A framework for evaluating intrusion detection architectures in advanced metering infrastructures

Alvaro A. Cárdenas, Robin Berthier, Rakesh B. Bobba, Jun Ho Huh, Jorjeta G. Jetcheva, David Grochocki, William H. Sanders

Research output: Contribution to journalArticlepeer-review


The scale and complexity of Advanced Metering Infrastructure (AMI) networks requires careful planning for the deployment of security solutions. In particular, the large number of AMI devices and the volume and diversity of communication expected to take place on the various AMI networks make the role of intrusion detection systems (IDSes) critical. Understanding the trade-offs for a scalable and comprehensive IDS is key to investing in the right technology and deploying sensors at optimal locations. This paper reviews the benefits and costs associated with different IDS deployment options, including either centralized or distributed solution. A general cost-model framework is proposed to help utilities (AMI asset owners) make more informed decisions when selecting IDS deployment architectures and managing their security investments. We illustrate how the framework can be applied through case studies, and highlight the interesting cost/benefit trade-offs that emerge.

Original languageEnglish (US)
Article number6740891
Pages (from-to)906-915
Number of pages10
JournalIEEE Transactions on Smart Grid
Issue number2
StatePublished - Mar 2014


  • AMI
  • architecture
  • intrusion detection
  • threat model

ASJC Scopus subject areas

  • Computer Science(all)


Dive into the research topics of 'A framework for evaluating intrusion detection architectures in advanced metering infrastructures'. Together they form a unique fingerprint.

Cite this