Using an IPv6 moving target defense to protect the Smart Grid

As advanced Internet Protocol (IP)-based communication systems are proposed for the Smart Grid, security solutions must be developed which address not only the security of the communications, but also the security of the communicating systems. To support the large number of hosts required for the Smart Grid on an IP network, the new Internet Protocol version 6 (IPv6) must be leveraged. Unfortunately, IPv6 inherits the majority of Internet Protocol version 4 (IPv4) vulnerabilities as well as adds new address-based exploits. The embedded systems necessary for Smart Grid deployments using IP communications will be especially vulnerable to attacks due to their limited system resources. A moving target defense not only secures the communications between peers, but also prevents the peers from being located for attack. Implementing security at the network layer mitigates most IP-specific exploits and allows for solutions to be integrated with minimal impact to existing Smart Grid systems, thus reducing costs and increasing reliability. By using a network layer moving target defense, hosts cannot be located for exploitation and secure connectivity is maintained with trusted peers. A robust Smart Grid network must be capable of proactive defense so that components are not consumed with defending incoming attacks. A solution which implements a proactive network layer defense called the Moving Target IPv6 Defense (MT6D) is offered as a potential solution for secure Smart Grid communications.