Introduction

The smart grid aims to provide reliable, efficient, secure, and quality energy generation/distribution/consumption using modern information, communications, and electronics technologies. The integration with modern IT technology moves the power grid from an outdated, proprietary technology to more common ones such as personal computers, Microsoft Windows, TCP/IP/Ethernet, etc. It can provide the power grid with the capability of supporting two-way energy and information flow, isolate and restore power outages more quickly, facilitate the integration of renewable energy resources into the grid, and empower the consumer with tools for optimizing energy consumption. However, in the meantime, it poses security challenges on power systems as the integration exposes the system to public networks.

Many power grid incidents in the past have been related to software vulnerabilities. In [1], it is reported that hackers have inserted software into the US power grid, potentially allowing the grid to be disrupted at a later date from a remote location. As reported in [2], it is believed that an inappropriate software update has led to a recent emergency shutdown of a nuclear power plant in Georgia, which lasted for 48 hours. In [3], it has been reported that a computer worm, Stuxnet, has been spread to target Siemens SCADA systems that are configured to control and monitor specific industrial processes. On 29 November 2010, Iran confirmed that its nuclear programme had indeed been damaged by Stuxnet [4, 5].