Penetration Testing of Smart Meters against Cyber Attacks

Smart Meters and Smart Grids are the present and future of power, water, and gas distribution systems around the world. The Supervisory Control and Data Acquisition (SCADA) system, which is an automated remote command and control system, form the backbone of these smart grids. This makes smart meters and SCADA systems highly lucrative target for cyber-attacks for any organisation/country. For the communication in a smart grid to be secure, it must provide confidentiality, integrity, and availability of the data from end-to-end. Various defence mechanisms for a few types of cyber-attacks on a SCADA system are proposed. For the defenders, it becomes extremely important to plug the vulnerabilities and make the Smart Grids more robust to counter such attacks. Study of vulnerabilities of SCADA systems has been the focus. Work has been carried out with the help of experiments and thereby brought out a few vulnerabilities which are critical to the security of SCADA systems. Using an experimental smart grid various cyber-attacks have been demonstrated successfully which includes Man-in-the-Middle and Denial-of-Service attacks. Possible counter-measures are proposed for protection against such types of attacks.