Review of web-based information security threats in smart grid
- Resource Type
- Conference
- Authors
- Dehalwar, Vasudev; Kalam, Akhtar; Kolhe, Mohan Lal; Zayegh, Aladin
- Source
- 2017 7th International Conference on Power Systems (ICPS) Power Systems (ICPS), 2017 7th International Conference on. :849-853 Dec, 2017
- Subject
- Power, Energy and Industry Applications
Smart grids
XML
Structured Query Language
Servers
Cross-site scripting
Access control
Smart Grid
Smart Grid Architecture
Risk Management
Information Security
Data vulnerability
SQL injections
Broken authentication and session management
Sensitive Data exposure
XML external entity injection
Broken Access Control
Security Misconfiguration
Cross-Site Scripting (XSS)
Insecure Deserialization of untrusted data
Using Components with Known Vulnerabilities
Insufficient logging and monitoring
- Language
The penetration of digital devices in Smart Grid has created a big security issue. OWASP is an online community of security professionals that identifies the most critical web application security risk in IT domain. Smart Grid also uses client-server based web-applications to collect and disseminate information. Therefore, Smart Grid network is analogous to IT network and similar kind of risk exists in the Smart Grid. This paper review the security risk in Smart Grid domain with reference to OWASP study. The Smart Grid security is more biased towards vulnerabilities associated with a machine to machine communication. Methodology to minimise the risk of attack is also discussed in this research.