Distributed Energy Resources Cybersecurity Outlook: Vulnerabilities, Attacks, Impacts, and Mitigations

Zografopoulos, Ioannis; Konstantinou, Charalambos; Hatziargyriou, Nikos D.

doi:10.48550/arxiv.2205.11171

“…Analysis of communication protocol and device assaults shows significant differences in the functional level of attacks and targeted DER assets [38]. Cyberattacks target process sensors, actuators, and controllers at levels 0 and 1 of the Purdue model [18], whereas levels 3, 4, and 5 (communication, coordination, and control fabric) target DER systems.…”

Section: Sg Cyber-physical Vulnerabilities: Distributed Energy Resour...mentioning

confidence: 99%

Survey on Simulation and Vulnerability Testing in Smart Grid

Banik,

Banik

2024

Preprint

1

0

View full text Add to dashboard Cite

The rapid integration of Information and Communication Technology (ICT) is transforming the traditional electrical grid into a {\em Smart Grid}. Smart grids enable two-way communication and improved monitoring and control between utilities and customers. However, due to its heterogeneous nature, public exposure, and weak security at low-powered devices, the Smart Grid has vulnerabilities to various malicious threats, adversaries, and cyber attacks, which may affect cost and service availability. Additionally, when the systems' confidentiality, integrity, or availability are compromised, the resulting fallout can threaten national security and have cascading effects on human lives. Given the extreme consequences of an attack, smart-grid technology must be thoroughly tested for correct operation and security {\em before} it is deployed. As a result, vulnerability testing of smart grids, not only for correctness but for security purposes, has been the subject of numerous studies by academics, government agencies, and private companies. This paper reviews the vulnerabilities associated with the smart grid and spotlights simulation as the vulnerability testing methodology conducted in recent pertinent research works. It also presents various security aspects of the smart grid, including grid applications, system and network infrastructure and components, cyber threats and attacks, simulation, and different mitigation techniques. Finally, we analyze the gaps in the current research works, focusing on simulation. We briefly present a real-time simulation testbed that mimics customer behaviour and integrates hardware in the loop to apply attack methods, analyze vulnerabilities and risk mitigation associated with the smart grid system, and propose future work to improve the current framework.

show abstract

“…Analysis of communication protocol and device assaults shows significant differences in the functional level of attacks and targeted DER assets [37]. Cyberattacks target process sensors, actuators, and controllers at levels 0 and 1 of the Purdue model [18], whereas levels 3, 4, and 5 (communication, coordination, and control fabric) target DER systems.…”

Section: Sg Cyber-physical Vulnerabilities: Distributed Energy Resour...mentioning

confidence: 99%

Survey on Simulation and Vulnerability Testing in Smart Grid

Banik,

Banik

2024

Preprint

0

View full text Add to dashboard Cite

The rapid integration of Information and Communication Technology (ICT) is transforming the traditional electrical grid into a {\em Smart Grid}. Smart grids enable two-way communication and improved monitoring and control between utilities and customers. However, due to its heterogeneous nature, public exposure, and weak security at low-powered devices, the Smart Grid has vulnerabilities to various malicious threats, adversaries, and cyber attacks, which may affect cost and service availability. Additionally, when the systems' confidentiality, integrity, or availability are compromised, the resulting fallout can threaten national security and have cascading effects on human lives. Given the extreme consequences of an attack, smart-grid technology must be thoroughly tested for correct operation and security {\em before} it is deployed. As a result, vulnerability testing of smart grids, not only for correctness but for security purposes, has been the subject of numerous studies by academics, government agencies, and private companies. This paper reviews the vulnerabilities associated with the smart grid and spotlights simulation as the vulnerability testing methodology conducted in recent pertinent research works. It also presents various security aspects of the smart grid, including grid applications, system and network infrastructure and components, cyber threats and attacks, simulation, and different mitigation techniques. Finally, we analyze the gaps in the current research works, focusing on simulation. We briefly present a real-time simulation testbed that mimics customer behaviour and integrates hardware in the loop to apply attack methods, analyze vulnerabilities and risk mitigation associated with the smart grid system, and propose future work to improve the current framework.

show abstract

“…Recent attack incidents such as BlackEnergy, CrashOverride, and Triton illustrate the growing threat of vulnerabilities in the IoT/ICT infrastructure of power systems [2], [3]. One prominent example of an attack incident affecting the power grid is the 2015 Ukraine cyber-attack [4].…”

mentioning

confidence: 99%

CPES-QSM: A Quantitative Method Toward the Secure Operation of Cyber–Physical Energy Systems

Ospina

¹

,

Venkataramanan

²

,

Konstantinou

³

2023

IEEE Internet Things J.

Self Cite

2

0

View full text Add to dashboard Cite

Power systems are evolving into cyber-physical energy systems (CPES) mainly due to the integration of modern communication and Internet-of-Things (IoT) devices. CPES security evaluation is challenging since the physical and cyber layers are often not considered holistically. Existing literature focuses on only optimizing the operation of either the physical or cyber layer while ignoring the interactions between them. This paper proposes a metric, the Cyber-Physical Energy System Quantitative Security Metric (CPES-QSM), that quantifies the interaction between the cyber and physical layers across three domains: electrical, cyber-risk, and network topology. A method for incorporating the proposed cyber-metric into operational decisions is also proposed by formulating a cyber-constrained AC optimal power flow (C-ACOPF) that considers the status of all the CPES layers. The C-ACOPF considers the vulnerabilities of physical and cyber networks by incorporating factors such as voltage stability, contingencies, graph-theory, and IoT cyber risks, while using a multi-criteria decision-making technique. Simulation studies are conducted using standard IEEE test systems to evaluate the effectiveness of the proposed metric and the C-ACOPF formulation.

show abstract

Distributed Energy Resources Cybersecurity Outlook: Vulnerabilities, Attacks, Impacts, and Mitigations

Cited by 4 publications

References 68 publications

Survey on Simulation and Vulnerability Testing in Smart Grid

Survey on Simulation and Vulnerability Testing in Smart Grid

Survey on Simulation and Vulnerability Testing in Smart Grid

CPES-QSM: A Quantitative Method Toward the Secure Operation of Cyber–Physical Energy Systems

Contact Info

Product

Resources

About