Word count 3000 Please see attached files. look at Question.pdf

In the unlikely event that the author did not send a complete manuscript and there are missing pages, these will be noted. Also, if material had to be removed, a note will indicate the deletion.

All rights reserved.

This work is protected against unauthorized copying under Title 17, United States Code Microform Edition © ProQuest LLC.

ProQuest LLC.

789 East Eisenhower Parkway P.O. Box 1346 Ann Arbor, MI 48106 - 1346ProQuest 10118204 Published by ProQuest LLC (2016). Copyright of the Dissertation is held by the Author.ProQuest Number: 10118204 iv Acknowledgements Firstly, I would like to express my sincere gratitu de to my primary thesis advisor and Chair, Dr. Paras Mandal, who constantly provided me an excellent and constructive guidance that motivated me to complete my thesis successfully. I am very much grateful to my thesis Co - Chair, Dr. Bill Tseng, for his cont inuous encouragement and support that allow me to concentrate more on my studies and research. I would like to express my sincere appreciation to Drs. Mandal and Tseng for encouraging me to communicate my research findings at journal, IEEE conference, and symposiums. I am also thankful to Dr. Virgilio Gonzalez for being my thesis committee member and providing me valuable suggestions to improve the quality of thesis. I would like to express my sincere gratitude to U.S. Department of Education – DHSIP Progra m (Award #P031S120131) and Interdisciplinary Research Seed (IRS) Fund (2014 -2015), College of Engineering, UTEP for providing partial support to carry out my thesis. I am very much thankful to my parents for their unconditional love and support for providing me a quality education since from my childhood, and encouraging me to pursue Master degree at The University of Texas at El Paso (UTEP). Furthermore, I also want to thank all my friends who supported me during my thesis period. The members of Pow er and Renewable Energy System (PRES) lab, where I carried out my thesis, also deserve kind appreciation for providing valuable research discussions. v Abstract Cyber security is one of the major need s for electric power industry like many other indu stries and organizations. The advancements in technology provide numerous benefits to power industry as well as benefits cyber attackers to perform different cyber -attacks on the industry. Power system is a complex physical entity that deals with power gen eration, distribution, and transmission. In general, no individual or company or an organization can bear a one hour power cut, which shows the need for reliability in electric power industry. In order to develop a reliable and secure Supervisory Control a nd Data Acquisition (SCADA) communication network, t his thesis contributes to propose a SCADA system with Mobile Ad hoc N etwork (MANET) for residential microgrid communications. The proposed network ’s objective is to collect the data of power consumption f rom smart meters in houses and Electric V ehic les (EV) . The proposed network also helps to connect mobile operators into the system , which are helpful in emergency situations such as power blackouts . In addition , by studying the various possible cyber -attac ks on MANET , this thesis contribute s to apply two Intrusion Detection and P revention ( IDP ) technologies : (i) Monitoring , Detection, and Rehabilitation (MDR) approach and (ii) Secure Knowledge algorithm with Anomaly detection (SKA) to the proposed SCADA ne twork for securing the network from various Denial of Service (DoS) attacks . Network Simulator version 2 (NS -2), which is widely known for MANET simulations , is used for testing the effectiveness of both IDP technologies (MDR and SKA) . MDR approach is appl ied when attacker introduce malicious nodes in to the proposed SCADA communication network. Test r esu lts presented in Chapter 4 show the effectiveness of MDR approach in defendin g malicious nodes, which lead to DoS attacks . In this thesis, our proposed IDP technology is SKA, which is applied to the SCADA network when it is attacked by DoS attacks such as blackhole attacks and anomaly attacks . Test r esults presented in Chapter 5 demonstrate the efficiency of the SKA technology in defending DoS attacks. vi Table of Contents Acknowledgements ................................ ................................ ................................ ........................ iv Abstract ................................ ................................ ................................ ................................ ............ v Table of Contents ................................ ................................ ................................ ........................... vi List of Tables ................................ ................................ ................................ ................................ . ix List of Figures ................................ ................................ ................................ ................................ ..x Chapter 1: Introduction ................................ ................................ ................................ .................... 1 1.1 Background and Research Motivation ................................ ................................ ......... 1 1.2 Problem Statement and Rationale for the Study ................................ .......................... 3 1.3 Thesis Objective ................................ ................................ ................................ ........... 5 1.4 Scope and Limitations ................................ ................................ ................................ ..6 1.5 Thesis Organization ................................ ................................ ................................ ..... 7 Chapter 2: Literature Review ................................ ................................ ................................ ........... 9 2.1 Present Status of SCADA System ................................ ................................ ............... 9 2.1.1 Components of SCADA System ................................ ................................ ........ 9 2.1.2 Architecture of Current SCADA System ................................ ......................... 10 2.2 Vulnerabilities in Curren t SCADA System ................................ ............................. 11 2.3 Physical and Cyber -Attacks on the SCADA System ................................ ................. 12 2.3.1 Physical Attacks ................................ ................................ ............................... 12 2.3.2 Cyber Attacks ................................ ................................ ................................ ...13 2.4 Benefits from Integrating ACT into SCADA System ................................ ............... 14 2.4.1 Wireless Sensor Networks ................................ ................................ ............... 14 2.4.2 Ad hoc Networks ................................ ................................ ............................. 14 2.4.3 Internet ................................ ................................ ................................ ............. 15 2.4.4 SCADA Architecture with ACT for Power System Operation ....................... 15 2.5 IDP technologies to Prevent Cyber -Attacks ................................ .............................. 16 2.5.1 Methods of Intrusion Detection in IDP Technologies ................................ ..... 16 2.5.2 Types of IDP Technologies ................................ ................................ ............. 17 2.6 Sum mary ................................ ................................ ................................ .................... 17 vii Chapter 3: Proposed SCADA Communication Network using MANET ................................ ...... 18 3.1 Introduction of MANET ................................ ................................ ............................ 18 3.1.1 Advantages of MANET ................................ ................................ ................... 18 3.1.2 Challenges of MANET ................................ ................................ .................... 19 3.2 Various Cyber -Attacks on MANET ................................ ................................ .......... 19 3.3 Routing Protocols Used in MANET ................................ ................................ .......... 21 3.3.1 Table Driven Routing Protocols ................................ ................................ ...... 21 3.3.2 Source Initiated on Demand Driven Routing Protocols ................................ ..21 3.4 Proposed SCADA Network for Residential Microgrid Communication .................. 22 3.4.1 Objective of the Proposed SCADA Communication Network ........................ 23 3.5 Summary ................................ ................................ ................................ .................... 23 Chapter 4: MDR Approach Based IDP Technology ................................ ................................ ...... 24 4.1 MDR Approach ................................ ................................ ................................ .......... 24 4.1.1 Monitoring Stage ................................ ................................ ............................. 24 4.1.2 Detection Stage ................................ ................................ ................................ 25 4.1.3 Rehabilitation Stage ................................ ................................ ......................... 25 4.2 Applying MDR approach to the Proposed SCADA Network ................................ ...25 4.3 Developing the Network Using NS -2 Simulator ................................ ....................... 26 4.4 Results of Scena rio 1: By Varying Total Number of Nodes ................................ ..... 28 4.5 Results of Scenario 2: By Varying Data Rate ................................ ............................ 30 4.6 Summary ................................ ................................ ................................ .................... 32 Chapter 5: Proposed IDP Technology Based on Secure Knowledge Algorithm ........................... 33 5.1 Proposed SKA Technology ................................ ................................ ....................... 33 5.2 Developing the Proposed SCADA Communication Network using NS -2 ............... 35 5.3 Data Flow Under SKA ................................ ................................ .............................. 35 5.4 Results and Discussion ................................ ................................ ............................. 38 5.5 Summary ................................ ................................ ................................ ................... 40 Chapter 6: Conclusions and Recommendations for Futur e Work ................................ ................. 41 6.1 Summary and Conclusion ................................ ................................ ......................... 41 6.2 Recommendations for Future Work ................................ ................................ .......... 42 viii References ................................ ................................ ................................ ................................ ...... 43 Appendix I ................................ ................................ ................................ ................................ ..... 49 Appendix II ................................ ................................ ................................ ................................ .... 53 Appendix III ................................ ................................ ................................ ................................ ...55 Appendix IV ................................ ................................ ................................ ................................ ...57 Appendix V ................................ ................................ ................................ ................................ .... 59 Vita ................................ ................................ ................................ ................................ .............. 60 ix List of Tables Table 4.1: Network simulation parameters for MDR approach. ................................ .................. 26 Table 5.1: Network simulation parameters for proposed IDP technology. ................................ .. 35 Table AV.1: Technical specifications of PC. ................................ ................................ ................ 59 x List of Figures Fig ure 1.1: Architecture of MMEMS. ................................ ................................ ............................ 2 Figure 1.2: Graphs generated from smart meter data [8]. ................................ ............................... 4 Figure 1.3: Organization of thesis. ................................ ................................ ................................ .. 7 Figure 2.1: Architecture of Current SCADA System. ................................ ................................ .. 10 Figure 2.2: Architec ture of SCADA with ACT. ................................ ................................ ........... 15 Figure 3.1: SCADA communication network with MANET. ................................ ...................... 22 Figure 4.1: Network under attack case . ................................ ................................ ........................ 27 Figure 4.2: Network under intrusion detection case . ................................ ................................ .... 27 Figure 4.3: PDR for attack case (red line) and intrusion detection case (blue lin e) in Scenario -1. ................................ ................................ ................................ ................................ ....................... 28 Figure 4.4: Throughput for attack case (red line) and intrusion detection case (blue line) in Scenario -1. ................................ ................................ ................................ ................................ .... 29 Figure 4.5: Delay for attack case (red line) and intrusion detection case (blue line) in Scenario -1. ................................ ................................ ................................ ................................ ....................... 29 Figure 4.6: PDR for attacks case (red line) and intrusion detection case (blue line) in S cenario -2. ................................ ................................ ................................ ................................ ....................... 30 Figure 4.7: Throughput for attacks case (red line) and intrusion detection case (blue line) in Scenario -2. ................................ ................................ ................................ ................................ .... 31 Figure 4.8: Delay for attacks case (red line) and intrusion detection case (blue line) in Scenario - 2................................. ................................ ................................ ................................ .................... 31 Figure 5.1: Flowchart of the proposed IDP technology. ................................ ............................... 34 Figure 5.2: Route disco very using AODV. ................................ ................................ ................... 36 Figure 5.3: Detection of blackhole attacked node. ................................ ................................ ....... 36 Figure 5 .4: Optimal route for sending data to destination. ................................ ........................... 37 Figure 5.5: Identification of misbehaving node. ................................ ................................ ........... 37 xi Figure 5.6: Optimal route with trusted communication nodes. ................................ .................... 38 Figure 5.8: Network throughput with the application SKA. ................................ ......................... 39 Figure 5.7: PDR with the applica tion of SKA. ................................ ................................ ............. 39 Figure 5.9: Delay with the application of SKA. ................................ ................................ ........... 40 1 Chapter 1: Introduction 1.1 BACKGROUND AND RESEARCH M OTIVATION Power system is one o f the most complex physical entities that deal with various tasks such as electricity generation, electricity transmission, and electricity distribution. Power system operates a huge infrastructure with proper maintenance, control, and security in order to achieve the aforementioned tasks successfully. One of the major issues of electric power industry is to meet electricity supply and demand. World electricity demand has increased at an average of 3.1% per year from the years 1990 to 2011 , and it is estima ted that electricity demand increase by more than two thirds from the years 2011 to 2035 [1]. Considering the growing demand for electricity, electric power industry focuses on Distributed Generation (DG) su ch as hydro, thermal, nuclear, Energy Storage S ys tems (ESS), and renewable energy sources. The advancements in technology transformed traditional power grid to smart grid, which enables effective integration of DG. Furthermore, the integration of r enewable energy sources reduce Greenhouse G as (GHG) emiss ion that leads to low carbon economy [2], [3]. Smart grid enables two -way flow of electricity and communication, which helps to bring automation and to create an advanced distributed energy delivery network [4]. The whole operations of this complex power system is monitored and controlled by Supervisory Control and Data A cquisition (SCADA) system . SCADA system is the combination of te lemetry and data acquisition [5] , and SCADA system monitors all the remo te sub stations of the power system by collecting and analyzing the data received from substations. SCADA master sends the control commands to the substat ions based on the analyzed data . SCADA system is essential for monitoring and controlling the operations of power system. Th e integration of DG increase co mplexity in the power system and this makes the role of SCADA system more crucial and challenging. To understand the role of SCADA in operating a power system c onsider the Multi Microgrid Energy Management S ystem (MMEMS) , which is controlled and operated b y the SCADA system as shown in Figure 1 .1. 2 In general, MMEMS c omprises of various DG such as P hotovoltaic (PV ), wind, ESS, Electric V ehicles (EV), loads, and smart appliances (see Figure 1.1). In MMEMS, Micro Grid Control C enter (MGCC) comprises of sub SC ADA master that collects the data from substations of residential, industrial, and commercial microgrid . MGCC sends the collected data to MMEMS control server where the data is analyzed. MMEMS control server comprises of SCADA master, Fig ure 1.1: Architecture of MMEMS. 3 which sends the contr ol commands to the substations of residential, industrial, and commercial microgrid. This process of collecting data and sending control commands to substations is carried out using communication and control network. The technology advancements that are ma de to smart grid for the integration of DG brought new challenges to SCADA system. 1.2 PROBLEM STATEMENT AND RATIONALE FOR THE STUDY Vulnerabilities in existing SCADA system such as communication infrastructure, poor authentication, unencrypted dat a transmission, network design vulnerabilities, network configuration vulnerabilities, and lack of proper firewalls lead to physical and cyber -attacks on the power system. The operation of a power system with multipl e functional devices such as DG, is a pu zzling task for current SCADA system. The effective management of complex power system such as MMEMS (see Figure 1.1 ) with various operational devices is possible with a reliable and secure SCADA communication and control network [6]. Furthermore , the growing competition in ele ctric power industry benefits the customers to get more quality of power at cheaper prices. Furthermore, competition is lik ely to increase the mainly at the power distribution edge where the smart grid is connected with customers through smart meters [7]. Smart meters receive the data of power consum ed by the customers and helps the utility balance the supply and load . Figure 1.2 shows how the data obtained from smart meter is used to have a good understanding of the load demand. The Figure 1.2 a shows the demand based on half -hourly data received from smart meters, and shows that the demand is high from 9:00 to 18:00. The F igure 1.2 b shows the demand based on one minute data from smart meters provid e more detailed information about th e household appliances by using appliance level plug monitors. From the Figure 1.2, it is seen that smart meters are able to provide the information of power consumption to customers effectively . Smart meters are a lso designed to measure voltage to improve voltage and power quality. Smart meters also help operators to determine any power outages in the specific location. Smart meters are helpful in generating the electricity bills to customers by time varying demand and time varying price of electricity. Fu rthermore, the 4 Figure 1.2: Graphs generated from smart meter data [8]. information obtained from smart meters is sensitive as it contains customers personal information , such as the time they stay in home, the time they goes out, and the time they use specific appliances. Every customer wants privacy to his pe rsonal information , as privacy is the fundamental right of the individual [8]. It is very important to keep the collected information from smart meters as confidential. Moreover , the growing competition in electric power industry may benefit cyber attacker s to perform cyber -attack s such as data modification, eavesdropping, and phishing attacks on the smart meter communication network s that collect the data of power consumption from customers and replace it with false data to bring loss to the utility . 5 Hen ce, there is a need to have a reliable and secure SCADA communication and control network that is able to control the complex power system effectively and to enhance the cooperation between various operational devices in the system. In addition, consider ing the growing competition at the power distribution edge, it is required to secure smart meters data as they contain sensitive information that benefits other competitors. 1.3 THESIS OBJECTIVE The aim of t his thesis is to study various Advanced Comm unication T echnologies (ACT) that can be integrated into existing SCADA system for bringing more automation, mobility, accessibility, and security to the SCADA control and communication network s. This involves building a SCADA communication network which i s secure a nd reliable for collecting the power consumption data in residential microgrid. The specific objectives of this thesis are given below.  Objective 1 : To analyze and assess various benefits of SCADA system integrated with ACT and propose communicat ion network for residential microgrid. Objective -1 studies the benefits of ACT such as wireless sensor networks, internet, and Mobile Ad hoc N etwork (MANET) when they are used in SCADA system for monitoring and controlling the power system operation s. The Objective -1 proposes a communication network using MANET in residential microgrid for reliable and secure smart meter communications.  Objective 2: To apply Intrusion Detection and Prevention (IDP) technologies to protect the proposed residential microgrid communication network from cyber -attacks. Objective -2 emphasizes on various cyber -attacks on MANET, and applies two IDP technologies: (i) M onitoring, Detection, and Rehabilitation ( MDR ) approach and (ii) Secure Knowledge algorithm with Anomaly detection (SKA) to the proposed SCADA communication network by using Network S imulator version 2 (NS -2). The objective -2 focuses on determining the effectiveness of MDR and SKA technologies in detecting and preventing Denial of S ervice (DoS) attacks. 6 1.4 SCOPE AND LIMITATION S This thesis focus es on develop ing a SCADA control and communication network using ACT. The major contribution of this study is to propose SCADA communication network using MANET. By understanding the dynamic nature of MANET, which benef its cyber attackers to perform cyber -attacks two IDP technologies are applied to the proposed SCADA communication network. (i) MDR approach and (ii) a SKA , which is the proposed IDP technology The major sc ope of this project is to know the advantages of AC T when they are integrated with existing SCADA system. ACT will make the system more reliable, secure, and automated. SCADA communication network using MANET is cost effective and easy to implement, MANET also bring mobility into the system , so that the op erator can move out of the control center without losing the control on the system . This study also presents the effectiveness of two different IDP technologies in detecting and preventing cyber -attacks such as DoS attacks. Following are the limitations of this thesis.  This thesis focus es only on using MANET in SCADA communication network.  Due to complexity in network, our proposed IDP technology , i.e., SKA is only tested when there are 50 communication nodes in the network.  Both the IDP technologies , i.e., MDR approach and SKA are applied to the proposed network are only effective in defending DoS attacks. However, other cyber -attacks such as Sybil attacks, phishing attacks, network travelling worms, and spoofing attacks are not considered in this thesis.  IDP technologies are tested in this thesis when Ad hoc On Demand Distance Vector (AODV) is used as a routing algorithm. The effectiveness of IDP technologies under the other MANET routing algorithms such as Dynamic Source Routing (DSR) , Destination Sequen ced Distance Vector routing (DSDV), and Associativity Based R outing (ABR) are not tested. 7 1.5 THESIS ORGANIZATION This thesis consists of total 6 chapters and t he organization of the thesis is presented in Figure 1.3. This section presents the stru cture of this thesis by briefly explaining each chapter.  Chapter 2 presents the literature review and also confers the architecture and status of existing SCADA system. Chapter 2 also d iscuss different vulnerabilities in the existing SCADA system that lead s to physical and cyber -attacks on the system. Chapter 2 also discuss the benefits of integrating ACT such as wireless sensor networks, internet, and MANET into the SCADA system. Chapter 2 also e xplains various IDP technologies available to prevent cyber -attacks on ACT.  Chapter 3 presents the advantages and disadvantages of MANET, and discuss es the various routing protocols that can be used in MANET. This chapter also discuss es various possible cyber -attacks on MANET such as black hol e attacks and worm hole Figure 1.3 : Organization of thesis. 8 attacks. The main contribution of this chapter is to propose a SCADA communication network using MANET for collecting the data of power consumption from smart meters in residential houses and EV.  Chapter 4 present s how the proposed SCADA communication netw ork is developed using NS -2 simulator. This chapter focuses on the application of MDR a pproach to the proposed network when attacker introduce malicious nodes into the network . This chapter further presents the effectiveness of MDR approach in defending Do S attacks, when the proposed network is simula ted in two scenarios: (i) varying total number of nodes and (ii) varying data rate.  Chapter 5 proposes a new IDP technology , i.e., SKA . The SCADA network is developed using NS -2 and the proposed IDP technology is applied when the network is under DoS attacks such as blackhole attacks and anomaly attacks . Results demonstrates the effectiveness of the proposed IDP technology, i.e., SKA in detecting and preventing blackhole attacks and anomaly attacks that result i n packet dropping.  Chapter 6 concludes the major findings a nd contributions of this thesis. This chapter also presents the possibility of future research in integrating ACT and preventing cyber - attacks on the SCADA control and communication network. 9 Chapter 2: Literature Review The objective of this chapter is to study the vulnerabilities in the SCADA system . This involves determining the possible solutions to overcome those vulnerabilities and also to enhance reliability and security of the syst em. 2.1 PRESENT STATUS OF SCADA SYSTEM SCADA system monitors and controls foremost utility networks including power systems. The responsibilities of SCADA system include (i) collecting the data f rom remote substations, (ii) analyzing the collected i nformation from remote substations, and (iii) send ing control commands to the remote substations through SCADA master with the help of Human Machine I nterface (H MI). SCADA system delivers real -time status of the power system, and also provides information to operators regarding the condition of operational devices whether they need maintenance or replacement. 2.1.1 Components of SCADA S ystem SCADA system is a combination of several components [9 ], [10]. M ajor components of the SCADA syst em are described below.  Sensor networks: sensors at remote substations collect the information such as voltage, current, phase angle, and trip coil status.  Remote Terminal U nits (RTU): In general, RTU is the control center for the substation. RTU comprises sub SCADA master , which collects data from all the sensor networks and controls the substation. RTU stores all the collected information from the sensor networks of the substation.  Programmable Logic C ontrollers (PLC): These PLC are located in substation and used for auto mation. PLC, sensor networks, and RTU are connected to each other for finding the real time status of the substation.  Master Terminal U nit (MTU): MTU is the major control center of the total SCADA system. It is connected to all the remote substations throu gh RTU. It 10 collects and analyze s all the stored data from RTU, and send s control commands to all the substations through SCADA master.  HMI : It provides Graphical User I nteraction (GUI) to the operators at MTU and RTU for easy and efficient operation of the system.  Control and Communication network: This network connects MTU to all the RTU for proving a two way communication among them. 2.1 .2 Architecture of Current SCADA S ystem The importance of proving security to the SCADA system has acknowledged af ter four major blackouts through United States, Canada, and Europe in the year 2003 [11]. Since 2003, major improvements are made to the SCADA system. The current SCADA system architecture is briefly shown in Figure 2.1. Figure 2.1: Architecture of Current SCADA System . 11 The communication and control netw ork s of current SCADA system consists of various number of Local Area N etworks (LAN) that are connected to the Wide Area N etwork (WAN) [12]. In every substation RTU, PLC, and sensor network are connected through LAN, and all the substations are connected t o the control center, i.e. , MTU through WAN. 2.2 VULNERABILITIES IN CURRENT SCADA SYSTEM The numerous effor ts made to the development of architecture of SCADA system incr eased the system dependence on Information and Communication T echnology (ICT) a nd brought new vulnerabilities . In April 2013, the attack on Pacific Gas and E lectric (PG&E) substation raised many questions on the vulnerabilities of physical systems [13]. Federal Energy Regulation C ommission (FERC) study says that the attack on 9 subst ations out of 55,000 transmission substations will take down the entire United Sta tes transmission grid [14]. The vulnerabilities that exist in current SCADA system are described below [15] -[22].  Unpatched operating systems: These systems bring more risk t o the companies and industries such as electric power industry as they are more exposed to cyber threats.  Unencrypted data transmission: As the data transmitted through SCADA communication and control network is sensitive, there are cyber threats from unau thorized people to get access to the sensitive data.  Poor authentication: This will lead to provide sensitive information to unauthorized people such as user login information.  Network design vulnerabilities: Due to the lack of proper segmentation and fire walls , a cyber -attack will lead to hours of site down, loss of data, and requires a lot of time to reestablish the server.  Network configuration vulnerabilities: Due to the lack of port security, malicious USB and other external devices connected will dama ge the sensitive files in the system. 12  Poor code quality: This will benefit cyber -attackers to insert malicious commands into the code.  Network Protocols: Some of the network protocols used for data transmission will not support data encryption.  Some of the SCADA manufacturing companies are developing SCADA system that runs on Windows and Linux. The vulnerabilities related to security in those operating systems is widely known and with the help available advanced hacking tools cyber attackers can get sensiti ve information.  SCADA software vulnerabilities will bring virus into the network, which gives false information to the system operator through HMI.  Company websites sometimes provide useful to data cyber attackers by exposing their organization structure, corporate network system names, employee names, and employee email addresses.  Absence of real -time monitoring: Operators devastate with the huge amount of data they received from network security sensors.  The current using communication infrastructure for phasor measurement units is not authenticated that leads to compromise data integrity. 2.3 PHYSICAL AND CYBER -ATTACKS ON THE SCADA SYSTEM The aforementioned vulnerabilities will lead to different types of both physical and cyber -attacks on the SCADA syst em as described below. 2.3.1 Physical Attacks Following are some physical attacks that are possible on the SCADA system [23].  Tapping high frequency waves with portable current transformer helps attackers to extract the information from power line c arrier communication.  To corrupt the information in optical fibers, attackers use in -band jamming and out -of-band jamming technologies. 13  A natural disaster will lead to physical damage of the entire communication infrastructure, which leads the operator to lost control on the system. 2.3.2 Cyber Attacks Following are the cyber -attacks that are possible on the SCADA system [15] -[22].  Eavesdropping: By using a sniffing sensor, attacker can listen to the private conversation between two communication nodes.  Man -in-the -middle attack: Attacker will attack the communication network when two nodes are communicating and modifies the data, which sends false information to the destination node.  Data injection: Injecting false data into the sensors, which gives incor rect status of the system to operator.  Node compromise attack: Attacker will compromise the sensor node by getting access to the computer, which leads to data injection and data modification attacks.  DoS attacks: Attacker change s the header address of the data packet to send the information to different destination or makes the node to drop the packets it received, which results in data lost.  Phishing attacks: Attackers will get sensitive information such as user names and passwords. In general, these attac ks will be done by email spoofing and instant messaging asking users to enter their login credentials.  Domain Name S ystem (DNS) spoofing: When user enters a domain name in the browser these attacks will made users to direct their systems data into attacker ’s computer.  Virus infection: Virus infection is possible from data download, USB drives, CD - ROMs, and floppy disks. Attacker may use any malicious device and connect to 14 the systems port to inject virus into the system. This infection may corrupt the data in system or helps attacker to remotely operate the infected computer.  Network malware infection: Attacker injects worms into the network, the difference between virus and worm is; virus can only be transferred if a file is transferred between two compute rs. Worm runs independently and spread throughout the network then it acts like virus. 2.4 BENEFITS F ROM INTEGRATING ACT INTO SCADA SYSTEM The integration of ACT improve s the system parameters such as reliability, availability, and security. There a re several benefits with the integration of ACT such as wireless sensor networks, internet, and MANET [24] -[26]. This integration helps to bring more automation, accessibility, and mobility into the system. More detailed benefits due to these ACT are prese nted below. 2.4.1 Wireless Sensor Networks They collect information from the surrounding operational devices and send the collected information to control center. They do not need any wired equipment such a s cables for communication. F ollowing are the ad vantages of wireless sensor networks.  Low power consumption  Cost effective implementation  Reliability 2.4.2 Ad hoc N etworks The increase in demand for wireless communications helps ad hoc networks to gain significant importance. Ad hoc networks are sim ilar to wireless sensor networks, but every node in the network acts as a router and do not require any hardware or software for communication. Following are some advantages of ad hoc networks.  Mobility  Scalability 15  Reliability  Self -healing  Self -configurati on  Redundancy  Cost effective implementation 2.4.3 Internet Internet helps to get information quickly from various smart devices at remote locations. Web based SCADA or internet SCADA helps operators to take action on the alarms through a virtual machine . The main advantage of the internet is to provide accessibili ty to the system operator wherever the operator is in this world. 2.4.4 SCADA Architecture with ACT for Power System Operation By considering the advantages from ACT, this thesis recommends to integrate ACT into the SCADA system. Figure 2.2 shows the architecture of SCADA system with ACT. Figure 2.2: Architecture of SCADA with ACT . 16 As it can be seen from Figure 2.2, wireless sensor networks collect the data from all the smart devices in the remote substations and sends tha t information to the RTU, which sends the information to SCADA control center through internet. System operators can connect to the system using internet or through ad hoc network. 2.5 IDP TECHNOLOGIES TO PREVENT CYBER -ATTACKS Besides the advantages from integrating ACT into the current SCADA system, there are some disadvantages in the form of cyber threats. There is a huge research going on developing IDP technologies to provide cyber security to these ACT, and some of them are reported in [27] - [31] . 2.5.1 Methods of Intrusion Detection in IDP T echnologies Following are the methods of intrusion detection [32].  Signature based detection: This method of intrusion detection helps to detect previously known threats. It compares the signatures of rece ived data over the observed events to detect probable incidents. This kind of detection is very efficient in detecting previously known threats and inefficient in detecting new threats, which are not handled previously. This detection method has very minim um understanding of several network and application protocols, and it is difficult to find threats during complex communications. They also forget previous requests when processing current requests such as request to a web server for a particular page. The se limitations restrict signature based detection to detect threats while handling multiple events.  Anomaly based detection: This method of detection is very efficient in detecting previously unknown threats. It comprises of many profiles to understand the normal behavior such as the average bandwidth, data rate, number of emails sent by the user, and number of times user tried to login for system access. This detection method will generate alert if anything new happens from previous. For 17 example, it genera tes alert if the data rate is increased than the normal. The issue with this detection method is it generates numerous alerts including both threats and non -threats this will make difficult and time consuming to analysts to find the real threat. 2.5.2 Types of IDP T echnologies Following are the types of IDP technologies [32].  Network based: It monitors network traffic and identifies suspicious activity by analyzing network and application protocols activity. These are mostly installed at the routers of Virtual Private N etworks (VPN), and remote access servers.  Wireless: It monitors and analyze the wireless network protocols for identifying the suspicious activity. It cannot identify threats at application layer protocols.

These are mostly installed withi n the range of organizations or industries wireless network.  Network behavioral analysis: It monitors the network traffic and identifies threats such as Distributed Denial of S ervice (DDoS) attacks and worms in the network. These are mostly deployed in org anizations internal network and also installed at the point where the internal network is connected to external network.  Host -Based: It monitors characteristics and events of the single host for finding suspicious activity. These monitor network traffic of that host, application activity, system logs, and configuration changes. These are deployed on the key servers such as public available servers and servers that has sensitive information. 2.6 SUMMARY Chapter 2 provided the detailed literature revie w on the vulnerabilities that are present in the current SCADA system. This c hapter also presented the benefits of integrating ACT into the SCADA system. Various IDP technologies and the methods used in ACT for providing cyber security are also discussed. 18 Chapter 3: Proposed SCADA Communication Network using MANET This c hapter considers the advantages of the ACT discussed in Chapter 2, and provides a detailed study on the advantages and challenges of MANET. This chapter also discuss es various possible cyb er-attacks on MANET. This c hapter contributes to propose a SCADA communication network using MANET. 3.1 INTRODUCTION OF MANET Ad hoc network comprises of wireless nodes that communicate through a common wireless channel [33]. They do not need any infrastructure or a central access point to communicate. Each node in the network acts as a router to transmit data packets from source to destination. All the communication nodes coordinate and work together for maintaining reliability in the network. The se ad hoc networks are referred as mesh networks as the topology of the network represents a mesh topology. MANET bring s mobile applications into the ad hoc network to bring more benefits and challenges into the network. MANET bring s flexibility into the n etwork as they are self -healing, self -configurable, and self -maintainable networks. The hybrid MANET refers to a MANET that is connected to Internet or any other private network.

The mobility in MANET allows communication nodes that act as routers to move freely, which leads to unpredictable and rapid change in network topology [34]. 3.1.1 Advantages of MANET Following are the advantages of using MANET in the comm unication network .  The deployment of MANET is cost effective, simple, and fast.  Power cons umption is less compared to other wireless networks.  The network is robust as it continue to operate even there is a failure in some communication nodes.  MANET bring redundancy into the network as they do not rely on any software or hardware. 19  Scalability is achieved by MANET as they provide easy access to add more communication nodes.  Increase the reliability of the network by establishing a continuous communication.  Very useful in natural disaster conditions to create communication link between users.  Use ful in military applications such as to communicate with tanks, planes, and formation of soldiers.  There are also several civil applications of the MANET such as entertainment on travel, conferences, exhibitions, lectures, and sports events.  Vehicular ad h oc networks are gaining significant importance as they provide information of traffic jams, dangerous spots, obstacles, and speed controls to the users. 3.1.2 Challenges of MANET Following are the challenges associated with MANET [35], [36].  Quality of Service (QoS) is affected by the network dynamic nature, no centralized control, and radio interference.  Limited bandwidth due to continuous change in routing process.  Limited battery power of some devices in the network.  Security concerns during the data transmission from the dynamic nature, limited bandwidth, and limited battery power. 3.2 VARIOUS CYBER -ATTACKS ON MANET The aforementioned challenges benefit the cyber attackers to perf orm cyber -attacks on MANET. F ollowing are some major cyber -attac ks on MANET [37] -[40].  External attacks: In this scenario, an external node that is not a part of network will penetrate into the network and perform malicious activities. 20  Internal attacks: In this scenario, attacker compromise s the internal node to perfor m malicious activities.  Passive attacks: Attacker sense the information of all the nodes without troubling the communication flow and use that sensed information to perform active attacks.  Active attacks: Attacker uses the data obtained from passive attac k and interrupt the data flow in the network. These active attacks include both external and internal attacks. In most cases these active attacks result in DoS attacks.  DoS attacks: Attacker cracks into the network and make the network services unavailable to the intended users. There are several types of DoS attacks such as blackhole attack, greyhole attack, and wormhole attack.  Blackhole attack: In this attack scenario, a malicious node will provide false routing information to the source node. The malic ious node present a fake route to the source node and makes the source node to believe it is the optimal route for sending data to destination. During the data transmission the malicious node drops or modifies the data packets.  Greyhole attack: In this con sequence, a ttacker extends the black hole attack by making the malicious node to drop or modify packets for some time and make the malicious node to behave ordinary for some time. This kind of situation brings difficulty to find the malicious node.  Wormhol e attack: These attacks can be performed even the routing information is kept confidential, authenticated, and encrypted. This attack can be made without the knowledge on the network and without compromising any nodes in the network. In this attack, there are two or more malicious nodes in the network that creates a high speed tunnel among them, which is referred as the wormhole to drop or modify data packets.

Once a wormhole attack is successfully implemented it is difficult to discover a new route other t han wormhole. 21 3.3 ROUTING PROTOCOLS USED IN MANET Routing protocols are used to initiate a route between source and destination for data transmission. The responsibilities of routing algorithm are (i) to determine the best route with shortest distan ce from source to destination, (ii) to maintain a routing table that contains the information of all the nodes in network, an d (iii) to keep table up to date when new nodes join into the network and old nodes are out of the network. The routing proto cols o f MANET are classified in to two types: (a) table driven routing protocols and (b) source initiated on demand driven routing protocols [34]. 3.3.1 Table Driven Routing Protocols These protocols enable all the communication nodes in the network to mainta in an up -to- date routing information. Each node may have one or more routing tables, which helps the node to respond when there is a change in network topology, i.e., when new nodes join into the network and when previous nodes participated in communicatio n are out of the network. There are three types of routing protocols in this category. T he three protocols are only different in maintain ing the information in table with respect to changes in the network. F ollowing are the types in table driven routing pr otocols.  Destination Sequenced Distance V ector routing (DSDV) ,  Cluster Head Gateway Switch R outing (CGSR) , and  Wireless Routing P rotocol (WRP) . 3.3.2 Source Initiated o n Demand Driven Routing Protocols These protocols follow a different approach from t able driven routing protocols. Unlike maintaining the tables for nodes, these protocols only initiate route discovery process when it is desired by the source node. These protocols find all the possible routes from source to destination and select the best route to send data packets f rom source to destination. F ollowing are the types of source initiated on demand driven routing protocols.  Ad -hoc On Demand Distance Vector A lgorithm (AODV) , 22  Dynamic Source R outing (DSR) ,  Tempo rally Ordered Routing A lgorithm (T ORA) ,  Associativity Based R outing (ABR) , and  Signal Stability R outing (SSR) . 3.4 PROPOSED SCADA NETWORK FOR RESIDENTIAL M ICROGRID COMMUNICATION By considering the advantages of MANET, this thesis contributes to present a SCADA communication networ k with MANET for residential microgrid communication. The proposed network is shown in Figure 3.1. Figure 3.1: SCADA communication network with MANET. 23 3.4.1 Objective of the Proposed SCADA Communication Network The proposed network objective is to collect data such as power consumption, power production, and power and voltage quality from the smart meters in residential houses and EVs.

This network also benefits in connecting mobile system operators into the network. These operators are useful to provide immediate mitigation by receiving alerts to their smart phones during the emergency situation such as power blackout in those areas. This network is also helpful to establish connection even in the emergency situations such as natural disasters. The data collected from EVs can be utilized to anal yze the performance of different technologies used in EVs by understanding the power consumption pattern with respect to speed and distance they travelled. The major purpose of using MANET is to connect mobile communication nodes such as mobile system oper ators and EVs into the network. In our proposed network , every communication node such as smart meter, mobile phones, and laptops act as routers to find the best path for sending data from source to base station. The proposed network do not need any infras tructure to implement, and the network is self -configurable and self -maintainable. The objective of the network also includes providing security to the data being transferred as smart meters contain sensitive information that benefits other companies to ta ke over them. S mart meters also contains consumer’s personal data which has to be secured. In order to provide cyber security to our proposed network we applied two IDP technologies. The details of the IDP technologies are explained more in Chapter s 4 and 5 in the context of detecting and preventing DoS attacks. 3.5 SUMMARY By considering the advantages of MANET in creating a reliable communication network in a cost effective manner, Chapter 3 present ed a SCADA communication network in residentia l microgrid using MANETs. Chapter 3 also discussed the challenges associated with MANET that leads to cyber threats. In next , Chapter s 4 and 5 will provide security measures to the cyber threats. 24 Chapter 4: MDR Approach Based IDP Technology Chapter 4 foc uses on the challenges of the MANET that leads to DoS attacks. In this chapter, an IDP technology based on MDR approach for detecting and preventing malicious nodes is applied to the proposed SCADA communication network (see Figure 3.1) presented in Chapte r 3. 4.1 MDR APPROACH MDR appro ach is the IDP technology used to defend DoS attacks by detecting and preventing malicious nodes [41] . MDR approach comprises of three stages (i) monitoring stage, (ii) detection stage, and (iii) rehabilitation stage . 4.1.1 Monitoring Stage This stage monitors all the nodes in the network, and two values are de termined from this stage , i.e., Accomplished Trust Value (ATV) and Reputation Trust V alue (RTV).  Accomplished Trust Value ATV indicates that the specific task of the node is completed successfully. ATV is the sum of ATV -1 and ATV -2 [41] . o ATV -1: If the node sends packet to the projected destination, then ATV -1 is 0.5. If the node fails to send packet to the projected destination then ATV -1 is 0. o ATV -2: If th e node sends an acknowledgement to the source node that it has received the packet then ATV -2 is 0.5. If it did not send acknowledgement , then ATV -2 is 0. o ATV= (ATV -1) + (ATV -2), if this sum is equal to 1, th en the node is considered as not malicious in th is stage.  Reputation Trust Value RTV shows the reputation of the node during the data transmission. This reputation depends on how many times the node drop packets while data is transferred through that node.

The initial value of RTV is equal to 1. If the node drop packets for the first time then value of 25 RTV will drop to 0.5. If the node drop packets for the second time then the value of RTV is 0.25, and if the node drop packets for the third time then RTV value is 0. 4.1.2 Detection Stage This stage determines the Honesty Trust V alue (HTV) of the node. Honesty of the node is defined as the trust that the node gain from other nodes in the network. If the information exchange between two nodes match the information that comes from other nodes then HTV is 1, otherwise HTV is 0. Total Trust State V alue ( TTSV) is calculated by using following equation [41] TTSV = ∑ (ATV+RTV+HTV) – 2 (1) TTSV consists of only two values. I f the node is trusted then TTSV is equal to 1 and if the node is not trusted then TTSV is equal to 0. Any value of TTSV, which is a negative value and a number less than 1 is considered as malicious. 4.1.3 Rehabilitation Stage Due to the dynamic nature of MANET , the nodes will not be in the same state for long. This stage benefits to use of the malicious nodes in the future data transmission when the y come back to the normal state. In this stage , the periodic check for the malicious nodes will be done until the value of TTSV is equal to 1. 4.2 APPLYING MDR APPROACH TO THE PROPOSED SCADA NETWORK In order to prevent DoS attacks caused by malici ous nodes in the network, we applied MDR approach to our proposed SCADA network for residential microgrid communications and this is communicated in our paper [42]. The effectiveness of MDR approach on our proposed SCADA network is tested in two scenarios.  Scenario 1: Varying the total number of nodes from 50 to 200.  Scenario 2: Varying the data rate from 10kb/sec to 40kb/sec. In each scenario , we simulated the network in two different cases, i.e. , attack case and intrusion detection case . 26  Attack case: In t his case , malicious nodes are introduced into the network.  Intrusion detection case: In this case , MDR approach is applied to the network when there are malicious nodes. 4.3 DEVELOPING THE NETWORK USING NS -2 SIMULATOR The network similar to the p roposed SCADA network for residential microgrid communication is developed using NS -2 simulator. The parameters of the developed network are presented in Table 4.1. Appendix I presents the creation of MANET using NS -2. Table 4 .1: Network s imulati on paramet ers for MDR a pproach. Simulator NS -2 Number of nodes 50,100,150,200 Interface type Phy/WirelessPhy Channel Wireless channel MAC type Mac/802_11 Queue type Queue/Drop Tail/PriQueue Queue length 201 Packets Antenna type Omni antenna Propa gation type Two -Ray Ground Size of packet Five hundred and twelve Routing protocol AODV Network traffic TCP Nodes clustering k-means algorithm To avoid complexity during simulation , standard parameters are used to simulat e MANET as shown in Table 4 .1. For routing the data from source to destination , AODV is used as the routing algorithm as it is proved to be an effective routing algorithm [43] -[45]. The 27 developed network is simulated in two scenarios with two cases in each scenario. Figure 4.1 shows the developed network in attack case with the malicious node that drop the packets. Figure 4.2 shows the developed network with intrusion detection case where the MDR approach is applied to defend the network from malicious nodes. Appendix II shows the add ition of malicious nodes to the AODV routing protocol. Figure 4.1: Network under attack case . Figure 4.2: Network under intrusion detection case . 28 Figure 4.3: PDR for attack case (red line) and intrusion detection case (blue line) in Scenario -1. 4.4 RESULTS OF SCENARIO 1: BY VARYING TOTAL NUMBER OF NODES In S cenario 1, network simulation s are carried out by varying the total number of nodes in the network to determine the effectiveness of MDR approach in detecting and preventing DoS attacks. The network is simulated with 50, 100, 150, and 200 nodes. Figure s 4.3 to 4.5 show the effectiveness of MDR approach by presenting the performance of three m ajor network parameters, i .e., Packet Delivery R atio (PDR), network throughput, and delay.  PDR is defined as the ratio of number of packets sent from the source node to the number of packets delivered to the destination node.  Network throughput is defined as the rate of data succes sfully delivered to the destination node.  Delay is the time taken for the packet to reach destination node from the source node. 29 Figure 4.5: Delay for attack case (red line) and intrusion detection case (blue line) in Scenario -1. Figure 4.4: Throughput for attack case (red line) and intrusion detection case (blue line) in Scenario -1. 30 Figure 4.6: PDR for attacks case (red line) and intrusion detection case (blue line) in Scenario -2. Figure 4.3 shows that PDR is higher in intrusion detection case tha n the attack case . PDR reaches 100 percent in intrusion detection case , when there are 200 nodes in the network. Figure 4.4 shows that network throughput is higher in intrusion detection case than the attack case . Throughput is maximum, i.e., 40 kb/sec, wh en the total number of nodes are 200. Figure 4.5 shows that delay is higher in attack case than the intrusion detection case . As it can be seen in Figure 4.5 that d elay in attack case is steady for 50, 100, 150, 200 nodes. In intrusion detection case , the delay is slightly increased as the number nodes that participate in communication for sending the data packets from source to destination are increased. 4.5 RESULTS OF SCENARIO 2: BY VARYING DATA RATE In S cenario 2, the network simulations are carri ed out by varying the data rate from 10 kb/sec to 40 kb/sec. Figures 4.6 to 4.8 show the performance of proposed communication network under this scenario by considering the parameters such as PDR, Network throughput, and delay. 31 Figure 4.8 : Delay for attacks case (red line) and intrusion detection case (blue line) in Scenario -2. Figure 4.7 : Throughput for attacks case (red line) and intrusion detection case (blue line) in Scenario -2. 32 Figure 4.6 shows that PDR for intrusion detection case is greater than the PDR for attack case . The PDR in attack case is very low when the data rate is increased to 40kb/sec. PDR is high in intrusion detection case when the data rate is increased t o 40kb/sec. Figure 4.7 shows that throughput is steady for both cases for the data rate up to 30 kb/sec. However, after 30kb/sec, there is a sudden fall in the throughput for attack case . Similarly, we can also observe in Figure 4.7 that throughput is stea dily increased with an increase in data rate even after 30kb/sec for intrusion detection case . Figure 4.8 shows that delay in attack case is very high with the increase in data rate, whereas delay in intrusion detection case is very low. 4.6 SUMMARY Chapter 4 presented the MDR approach to detect and prevent malicious nodes i n the proposed network presented in Chapter 3. The focus of C hapter 4 was to test the effectiveness of MDR approach in defending malicious nodes . MDR approach is applied to the ne twork developed using NS -2 simulator and tested its efficiency by introducing malicious nodes into the developed network. Test r esults 1 obtained from two scenarios (Scenario 1: varying total number of nodes and Scenario 2: varying data rate ) demonstrate t hat MDR approach is effective in detecting and preventing malicious nodes, which lead to DoS attacks. 1Research findings of this chapter are communicated in IEEE co -sponsored and peer -reviewed conference as indicated below:  G. K. Chalamasetty, P. Mandal, and B. Tseng, “Secure SCADA communication network for detecting and preventing cyber -attacks on power systems,” in Proc. 2016 Clemson University Power System Conference, PSC 2016, Co - sponsored by IEEE, Clemson University, Clemson, SC, March 8 -11, 2016. 33 Chapter 5: Proposed IDP Technology Based on Secure Knowledge Algorithm In Chapter 4 , we applied MDR approach that detects and prevents malicious nodes that may lead to DoS attacks in the proposed SCADA communication netwo rk (see Figure 3.1) discussed in Chapter 3. Chapter 5 contributes to propose an IDP technology, i.e., SKA, which is based on secure knowledge algorithm with the addition of anomaly detec tion. SKA detects and prevents DoS attacks such as black hole attacks and anomaly attacks in the proposed SCADA network. 5.1 PROPOSED SKA TECHNOLOGY The benefits of identifying both known and unkno wn attacks is discussed in [46]. By considering th ose benefits this the sis proposes an IDP technology, i.e., SKA , which is communicated in our paper [47]. Secure knowledge algorithm is a simple and effective method to defend blackhole attacks during AODV routing process in the network, which is discussed in detail in [48]. The blackh ole attack in AODV is such that when the source node sends Route Request (RREQ) to all the nodes in the network, the blackhole attacked node immediately responds to the sour ce node by presenting false Route R eply (RREP) that it has the optimal route to send packets to the destination. During the data transmission from source node to destination node , the blackhole attacked node absorbs all the packets and drop them without sending to destination. The secure knowledge algorithm makes each node in the network to monitor its neighboring nodes and each node in the network contains a data table, which contains the data packets forward by neighboring nodes. Consider there is a malicious node within the intermediate nodes in the network during route discovery process. Intermediate node forwards the RREP from destination to the malicious node , and then the malicious node sends the received information from intermediate node to source node. The neighb oring nodes store two types of informat ion in their table : (i) packet forwarded by intermediate node and (ii) packet forwarded by malicious node. As the malicious node modifies or drops the packets received from intermediate nodes, the two types of information stored in neighboring nodes do not mat ch. The 34 neighboring nodes immediately reports the malicious node to all the nodes in the network. This process benefits the source node to avoid malicious node in participating data transmission.

Furthermore, when the optimal route is discovered for se nding the data from source to destination using secure knowledge algorithm there is a possibility for man -in the -middle attack or some anomaly attacks to compromise the node for packet drop during data transmission. By considering those anomaly attacks , on e more step is added to the IDP technology, i.e., anomaly detection that helps to detect packet dropping after the optimal patch is discovered. During this anomaly attacks , neighboring nodes detect and report the attacked node that drop packets to all the remaining node s in the network . The data flow from source to destination is shown in Figure 5.1. Figure 5.1: Flowchart of the proposed IDP tec hnology. 35 5.2 DEVELOPING TH E PROPOSED SCADA COMMUNICATION NETWORK USING NS -2 The proposed SCADA communication network shown in Figu re 3.1 is dev eloped using NS -2 simulator. Table 5.1 presents the parameters of the developed network. Table 5.1: Network simulation p arameters for proposed IDP technology. The blackhole attacked node is added to the network as shown in Appendix III [49]. Furthermore, the node that is prone to anom aly attack that results in packet dropping is added to the network as shown in Appendix II . The proposed IDP t echnology, i.e., SKA is applied to the attacked network to evaluate its effectiveness in defending the network from black hole and anomaly attacks. 5.3 DATA FLOW UNDER SKA The data flow from source to destinatio n node is shown in Figures 5.2 to 5.6 using NS -2 simulator. Simulator NS -2 Number of nodes 50 Interface type Phy/WirelessPhy Channel Wireless channel MAC type Mac/802_11 Queue type Queue/Drop Tail/PriQueue Queue length 201 Packets Antenna type Omni antenna Propagation type Two -Ray Ground Size of packet Five hundred and twelve Routing protocol AODV Network traffic TCP Nodes clustering k-means algorithm 36  Figure 5.2 shows the route discovery process for sending data from source to destination .  Figure 5.3 shows the detection of black hole attacked node by using a secure knowledge algorithm. Figure 5.2: Route disco very using AODV . Figure 5.3: Detection of blackhole attacked node. 37  Figure 5.4 shows the optimal route selecte d for sending data from source to destination by avoiding blackhole attacked node.  Figure 5.5 shows the identification of misbehaving node caused by anomaly attacks after the optimal route is selected for data transmission. Figure 5.4: Optimal route for sending data to destination. Figure 5.5: Identification of misbehaving n ode. 38  Figure 5.6 shows the optimal route by avoiding both black hole attacked node and the misbehaving node caused by anomaly attack. 5.4 RESULTS AND DISCUSSION Figures 5.7 to 5.9 presents the effectiveness of the proposed IDP technology in detecting and preventing black hole attacks and other anomaly attacks, which results in packet dropping. Results are displayed by considering the major network parameters such as PDR, network throughput, and delay.  Figure 5.7 shows that PDR is constantly increasing with respect to the number of nod es. PDR reaches its maximum value when the nodes are increased to 50.  Figure 5.8 shows the network throughput, which is increasing with respect to the number of nodes in the network, when the data rate is 70kb/sec.  Figure 5.9 shows that the delay in the ne twork is decreased when the number of nodes are increased. Figure 5.6: Optimal route with trusted communication nodes. 39 Figure 5.7: PDR with the application of SKA. Figure 5.8: Network throughput with the application SKA. 40 Figures 5.7 to 5.9 demonstrated that the proposed IDP technology , i.e., SKA is effective in detecting and preventing blackhole attacks and other anomaly attacks. 5.5 SUMMARY Chapter 5 p resented an IDP technology , i.e., SKA, which is used to defend DoS attacks such as blackhole attacks and anomaly attacks that result in packet dropping . The proposed SCADA communication network (see Figure 3.1) is developed using NS -2 simulator . SKA is the proposed IDP technology , and it is ap plied to the network when black hole attacked node and anomaly attacked node ar e introduced into the network. Test r esults 2 demonstrated that the proposed IDP technology is highly effective in defending black hole and an omaly attacks. 2Research findings of this chapter are communicated to an international journal as indicated below:  G.K. Chalamasetty, P. Mandal, and B. Tseng, “SCADA framewor k incorporating MANET and IDP for cyber security of residential microgrid communication network,” Smart Grid and Renewable Energy, Vol. 7, No. 3, pp. 104 -112, 2016. Figure 5.9: Delay with the application of SKA. 41 Chapter 6: Conclusions and Recommendations for Future Work Chapter 6 conclude s the major contributions of this thesis in developing a reliable and secure SCADA system for residential microgrid communications . This chapter also provide s reco mmendations for the future work. 6.1 SUMMARY AND CONCLUSION This thesis contributed to propose a SCADA communication using MANET. In this thesis, we applied two IDP technologies , i.e., MDR approach and SKA in order to detect and prevent various DoS attacks on the proposed network. The summary of this thesis is outlined below.  Chapter 1 presented the research motivation, background, and the challenging role of SCADA system as the DG made the power system more complex. Additionally, this chapter prese nted the need for providing security to smart meter communications.  Chapter 2 presented the literature review of vulnerabilities present in the current SCADA system and discussed the possible cyber -attacks that can be performed on the SCADA system due to the existing vulnerabiliti es. This chapter also recommended to integrate ACT into the current SCADA system by presenting the benefits of using ACT.  Chapter 3 presented the study of MANET, which is one of the ACT discussed i n Chapter 3. This c hapter focuse d on presenting the advantages and challenges associated with MANET. Furth ermore, this chapter contributed to propose a SCADA network for residential microgrid communications using MANET.  Chapter 4 considered the challenges of MANET that lead to cyber -attac ks and applied MDR approach based IDP technology for detecting and preventing malicious nodes that cause DoS attacks. Test r esults presented and discussed in Chapter 4 demonstrated that MDR approach is effective in detecting and preventing malicious nodes.  Chapter 5 proposed an IDP technology, i.e., SKA for detecting and preventing DoS attacks such as blackhole attacks and anomaly attacks that lead to packet dropping. Test 42 results demonstrated that SKA is highly effective in detecting and preventing blackh ole attacks and anomaly attacks that result in packet dropping. 6.2 RECOMMENDATIONS FOR FUTURE W ORK This thesis focused only on DoS attacks . Future work could be interesting to consider other cyber -attacks such as wormhole attack and greyhole att ack on MANET. Furthermore, during the simulation of network under SKA , only 50 nodes are considered in the proposed SCADA network. In future work , the nodes can be increased to a larger number to determine the effectiveness of SKA when there are more numbe r of nodes in the network . Moreover, the future work could also be interesting to (i) determine the effectiveness of the proposed network when two or more ACT are integrated into the SCADA communication network and (ii) develop the new IDP technolog y that defend the ACT network from cyber -attacks. The list of abbreviations used in this thesis and the technical specifications of the PC used for the simulations purpose are shown in Appendices IV and V, respectively. 43 References [1] M. Van der Hoeven , “World Energy Outlook 2013,” International Energy Agency: Tokyo, Japan (2013). [2] C.W. Potter, A. Archambault, and K. Westrick, “Building a smarter smart grid through better renewable energy information,” i n Proc. 2009 Power Systems Conference and Expositio n, 2009. PSCE'09. IEEE/PES , pp. 1 -5, 2009. [3] “Smart Grid: How does it work and why do we nee d it,” Environmental and energy study institute , January 8, 2009. Online available: http://www.eesi.org/briefings/view/smart -grid - how -does -it-work -and -why -do -we -need -it?/smart -grid -how -does -it-work -and -why -do -we - need -it-08 -jan -2009. [4] X. Fang, S. Misra, G. Xue, and D. Yang, “Smart grid — The new and improved power grid: A survey,” Communications Surveys & Tutorials, IEEE, Vol. 14, No. 4, pp. 944 -980, 2012. [5] T.H. Kim, “SCADA architecture with mobile remote components,” WSEAS Transactions on Systems and Control, Vol. 5, No. 8, pp. 611 -622, 2010. [6] W. Wang, Y. Xu, and M. Khanna, “A survey on the communication architectures in smart grid,” Computer Networks, Vol.55, No. 15, pp. 36 04 -3629, 2011. [7] D. Roberts, “Utilities for dummies, part 2: Why we need competitive electri city markets,” May 23, 2013. Online available: http://grist.org/climate -energy/utilities -for -dummies -part - 2-why -we -need -competitive -electricity -markets -with -fennecs/ [8] E. McKenna, I. Richardson, and M. Thomson, “Smart meter data: Balancing consumer privacy concerns with legitimate applications,” Energy Policy 41 , pp. 807 -814, 2012. [9] V. Sridharan, “Cyber security in power systems ,” A Thesis Presented to the Academic Facult y, Georgia Institute of Technology, May 2012. [10] S. Rudrapattana, “Cyber -security analysis in smart grid SCADA systems: A game theoretic approach,” PhD diss ., Texas Tech University, 2013. 44 [11] J.D. Fernandez, and A. E. Fernandez, “SCADA systems: vulnerabilities a nd remediation,” Journal of Computing Sciences in Colleges, Vol. 20, No. 4, pp. 160 -168, 2005. [12] M. Wei, and Z. Chen, “Reliability analysis of cyber security in an electrical power system associated WAN,” in Proc. 2012 Power and Energy Society General Meetin g, IEEE , pp. 1 - 6, 2012. [13] K. Tweed, “Attack on California substation fuels grid security debate,” IEEE spectrum, 2014. [Online]. Available: http://spectrum.ieee.org/energywise/energy/the -smarter - grid/attack -on -california -substation -fuels -grid -security -debate [14] K. Tweed, “Attack on nine substations could take down U.S. grid,” IEEE spectrum, 2014.

[Online]. Available: http://spectrum.ieee.org/energywise/energy/the -smarter -grid/attack -on - nine -substations -could -take -down -us -grid. [15] J.D. Fernandez, and A. E. Fernandez , “SCADA systems: vulnerabilities and remediation,” Journal of Computing Sciences in Colleges, Vol. 20, No. 4, pp. 160 -168, 2005. [16] C.W. Ten, C.C. Liu, and G. Manimaran, “Vulnerability assessment of cybersecurity for SCADA systems,” IEEE Transactions on Pow er Systems, Vol. 23, N o. 4, pp. 1836 -1846, 2008. [17] M. Wei, and Z. Chen, “Reliability analysis of cyber security in an electrical power system associated WAN,” i n Proc. 2016 Power and Energy Society General Meeting, IEEE , pp. 1 - 6, 2012. [18] I.N. Fovino, L. Guidi, M. Masera, and A. Stefanini, “Cyber security assessment of a power plant,” Electric Power Systems Research, Vol. 81, No. 2, pp. 518 -526, 2011. [19] G. N. Ericsson, “Cyber security and power system communication — essential parts of a smart grid infrastructure,” IEEE Transactions on Power Delivery, Vol. 25, No. 3, pp. 1501 - 1507, 2010. 45 [20] R. Mahmud, R. Vallakati, A. Mukherjee, P. Ranganathan, and A. Nejadpak, “A survey on smart grid metering infrastruc tures: Threats and solutions,” i n Proc. 2015 Electro /Information Te chnology (EIT), International Conference , IEEE , pp. 386 -391 , 2015. [21] M. T. O. Amanullah, A. Kalam, and A. Zayegh, “Network security vuln erabilities in SCADA and EMS,” i n Proc. 2005 Transmission and Distribution Conference and Exhibition: Asia and Pacific, IE EE/PES , pp. 1 -6, 2005. [22] M. Rihan, M. Ahmad and M. Beg, “Vulnerability Analysis of wide area measurement system in the smart grid,” Smart Grid and Renewable Energy , Vol. 4 No. 6A, pp. 1 -7, 2013. [23] R. Mahmud, R. Vallakati, A. Mukherjee, P. Ranganathan, and A. N ejadpak, “A survey on smart grid metering infrastruc tures: Threats and solutions,” i n Proc. 2015 Electro/Information Technology (EIT), International Conference , IEEE, pp. 386 -391 , 2015. [24] N.R. Kumar, P. Mohanapriya, and M. Kalaiselvi, “Development of an atta ck -resistant and secure SCADA system using WSN, MANET, and Internet,” International Journal of Advanced Computer Research, Vol. 4, No. 2, p. 627, 2014. [25] T.H. Kim, “SCADA architecture with mobile remote components,” WSEAS Transactions on Systems and Control, Vo l. 5, No. 8, pp. 611 -622, 2010. [26] C. Alcaraz, J. Lopez, J. Zhou, and R. Roman, “Secure SCADA framework for the protection of energy control systems,” Concurrency and Computation: Practice and Experience, Vol. 23, No. 12, pp. 1431 -1442, 2011. [27] P.P. Parik, M .G. Kanabar, and T.S. Sidhu, “Opportunities and challenges of wireless communication technologies for smart grid applications,” i n Proc. 2010 Power and Energy Society General Meeting, IEEE, pp. 1 -7, 2010. [28] A. Baayer, N. Enneya and M. Elkoutbi, “Enhanced tim estamp discrepancy to limit impact of replay attacks in MANETs,” Journal of Information Security , V ol. 3 No. 3, pp. 224 -230, 2012. 46 [29] J. Gao, Y. Xiao, J. Liu, W. Liang, and C .P. Chen, “A survey of communication/networking in smart grids,” Future Generation C omputer Systems, Vol. 28, No. 2, pp. 391 -404, 2012. [30] A. Chakrabarti, and G. Manimaran, “Internet infrastructure security: A taxonomy,” Network, IEEE, Vol. 16, No. 6, pp. 13 -2, 2002. [31] R. Sule, R. S. Katti, and R. G. Kavasseri, “A variable length fast Message Authentication Code for secure communication in smart grids,” i n Proc. 2012 Power and Energy Society General Meeting , IEEE , pp. 1 -6, 2012. [32] K. Scarfone, and P. Mell, “Guide to intrusion detection and prevention systems (idps),” NIST special publication, Vol . 800, No. 2007, p. 94, 2007. [33] H. Deng, W. Li, and D. P. Agrawal, “Routing security in wireless ad hoc networks,” Communications Magazine, IEEE, Vol. 40, No. 10, pp. 70 -75, 2002. [34] D. Sumyla, “Mobile Ad -hoc Networks (manets),” March 20, 2006. [35] D. Helen and D. Arivazhagan, “ Applications, advantages and challenges of ad hoc networks,” JAIR, Vol. 2, No. 8, pp. 453 -7, 2014. [36] R. Ali and F. Zafar, “Bandwidth estimation in mobile ad -hoc network (MANET),” International Journal of Computer Science Vol. 8, No. 5, 2011. [37] P. M. Jawandhiya, M. M. Ghonge, M. S. Ali, and J. S. Deshpande, “A survey of mobile ad hoc network attacks,” International Journal of Engineering Science and Technology, Vol. 2, No. 9, pp. 4063 -4071, 2010. [38] B. Kannhavong, H. Nakayama, Y. Nemoto, N. Kato, and A. Jamalipour, “A survey of routing attacks in mobile ad hoc networks,” Wireless communications, IEEE, Vol. 14, No. 5, pp. 85 -91, 2007. [39] S. Boora, Y. Kumar, and B. Kochar, “A Survey on Security Issues in Mobile Ad -hoc Networks,” IJCSMS International Journal of Computer Science and Management Studies , August 2011 . 47 [40] R. H. Jhaveri, S. J. Patel, and D. C. Jinwala, “DoS attacks in mobi le ad hoc networks: A survey,” i n Proc. 2012 Advanced Computing & Communication Technologies (ACCT), Second International Conferenc e on , pp. 535 -541 , 2012. [41] A. Alsumayt, and J. Haggerty, “Using trust based method to detect DoS Attack in MANETs,” PGNet: The convergence of Networking, Broadcasting, and Telecommunications , UK, 2014. [42] G.K. Chalamasetty, P. Mandal, and B. Tseng, “Secure SCAD A communication network for detecting and preventing cyber -attacks on power systems,” in Proc. 2016 Clemson University Power System Conference , PSC 2016 , Co- sponsored by IEEE, Clemson University, Clemson, SC , March 8 -11, 2016. [43] A. K. Gupta, H. Sadawarti, and A. K. Verma, “Performance analysis of AODV, DSR & TORA routing protocols,” International Journal of Engineering and Technology, Vol. 2, No. 2, p. 226, 2010. [44] N. S. M. Usop, A. Abdullah, and A. F. A. Abidin, “Performance evaluation of AODV, DSDV & DSR ro uting protocol in grid environment,” IJCSNS International Journal of Computer Science and Network Security, Vol. 9, No. 7, pp. 261 -268, 2009. [45] M. Bouhorma, H. Bentaouit, and A. Boudhir, “Performance comparison of ad -hoc ro uting protocols AODV and DSR,” i n Proc. 2009 Multimedia Computing and Systems, ICMCS'09. International Conference on , IEEE, pp. 511 -514 , 2009. [46] Tesfahun, and D.L. Bhaskari, “Effective hybrid intrusion detection system: A layered approach,” International Journal of Computer Network and Inform ation Security (IJCNIS), Vol. 7, No. 3, pp. 35, 2015. [47] G.K. Chalamasetty, P. Mandal, and B. Tseng, “SCADA framework incorporating MANET and IDP for cyber security of residential microgrid communication network,” Smart Grid and Renewable Energy, Vol. 7, No. 3, p p. 104 -112 , 2016. 48 [48] Siddiqua, K. Sridevi, and A.A.K. Mohammed, “Preventing black hole attacks in MANETs usin g secure knowledge algorithm, ” i n Proc. 2015 SPACES , International Conference , IEEE , pp. 421 -425, 2015. [49] S. Dokurer, “Simulation of Black hole atta ck in wireless Ad -hoc networks ,” A Thesis Presented to the Academic Faculty, Atılım University, 2006. 49 Appendix I Sample NS -2 Code for Creating MANET Different codes are written to generate the MANET network for different number of nodes. Appendix I provides the code on how to develop a MANET using NS -2. # De fine options set val(chan) Channel/WirelessChannel; # this declares channel type set val(prop) Propagation/TwoRayGround; # this declares radio propagation model set val(netif) Phy/WirelessPhy; # this declares network interface type set val(mac) Mac/802_11; # this declares MAC type set val(ifq) Queue/Drop Tail/PriQueue; # this declares interface queue type set val(ll) LL; #this declares link layer type set val(ant) Antenna/OmniAntenna; # this decl ares antenna model set val(ifqlen) 512; # this declares packet length in ifq set val(nn) 50; # this declares number of mobile nodes set val(rp) AODV; # this declares the routing protocol set val(x) 1000; # this de clares the topography of X dimension set val(y) 1000; # this declares the topography of Y dimension set val(stop) value; # this declares the simulation end time set ns [new Simulator] set tracefd [open trace file name.tr w] set namtra ce [open nam file.nam w] $ns trace -all $tracefd $ns namtrace -all -wireless $namtrace $val(x)$val(y) # set topography Set topo [new Topography] 50 $topo load_flatgrid $val(x) $val(y) Create -god $val(nn) # Configuration of nodes $ns node -config -adhocRouting $val (rp) \ -llType $val(ll) \ -macType $val(mac) \ -ifqType $val(ifq) \ -ifqLen $val(ifqlen) \ -antType $val(ant) \ -propType $val(prop) \ -phyType $val(netif) \ -channelType $val(chan) \ -topolInstance $topo \ -agen tTrace ON \ -routerTrace ON \ -macTrace OFF \ -movementTrace OFF \ #Energy model of all nodes #Energy=power*time -energyModel EnergyModel \ -initialEnergy value \ -txPower value \ -rxPower value \ -idlePower value \ -sensePower value \ # Define node initial en ergy valu e $n(node number) set initialEnergy value 51 # Setting the node initial position $n(node number) set X_value $n(node number) set Y_value # Defining transport agent by settting a TCP connection between nodes Set tcp [new Agent/TCP/Newreno] Set sink [new Agent/ TCPSink] $ns attach -agent $n(node number) $tcp $ns attach -agent $n(node number) $sink $ns connect $tcp $sink # Defining application agent Set cbr [new Application/Traffic/CBR] # Attaching transport agent to application agent $cbr attach -agent $tcp # Define packet size and interval in seconds $cbr set packet size_512 $cbr set interval_0.1 # Generation time of data packet $cbr set packetSize_512 $cbr set interval_value # CBR start time $ns at value “$cbr start” # CBR stop time $ns at value “$cbr stop” # L abelling the nodes $ns at time “$n(node number) label source” $ns at time “$n(node number) label Destination” $ns at time “$n(node number) label malicious node” 52 $ns at time “$n(node number) label base station” $ns at time “$n(node number) label attacked no de” # Defining the new location of the mobile nodes $ns at time “$n(node number) setdest X -location Y -loaction node movement speed in m/sec # Defining the simulation end time to all nodes for {set i 0}{$i < $val(nn)}{incr i}{ $ns at $val(stop) “$n($i) rese t”; } # Ending the simulation and nam $ns at $val(stop) “ns nam -end -wireless $val(stop)” $ns at $val(stop) “stop” $ns at time “puts \”end simulation \”;$ns halt” Proc stop{}{ global ns tracfd namtrace $ns flush -trace close $tracefd close $namtrace exec nam f ile name.nam } Procfinish{}{ exec xgraph file name.tr } $ns run 53 Appendix II Addition of Malicious Node Appendix II provide s steps for the modification of AODV routing protocol for adding malicious nodes into the network. In order to add malicious nod e to AODV, two files need modification, i.e., (i) aodv.h and (ii) aodv.cc. i. following modifications are done in aodv.h  In AODV class add Boolean variable malicious. Class AODV: public Agent { .......... bool malicious; …….. } ii. Following modifications are done in aodv.cc  Inside the constructor initialize the malicious variable with a value false as shown below. AODV::AODV (nsaddr_t id):A gent(PT_AODV)… { .…… Malicious = false; }  In “if(argc==2)” statement add following lines If(strcmp(argv[1], “malicious”) == 0) { Malicious = true; Return TCL_OK; 54 }  Behavior of malicious no de is implemented by adding following code in “void AODV::rt_resolve(Packet *p)” function. If(malicious==true) { Drop(p,DROP_RTR_ROUTE_LOOP); }  In tcl code add following command after packet transmission. $ns at time “[$node_(node number) set ragent_] malicious” 55 Appendix III Addition of Blackhole Attacked Node Appendix III presents the addition of blackhole attacked node into the network by the modification of aodv.cc file. For this , all the folder names of AODV are changed to blackholeaodv.cc, blackholeaodv.h, blackholeaodv.tcl, blackholeaodv_rqueue.cc, blacholeaodv_rqueue.h. The modifications are exempted to aodv_packet.h and the changes made to remaining are listed below.  The file “ \tcl \lib \ ns -lib.tcl ” is modified as follows blackholeAODV { set ragent [$self create -blackholeaodv -agent $node] } Simulato r instproc create -blackholeaodv -agent { node } { set ragent [new Agent/blackholeAODV [$node node -addr]] $self at 0.0 "$ragent start" # start BEACON/HELLO Messages $node set ragent_ $ragent return $ragent }  The second file to be edited is “ \make file”, which is in the root directory of NS -2. blackholeaodv/blackholeaodv_logs.o blackholeaodv/blackholeaodv.o \ blackholeaodv/blackholeaodv_rtable.o blackholeaodv/blackholeaodv_rqueue.o \  In baodv.cc add following statement if ( (u_int32_t)ih ->saddr() == index) forward((blackholeaodv_rt_entry*) 0, p, NO_DELAY); else drop(p, DROP_RTR_ROUTE_LOOP); 56  The case statements recvRequest function are modified as follows case AODVTYPE_RREQ: recvReq uest(p); break; case AODVTYPE_RREP: recvReply(p); break; case AODVTYPE_RERR: recvError(p); break; case AODVTYPE_HELLO: recvHello(p); break; default: fprintf(stderr, "Invalid blackholeA ODV type (%x) \n", ah>ah_type); exit(1);  The recvRequest function “ (bAODV::recvRequest(Packet *p)) ” is modified by changing the parameter sequence number to a very large number. sendReply(rq ->rq_src, // IP Destination 1, // Hop Count index, // Dest IP Address 4294967295, // Highest Dest Sequence Num MY_ROUTE_TIMEOUT, // Lifetime rq->rq_timestamp); // ti mestamp 57 Appendix IV List of Abbreviations ACT: Advanced Communication Technologies ABR: Associatively Based Routing AODV: Ad hoc on demand Distance Vector ATV: Accomplished Trust Value CGSR: Cluster head Gateway Switch Routing DDoS: Distributed Denial o f Service DG: Distributed Generation DNS: Domain Name System DoS: Denial of Service DSDV: Destination Sequenced Distance Vector DSR: Dynamic Source Routing ESS: Energy Storage Systems EV: Electric Vehicles FERC: Federal Energy Regulation Commission GHG: G reenhouse Gas GUI: Graphical User Interface HMI: Human Machine Interface HTV: Honesty Trust Value ICT: Information and Communication Technology IDP: Intrusion Detection and Prevention LAN: Local Area Network MANET: Mobile Ad hoc Network MDR: Monitoring, De tection, and Prevention MGCC: Microgrid Control Center 58 MMEMS: Multi Microgrid Energy Management System MTU: Master Terminal Unit NS -2: Network Simulator Version 2 PDR: Packet Delivery Ratio PG&E: Pacific Gas and Electric PLC: Programmable Logic Controllers PV: Photovoltaic QoS: Quality of Service RREP: Route Reply RREQ: Route Request RTU: Remote Terminal Unit RTV: Reputation Trust Value SCADA : Supervisory Control and Data Acquisition System SKA: Secure Knowledge algorithm with Anomaly detection SSR: Signal Stability Routing TORA: Temporally Ordered Routing Algorithm TTSV: Total Trust State Value VPN: Virtual Private Network WAN: Wide Area Network WRP: Wireless Routing Protocol 59 Appendix V PC Technical Specifications Table AV.1 shows the technical speci fications of th e PC used for the simulation of network under various scenarios and cases discussed in Chapter 4 and Chapter 5. Simulations were performed on NS -2.

Table AV.1: Technical specifications of PC . Specifications Details PC Brand Lenovo Processo r Intel i7 –=4510U, 2 J2.6 GHz = RAj = 8 GB = Screen Resolution = 1920 * 108M = Operating System = Ubuntu 14.04 LTS (64 Jbit) = Disk Space = 1 TB = 60 Vita Goutham Krishna Chalamasetty was born in Guntur, Andhra Pradesh, India. He received his Bachelor of Technology in Electronics and Communication Engineering from Vignan University, Guntur, India , in the year 2013. In August 2014, he joined the Department of Electrical and Computer Engineering (ECE), UTEP to pursue Master of Science degree in Electrical En gineering (M.S.E.E). In January 2015 , he joined the PRES Lab within the ECE department and started his research career as a Graduate Research Assistant (GRA) under the direct supervision of PRES Lab’s director Dr. Paras Mandal who guided and mentored him throughout his thesis period in the area of Cyber Security for Power Systems . Before starting this research , he had very limited knowledge on Power System. However, d uring this thesis period, he gained good research skills and knowledge on Cyber Security a nd Power System Communication . Furthermore, he expanded his skills into publishing research papers in journal, international conference and symposiums . List of publications associated with his M.S.E.E thesis are provided below. Journal Paper [1] G. K. Chalamas etty , P. Mandal, and B. Tseng, “SCADA framework incorporating MANET and IDP for cyber security of residential microgrid communication network,” Smart Grid and Renewable Energy, Vol. 7, No. 3, pp. 104 -112 , 2016 . Conference Paper [2] G.K. Chalamasetty , P. Man dal, and B. Tseng, “Secure SCADA communication network for detecting and preventing cyber -attacks on power systems,” in Proc. 2016 Clemson University Power System Conference , PSC 2016 , Co- sponsored by IEEE, Clemson University, Clemson, SC , March 8 -11, 201 6.  Recipient of UTEP grad travel grant 61 Symposium Papers [3] G.K. Chalamasetty , P. Mandal, and B. Tseng, “Cyber security model for power system ba sed on gam e theory”, in Proc. 5th Southwest Energy Science and Engineering Symposium , El Paso, Texas, April 4, 201 5. [4] G.K. Chalamasetty , P. Mandal, and B. Tseng, “Comparison of two IDP technologies in detecting and preventing cyber -attacks on microgrid communication networks ,” in Proc. The Southwest Emerging Technology Symposium , El Paso, Texas, April 9, 2016. Mr. C halamasetty is a Student Member of IEEE since 2015. The research , which he led as a GRA at the PRES Lab. , motivated him towards the completion of his M.S.E.E. thesis. He would like to express his utmost gratitude to UTEP for providing an admirable educatio n, knowledge, and research opportunity while pursuing his M.S.E.E. degree. Furthermore, he would like to convey a sincere appreciation to his thesis advisor, Dr. Mandal , for mentoring him towards the completion of this M.S.E.E. thesis en titled “Reliable an d Secure SCADA Framework for Resi dential Microgrid Communication ”. Contact Information : [email protected]. This thesis/dissertation was typed by Goutham Krishna Chalamasetty.