Optimal Trust System Placement in Smart Grid SCADA Networks

The objective of this paper is to propose a trust system placement scheme for smart grid supervisory control and data acquisition (SCADA) networks. The functionalities of a trust system include firewalling and network intrusion detection. It is capable of monitoring both ingress traffic and egress traffic. In order to minimize the capital expenditure (CAPEX) and the operational expenditure (OPEX), only a selected number of nodes are equipped with trust systems. Those nodes are known as the trust nodes. This paper studies the trust system placement problem from a network topological perspective. It develops a scheme that aims to defend SCADA networks, deploying minimal number of trust nodes. It uses a network segmentation approach to distribute the trust nodes. It considers the minimum spanning tree (MST) as a measure of geographic dispersion. In the segmentation approach, size balancing and geographic dispersion are two main concerns. The segment sizes affect the number of required trust nodes. On the other hand, geographic dispersion affects the response time. The proposed scheme computes trust nodes using linear programming problem (LPP) formulations and local search. Numerical analysis is conducted through case studies for the IEEE test system topologies. It reveals the consistency of performance, better quality of protection, and low computational time. The proposed scheme can be a useful cyber security planning tool for smart grid operators.