilled attacker can gain access to the business network database, and then use
his skills to exploit the control system network.

15
3.4 Case Studies Regarding Attacks
3.4.1 CASE STUDY 1: Ukraine attack 2015
 Impact
On 23 December 2015, a major power cut in the Ivano-Frankivsk region of Western
Ukraine caused 230,000 residents to descend into darkness. The outage lasted for
less than six hours but its significance was to resonate far longer.

Fig. 3.8 Ukraine Attack

 Importance:
The blackout marked the first ever cyber-attack to successfully take down a power
grid and followed months of hackers covertly carrying out reconnaissance of the
network's control systems.
 Attack:
A malware framework known as CRASHOVERRIDE has emerged as the main
suspect behind a December 2016 cyberattack in Ukraine that cut power to hundreds
of thousands of citizens. In that incident, the hackers briefly shut down one-fifth of
the electric power generated in Kiev.
 CRASHOVERRIDE malware
CRASHOVERRIDE marks the first instance of a malware framework designed
specifically to attack electric grids, the report found. It's also the second type of
malware designed to specifically disrupt a physical industrial processes, following
the Stuxnet attack that took out an Iranian nuclear facility in 2010.

16
 Summary about Ukrainian Attack

Fig.3.9 Ukrainian Attack summary

 How the system was hacked

Fig.3.10 Hacking Procedure

 How it could have been prevented?

Fig.3.11 Prevention of attack

17
 CASE STUDY 2: Russian hackers intruding into systems of US
power grid
 News:
Two and a half years later, the threat of further attacks continues to hum over
electrical infrastructure around the world, with computer experts warning that
similar attacks on Western infrastructure would put lives at risk. The latest hacking
victim is the US, with a Department of Homeland Security (DHS) official
disclosing this week that control rooms of electrical utilities had been infiltrated by
hackers working for Russia – the same country Ukraine blamed for the 2015
attacks.
 Launch of Attack:
Its analysis of those breaches found that they began with spear phishing emails that
tricked victims into opening a malicious attachment—the earliest they found was a
fake invitation to a New Year's Eve party—or so-called watering hole attacks that
compromise a website commonly visited by targets to hack victims' computers.
Those attacks were designed to harvest credentials from victims and gain remote
access to their machines. And in the most successful of those cases, the attackers
penetrated deep enough to screenshot the actual control panels for their targets' grid
operations.
 Impact of attack:
It was found that the hackers obtained operational access: control of the interfaces
power company engineers use to send actual commands to equipment like circuit
breakers, giving them the ability to stop the flow of electricity into US homes and
businesses. However the hackers never went so far as to sabotage or shut down the
computer systems that guide the operations of the plants.
3.4.2 CASE STUDY 3: Hacking of Smart Meters in Canada
 Loophole or Problem:
Every smart meter being deployed includes a relay which can disconnect the
household from the electricity supply. This is controlled by the utility and makes
life easier for them by allowing then to manage connections and disconnections
from a computer terminal rather than having to send an engineer out to gain access
to the house. It also makes it easier for them to switch customers to prepay if they
are in arrears. Again, they don’t need to send out an installer to change the meter –
they do it from their computer keyboard.
 Hacking of Smart Meter
Method1
All hacker need to do is to insert a few lines of code into the firmware for a smart
meter which will disconnect the meter at some specific time in the future. A
competent programmer should be able to write that in about ten minutes. As the

18
same code goes into all millions of meters from each supplier, millions would turn
off together.
Method 2
Method involves attaching strong magnets to the outside of a smart meter, which
interferes with the device’s detection of energy use.
Method3:
Another approach involves use of a tool called an optical converter to interact
with the smart meter through the optical port used for diagnostics.

Fig.3.12 Hacking of smart meter...maximintegrated.co

 Generation-Load Balance:
Utilities need to accurately balance the amount of electricity being generated
against the amount being consumed. But when there is a mismatch it can bring
down the grid. If demand suddenly falls, power stations can’t shut down quickly
enough. The voltage on the grid surges and if the surge is large enough it can
burn out substations.
 Short term impact:
If data transmissions aren’t sufficiently protected, external hackers can interrupt
communications between a smart meter and the utility to access useful
information. Usage data may be measured in sequences of as little as two-second
bursts, which can yield surprising detailed information about activities within
the premises. Usage patterns over time can indicate, for example, whether
residents are home or out, or if an appliance has been left on. The complex
patterns of brightness associated with specific content can identify what
television shows and movies are being watched.

19
  Impact in future:
Every winter in the Canada, when we get snow or floods we hear about tens of
thousands of homes which are without power. In most cases the bulk of these get
their power restored within 48 hours. That’s possible because the fault is
normally damaged power lines. Once these are restored, power comes back to
the whole community which was cut off. The problem in this case is the same
one of balancing generation and demand. What makes it complicated is that the
utility has no idea what demand is as it restarts, as it doesn’t know what has been
turned off, or is still turned on. As a result, getting power back from this situation
can take several months.
 Case study of Canada
Many smart meters were hacked by adding malware. Later government proided
refund to the users.

Fig.3.13 news of smart meter hacking and refund

3.4.3 CASE STUDY 4: Impact of Integrity Attacks on Real-Time

Pricing System in Smart Grids

Fig. 3.14 Smart meters are exposed to various threats

20
 Real Time Pricing System
Real-time pricing (RTP), is a key feature of smart grids that uses technologies to
improve system efficiency. RTP creates a closed loop formed by the mutually
dependent real-time price signals and price-taking demand.
 Loophole
Such a closed loop can be exploited by an adversary whose objective is to
destabilize the pricing system.
 Example
Recent reverse engineering and penetration tests have shown that many smart
meters lack basic security measures to ensure integrity and authenticity of the
input/output data. These security vulnerabilities can be exploited to maliciously
change the price signals.
 Consequences
Specifically, small malicious modifications to the price signals can be iteratively
amplified by the closed loop, causing inefficiency and even severe failures such
as blackouts.
 Integrity Attacks on system stability
Two broad classes of integrity attacks that maliciously change the price signals,
namely, the scaling and delay attacks.
Scaling attack: The compromised price is a scaled version of the true price;
Delay attack: The compromised price is an old price.
 Launch of Attack
The delay attack can be launched by modifying the smart meters’ internal clocks.
Smart meters typically assign a memory buffer to store received prices.
Furthermore, attacks on the clocks can be realized by compromising the
vulnerable time synchronization services in smart grids. If a smart meter’s clock
has a lag, it will store newly received prices in the buffer and apply an old price
for the present.
 Consequence
The RTP system is at risk of being destabilized only if the adversary can
compromise the price signals advertised to smart meters by reducing their values
in the scaling attack, or by providing old prices to over half of all

21
 Fig. 3.15 The market and attack models

 Sample
We use a distribution feeder specification that comprises 1405 houses, which is
illustrated in Fig. 3. To improve the realism of the simulations, we use the half-
hourly total demand trace from March 1st to 22nd, 2013, of New South Wales,
Australia, provided by AEMO as the load of consumers.

Fig. 3.16 An illustration of the simulated distribution feeder

 Simulation Results:
No Attack:
Shows the price and resultant demands under our price stabilization algorithm.
The price well adapts to the time-varying load. The error between supply and
demand is close to zero, which means that the clearing price is achieved.

22
 Fig. 3.17 Price stabilization in the absence of attacks
Scaling Attack:
Below Fig shows plots the true and compromised prices, as well as the
breakdown of demand under the scaling attack. We can see that the price and the
demand fluctuates severely.

Fig. 3.18 Scaling attack (all consumers are compromised, price is scaled
down by 10 times)
Delay Attack:
Fig. 6 results under the delay attack. A small error between demand and supply
is amplified iteratively along the control loops, after the launch of the attack.

Fig. 3.19 Delay attack (all consumers are compromised, price is delayed for 4.5
hours)

23
3.4.5 Case Study: Resilience to Smart Meter Disconnect Attacks
 Service switch in Smart Meter
Many smart meters on the market today include a service switch, allowing
remote connection or disconnection (RCD) of electrical service over a utility’s
communication network. Utility companies and vendors are introducing
remote connect/disconnect capability because it provides tangible operational
value: for example, switching off service to non-paying customers without
dispatching a service technician.
 Loophole
Possibility of (ab)use by malicious attackers, noting the high economic cost of
blackouts, as well the potential for controlled on-off switching of meters to
affect power grid stability, for example by disturbing its frequency.
 Approach
Modelling of a fundamental countermeasure — a random time delay at the
meter for all RCD operations (shown in the figure below). Even if other
countermeasures (e.g., authentication and key management) fail, this delay
mechanism can provide the last line of defence by: 1) preventing rapid changes
in overall system load; and 2) providing time for a utility to potentially detect
and stop an attack in progress.

Fig.3.20 Solution
 Results:
Our analysis shows that even if an attacker successfully issues malicious RCD
commands, a properly designed time delay mechanism of two hours or less can
greatly reduce the magnitude of an RCD attack with little impact on a utility’s
day-to-day operations.

24
 Fig.3.21 Analysis Result

CASE study1: Targeted Attacks on SCADA Systems

 Stuxnet malware
It was designed to target specific Supervisory Control and Data Acquisition
(SCADA) systems that amongst other things, caused a destruction of over a
thousand Iranian nuclear centrifuges.
 Havex malware
It is another known malware developed to target industrial control systems (ICSs)
and the Trojan Black Energy was discovered in the computer networks post
Ukrainian blackout and is suspected to have played a major role in the event.

25
3.5 Provision of Security for the Smart Grid

From the analysis of threats faced by the Smart Grid which are mostly due to lack of data
security or vulnerable communication channels, we can understand that new countermeasures
have to be developed and incorporated. In this context, the most promising technologies are

1. Blockchain
2. Physically Unclonable Functions (PUF)
3. Machine Learning
The upcoming sections give a comprehensive look into the technologies, their importance, means
for incorporation into the grid and their impact on its security.

26
4. BLOCKCHAIN IN SMART GRIDS
4.1 Blockchain Overview
The Blockchain is a collective of technologies and can be described as a database,
which is distributed among a peer to peer network, combined with the securitization
elements relying on multiple cryptographic technologies. The majority of Blockchain
based applications are based on a peer to peer network architecture. Typically
participants of the application are connected with each other via internet and form a
network together. In general the Blockchain enables peers, which participate in the
underlying network, to store and write transactions securely in a decentralized fashion
e.g. without the requirement of trusted third parties.

Fig-4.1. Centralized vs Distributed transection system

The records of these transactions are stored on a ledger. One could imagine the ledger
as an accounting book, where in bookkeeping all transactions of a company are stored.
On the ledger of a Blockchain based application the total history of all occurred
transactions is stored. A copy of this ledger is distributed and stored among all peers
which participate in the underlying network of the Blockchain. Therefore each peer
which participates in the network possesses a copy of the ledger containing data of the
total transaction history.
The applied cryptographic securitization technologies make establishing new
transactions and storing those transactions onto the ledger very secure. The applied
cryptographic securitization method allows users to create signatures corresponding
to a designated transaction in a very secure manner. Due to the applied cryptographic
securitization it is very hard to alter transactions once they have been signed or to
forge a signature.
The combination of the fact that everyone possesses a copy of the ledger and the
applied cryptographic securitization makes storage of data onto the ledger very secure.
Once transactions have been stored onto the ledger it would be very hard for a
malicious attacker to forge or delete these transactions.
Transaction data is stored onto the ledger in small packages. Due to the applied
cryptographic securitization transaction data is stored in such manner that links are
created between newly stored packages of transaction data and earlier stored packages

27
 of transaction data, if one would try to alter or delete data within these packages the
links will be broken between the packages. Because everyone possesses a copy of the
ledger it will be easily detected when one of those links were broken.

Fig.4.2 Process of addition of blocks into blockchain

4.1.1 Use of cryptography and hash functions:

Cryptographic hash functions are mathematical algorithms or one-way
functions that take an input and transform it into an output of specific length, e.g.
a series of 256 bits, called the hash output. Their operation relies on the fact that
it is extremely difficult to recreate the original input data from the hash output
alone. Also, it is computationally infeasible to find two different messages that
produce the same message digest. Any changes to a message will result in a
different hash output.
In addition, Blockchain uses Public-Key Cryptography, an asymmetric
cryptography protocol. Each user holds two cryptographic keys consisted of
numeric or alphanumeric characters, a secret private key and a public key, which
can be shared with other users in the network. The keys are mathematically
related in such a way that information encrypted by one part can only be
decrypted by its counterpart. The use of public-private key cryptography ensures
authentication, meaning that a transaction is initiated by the source it claims to
be from, and authorisation, meaning that actions are performed by users who
have the right to do so.
In the majority of Blockchain based applications the Private Key is a 256 bit
number. It is important to store the private key securely. A seed value is given
to a random number generator to create the Private Key.

28
 Fig: 4.3 Generation of Private key
The public key is generated from the private key. The public key is constructed
out of the private key via elliptic curve multiplication.

Fig : 4.4.Generation of Public Key

The person who creates the transaction provides a digital signature with the
transaction. This digital signature is created with the private key of the payer and
a designated message with the data containing information about the specific
transaction. The digital signature indicates the authenticity of the transaction.

Fig : 4.5. Generation of digital signature for each transaction

4.1.2 Mining and consensus mechanisms
The Blockchain consists of a collective of technologies. One of these
technologies is a mechanism which establishes consensus among the nodes
participating within the network. The mechanism provokes consensus among all
those different nodes about the current status of the ledger and the inclusion of
new transactions within the ledger. In the majority of Blockchain based
applications the mechanism consists out of four processes:
 Independent verification of new transactions by nodes participating within
the network.

29
 Mining nodes aggregate newly created transactions into blocks by executing
the mining protocol.
 Independent verification of the newly created blocks by the nodes
participating within the network.
 Recording validated blocks onto the ledger by reaching consensus on the
current state
The process of adding data onto a block on the Blockchain is known as Mining.
Mining can commence only after verification processes are done to make sure
the data is valid. The mining process provides a resistance against fraudulent
alterations of the ledger. And it provides an economic incentive for nodes, which
participate in the mining process, to solely include valid transactions into blocks.
The majority of Blockchain based applications are based on a mining protocol
known as Proof of Work (PoW) protocol. The proof of work protocol is an
algorithm which consist out of a mathematical puzzle where a solution to the
problem can only be found by guessing a solution by trial and error. Mining
nodes compete with each other in order to find the solution of the proof of work
algorithm.

Fig:4.6 Overview of block header

At the start of the proof of work protocol the mining node will construct the
header. The header can be divided into a static part and a dynamic part during
the mining process. The nonce is considered to be dynamic while all other
elements are static. The nonce is an integer which will be adjusted during the
mining process until a solution is found for the proof of work algorithm. The
merkle root is a compressed string of all transaction data included.
A link is established with the previous block by including the hash of the header
of the previous block. The target denotes a measure for the current difficulty.
General information such as time of creation and specific software type used is
also included in elements of the header.
The header contents are hashed using appropriate hashing algorithm and the hash
output has to be below the value stored in the Target (T).
Hash output ≤ T
The dynamic value in the Nonce is incremented till this condition is achieved.
The task can be highly computationally intensive depending upon factors like
the value of target T, hashing algorithms used etc.

30
 Fig: 4.7 Mining Process

The miners compete with each other in order to solve this mathematical puzzle
and once a miner gets successful in finding the hash value is passed onto the
other mining nodes for verification. Once it is verified, the block is added into
the Blockchain. This is again later checked by another group of nodes who verify
it and brand it as a valid block only if majority of nodes approve that it satisfies
all the consensus rules.

4.2 Current Grid Scenario:

The current grid scenario revolves around a system where when a power plant
generates a unit of electricity, a meter reads the data and stores it in a spreadsheet.
Spreadsheet goes to registry provider where data gets entered into a new system and a
certificate is created. Another set of intermediate brokers deal with buyers and sellers
of these certificates and a third set verifies the certificates after they are purchased.
Disadvantages:
 Involvement of so many third parties and middle men leave plenty of room for
errors.
 Malpractices can occur.
 Lack of transparency in the whole process.

31
Fig: 4.8 Overview of the difference between current scenario and Blockchain based Smart
Grid scenario
4.3 Advantages of incorporating Blockchain in Smart Grids
By incorporating Blockchain into the system, the existing disadvantages of the system
can be mitigated by letting the smart meters write the data directly to the Blockchain.
Blockchain also helps to manage effectively and maximize the outcomes in the case of
the smaller and distributed power generators. For instance, it generally takes 60 to 80
days for an electricity producer to get paid. With a Blockchain-based system, producers
can get paid immediately, so they need less capital to start and run a generating
business. The application of Blockchain in such scenarios can decentralize the system
and the produced energy need not be sold to the grid in order to distribute it.
There are several advantages for incorporating Blockchain into the Grid, some of which
are mentioned below:
 Transparency: Since all the past transactions can be monitored, the system
becomes more transparent.
 Sharing of resources: Blockchain could offer charging solutions for sharing
resources between multiple users, such as sharing EV charging infrastructure, data
or common centralised community storage.

 Security and identity management: Use of cryptographic techniques ensure that

the Blockchain can safeguard privacy, data confidentiality and identity
management.

32
  Grid management: Blockchain could assist in network management of
decentralized networks.
 Sales and marketing: Sales practices may change according to consumers' energy
profile, individual preferences and environmental concerns.
 Competition: Smart contracts could potentially simplify and speed up switching
of energy suppliers. This increased competition could even lead to lesser tariff rates.
Thus use of Blockchain could reduce costs by optimizing energy processes, improve
energy security in terms of cybersecurity, and promote sustainability by facilitating
renewable generation and low-carbon solutions
4.4 Levels of Adoption of Blockchain in Smart Grids
There are broadly two levels of adoption of Blockchain into Smart Grids:
 Establishing a decentralized trading infrastructure
 Establishing a decentralized computing platform along with trading infrastructure
On a more detailed focus the use cases of Blockchain in Power Grids can be
classified into:
 Market case
 Metering case
 Advanced metering case
 Control case

4.4.1 Market case

It can be considered as the most fundamental application of blockchain in the
power grid. A virtual currency is created using Blockchain which represents each
unit of electricity.
This enables peer to peer energy transaction between prosumers and consumers.
This system is highly useful in case of situations where renewable energy is
generated on rooftops. Surplus energy available to the prosumer can be sold by
engaging into transaction with other peers within the Blockchain network and
injecting this electrical energy into the grid. The prosumer can earn virtual
currency for the energy sale at a specified price while the consumers who have
a deficit can but energy for their requirement with the virtual currency.
In this particular case, the other security features of Blockchain including the
secure monitoring of transactions are not utilized. Hence, the houses are
connected via regular metering devices instead of smart meters. This may lead
to several problems including illegal transactions and lack of clarity regarding
the origin of the energy (i.e. If it is from within the Blockchain infrastructure or
from the energy supplier).

33
 Fig: 4.9 Representation of basic market level implementation of Blockchain
4.4.2 Metering case:
Metering case involves usage of Blockchain on a little more enhanced level. In
this case, the computational capability of Blockchain system is utilized by
adding a decentralized computational platform. It involves using these
computational capabilities combined with the smart metering infrastructure
installed throughout the electrical power system to ensure a higher level of
security and integrity.
In this case, the energy suppliers and the electricity production companies along
with the smart meters installed for each consumer and prosumer exchange
information with a decentralized computing platform to establish maximum
security and reduce the chances of fraud and errors. Thus, here the entire
electrical energy market is operated via the Blockchain.
Consumers and prosumers have the ability to buy and sell electrical energy via
the electrical energy market

34
 Fig: 4.10 Representation of Metering case
4.4.3 Advanced Metering case:
In this level of adoption, the energy supplier as a separate entity and be removed
as the smart meters introduced to the grid can provide enough information for
the consumers and prosumers to directly buy and sell electrical energy on the
wholesale market with the smart meters acting as agents.
Along with the elimination of role of energy suppliers, provide advanced
functionalities and features for the electrical power system such as the inclusion
of distribution and transmission cost in electrical energy pricing and more
accurate demand side forecasting.
The cost of transmission and distribution of electrical energy is determined based
on two elements.
The actual cost which includes the losses due to transportation of energy through
the transmission and distribution grid.
Cost of usage of the infrastructure as cost occurred of replacement due to
impairment of substations, cables, overhead lines etc.
The decentralized computing platform will calculate the incurred losses of the
trajectory of the specific transaction with the data received of the metering
devices installed within the electrical power system. The cost of impairments of
the electrical power system is calculated based on the trajectory for the usage of
the transmission grid and calculated as a constant price per kwh for the usage of
the distribution grid.

35
 Fig: 4.11 Representation of advanced metering case

Fig: 4.12 Overview of the energy bill from the smart meter
4.4.4 Control case
This enhanced level of adoption of Blockchain involves combining the high
decentralized computational power offered by Blockchain along with advanced
smart metering infrastructure to offer highly sophisticated functions. In addition
to the functions offered by the previous case, Control level offers highly
advanced features such as the ability to control power flows within the electrical
power system and dynamic load shedding.

36
 Fig: 4.13 Representation of the control case
Power Electronic converters are installed throughout the electrical power system
in order to perform dynamic load shedding and to control the power flows within
the electrical power system. The routing of the electrical energy from the energy
producer to the prosumer is performed by coupling installed power electronic
converters throughout the electrical power system with the decentralized
computing platform. Based on the trajectory of the specific transaction the
computing platform will control the power electronic converters in order to
determine the power flow.

37
5. IMPLEMENTATION OF BLOCKCHAIN FOR
SMART GRID SECURITY
There are numerous studies done and implementations formulated in the field of
incorporating Blockchain into Smart Grids. The motives for such studies have varied from
the removal of third parties from the energy production/distribution network to ensuring
cyber security to the grid infrastructure. In this section, the primary focus is to classify the
various methods adopted in the Blockchain-Smart grid collaboration in terms of the security
provisions it offers to the grid.
With reference to the security measures offered the implementation of Blockchain in smart
grid can be classified broadly into

Fig: 5.1 Classification of Blockchain based on use-cases in terms of security provisions

5.1 CASE 1: Blockchain as a Sovereign Governing Entity

In this case, the Blockchain is implemented as a sovereign entity which stores and
monitors transactions going on in the smart grid between the energy producer and the
consumer/prosumer. This involves several layers of hierarchy including authorization,
data processing, databases etc. The validation of the transactions are done by the
special consensus nodes who provide computational power to the network and use that
to mine the blocks and incorporate them into the Blockchain.
5.1.1 Use of Cryptographic Keys
Cryptographic keys are employed to execute specific tasks relating to system
and data security
 Consumer private key: This is generated by the consumer and used to
digitally sign requests for data access.

38
 Consumer public key: This is a key generated by the consumer and sent to
the authenticator on the smart grid network and it is used to verify the identity
of the consumer for data access. The public key is also used to encrypt data
to be sent out to the consumer by the authenticator.
 Authenticator contract key: This is a key pair generated by the authenticator
and attached to a smart contract in a package used to encrypt reports from the
consumers system to the smart grid network and vice versa.
When a consumer wants to access the electrical records, he/she generates a key
pair (consumer private key and public key), stores the private key and shares the
public key with the smart grid network. The requests created by the consumer
are signed using the consumer private key and sent to the smart grid network.
Upon reception, the authenticator confirms the request by verifying the signature
with the consumer public key. The required results of the operation are done by
corresponding entities in the grid and are placed in tags added to the data. This
processed data is encrypted with the authenticator contract key and is then sent
to the consumer. Upon reception, the consumer decrypts the encrypted package
and reads the data.
Similarly, in order to ensure security of data from consumer to the smart grid, all
the actions and events related to the use of cryptographic functions are encrypted
using the other contract key of the Authenticator tagged to the contacts generated
and is stored in a secure database.

Fig: 5.2 Overview of the use of Blockchain as a sovereign monitoring entity

39
5.1.2 System Structure
User Layer
 Comprises all the entities who access electricity from the given utility
company.
 Directly interfaces with the registration and authentication layer on the smart
grid network.
 Users register on the system by visiting this interface and provide the
necessary information.
 Examples of users can be individual users in homes or offices, schools,
healthcare facilities, corporations etc.
Data Processing and Monitoring Layer
 Consists of individual components that help in processing all the data sent
to the smart grid network.
 Performs computations on the data and also tags the data with functionalities
that help in monitoring every action performed in the entire system.
 Algorithms are implemented to automatically report any illegal actions
performed in the system and also triggers an action to automatically deny
access to the usage of electricity.
 The reported illegal actions are tagged with the unique ID of the
corresponding user and are securely stored in a database. Results of every
action that is sent to the system is broadcast onto network which helps to
guarantee trustless and fair auditing.
 Has the responsibility of authenticating every action and request for data
access in the entire system.
Registration and Authentication Layer
 Comprises of the registrar and the authenticator.
 The data of a user who registers on the system is first received by the
authenticator. The data is received by the registrar and then a unique
identification number which serves as the user’s meter ID is generated and
the data is shared with the authenticator.
 The authenticator forwards the data to the processing and monitoring layer.
When the data is received by a processing and a consensus node, the
corresponding area code of where the user resides is added and then the data
is linked to a smart meter to be installed in the residence of the user.
 After the installation of the smart meter, the unique ID sent by the smart
contract is verified by the Authenticator and if approved, the user is given
access to electricity.

40
  Anytime a user logs onto the system, he is authenticated by the authenticator
using this unique ID.
Smart Contract Center
 Deals with Smart contracts and their database.
 Smart contracts are specifically designed functions that are activated and
executed upon the reception of an action.
 Smart contracts generated have been embedded with cryptographic keys and
this enables the contracts to encrypt the reports generated from the activation
of actions.
 Smart Contract Database is a report violation storage and action centre on
the sovereign Blockchain network.
 The main function of the smart contracts is to identify malicious usage of
electrical power and electrical data and to report such actions into the
database.
 It can alert a user or on the worst case, revoke access to electrical power
whenever there is any malicious usage of electrical power by that user.
 The database stores the list of actions agreed on between consumers and
utility companies to be carried out when there is a violation of contract
terms.
 It also stores receipts for each action and thus provides consistency of data
for accountability and auditing when required.
Energy Center
 It generates the electrical power and transfers it to the processing and
monitoring layer upon request by the processing and consensus nodes.
 The power is later distributed to clients on the network based on tariffs paid
per month.
Data Center
 The data centre also directly interfaces with the processing and monitoring
layer.
 It receives copies of the data that are processed onto the sovereign
Blockchain and are stored for research purposes.
5.1.3 Use of Smart Contracts:
A smart contract is a computer code containing a set of rules under which the
parties to that smart contract agree to interact with each other. They can be
described as finite state machines which execute laid down instructions when
predefined conditions are met or specified actions have taken place. Smart
contracts ensures secure transactions by allowing only authentic data transfers

41
between the smart meter and the authorization layer and reports if any
unauthorized and malicious tampering of data has occurred.
The purpose of a smart contract are:
 Registration: Once a smart meter is installed in the home of a consumer,
the smart contract generates a private key and public key automatically and
shares the public key on the smart grid network. The smart contract encrypts
a report with its private key and sends it to the smart grid network and
registers itself on the network. The status of this transaction is sent back to
the smart contract by the authenticator which is decrypted by the smart
meter.

 Detection of data manipulations: Malicious manipulation of data is

detected by the smart contract at the blockchain side and it sends an
encrypted report back to the smart contract in the smart meter which gets
displayed on the screen of the smart meter. Further actions like revoking the
subscription etc. are done if necessary.
 Alerting: When the consumer power reaches a minimum value, the smart
contract on the smart grid sends an encrypted message to the smart meter
which is decrypted by the smart contract on the smart meter and displays it
on the screen to the consumer.

 Monitoring: When a consumers power gets used up, the smart contracts on
the smart meter are activated and shut down the electrical power and sends
an encrypted message to the smart grid network indicating a system
shutdown of that particular consumer’s meter.

 Security: A smart meter that is tampered with automatically triggers the

smart contract to send an encrypted message to the smart grid network and
shuts down the power system that corresponds to the tampered meter. All
these messages are stored in a smart contract database which are processed
into side blocks and are appended to their corresponding parent blocks on
the sovereign Blockchain.

42
5.1.4 Parent Block Structure:

Fig: 5.3 Overview of Parent Block

The different parts of the block in systematic order.
Block Format - uniquely identifies it from all others.
Block Size - contains the size of the whole block.
Block header – These are the integral part of security for the Blockchain
network. The block headers are hashed with Secure Hash Algorithm
sha256(sha256()).It provides immutability to the Blockchain network since the
attacker has to modify all the block headers of the preceding blocks starting from
the genesis block in order to successfully modify the contents of the current
block. In the case of malicious activity, a block mismatch will alert the system
of a suspicious event which triggers data forensics.

The Block Header has the following subsections:

 Data version specifies the properties and the type of data being accessed
which indicates the validation rules to follow for a particular data type.
 Previous Block Hash contains the hash of the previous block which is a
Secure Hash Algorithm sha256 (sha256 ()). The function of this is to make
it impossible to change a previous block header without changing the
preceding block headers.
 The Merkle root hash forms part of the header by making sure that none of
the blocks in the sovereign Blockchain network can be changed without
changing the header. This is achieved by taking the hashes of all the events
in the sovereign Blockchain network and appending the output to the current
block. This results in a sha256 (sha256 ()).
 A timestamp and this indicates when the block was created.

43
  Target Difficulty is a value which shows how processing is achieved by the
processing and consensus nodes. This value is unique to the system to make
processing difficult for malicious nodes but efficient and solvable by
verified consensus nodes in the system.
 Nonce is an arbitrary number the processing and consensus nodes generates
to modify the header hash in order to produce a hash below the target
difficulty.
Action counter - records the total number of violations which have been applied
on the accessed data in the entire block.
Transactions - which have been grouped into two parts, that is, timestamps and
the data. The timestamps are made up of time to purchase power (TTP), time to
process the transaction (TPT), time power starts reading (TPR), time power
reaches threshold value (TPRT), time power gets finished (TPF). The data part
comprises of meter ID (MID), house number (HN), amount of power purchased
(APP), processing node ID (NID) and signature of processing node (Nsig).
Blocklocktime - This is a timestamp that records the last entry of transactions
as well as the closure of a block. When conditions for this field are met, the block
is ready to be broadcast into the sovereign blockchain network. The
blocklocktime generally signifies the time the block enters the sovereign
blockchain.
5.1.5 Side Block Structure:

Fig: 5.4 Side Block Structure

The block format, size and header functions of the side block are similar to that
of the parent block. The action counter is for the recording of the violations on
the smart meter and data on the smart grid network and the state of the smart
meter. The transaction counter is made up of the timestamp of violation (TSV),
timestamp of state of smart meter (TSM), meter ID (MID), house number (HN),
type of violation (TVLN), processing node ID (NID), and processing node
signature (Nsig). The block is then time locked and broadcast to the blockchain
by appending it to the parent block.

44
 Threading side blocks to their parent blocks are used to maintain a contiguous
log of well-ordered logs developed from requests by different consumers.
Structuring the network this way enables us to point to the fact that each block
in a particular string represents different instances of events that have occurred.
These are indexed and updated by the smart contracts in a particular child-block
appended to the parent block as a side block. The significance of implementing
side blocks is to keep an effective log and efficient fetching of blocks with
emphasis on quarrying and investigation for the occurrence of breach of terms
by consumers and utility companies.
5.2 CASE 2: A Distributed meter-node network
5.2.1 Overview
This case involves utilizing the smart meter infrastructure to act as the nodes in
the blockchain infrastructure as an alternative to the gathering of information
and subsequent plain text transmission by the Supervisory Control and Data
Acquisition (SCADA) module in conventional smart grid meters. The current
information-gathering and storage mechanism provides centralized management
but with high risks of data being manipulated by cyber attackers. Using a
Blockchain based system the risk of data being successfully manipulated can be
reduced by providing a distributed information gathering and storage
mechanism.
A reconfigured SCADA network can be used to gather, transmit and store data.
In the reconfigured SCADA network, data acquisition modules still collect real-
time measurements from the grid, including voltage, current, real and reactive
power flow, breaker status, transformer tap position, and so forth.
Geographically distributed meters/sensors form a distributed meter-node
network, in which each meter/sensor acts as a node. Each node communicates
with its peers through predefined consensus mechanisms and there is no
requirement for human intervention. Only meters/sensors which are authorized
by the grid can perform data acquisition functions. In this sense, the meter-node
network is interdependent, and can be considered as a private blockchain
network.
All collected data are eventually stored in a ledger in the form of connected
blocks which exists in distributed form in each meter’s memory. Before storage,
each of the following procedures are necessary to guarantee data accuracy- data
broadcast, data verification via voting mechanism, data content accumulation in
block, mining process, verification the mining result via voting mechanism, and
distributed ledger synchronization.

45
 5.2.2 Comparison with the previous use-case

FEATURES SOVEREIGN USE-CASE METER-NODE USE CASE

CONSENSUS Separate entities other than the Smart Meter-nodes itself
AND MINING meters.
NODES
HUMAN For registration, authentication etc. None
INTERVENTION
TRANSACTION Data regarding user requirements, Only measurements
CONTENT errors, measurements etc
REWARD TO Yes No
MINING NODES
INCORPORATION Should change the entire architecture of Need to upgrade only the
INTO EXISTING the grids smart meter to act as meter-
SMART GRIDS nodes.
Table: 5.1 Comparison between two use-cases
5.2.3 Meter Requirements
In order to interact with each other through the proposed blockchain framework,
each meter needs to be possess functional features which are not common in
today’s widely deployed meters. These required features are as follows:
 Each meter is identified by a unique address.
 Each meter is equipped with specific software to support the generation of
a public key and private key.
 Each meter is equipped with RAM, computational hardware, data collection
device, signal sender, signal receiver and data process device.
 Meters are capable of communicating with each other through wired or
wireless communication channels.
All collected data are eventually stored in a ledger in the form of connected
blocks which exists in distributed form in each meter’s memory. Before storage,
each of the following procedures are necessary to guarantee data accuracy: data
broadcast; data verification via voting mechanism; data content accumulation in
block, mining process; verification the mining result via voting mechanism; and
distributed ledger synchronization.
5.2.4 Data Encryption and Broadcast
The cryptographic methods used for communication can be similar to that of the
previous use case. The basic stored information within each meter-mode consists
of the public keys of all meter-nodes, the private key of that meter-node, and
preset consensus and accumulated blocks. The transferred data (for broadcast to
other nodes) consists of plaintext and signatures. In the data encryption process,
newly collected plaintext data is processed using a secure hash algorithm (SHA),
generating a message digest. The private key of each meter-node is used to
encrypt the message digest of that node, thereby forming a digital signature

46
 which can be decrypted using its public key. The transferred data is then
broadcast to all other meter-nodes via the communication network.

Fig: 5.5 Data encryption and broadcast process

5.2.5 Data Decryption and Verification

Fig: 5.6 Data decryption and verification process

The receiver hashes the received plaintext into message digest 1, and decrypts
message digest 2 from the digital signature by using the sender’s public key. If
message digest 1 equals message digest 2, the received information is
successfully verified; otherwise the received data is considered as false. Data
integrity and consistency issues exist in the broadcasting process. That is, the
transferred data might be tampered with, delayed, or even discarded, creating
inconsistency between message digests 1 and 2. All nodes use an address-based
distributed voting mechanism, i.e., each node has precisely one chance, to verify
the integrity and consistency of the received data.

47
 5.2.6 Consensus and Mining
Any consensus mechanisms can be used to ensure secure transmission. The
Smart contracts existing in the meter-nodes verify if the data satisfies all the
consensus rules. For add-on security, the public and private keys can be updated
frequently where the updating time period should be less than the average time
taken by a hacker to access the public/private key.
Mining nodes generally require high computational capacities. In order to reduce
the costs of adding all the nodes with high computational capacities, a few nodes
can be pre-specified to act as mining nodes thereby reducing the cost of
infrastructure. But the drawback of this method is that the security of the entire
Blockchain can be compromised if someone hacks into one or more of these
nodes. This can be avoided by randomly allocating some nodes as mining nodes
which makes it difficult for attackers to know which nodes are currently mining.
5.2.7 Advantages in terms of cyber security:
 Completely avoids human intervention. Lesser chances of malpractices
 Provides immutability of data
 Geographically distant meter-nodes provide a significant challenge for the
attackers.
 Since there are no transactional activities between the nodes, Double-
Spending problem does not exist.
 Provides all the security features of Blockchain.
 Can be incorporated into the existing smart grid infrastructure without heavy
expenses

5.3 Case 3: Blockchain based Power Generation Monitoring

5.3.1 Overview
Single Machine Infinite Bus (SMIB) are widely used nowadays in power
generation circuits. In this system, a single synchronous generator SGT is
connected to a reactance, Z. Target generator SGT is feeding a local load SL.
Control switch SC takes an input from SL and directs excitation system ESS,
which excites field winding of SGT.
5.3.2 Possibility of attack
The system modelled here will have two areas of vulnerability, physical and
cyber. Physical implies hardware control and cyber as software access. We
assume that a hacker has access to both of them for carrying out a cyber-attack
on the switch. Hacker executes some malicious line of codes to make the
switches SL and SC non-functional. This will result in sudden removal of load
from the target generator SGT.

48
 Fig: 5.7 Simplified overview of SMIB system
If the switch connected to initiate Automatic Voltage Regulator (AVR) action is
not working due to attack, then rotor will start oscillating. These oscillations can
damage the shaft of SGT. The target generator SGT may also lose synchronism.
Using Block chain technology to re-stabilize SGT all the devices shown in above
figure will be connected to an additional line called block chain link in the figure
below. Time stamped data from switches SL, SGT, SC and ESS are to be stored
as data-blocks on the block chain.

Fig: 5.8 Using Blockchain for security in SMIB system

5.3.3 Using Smart Contracts
Smart Contracts are used to monitor the time-stamped values of the switches. In
the case of an attack where the attacker tries to modify the values, the Smart
Contract will detect this manipulation in data and the failed status is stored in the
Blockchain. Once this occurs, the smart contract will rely on the data provided
by SGT. Thereafter, smart contract will enforce AVR and ESS to decrease the
excitation to stabilize the SGT.

49
 In order to destabilize the proposed system, a hacker will have to control more
than 50% of the computers running the Blockchain. This makes a smart contract
running on a block chain nearly irrevocable. They are directing control
equipment to initiate corrective action.
The red curve in figure indicates terminal voltage in case of cyber-attack, causing
SC and SL switches to fail without ESS action. While, blue line represents action
of ESS under such an attack initiated by response of smart contract running on
Blockchain technology.

Fig: 5.9 Graph showing terminal voltage Vs time during attack

5.4 Case 4: Blockchain based Power Distribution System
5.4.1 Overview
An attack on the power distribution network can lead to serious consequences.
A Distributed Denial of Service(DDoS) makes the communication channels of
the victim nodes non-functional.

Fig: 5.10 A micro-grid distribution network with a communication link provided by dApp

50
 This will lead to fragmentation of the distribution channels and can lead to power
outages.

5.4.2 Using dApp

Blockchain technology supports an application called dApp. A distributed app
also called dApp, is an application running on distributed computing technique.
A feedback to the existing smart or conventional grids will be made available.
dApp bridges the communication link between the utility, prosumers and the
consumers. Every prosumer, consumer and substation are connected through a
block chain based application, dApp. Power consumption metrics, actuating
quantities like frequency, voltage and current will be stamped on the block chain,
Power consumption data collected through existing communication system
(SCADA/GPRS/ZigBee) will be compared against the data collected through
dApp on the block chain. In this way, dApp will help to verify the actual power
consumption data, even in an event of a cyber-attack.

51
6. MACHINE LEARNING FOR SMART GRID
SECURITY
The most transformative application of machine learning for grid balancing comes from
unlocking and utilizing flexibility in demand-side power consumption. Such algorithms can
find creative ways to reschedule the power consumption of many demand and generation
assets in synchrony to keep the grid in balance while helping to minimize the cost of
consuming that power for energy users.
With sufficient data, a ML model can look at a sequence of actions leading to the
rescheduling of power consumption and make grid-scale predictions saying “this is what it
would cost to take these actions”. The bleeding edge in deep reinforcement learning shows
how, even with very large scale problems like this one, there are optimization techniques we
can use to minimize this cost beyond what traditional models would offer.
6.1 Detection of cyber-physical attacks on power-distribution networks
using CUSUM Algorithm
 Problem with current security practices
The problem is that current IT-security practices (including intrusion-detection,
firewall, and encryption technologies) are insufficient. These techniques may leave
a gap in safety and protection when applied to cyber-physical devices because
they do not consider physical information known about the device they are
protecting.
 Solution using Machine Learning algorithms
Machine learning and sensors may help ensure security for power grids project
that melds cybersecurity methodology, machine-learning algorithms, and
commercially-available power-system sensor technology into a security monitoring
and analysis framework specifically for power grids.
 Aim
Designing the framework's architecture to detect cyber-physical attacks on
power-distribution networks. To do this micro-Phasor Measurement
Units (µPMUs) can be used to capture information about the physical state of
the power distribution grid. They then combine this data with SCADA
(Supervisory Control and Data Acquisition) information to provide real-time
feedback about system performance.
 Current trend and our approach
Current trend: Individually it might be possible for an attacker to manipulate
what is being represented by any single sensor or source of information, which
could lead to damage of the power grid. This approach provides the
redundancy and therefore resilience in the view that is available to grid
operators.

52
  Our approach
System redundancy offers the additional benefit of differentiating real attacks
from false positives by comparing the µPMU measurements to what the
equipment is reporting.
 µPMU and its importance
PMU: A phasor measurement unit can determine the electrical state of a power grid
using voltage-phasor and current-phasor calculations. However, PMUs are large
and expensive, which limits their deployment to centralized distribution nodes—
this is where the team's µPMUs come into play.
MicroPMU: They are much smaller and potentially less expensive, multiple
µPMUs can be deployed at points along a distribution grid, providing a much higher
resolution (120 measurements/sec) of the grid and alerting operators of potential
attacks on the grid in real time.
 An algorithm enables real-time reporting
Algorithm: The researchers doctored an algorithm first introduced in 1954
(CUSUM or Cumulative SUM) to fit their machine-learning needs. This algorithm
enables software to identify whether measurements such as current magnitude,
active power, and reactive power are normal or abnormal by detecting rapid
changes in the physical environment.
CUSUM algorithm: It is typically used for monitoring change detection or changes
in it and proposed a criterion for deciding when to take corrective action. The
machine-learning algorithm learns to distinguish between abnormal and normal
behaviour by detecting changes in the physical environment, such as current
magnitude and active and reactive power
6.2 Case Study: Detection of Covert Cyber Deception Assaults in Smart
Grid Communications Networks Using Genetic Algorithm
 Introduction
Covert cyber deception assault, has been introduced to infringe upon the integrity
of smart grid data. Such assaults are designed and initiated by hackers who have
considerably good knowledge of the power network topology and the security
measures in place, and therefore, these assaults cannot be effectively detected by
the bad-data detectors in traditional state estimators.
 Meaning of CCD Assault Attack
A substantial amount of sensed information and control signals flow on the bi-
directional communications network in SGs. Therefore, it becomes important to
study a special type of malicious user behaviour that attempts to violate the
integrity of the measurement data by inserting a deceptive bias value into the state
estimation. Such malicious behaviour is mostly undetectable by the BDD present
in the legacy PCC. We call this kind of attack a CCD assault.

53
 Solution
Supervised machine learning-based scheme is used to detect a covert cyber
deception assault in the state estimation-measurement feature data that are
collected through a smart-grid communications network.
 Algorithm used : Genetic Algorithm
In this scheme Genetic algorithm-based feature selection is used to improve
detection accuracy and reduce computational complexity.
 Role of RTU and PCC
Distributed sensors, actuators, and meters (referred to as RTUs) are installed in
the electric power grid, mainly in substations, to collect the measurements,
including power injections into the buses and power flow in the branches. These
measurements are combined at the PCC via communications links and are further
used to estimate the states, i.e., voltage magnitudes and angles, at buses.

Fig: 6.1 fundamental building blocks

 Loophole
The existence of a communications infrastructure is compulsory for realization of
efficient monitoring and intelligent control in the framework of an SG, but a
communications infrastructure is prone to malicious cyber assaults, owing to
certain incentives for the attacker, like fiscal benefits, inserting technical faults
resulting in partial or complete power blackouts, or a combination of both.

54
 Principle used:
Normal data that are not affected by a CCD assault are consistent with electrical
laws, like Kirchhoff's current and voltage laws, whereas data that are affected by
a CCD assault are inconsistent with these laws. This fundamental distinction
between normal and compromised data inspires ML-based algorithms for
detection of CCD assaults. In the scheme GA-based FS technique to tackle the
curse of dimensionality.
 Operation or working:
The optimal features selected from the SE-MF dataset are then used as input by
an SVM classifier for the detection of a CCD assault. The feature selection-based
method does not alter the original representation of the data. To tackle the
increasing computational complexity with growing sizes of power systems, we
use a GA for the selection of independent and discriminative features from the
SE-MF dataset. Then, the selected optimal features are used as input to a binary
SVM classifier to detect the presence of compromised data.The fact that normal
or unassail data follow Kirchhoff's law, and the assaulted data do not follow any
physical law, suggests that both types of data will have different distributions and
will therefore tend to form different clusters. These clusters would be
distinguishable in a feature space of suitable dimensions. Furthermore, if the
data are supplemented with class labels, then a classifier can be trained to
distinguish between the two clusters. The curse of dimensionality becomes
challenging when the size of measurement features grows with an increase
in the size of the power system, which results in greater computational
complexity. Nonetheless, not all SE-MF dataset attributes would be equally
supportive in leading to plainly distinguishable clusters in the feature space;
this can have a negative impact on the classifier's performance. GA-based FS
scheme to select an optimal subset of features that would result in more
tightly packed and distinctly separable clusters of vectors of chosen features
in the resulting subspace. Thus, the predictive performance of the classifier
is improved. Furthermore, FS reduces the measurement and storage
requirements, as well as the training and prediction times

55
 Fig.6.2 Flowchart of operation
6.3 Meter authentication using kNN Algorithm
6.3.1 Introduction about kNN Algorithm:
 History
The kNN algorithm was proposed by Cover and Hart, where k denotes the
number of nearest neighbours that are helpful to predict the class of the test
sample.
 Approach
kNN is a lazy learning approach. However, we use the inductive learning
classification model for learning to improve the efficiency of the kNN
technique. The training takes place only at the beginning and once.
 Sample and Model
An authenticate set of data is used for training. After that, the induction
model is used for classification.

56
  kNN over other more advanced approaches
More advanced approaches, such as neural network, bioinspired algorithms,
ant colony optimization algorithms, genetic algorithms, etc., have better
accuracy. However, these approaches are complex and need more
memory/computation ability to implement. On the other hand, kNN is
simple and easy to implement.
6.3.2 Selection of parameters
 In the real world, every meter will be accompanied by a few neighbouring
meters, except in multi-storied building.
 Besides that, we used only three parameters, distance, and packet size and
data transmission frequency. Therefore, the classification will be fast.
6.3.3 Principle used
 The use of the kNN algorithm along with the RSS-based technique will
allow data/packets to be received from authenticated neighbour meters.
 Therefore, this will ensure node-to-node authentication, intercepting
malicious packets. Therefore, kNN added an extra layer of security, whereas
the main scurrility is provided by encryption by keys.
6.3.4 Encryption Process
 Detailed description of the entire encryption and data flow process in the
AMI is provided in this section. As shown in Figure 3, there is an
involvement of a TTP, which will perform the authentication of the different
smart meters using their node IDs.
 Once the TTP authenticates a particular smart meter (mi), it sends the key
index to the CCC.
 At the same time, the encrypted data are sent to the CCC via intermediary
nodes (other smart meters).
 Finally, when the encrypted packet reaches the CCC, the destination will
decrypt the message using the key associated with the random key index and
the meter’s (mi) coordinates: latitude and longitude.

57
 Fig: 6.3 Encryption Process
6.3.5 Performance of kNN Algorithm
The performance of kNN algorithm for different data sizes and different
numbers of neighbors (k) is illustrated in Figure 11. It was found that with the
increment of the size of the data and the decrement of k, the mean square error
between the original data and the predicted data increases quite precisely. This
means that for a greater number of data classes and a smaller dataset, the kNN
algorithm performs well. Smart meters send the consumed data periodically at a
specific interval defined by the utility company, and the data packet size is
constant. For these reasons, a meter can authenticate the source meter by the
kNN algorithm using the data of sending frequency, packet size and distance
between two meters.

58
6.3.6 Security Strength of data packet Analysis
 Measurement
The security strength of a data packet can be measured by entropy. The
value of entropy reflects the uncertainty of a random variable. The more
certainty about a value there is, the smaller the entropy value.

 Entropy
The entropy for a sequence S:
H(s) =∑𝑆 P(S = x) log2 P(S = x)

Where P(S = x) is the probability of taking the S value over x.

6.3.7 Analysis of impossibility of hacking smart meters using kNN

Algorithm
 Example:
Let us consider that a smart meter sends a data packet of 128 bits encrypted
by a 128-bit symmetric key to the control centre.

 Security Strength of data packets:

For an 8-bit random key index, the security strength of the random sequence
is 28. On the other hand, for a 128-bit symmetric key algorithm, the security
strength is 2128. So, for an 8-bit random key index and a 128-bit symmetric
key, the security strength of the packet is (28 + 2128).

 Hacking is impractical:
Therefore, if a hacker wants to decrypt a data packet of 128 bits, he or she
needs (28 + 2128) tries to decrypt the message unless he or she is lucky.
This is impractical.

59
7. INTEGRATION OF PUFS WITH SMART GRIDS
7.1 Importance of PUFS
 PUFS
PUFS (Physically Unclonable Functions) is a concept of hardware security. In PUF
the minor feature differences that are occurred during the manufacturing time of a
chip are exploited. At the tie of manufacturing, although, the mask and process are
same there will be certain factors that are uncontrollable leads to minor feature
differences. These random variations are unique because these are caused by
random changes occurred at the time of the manufacturing. So, these keys generated
by the ROPUF ae unique from chip to chip and modelling these codes is impossible
since these are caused by random changes.
 Current Scenario in AMI and its problems
AMI (Advanced Metering Infrastructure) authentication is done by using the non-
volatile memory to store the security keys and using a digital signature or
encryption schemes. These methods are costly in terms of area and consume more
power. Moreover, memory based authentications are vulnerable to spoofing attacks.
 Solution
For security between consumer and the utility company, ROPUFS (Ring Oscillator
Physically Unclonable Functions) on FPGA is used or SRAM PUF scheme.
 Schemes used
Schemes which are using the volatile keys generated by the PUF. Some schemes
employed the SRAM-PUF scheme where the key will be generated by the data
acquired by the SRAM when it is turned on. The other scheme is proposed using
ROPUF where there are fixed number of levels of security. There are five levels of
security. Therefore the ROPUF implemented on FPGA is used to generate the
security keys however the number of levels of security is not fixed.
 General Operation of Schemes
Instead of storing keys, the circuit derives keys using physical characteristics of
FPGA or IC. The keys are modeled from minor feature differences that are occurred
at the time of manufacturing time. So these keys cannot be modelled, since
irregularities occurred during fabrication process are highly random.

60
 Fig: 7.1 unique Reponses generated by PUFS

7.2 About ROPUF

 PUF is Physically Unclonable Function means that it cannot be cloned or
modelled. In the case of ROPUF it is the ring oscillator based PUF, ring oscillators
are used to exploit the inherent physical characteristics of the chip. ROPUF
exploits the inherent delay characteristics of the integrated circuits. During the
fabrication of the IC, even though all the processing steps are same there are
certain factors that will occur randomly. Because of those random changes all
chips manufactured do not have same internal delay characteristics. But all chips
meet their primary requirement that is all the outputs of chips of same kind will
be same, although the internal delays have minute differences. ROPUF are used
to exploit those minute delays. So, one cannot model ROPUF behavior into
another ROPUF, since one cannot create same random changes at the time of
manufacturing.
 The ring oscillator is a connection of inverters such that output of final stage is fed
back to the input.
 Two ROPUFs produces different responses for same challenge, although they are
of same kind of FPGA. So, no two ROPUFs produce same response for same
challenge means all responses ae unique.

61
 Fig: 7.2 Ring Oscillator with enable

7.3 ROPUF Design

 Role of Ring Oscillators
The design consists of programmable ring oscillator block where we can program
the number of ring oscillators as per our requirement. The number of ring
oscillators is more if the security key length is more in terms of bits. Each bit is
generated from the comparison of two ring oscillator frequencies.
 Role of Muxes
The ring oscillators are connected to the muxes, so that, when a challenge is given,
the challenge acts as a selection line to the mux and selects a ring oscillator from
all the ROs connected. All the ring oscillators are connected to both the muxes.
But the selection line that is a challenge will be the different. The outputs of the
muxes are connected to the counters as shown in the figure. Effectively it is like
two ROs connected to two counters count the oscillating frequencies of the ring
oscillators.
 Role of Counters
The outputs of the muxes are connected to the counters .After the specified amount
of time, the counter values will be compared and depending on the comparator
logic for comparison, the output will be sent.
 Role of Control Circuitry (State Machine)
The control circuitry used here is a state machine. The state machine is having an
internal counter where a value can be set in it. When the required value of the
counter inside the state machine is reached then the two counter values of the
counters counting the RO oscillations will be counted. When the comparison is
over the state machine is needed to reset all the counter values for the next
comparison.

62
 Fig: 7.3 ROPUF

7.4 Working of how smart meter attacks gets reduced

 Communication between Smart Meter and Utility providers
When the smart meter needs to communicate with the UC (Utility Company/Service
Provider) it needs to be authenticated. In the process of authentication, the UC sends a
challenge to the smart meter where the ROPUF inside the smart meter has to generate the
response using that challenge and send it back to the UC.

Fig. 7.4 ROPUF block Diagram

 Utility Company side

As UC is assumed to have secured data storage, data storage contains the challenge
response of that particular ROPUF. On UC side the result from the smart meter and the

63
 result stored at the time of connection of smart meter to the network are compared. If both
are not same the data requested by the smart meter will not be sent.

 Smart Meter side

When the smart meter receives a challenge, the state machine clears all the counters and
decoders enables the respective ROs and the challenge is also selection lines to the muxes,
so, it selects the respective ROs connected from the input. Counting is carried out and
results are compared. When the counter value inside state machine is reached, the two
counter values will be compared and the result is obtained. And state machine clears all
counters.

 Design of ROPUF in Smart Meter

The ROPUF is designed in Verilog or VHDL and implemented in FPGA. The total design
between the smart meter and the service provider is implemented using PCs. That PC is
used as utility company and FPGA is used as smart meter. The inputs are given to the
ROPUF and the outputs are stored in PC to make it as a UC

 To increase the level of the security

Bits of response should be increased for that ring oscillators need to be increased.

64
8. CONCLUSION
Smart grids are evolving as one of the most promising technological advancements in the
current era. Along with the progress in the computational capabilities and the advancement
in the infrastructure available for modern power systems, threats to the security of the grid
also arise from several directions. A study of the different sources of threats has been
incorporated and analysis of the technical aspects regarding past attacks encountered on
power grids has been conducted. As counter measures to those threats faced by the smart
grid, a comprehensive study of the incorporation of Blockchain, PUFs and Machine
Learning methods have been conducted.

65
9. REFERENCES

1. Survey on Smart Grid: Threats, Vulnerabilities and Security Protocol- International

Journal of Electronics, Electrical and Computational System IJEECS, ISSN 2348-117X.
2. Challenges and issues of smart grid implementation: A case of Indian scenario - Journal
of Electrical Systems and Information Technology 5 (2018) 453–467.
3. Smart Grid Security: Threats, Vulnerabilities and Solutions - International Journal of
Smart Grid and Clean Energy.
4. Smart Grid Security Issues - 978-1-4799-6301-0/15/$31.00 ©2015 IEEE
5. Smart Grids Cyber Security Issues and Challenges - Open Science Index, Electronics and
Communication Engineering Vol:9, No:11, 2015 waset.org/Publication/10002759
6. Smart-Grid Security Issues - https://www.researchgate.net/publication/224110557
7. The Advantages and Challenges of the Blockchain for Smart Grids by T.M.G.L. Winter -
Delft University of Technology.
8. Blockchain technology in the energy sector: A systematic review of challenges and
opportunities - Renewable and Sustainable Energy Reviews 100 (2019) 143–174 -
www.elsevier.com
9. Smart Contracts for Smart Grid: Harnessing the Potential of Blockchain Technology for
Future Energy Systems BenJeMar-Hope Flores.
10. Using Blockchain against cyber-attacks on smart grids - 2018 IEEE International
Students' Conference on Electrical, Electronics and Computer Science - 978-1-5386-
2663-4/18/$31.00 ©2018 IEEE
11. Distributed Blockchain-Based Data Protection Framework for Modern Power
Systems against Cyber Attacks - IEEE Transactions on Smart Grid · March 2018 DOI:
10.1109/TSG.2018.2819663
12. Securing Metering Infrastructure of Smart Grid: A Machine Learning and Localization
Based Key Management Approach - Energies 2016, 9, 691; doi:10.3390/en9090691
www.mdpi.com/journal/energies
13. Feature Selection–Based Detection of Covert Cyber Deception Assaults in Smart Grid
Communications Networks Using Machine Learning -
https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=8357769
14. Smart grid security using PUF – Journal of engineering and science ISSN: 1816-949X
15. PUF-based solutions for secure communication in Advanced Metering Infrastructure
(AMI) - https://onlinelibrary.wiley.com/doi/full/10.1002/dac.3195
16. Authentication and Key Management for Advanced Metering Infrastructures Utilizing
Physically Unclonable Functions -
https://www.researchgate.net/publication/254639302
17. https://www.indigoadvisorygroup.com/blockchain
18. Energy grid secuirity challenges:
https://www.sciencedirect.com/science/article/pii/S2314717218300163
19. researchgate.com
20. www.youtube.com
21. www.powerprimer.com

66
22. www.electricenergyonline.conew.com
23. Cnn.com
24. maximintegrated.com
25. abc.com
26. GridMonitoring: Secured Sovereign Blockchain Based Monitoring on Smart Grid -
Digital Object Identifier 10.1109/ACCESS.2018.2806303
27. https://publish.illinois.edu/integrative-security-assessment/case-study/

67