RT Journal Article
T1 SPEAR SIEM: 												A Security Information and Event Management system for the Smart Grid
A1 Radoglou-Grammatikis, Panagiotis
A1 Sarigiannidis, Panagiotis
A1 Iturbe, Eider
A1 Rios, Erkuden
A1 Martinez, Saturnino
A1 Sarigiannidis, Antonios
A1 Eftathopoulos, Georgios
A1 Spyridis, Yannis
A1 Sesis, Achilleas
A1 Vakakis, Nikolaos
A1 Tzovaras, Dimitrios
A1 Kafetzakis, Emmanouil
A1 Giannoulakis, Ioannis
A1 Tzifas, Michalis
A1 Giannakoulias, Alkiviadis
A1 Angelopoulos, Michail
A1 Ramos, Francisco
AB The technological leap of smart technologies has brought the conventional electrical grid in a new digital era called Smart Grid (SG), providing multiple benefits, such as two-way communication, pervasive control and self-healing. However, this new reality generates significant cybersecurity risks due to the heterogeneous and insecure nature of SG. In particular, SG relies on legacy communication protocols that have not been implemented having cybersecurity in mind. Moreover, the advent of the Internet of Things (IoT) creates severe cybersecurity challenges. The Security Information and Event Management (SIEM) systems constitute an emerging technology in the cybersecurity area, having the capability to detect, normalise and correlate a vast amount of security events. They can orchestrate the entire security of a smart ecosystem, such as SG. Nevertheless, the current SIEM systems do not take into account the unique SG peculiarities and characteristics like the legacy communication protocols. In this paper, we present the Secure and PrivatE smArt gRid (SPEAR) SIEM, which focuses on SG. The main contribution of our work is the design and implementation of a SIEM system capable of detecting, normalising and correlating cyberattacks and anomalies against a plethora of SG application-layer protocols. It is noteworthy that the detection performance of the SPEAR SIEM is demonstrated with real data originating from four real SG use case (a) hydropower plant, (b) substation, (c) power plant and (d) smart home.
SN 1389-1286
YR 2021
FD 2021-07-05
LK https://hdl.handle.net/11556/3119
UL https://hdl.handle.net/11556/3119
LA eng
NO Radoglou-Grammatikis , P , Sarigiannidis , P , Iturbe , E , Rios , E , Martinez , S , Sarigiannidis , A , Eftathopoulos , G , Spyridis , Y , Sesis , A , Vakakis , N , Tzovaras , D , Kafetzakis , E , Giannoulakis , I , Tzifas , M , Giannakoulias , A , Angelopoulos , M & Ramos , F 2021 , ' SPEAR SIEM : A Security Information and Event Management system for the Smart Grid ' , Computer Networks , vol. 193 , 108008 . https://doi.org/10.1016/j.comnet.2021.108008
NO Publisher Copyright: © 2021
NO This project has received funding from the European Union's Horizon 2020 Research and Innovation Programme under grant agreement No. 787011 (SPEAR). This project has received funding from the European Union’s Horizon 2020 Research and Innovation Programme under grant agreement No. 787011 (SPEAR).
DS TECNALIA Publications
RD 29 jul 2024