Page 316 - From Smart Grid to Internet of Energy
P. 316
Internet of things for smart grid applications Chapter 7 281
as get, put, post, and delete for clients and subscribers on a web-based architec-
ture. The protocol supports up to a thousand of devices with the proper effi-
ciency and performance.
Extensible Messaging and Presence Protocol (XMPP): XMPP is a message-
oriented middleware to transmit voice and video data in decentralized client-
subscriber architecture. XMPP enables users to communicate by instant
messages on web-based platform regardless of any OS. There are some exten-
sions have been included in the recent versions of XMPP to improve its usage in
IoT applications [32, 49].
7.4.2 Services and security of IoT
The integration of IoT and smart grid enable to data acquisition in a large man-
ner that almost all the data are vital for industrial, residential, and daily life
applications. Besides the acquisition, obtained data are stored in several local
or remote databases. Thus, the security and privacy issues play a crucial role
for IoT and smart grid infrastructures. The security studies focus on typical
basic features to increase the durability against attacks. These features can
be listed as confidentiality that defines to protect data and private information
secure against unauthorized accesses, integrity referring to prevention of mod-
ifications on stored data, authentication that means to enable someone to man-
age the data and to refuse the illegal access, and availability that refers to the
ability of authorized users to access the data whenever required. Other related
security requirements are privacy, anonymity, liability and non-repudiation.
The attacks are categorized into four groups as interception that is a passive
attack method, and interruption, modification, and fabrication that are active
attacks. Interception targets the confidentiality and identifies an antagonistic
eavesdropping on a content of recipient. It performs traffic analysis and release
of message. The effect of interception can be quite important since attacks are
directed to basic infrastructure such as network base and M2M gateways. Inter-
ruption is an active attack threat that blocks the transmission of a message by
jamming, man-in-the-middle attack (MITM) or DoS attacks. In DoS attack,
adversary makes any service, machine or network unavailable for recipients.
Modification defines the action of intercepting and transmitting the modified
message to a specific service that is something similar with MITM attack. Fab-
rication attack refers to adjusting a message and inserting to the original mes-
sage to transmit to recipient [51, 52].
The cyber-security threats are defined as passive and active attacks where
the passive attacks target confidentiality of system. The attack types under this
group are traffic analysis and release of message contents. The widely known
interruption type attacks can be listed as channel jamming, routing attacks, DoS,
and breaking the communication line. The attacks targeting authenticity are
message forgery and spoofing of smart meter, power plant, and household
devices. The attacks on availability are performed in several ways as selective
