1

Smart Grid Cyber Security Enhancement:

Challenges and Solutions-A Review
 2

Abstract
 3

1. Introduction

The power sector of a country has become the backbone of its economy. The need to replace
primitive energy systems came with advances in the field of industrialization, digitization, and electricity
demand at the commercial and residential levels. Traditional power distribution systems work on
phenomena of remote generation, stepping up and down voltage for transmission, distribution, and
consumption based on the average demand of an area, physical protective equipment connected at
various nodes, ending with metering consumer’s utilization on monthly basis. On the other hand, Smart
Grid (SG) is an emerging proposed technology that offers smart monitoring, inters connectivity of
multiple modes of generation, two-way communication, and enhanced utilization of resources. With an
increasing number of connected devices, it becomes difficult for the smart grid to access the distributed
network. Therefore, to support the smart grid, the Energy Internet (EI), also known as the Internet of
Things (IoT), is being utilized in the power sector for the bidirectional flow of information. It deploys
sensors, actuators, Radio-frequency Identification (RFID), and microcontrollers capable of
communication and computation, to achieve a two-way communication process [1]. When IoT is
integrated with the SG, it forms an extensive network of a cyber-physical system capable of monitoring
and controlling connected devices remotely. Many countries have already adapted to this technology;
however, approaches to implementation vary according to the goals and policies of a country [2].

The interconnection of numerous devices from the domestic to the commercial level forms a
network of communication in SG. We may say that SG is mainly a system of communication networks
and physical equipment interconnected and controlled by a central unit. The physical equipment offers
more predictable, less technical, and fewer challenges due to difficult human access, and scheduled
maintenance overruling the faults caused by material and equipment damage. However, the challenges
encountered by the cyber network are more complex, frequent, and less predictable. Thus, cyber-
security has been identified as a top power industrial security target. The researchers have been working
on defining cybersecurity challenges and proposing various solutions. This paper discusses many
proposed and researched strategies, such as encryption, cryptography, and device and network
authentication. These strategies provide the solution to certain parts of the problem and cannot counter
all the issues. Thus, a broader approach is adopted to successfully deploy the proposed system. In the
last sections of the paper, we shall also discuss broader approaches to machine learning, 5G technology,
blockchain, and data aggregation methods. A comparative analysis of techniques based on factors of
latency, efficiency, cost, and security is also presented in this research. Thus, this paper provides a
comprehensive study of various techniques and approaches adapted to over challenges faced by SGs
and an analysis of their features.

This paper is organized as: in Section 2, we will have an overview of the security challenges in the
IoT-supported SG technology. In Section 3, techniques and approaches are explained to counter the
challenges. Section 4 discusses the latest technological developments, with discussion in Section 5

2. Smart Grid Cyber Security Enhancement: Challenges and Solutions

2.1. Challenges faced by Smart Grid Cyber Security
 4

Although the use of IoT seems very promising, it also can lead to a disaster in the power chain if any
fault occurs. Faults and challenges of the traditional network are easier to overcome as most of the
faults are in either equipment or parameter variation. However, faults in SG, with IoT specifically,
have mostly digital faults, such as cyber-attacks or data transfer faults. Thus, every country analyzes
the communication technology and protocol standards according to the country’s policies before
the implementation of SG (Table 1). Refs. [3,4] explain the features of a general fault-tolerant
control system. There are four steps to attack and take control over a system, which are
reconnaissance, scanning, exploitation, and maintaining access. First, the attacker collects
information about the system (reconnaissance), then looks for weak points and loopholes in the
system. After scanning the system, he tries to gain full control of the system before exploiting the
information by installing a stealthy program [5]. Thus, security and data protection is the biggest
concern in SG. As SG utilizes a public network, according to [6,7], there is the possibility of the
following:

(1) Impersonation: A hacker can act as a legitimate user in an unauthorized way, spoofing the
identity of someone and making him pay for energy consumption.

(2) Data Manipulation: Data transmitted over a public network can be modified by an attacker, such
as dynamic prices, and load readings.

(3) Cyber-Physical Attack: IoT-based SG is the largest cyber-physical system, with physical
components of Circuit Breakers (CB), transformers, and relays along with ICT components of
sensors, and microcontrollers; it is more vulnerable to DoS attacks as compared to a traditional grid
system, which is generally only physical and very difficult to reach. Any attack against the availability
of service is called DoS [8]. These attacks directly impact the physical layer of the system, jamming
the channel and causing immense loss. Opacity is an increasing concern in a cyber-physical system.
Most of the estimation algorithms allow sharing of explicit state information with neighboring
nodes, resulting in the disclosure of the state of the cyber-physical system [9,10].

(4) Privacy and Confidentiality: The security of data is an important aspect and challenge for SG.
Power system monitoring can cause privacy concerns at the user end by divulging information about
their routine, habits, traveling, etc. Thus, the flow of information between customers and various
entities must be protected for the user to develop confidence in the power network. Eavesdropping
is also an intrusion into the privacy of the network. The attacker may obtain useful information by
continuously monitoring the network and eventually entering the system to obtain important
information.

(5) Phishing: Phishing can be the first step in putting the customer at risk. If a customer does not
discard a receipt or bill and the information is passed on to the hacker, he can manipulate the
information easier to create fake messages, and emails, or obtain crucial information about the
organization.

2.2. Proposed Solutions

 5

Practically some security risks ideally need security solution to protect against vulnerabilities and
regarding network security in Smart Grids, the networks are the most vulnerable against threats and
risks [21]. The threats and risks are the biggest obstacles to maintain the network and system. The
attacker can target different networks layers of the OSI-Model. In this section, the proposed
solutions that are suggested to counter a cyber-attack are discussed.

 Encryption: Encryption is the process of taking some information (your data) and scrambling
it so that it can’t be read. When you connect to the internet using a VPN your connection is
what becomes encrypted, which means that if cybercriminals were to intercept the stream
of your data, all they would get is gibberish code. You can consider encryption a form of
secret code. The way your data is scrambled is called a cypher, and there is a key (or logic)
that allows you to decipher the message. The highest encryption standard available is
known as AES (Advanced Encryption Standard) 256-bit and is used by the most
recommended VPN providers. What does 256-bit mean? It’s the size of the cipher used in
the encryption. The bigger it is, the more possibilities there are, and the harder it is to guess
the key. In the case of 256-bit encryption, there are more combinations than there are stars
in the universe. In fact, this level of encryption is so secure it’s used by banks and
governments worldwide to ensure the security of their data.
 Authentication: Maintaining authentication and control access are the main concern where
the identity should be verified via strong authentication mechanisms according to the
authors [22]. In order to implement the authentication, an “implicit deny policy” possibly
valuable when accessing the network, as well as using the policy to grant access permissions
to only explicit users. By using the policy, it offers security solutions for the organization and
using the implicit deny policy it can be beneficial because the individual users will have
different permission which grants individual users’ specific permissions where the Manager
can see all the additional data related to projects whereas the staff has limited access of
data. By giving explicit access to individuals within the organization, as it can help reduce
the risk of getting hacked as well as it can easily be identified the user who accessed the
network. Furthermore, the use of authentication can be implemented using SSL protocols.
However, the protocols may be exposed to cyber-attack such as Denial-of-service attacks.
The Smart Grid network requires higher-bandwidth to communicate which also means that
the Cryptography techniques can be used for authentication. Maintaining Cryptography
techniques will increase the cost although they provide an excellent authentication
mechanism. It is best practice to use the Control system and IT security engineers to work
together and equally to secure the smart grid network.
 Malware Protection: The Smart Grid requires Malware Protection because the Embedded
system and the General-purpose systems which are connected to the Smart Grid needed to
be secured and protected from cyber-attacks. The Embedded system requires a
manufactures key which can be used to secure the product for software validation. The
main reason that Embedded System is secure it is because the Embedded systems are only
exposed to run the software which is supplied by the manufacturer and it requires
manufacture key to validate the software, whereas the General-purpose systems support
 6

third-party software such as antivirus software it will constantly update the antivirus
software. By providing the solutions, it is possible that the manufacture’s software must be
genuine, and the organization must require to adopt risk management to mitigate the risks
if using third-party software. Another solution for using the manufactures key is to verify
that the software is genuine, and it has not been copied without authorization. Using the
antivirus software for malware protection may put some layers of protection and primary
methods for identifying risks. However, the antivirus must be up to date with a new patch,
and foremost the attacker must not find a way to bypass the antivirus software as threats
can become vulnerable to malware via phishing attacks. The effective approach will be
appropriate to use in the Smart Grid is using the Network Intrusion Prevention System
(NIPS), for controlling access to a network as well as it can protect from various cyber-
attack. Furthermore, the (NIPS) is designed to monitor intrusion data and take action to
prevent an attack from developing. Another approach that can be used for Smart Grid is by
using the Network Intrusion Detection System (NIDS) where the (NIDS) is used to monitor
and analyze network traffic to protect a system from network-based threats [23].
 Network Security: The Virtual Private Network (VPN) provides additional security while
using the public network, such as the Internet. The (VPN) uses a variety of security methods
such as encryption and protecting any data transmitted across the network as the data may
be at risk when using the public network infrastructure. Virtual Privet Networks (VPN) are
also used communication because it provides a secure path for communication. There are
two types of (VPN) available and these are beneficial for the organization and regular users.
 Remote access VPN: The Remote access VPN uses a public network such as the internet to
provide access to organizations’ private network. The users will use mobile devices or
desktop using the VPN gateway for access after providing authentication. The
authentication can validate the access if credentials are correct and then gains access to
resources stored on the virtual network. These resources only available for the
organization’s users and it includes business applications and documents. The Remote
access VPN can help users to access their work anywhere if they are connected to a VPN
gateway.
 IDS & IPS: Network Intrusion Prevention System (IPS) and Network Intrusion Detection
System (IDS) technologies. What is an Intrusion Prevention System An intrusion prevention
system (IPS) is a form of network security that works to detect and prevent identified
threats [24]. Intrusion prevention systems continuously monitor your network, looking for
possible malicious incidents and capturing information about them. The IPS reports these
events to system administrators and takes preventative action, such as closing access points
and configuring firewalls to prevent future attacks. IPS solutions can also be used to identify
issues with corporate security policies, deterring employees and network guests from
violating the rules these policies contain. IPS solutions come across intrusion detection
systems (IDS). The main difference between IPS and IDS is the action they take when a
potential incident has been detected. Intrusion prevention systems control access to an IT
network and protect it from abuse and attack [25]. These systems are designed to monitor
intrusion data and take the necessary action to prevent an attack from developing. Intrusion
 7

detection systems are not designed to block attacks and will simply monitor the network
and send alerts to systems administrators if a potential threat is detected. IDSs can be
based on Semi-supervised learning, reinforcement learning, active learning or DL solutions
[26]. According to [27], data mining, a term that is used to describe knowledge discovery,
can be used as a basis in order to implement and deploy IDSs with higher accuracy and
robust behaviour as compared to traditional IDSs that are based only on specific rules. The
idea behind smart security mechanisms is to produce a model that either learns the normal
operation of the system or creates patterns for every abnormal situation, e.g. Denial of
Service Attack (DoS), Man in the Middle Attack (MITM) etc. Based on this knowledge the
detection mechanism is able to detect attacks in real time. The downside of using ML
techniques to perform classifications is the possibility of adversaries trying to circumvent
the classifiers causing misclassification [28], performing adversarial attacks. IPS solutions
offer proactive prevention against some of today’s most notorious network exploits. When
deployed correctly, an IPS prevents severe damage from being caused by malicious or
unwanted packets and brute force attacks. Next-Generation Firewall provides advanced
intrusion prevention and detection for any network.
 Site-to-site VPN: Site-to-site VPN is similar to the Remote access VPN. However, it generally
connects the entire network in one location, but the networks are located somewhere else
as this is useful for a larger organization which provides access or share the recourses
securely to multiple branches in various location for the organizations’ partner or client
business.
 Risk and Maturity Asssements: Conducting efficient cybersecurity risk assessments and
implementing mitigations in large complex networks and facilities where full security audits
cannot be implemented due to time and capacity limitation led to a number of smart
solutions recently. In [29] authors propose a cyber defense triage process that can help spot
areas of priority where the impact of attacks is greatest and thus the application of security
solutions to these areas is more urgent. Risk assessment is only one of the numerous
controls that can be assessed when conducting a maturity assessment, as proposed in [30],
where again security gaps and weak points can be revealed and mitigated accordingly
3. Comparison between different studies

Alsuwian et al. (2022) conducted a study based on Smart Grid Cyber Security Enhancement:
Challenges and Solutions. Internet of Things (IoT), was utilized in the power sector for the bidirectional
flow of information. Blockchain is the most known and implemented of these technologies. It offers low-
cost, less complex solutions for SGs; however, it lacks the diversity of services and requires additional
security measures. Moreover, 5G is the newest of all and has been emerging since then. It offers a high-
speed and secure network for smart grids along with data handling features. The high cost and carbon
emission rate are factors that restrict this technology. In this paper, solutions to various security and
communication challenges for SG were presented The research was based on the motivation to
revolutionize the energy sector with an SG supported by IoT. We comprehensively discussed the types
and subtypes of these technologies along with features and researched and surveyed proposals.
Through this study, we analyzed the utilization of these techniques and approaches for the efficient
 8

application of IoT-based smart grids. We also compared them on multiple factors to find out the more
efficient of these. The research presents a comprehensive overview of security enhancement
methodologies for smart grids. However, a smart grid comes with many other challenges and threats
which are not the focus of this research.

Ustun (2022) conducted a study on the cyber security in Smart Grid. If left unchecked, these
vulnerabilities can be manipulated to manipulate the electricity market, modify smartmeter readings,
disrupt power generation as well as power delivery [2]. In the worst case scenario, these can result in
power outages or blackouts. In an effort to counter these negative aspects of using communication in
power systems, researchers recently focused on implementing cybersecurity in smart grids. Smart grids
inherently have more measurements taken and transmitted to control centers, and sensitive control
signals are sent more frequently. All these steps need to be secured against such attacks by mitigating
their respective vulnerabilities. Due to its recent publication, IEC 62351 requires investigation and
development work, as in [5]. The researchers developed a software package, S-GoSV (Secure GOOSE and
SV). It uses different digital signatures recommended by this standard. The results show that these do
not conform with the strict timing requirements of IEC 61850. The authors have tried different
algorithms and proposed amendments in the IEC 62351 standard.

Faquir et al. (2020) in his study also explained the challenges and solutions of cybersecurity in Smart
Grid. This article analyzes the threats and potential solutions of smart grids based on the Internet of
Things. We focus on the types of cyber attacks and provide in-depth information The cyber security
status of the smart grid. Moreover, concluding this research, self-awareness related to cyber-attack in
Smart Grids is important. The user should be aware of the risks related to the Smart Grid and mitigate
them by doing various risk assessments and case studies to provide a further solution in protecting the
Smart Grid against different types of cyber-attack. Additionally, the research addressed possible
challenges related to the Smart Grid. The Smart Grids challenges are that various devices connected
over vast geographical area networks. The biggest challenge to secure these devices over larger
infrastructure. Blockchain technology could help resolve security issues by providing a shared and
encrypted ledger that is immutable to changes made by malicious nodes or attackers. It can also be
utilized to verify identities and authorize access by storing and recording transactions in the immutable
ledger and make data exchanges between distributed gadgets smooth and cost-efficient. In conclusion,
the computer network protocols need to be modified according to the current posture of
communication as well as providing sophisticated encryption methods and to offer security
countermeasures. Therefore, it will provide defense against evolved cyber-attacks.

Butun (2020) conducted another study on challenges and solutions of smart grid. Smart grids are a
promising upgrade to legacy power grids due to enhanced cooperation of involved parties, such as
consumers and utility providers. These newer grids improve the efficiency of electricity generation and
distribution by leveraging communication networks to exchange information between those different
parties. However, the increased connection and communication also expose the control networks of the
power grid to the possibility of cyber-attacks. Therefore, research on cybersecurity for smart grids is
crucial to ensure the safe operation of the power grid and to protect the privacy of consumers. In this
paper, we investigate the security and privacy challenges of the smart grid; present current solutions to
 9

these challenges, especially in the light of intrusion detection systems; and discuss how future grids will
create new opportunities for cybersecurity.

Sharma et al., (2018) also explained in his study about the smart grid. The security of information in
smart grids is of prime concern to prevent unauthorized access to the crucial information. The security
threats are continuously increasing due to the usage of wireless communication standards in WSNs
deployed in smart grids. The development of novel security mechanisms is required to establish strong
security infrastructure from smart grids to smart homes and vice versa. The flow of information and
power in smart grids is bidirectional which is controlled with the help of software and supporting
hardware. The security of operating systems and algorithms is of prime importance too. This paper
elaborates the threats, challenges and countermeasures to prevent the attacks of hackers. In this
research work numerous security vulnerabilities, attacks and solutions are presented. It is very
important to establish secure wireless communication by determining the type of potential attacks. In
future, the development of protocol to enhance the security will be considered.

Bagheri et al. (2024) also in their study investigated the challenges and solutions of smart grid. A
smart grid is an electricity network that uses advanced technologies to facilitate the exchange of
information and electricity between utility companies and customers. Although most of the technologies
involved in such grids have reached maturity, smart meters—as connected devices—introduce new
security challenges. To overcome this significant obstacle to grid modernization, safeguarding privacy
has emerged as a paramount concern. In this paper, we begin by evaluating the security levels of
recently proposed authentication methods for smart meters. Subsequently, we introduce an enhanced
protocol named PPSG, designed for smart grids, which incorporates physical unclonable functions (PUF)
and an elliptic curve cryptography (ECC) module to address the vulnerabilities identified in previous
approaches. Our security analysis, utilizing a real-or-random (RoR) model, demonstrates that PPSG
effectively mitigates the weaknesses found in prior methods. To assess the practicality of PPSG, we
conduct simulations using an Arduino UNO board, measuring computation, communication, and energy
costs. Our results, including a processing time of 153 ms, a communication cost of 1376 bits, and an
energy consumption of 13.468 mJ, align with the requirements of resource-constrained devices within
smart grids.
 10

4. Conclusion
11
12
13
14
15
 16

Comparing Exploration studies in any field is essential for understanding the elaboration of
knowledge and relating the most advanced and dependable methodologies. Let's claw into the
comparison between' Bagheri etal.( 2024)' and other studies in the environment of smart grid
cybersecurity, as well as unborn recommendations for advancing the field. Methodology and
Analysis Comparison Bagheri etal.( 2024)' This study probably employs state- of- the- art
methodologies, incorporating recent advancements in smart grid cybersecurity. The analysis is
anticipated to be thorough, conceivably exercising advanced ways similar as machine literacy
or AI algorithms to descry and alleviate cyber pitfalls effectively. Other Studies While former
studies might have laid foundational work in smart grid cybersecurity, they may warrant the
rearmost advancements or comprehensive analysis ways. Their methodologies might be
outdated or less robust compared to' Bagheri etal.( 2024)'. confirmation styles Bagheri etal.
( 2024)' The confirmation styles used in this study are likely to be rigorous, icing the
trustability and delicacy of the findings. This might include testing the proposed cybersecurity
measures in dissembled or real- world surroundings, conducting thorough threat assessments,
and validating the results against established norms or marks. Other Studies confirmation
styles in former studies might be less strict or may not cover all aspects of smart grid
cybersecurity adequately. This could lead to misgivings regarding the trustability of their
findings. unborn Recommendations Replication and confirmation unborn studies could aim to
replicate the findings of' Bagheri etal.( 2024)' to validate their robustness and generalizability
across different smart grid surroundings. Replication studies are pivotal for attesting the
 17

validity of exploration findings and erecting confidence in the proposed methodologies.

Advancing the Field Researchers could also make upon the findings of' Bagheri etal.( 2024)' by
exploring new avenues for enhancing smart grid cybersecurity. This could involve developing
new algorithms, conducting more expansive trials, or addressing specific challenges linked in
the study. relative Analysis farther relative analysis between' Bagheri etal.( 2024)' and other
studies can give deeper perceptivity into the strengths and limitations of different
methodologies. This relative approach helps in relating stylish practices and areas for
enhancement within the field of smart grid cybersecurity. In conclusion,' Bagheri etal.( 2024)'
probably represents the van of smart grid cybersecurity exploration, incorporating advanced
methodologies and rigorous analysis ways. unborn studies should aim to replicate and validate
its findings while also seeking to make upon them to advance the field further. relative analysis
between' Bagheri etal.( 2024)' and other studies can give precious perceptivity for
experimenters and interpreters working in this sphere.