Intrusion Detection and Prevention against Cyber Attacks for an Energy Management System
Industrial Microgrids (IμG) are the large-scale buildings fortified with onsite Distributed Generations (DGs), energy storage, and demand response strategies. For optimal handling of these energy resources, storages, and loads to better match the power demand with the generation, a management system is developed termed as Industrial Energy Management System (IEMS). The optimal operation of IEMS depends on the accuracy of information flowing through the communication links between user and IEMS as well as the IEMS and utility grid. Communication links have some associated cybersecurity issues such as unauthorized access, data modification, and disrupt disclosure to change the operating conditions in today’s era of computation. The main goal of this paper is to devise a technique to efficiently detect and prevent internal as well as external apparition attempts. For this purpose, an Intrusion Detection and Prevention System (ID/PS) against cyberattacks is developed using a Linux operating system based on Smooth-sec software. The proposed ID/PS would continuously monitor and record the traffic within the local IμG network to distinguish a legal command from a real attack by decoding the attack packets to create its templates with defined ID/PS rules to take prevention measures and triggered an alert, alarm or Splunk for the security administrator. The devised novel approach significantly contributes to intrusion attention to vulnerabilities and security analysis of cyber secured equipped IEMS for an IμG.