Policy enforcement system for secure interoperable control in distributed Smart Grid systems

Cristina Alcaraz, Javier Lopez, Stephen Wolthusen

Research output: Contribution to journalArticlepeer-review

Abstract

Interoperability of distributed systems in charge of monitoring and maintaining the different critical domains belonging to Smart Grid scenarios comprise the central topic of this paper. Transparency in control transactions under a secure and reliable architecture is the aim of the policy enforcement system proposed here. The approach is based on the degree of observation of a context and on the role-based access control model defined by the IEC-62351-8 standard. Only authenticated and authorised entities are able to take control of those distributed elements (e.g., IEC-61850 objects) located at distant geographical locations and close to the critical infrastructures (e.g., substations). To ensure the effectiveness of the approach, it is built on graphical–theoretical formulations corresponding to graph theory, where it is possible to illustrate power control networks through power-law distributions whose monitoring relies on structural controllability theory. The interconnection of these distributions is subject to a network architecture based on the concept of the supernode where the interoperability depends on a simple rule-based expert system. This expert system focuses not only on accepting or denying access, but also on providing the means to attend to extreme situations, avoiding, as much as possible, the overloading of the communication. Through one practical study we also show the functionalities of the approach and the benefits that the authorisation itself can bring to the interoperability.
Original languageEnglish
Pages (from-to)301-314
Number of pages14
JournalJournal of Network and Computer Applications
Volume59
Early online date17 Jul 2015
DOIs
Publication statusPublished - 1 Jan 2016

Keywords

  • Smart Grid Distributed control systems Controllability Interoperability Policy enforcement Access control

Cite this