IEEE Power & Energy Magazine - January/February 2016 - 101

To maintain continuous computer operation,
system operators must understand vulnerabilities
relevant to their devices.
There must also be a defined process to verify the status of
cyberequipment after a physical break in at a substation-a
method to review all the set points, firmware versions, and firewall rules. This procedure would accompany physical checks
and repairs to substation physical equipment after a breach to
certify that the substation is ready to resume normal operations.

Secure Implementation
of CIM Exchanges
The CIM standards provide the semantic definitions and relationships (e.g., metadata) that allow instances of the metadata
objects and relationships to be created in UML. To establish an
interoperable information exchange, both the metadata definitions and instances need to be exchanged and agreed upon
by the exchanging entities. As an example, Figure 6 shows a
subset of the UML regarding a power transformer. The UML
defines that a power transformer is to be contained in a substation and can have a location and a specific serial number.
These definitions represent what could be exchanged but
do not state what specific data is exchanged. The specific
information exchanged would contain the actual location,
substation, and serial number for a particular power transformer. The metadata does not typically contain any significant information that requires cybersecurity protection
(e.g., specific power transformer information). Therefore, the
metadata files do not require cybersecurity protection during
exchange, which is typically done through a variety of outof-band file transfer mechanisms.
The standardization of how instance information is
exchanged, known as serialization standardization, is also
defined by the standards. There are two prevalent exchange serialization techniques used within CIM information exchanges:
files and XSD-based messages. Similar to the metadata, these
serialization standards define how to transfer information but
do not define the specific instance information (e.g., a power
transformer is installed in substation A). As with the metadata,
the standardized serialization definitions do not require cybersecurity protection and thus are transferred using a variety of
out-of-band file transfer mechanisms.
The actual exchange technique (e.g., file transfer or
XSD messages) varies based upon the business application
domain in which the exchange is taking place. Files are
typically moved, via FTP or other file transfer mechanisms,
from the entity that stores the file (e.g., server) to a particular
client requesting the file transfer (e.g., client) in a point-topoint fashion. Messages can be point to point (e.g., the message payload is sent to a particular destination) or point to
january/february 2016

multipoint (e.g., the message payload is sent to multiple destinations) (see Figure 7). The two typical implementations of
point-to-multipoint exchanges are shown in Figure 3.
Methodology 1 shows a single application request being
converted by a messaging engine (provider) into a sequence of
two individual messages. Since the provider is part of the business application, this methodology creates two point-to-point
exchanges. Methodology 2 utilizes the capabilities provided by
other entities on the network path to deliver the single message
produced by the messaging engine to multiple endpoints. Since
the same message is delivered to multiple endpoints, this would
be considered multicast communication where the business
applications are in the same security group. However, since the
CIM message transfers are web service or XSD based, network
multicasting is typically provided through an intervening enterprise service bus (ESB), as shown in Figure 8.
ESBs provide two primary network services:
✔ Message routing based upon message inspection: A
message's ESB delivery destination(s) is typically
determined through inspection of the message header.
However, sometimes it is determined through inspection of the contents of the message payload.
✔ Message transformation: In many situations, the message produced by one application is not consumable,
or understandable, by the destination applications. An
ESB typically has the capability to transform messages from one set of information into another format.
The new message is then delivered to the applications
that need the transformed message content. This transformation capability represents a message adapter that
is placed within the exchange communication path.
As the threats regarding cybersecurity evolve, so do
the approaches to counter the evolving threats. End-to-end
security is an important issue with large component-based
systems. While encrypted tunnels can provide end-to-end
security, when mixed with point-to-multipoint solutions,
such as an ESB, a closer look is required.
Figure 8 shows that end-to-end confidentiality (e.g., between
business application 1 and applications 2 and 3) due to the need
to perform message transformation. The use of an ESB transformation adapter inherently does not allow a cohesive end-to-end
security tunnel; to perform the transformation, the encryption
providing confidentiality would need to be terminated at the
transforming adapter. The adapter would then transform the
message and potentially re-encrypt and re-sign the new messages (e.g., message 2 and message 3). Although there is trust
established between application 1 and the ESB, the fact that the
ieee power & energy magazine

101



Table of Contents for the Digital Edition of IEEE Power & Energy Magazine - January/February 2016

IEEE Power & Energy Magazine - January/February 2016 - Cover1
IEEE Power & Energy Magazine - January/February 2016 - Cover2
IEEE Power & Energy Magazine - January/February 2016 - 1
IEEE Power & Energy Magazine - January/February 2016 - 2
IEEE Power & Energy Magazine - January/February 2016 - 3
IEEE Power & Energy Magazine - January/February 2016 - 4
IEEE Power & Energy Magazine - January/February 2016 - 5
IEEE Power & Energy Magazine - January/February 2016 - 6
IEEE Power & Energy Magazine - January/February 2016 - 7
IEEE Power & Energy Magazine - January/February 2016 - 8
IEEE Power & Energy Magazine - January/February 2016 - 9
IEEE Power & Energy Magazine - January/February 2016 - 10
IEEE Power & Energy Magazine - January/February 2016 - 11
IEEE Power & Energy Magazine - January/February 2016 - 12
IEEE Power & Energy Magazine - January/February 2016 - 13
IEEE Power & Energy Magazine - January/February 2016 - 14
IEEE Power & Energy Magazine - January/February 2016 - 15
IEEE Power & Energy Magazine - January/February 2016 - 16
IEEE Power & Energy Magazine - January/February 2016 - 17
IEEE Power & Energy Magazine - January/February 2016 - 18
IEEE Power & Energy Magazine - January/February 2016 - 19
IEEE Power & Energy Magazine - January/February 2016 - 20
IEEE Power & Energy Magazine - January/February 2016 - 21
IEEE Power & Energy Magazine - January/February 2016 - 22
IEEE Power & Energy Magazine - January/February 2016 - 23
IEEE Power & Energy Magazine - January/February 2016 - 24
IEEE Power & Energy Magazine - January/February 2016 - 25
IEEE Power & Energy Magazine - January/February 2016 - 26
IEEE Power & Energy Magazine - January/February 2016 - 27
IEEE Power & Energy Magazine - January/February 2016 - 28
IEEE Power & Energy Magazine - January/February 2016 - 29
IEEE Power & Energy Magazine - January/February 2016 - 30
IEEE Power & Energy Magazine - January/February 2016 - 31
IEEE Power & Energy Magazine - January/February 2016 - 32
IEEE Power & Energy Magazine - January/February 2016 - 33
IEEE Power & Energy Magazine - January/February 2016 - 34
IEEE Power & Energy Magazine - January/February 2016 - 35
IEEE Power & Energy Magazine - January/February 2016 - 36
IEEE Power & Energy Magazine - January/February 2016 - 37
IEEE Power & Energy Magazine - January/February 2016 - 38
IEEE Power & Energy Magazine - January/February 2016 - 39
IEEE Power & Energy Magazine - January/February 2016 - 40
IEEE Power & Energy Magazine - January/February 2016 - 41
IEEE Power & Energy Magazine - January/February 2016 - 42
IEEE Power & Energy Magazine - January/February 2016 - 43
IEEE Power & Energy Magazine - January/February 2016 - 44
IEEE Power & Energy Magazine - January/February 2016 - 45
IEEE Power & Energy Magazine - January/February 2016 - 46
IEEE Power & Energy Magazine - January/February 2016 - 47
IEEE Power & Energy Magazine - January/February 2016 - 48
IEEE Power & Energy Magazine - January/February 2016 - 49
IEEE Power & Energy Magazine - January/February 2016 - 50
IEEE Power & Energy Magazine - January/February 2016 - 51
IEEE Power & Energy Magazine - January/February 2016 - 52
IEEE Power & Energy Magazine - January/February 2016 - 53
IEEE Power & Energy Magazine - January/February 2016 - 54
IEEE Power & Energy Magazine - January/February 2016 - 55
IEEE Power & Energy Magazine - January/February 2016 - 56
IEEE Power & Energy Magazine - January/February 2016 - 57
IEEE Power & Energy Magazine - January/February 2016 - 58
IEEE Power & Energy Magazine - January/February 2016 - 59
IEEE Power & Energy Magazine - January/February 2016 - 60
IEEE Power & Energy Magazine - January/February 2016 - 61
IEEE Power & Energy Magazine - January/February 2016 - 62
IEEE Power & Energy Magazine - January/February 2016 - 63
IEEE Power & Energy Magazine - January/February 2016 - 64
IEEE Power & Energy Magazine - January/February 2016 - 65
IEEE Power & Energy Magazine - January/February 2016 - 66
IEEE Power & Energy Magazine - January/February 2016 - 67
IEEE Power & Energy Magazine - January/February 2016 - 68
IEEE Power & Energy Magazine - January/February 2016 - 69
IEEE Power & Energy Magazine - January/February 2016 - 70
IEEE Power & Energy Magazine - January/February 2016 - 71
IEEE Power & Energy Magazine - January/February 2016 - 72
IEEE Power & Energy Magazine - January/February 2016 - 73
IEEE Power & Energy Magazine - January/February 2016 - 74
IEEE Power & Energy Magazine - January/February 2016 - 75
IEEE Power & Energy Magazine - January/February 2016 - 76
IEEE Power & Energy Magazine - January/February 2016 - 77
IEEE Power & Energy Magazine - January/February 2016 - 78
IEEE Power & Energy Magazine - January/February 2016 - 79
IEEE Power & Energy Magazine - January/February 2016 - 80
IEEE Power & Energy Magazine - January/February 2016 - 81
IEEE Power & Energy Magazine - January/February 2016 - 82
IEEE Power & Energy Magazine - January/February 2016 - 83
IEEE Power & Energy Magazine - January/February 2016 - 84
IEEE Power & Energy Magazine - January/February 2016 - 85
IEEE Power & Energy Magazine - January/February 2016 - 86
IEEE Power & Energy Magazine - January/February 2016 - 87
IEEE Power & Energy Magazine - January/February 2016 - 88
IEEE Power & Energy Magazine - January/February 2016 - 89
IEEE Power & Energy Magazine - January/February 2016 - 90
IEEE Power & Energy Magazine - January/February 2016 - 91
IEEE Power & Energy Magazine - January/February 2016 - 92
IEEE Power & Energy Magazine - January/February 2016 - 93
IEEE Power & Energy Magazine - January/February 2016 - 94
IEEE Power & Energy Magazine - January/February 2016 - 95
IEEE Power & Energy Magazine - January/February 2016 - 96
IEEE Power & Energy Magazine - January/February 2016 - 97
IEEE Power & Energy Magazine - January/February 2016 - 98
IEEE Power & Energy Magazine - January/February 2016 - 99
IEEE Power & Energy Magazine - January/February 2016 - 100
IEEE Power & Energy Magazine - January/February 2016 - 101
IEEE Power & Energy Magazine - January/February 2016 - 102
IEEE Power & Energy Magazine - January/February 2016 - 103
IEEE Power & Energy Magazine - January/February 2016 - 104
IEEE Power & Energy Magazine - January/February 2016 - 105
IEEE Power & Energy Magazine - January/February 2016 - 106
IEEE Power & Energy Magazine - January/February 2016 - 107
IEEE Power & Energy Magazine - January/February 2016 - 108
IEEE Power & Energy Magazine - January/February 2016 - 109
IEEE Power & Energy Magazine - January/February 2016 - 110
IEEE Power & Energy Magazine - January/February 2016 - 111
IEEE Power & Energy Magazine - January/February 2016 - 112
IEEE Power & Energy Magazine - January/February 2016 - 113
IEEE Power & Energy Magazine - January/February 2016 - 114
IEEE Power & Energy Magazine - January/February 2016 - 115
IEEE Power & Energy Magazine - January/February 2016 - 116
IEEE Power & Energy Magazine - January/February 2016 - 117
IEEE Power & Energy Magazine - January/February 2016 - 118
IEEE Power & Energy Magazine - January/February 2016 - 119
IEEE Power & Energy Magazine - January/February 2016 - 120
IEEE Power & Energy Magazine - January/February 2016 - 121
IEEE Power & Energy Magazine - January/February 2016 - 122
IEEE Power & Energy Magazine - January/February 2016 - 123
IEEE Power & Energy Magazine - January/February 2016 - 124
IEEE Power & Energy Magazine - January/February 2016 - 125
IEEE Power & Energy Magazine - January/February 2016 - 126
IEEE Power & Energy Magazine - January/February 2016 - 127
IEEE Power & Energy Magazine - January/February 2016 - 128
IEEE Power & Energy Magazine - January/February 2016 - Cover3
IEEE Power & Energy Magazine - January/February 2016 - Cover4
https://www.nxtbook.com/nxtbooks/pes/powerenergy_091020
https://www.nxtbook.com/nxtbooks/pes/powerenergy_070820
https://www.nxtbook.com/nxtbooks/pes/powerenergy_050620
https://www.nxtbook.com/nxtbooks/pes/powerenergy_030420
https://www.nxtbook.com/nxtbooks/pes/powerenergy_010220
https://www.nxtbook.com/nxtbooks/pes/powerenergy_111219
https://www.nxtbook.com/nxtbooks/pes/powerenergy_091019
https://www.nxtbook.com/nxtbooks/pes/powerenergy_070819
https://www.nxtbook.com/nxtbooks/pes/powerenergy_050619
https://www.nxtbook.com/nxtbooks/pes/powerenergy_030419
https://www.nxtbook.com/nxtbooks/pes/powerenergy_010219
https://www.nxtbook.com/nxtbooks/pes/powerenergy_111218
https://www.nxtbook.com/nxtbooks/pes/powerenergy_091018
https://www.nxtbook.com/nxtbooks/pes/powerenergy_070818
https://www.nxtbook.com/nxtbooks/pes/powerenergy_050618
https://www.nxtbook.com/nxtbooks/pes/powerenergy_030418
https://www.nxtbook.com/nxtbooks/pes/powerenergy_010218
https://www.nxtbook.com/nxtbooks/pes/powerenergy_111217
https://www.nxtbook.com/nxtbooks/pes/powerenergy_091017
https://www.nxtbook.com/nxtbooks/pes/powerenergy_070817
https://www.nxtbook.com/nxtbooks/pes/powerenergy_050617
https://www.nxtbook.com/nxtbooks/pes/powerenergy_030417
https://www.nxtbook.com/nxtbooks/pes/powerenergy_010217
https://www.nxtbook.com/nxtbooks/pes/powerenergy_111216
https://www.nxtbook.com/nxtbooks/pes/powerenergy_091016
https://www.nxtbook.com/nxtbooks/pes/powerenergy_070816
https://www.nxtbook.com/nxtbooks/pes/powerenergy_050616
https://www.nxtbook.com/nxtbooks/pes/powerenergy_030416
https://www.nxtbook.com/nxtbooks/pes/powerenergy_010216
https://www.nxtbook.com/nxtbooks/ieee/powerenergy_010216
https://www.nxtbook.com/nxtbooks/pes/powerenergy_111215
https://www.nxtbook.com/nxtbooks/pes/powerenergy_091015
https://www.nxtbook.com/nxtbooks/pes/powerenergy_070815
https://www.nxtbook.com/nxtbooks/pes/powerenergy_050615
https://www.nxtbook.com/nxtbooks/pes/powerenergy_030415
https://www.nxtbook.com/nxtbooks/pes/powerenergy_010215
https://www.nxtbook.com/nxtbooks/pes/powerenergy_111214
https://www.nxtbook.com/nxtbooks/pes/powerenergy_091014
https://www.nxtbook.com/nxtbooks/pes/powerenergy_070814
https://www.nxtbook.com/nxtbooks/pes/powerenergy_050614
https://www.nxtbook.com/nxtbooks/pes/powerenergy_030414
https://www.nxtbook.com/nxtbooks/pes/powerenergy_010214
https://www.nxtbookmedia.com