Autonomic and Integrated Management of Smart Grid (AIMSG) Technologies (ZigBee Protocol)

Overview

The current electric grid suffers from many drawbacks: lack of real time monitoring, unsecure communications, and longtime recovery, etc. The previous reason motivates the utilities to move to, an intelligent infrastructure, Smart Grid (SG) systems that can predict loads and peak demand, respond to faults, accidents, or disasters, and integrate renewable energy sources without suffering instabilities associated with variable capacity, duration, and availability. SG benefits from the development of IT and communication technologies (e.g. ZigBee, Wi-Fi). Although those technologies are considered very convenient from controlling perspective, but they lack from many security vulnerabilities, and they are very attractive for intruders. AIMSG focuses the study on ZigBee mesh networks. ZigBee is a wireless protocol, which is used in low power, short range, and low data rate applications. Our goal is to build an effective intrusion detection system that can proactively detect anomalous actions generated by malicious devices from inside or outside ZigBee networks.

Approach

AIMSG is trying to build an anomaly behavior system by achieving the following steps: 
1- Create a Smart Grid testbed that contains intelligent electronic devices (IEDs) and renewable energy source (wind turbine); those devices are communicating through ZigBee protocol. 
2- Monitor the ZigBee networks in real time. 
3- Decode the packets into different layers, decrypt the payload of each packet, and build the normal behavior space. 
4- Apply a few attacks (e.g. DoS, replay, malicious injection) to feed our normal space with some abnormality. 
5- Integrate the UA CAC AppFlow with the smart grid testbed to analyze the behavior of the ZigBee devices. As a result, we will be able prevent attackers from compromising the system resources and services.

Testbed

ESP (Energy Service Portal): Works as gateway for the devices to interconnect with the Internet. 
AMR (Automated Meter Reading): Uni-directional meter to display power consumption. 
ERT/Smart Bridge: Works as bridge between AMR and ESP. 
PCT (Programmable Controller Thermostat): A smart thermostat that manages the temperature and controls the energy consumption. 
LCD (Load Control Device): A smart plug that communicates with ESP, and controls the electric appliances. 
IPD (In-Premise Display): An end-user screen that displays utility’s messages, price events, etc.