Implementation of deep packet inspection in smart grids and industrial Internet of Things: Challenges and opportunities

Upgrading a power grid to a smart grid is a challenging task. For example, since power grids were originally developed to support unidirectional communications, the migration process requires architectural and cybersecurity upgrades due to the integration of devices using bidirectional communication. The integration of these devices opens numerous avenues for cyber attacks, although they also enable numerous capabilities in smart grids. To protect the smart grid from cyber threats, it is important for industry and academia to explore and implement practical cybersecurity models together, for example collaboratively designing and developing suitable smart grid testbeds to facilitate research. In this paper, we survey existing literature relating to the infrastructure and communications for the energy sector and smart grids. Specifically, we study existing recommendations and models from government agencies (e.g. NIST and DOE) and academia, and evaluate deep packet inspection (DPI) approaches as a security tool for smart grids. We also propose a conceptual SDN-based security monitoring framework based on SDN, Network Behavior Analysis (NBA), Deep Learning Models, and DPI attack corroboration, as well as a conceptual forensic-driven security monitoring framework where digital forensics and investigation capabilities are integrated to inform security monitoring.