Cybersecurity for electric power control and automation systems (original) (raw)
Related papers
Cyber Attacks on Power System Automation and Protection and Impact Analysis
2020 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe), 2020
Power system automation and communication standards are spearheading the power system transition towards a smart grid. IEC 61850 is one such standard, which is widely used for substation automation and protection. It enables real-time communication and data exchange between critical substation automation and protection devices within digital substations. However, IEC 61850 is not cyber secure. In this paper, we demonstrate the dangerous implications of not securing IEC 61850 standard. Cyber attacks may exploit the vulnerabilities of the Sampled Values (SV) and Generic Object-Oriented Substation Event (GOOSE) protocols of IEC 61850. The cyber attacks may be realised by injecting spoofed SV and GOOSE data frames into the substation communication network at the bay level. We demonstrate that such cyber attacks may lead to obstruction or tripping of multiple protective relays. Coordinated cyber attacks against the protection system in digital substations may cause generation and line di...
Dhana Raj Markandu: Control System Cybersecurity - Challenges in a New Energy Landscape
The boundaries between conventional information technology systems on the corporate and personal domains and critical infrastructure control systems on the operational domain are becoming increasingly blurred with the evolution of technology, negating the traditional paradigm of "security by obscurity". The use of similar hardware, software and protocols across these domains as well as the cross-boundary transmission of process data are widespread, leading to control systems being exposed to the same cybersecurity threats commonly faced by conventional systems. However, the risks are amplified as control systems manage critical processes and are not typically designed with security as a primary consideration. Attacks specifically targeting control systems have begun to surface in recent years, underlining the seriousness of the matter. Both the technical and human aspects of cybersecurity must be addressed in order for control systems to be more resilient, with appropriate consideration given to their inherent differences with conventional information technology systems. The changing landscape of the energy industry, driven by the growth of sustainable power generation from renewable sources, smart grids and intelligent energy-efficient appliances, gives rise to new cybersecurity challenges that must be factored into the design and development of future infrastructure.
Cyber-vulnerability of power grid monitoring and control systems
Proceedings of the 4th annual workshop on Cyber security and information intelligence research: developing strategies to meet the cyber security and information intelligence challenges ahead, 2008
In this paper, a methodology is proposed for the evaluation of the impact of cyber attacks on the power grid. This is a systematical approach to evaluate the vulnerabilities of SCADA system at three levels, i.e., system, scenario, and access points. The impact of potential intrusion is evaluated based on the power flow solution. The cause-effect on the proposed method determines the likelihood of the consequence, which can be evaluated based on a substation outage. An IEEE 30 bus system is used to build a test case for the proposed method.
2005
Cyber security standards, guidelines, and best practices for control systems are critical requirements that have been delineated and formally recognized by industry and government entities. Cyber security standards provide a common language within the industrial control system community, both national and international, to facilitate understanding of security awareness issues but, ultimately, they are intended to strengthen cyber security for control systems. This study and the preliminary findings outlined in this report are an initial attempt by the Control Systems Security Center (CSSC) Standard Awareness Team to better understand how existing and emerging industry standards, guidelines, and best practices address cyber security for industrial control systems. The Standard Awareness Team comprised subject matter experts in control systems and cyber security technologies and standards from several
Cyber security of the electric power production and distribution infrastructure
In this paper an attempt was made to introduce the concept of cyber security as applied in the electric power production and distribution infrastructure. Initially, the relevant control systems, threats to their continued safe operation and potential consequences are identified for both individual power plants and the power grid as a whole. Subsequently, the quantitative risk assessment of the aforementioned critical infrastructures is demonstrated by means of a methodology utilising attack trees. Here, is was established that introducing a package of relatively simple countermeasures may improve the overall system vulnerability of a power control system by as much as 45%.
Cyber-Defensive Architecture for Networked Industrial Control Systems
This paper deals with the inevitable consequence of the convenience and efficiency we benefit from the open, networked control system operation of safety-critical applications: vulnerability to such system from cyber-attacks. Even with numerous metrics and methods for intrusion detection and mitigation strategy, a complete detection and deterrence of internal code flaws and outside cyber-attacks has not been found and would not be found anytime soon. Considering the ever incompleteness of detection and prevention and the impact and consequence of malfunctions of the safety-critical operations caused by cyber incidents, this paper proposes a new computer control system architecture which assures resiliency even under compromised situations. The proposed architecture is centered on diversification of hardware systems and unidirectional communication from the proposed system in alerting suspicious activities to upper layers. This paper details the architectural structure of the proposed cyber defensive computer control system architecture for power substation applications and its validation in lab experimentation and on a cybersecurity testbed.
An Analysis of Critical Cybersecurity Controls for Industrial Control Systems
European Conference on Cyber Warfare and Security
Industrial Control Systems (ICS) comprise software, hardware, network systems, and people that manage and operate industrial processes. Supervisory Control and Data Acquisition Systems (SCADA) and Distributed Control Systems (DCS) are two of the most prevalent ICS. An ICS facilitates the effective and efficient management and operation of industrial sectors, including critical infrastructure sectors like utilities, manufacturing, and water treatment facilities. An ICS collects and integrates data from various field controllers deployed in industrial contexts, enabling operators to make data-driven decisions in managing industrial operations. Historically, ICS were isolated from the internet, functioning as part of air-gapped networks. However, the efficiency improvements brought about by the emergence of Information Technology necessitated a shift towards a more connected industrial environment. The convergence of Information and Operational Technology (IT/OT) has made ICS vulnerabl...
Vulnerability Assessment of Cybersecurity for SCADA Systems
IEEE Transactions on Power Systems, 2000
Vulnerability assessment is a requirement of NERC's cybersecurity standards for electric power systems. The purpose is to study the impact of a cyber attack on supervisory control and data acquisition (SCADA) systems. Compliance of the requirement to meet the standard has become increasingly challenging as the system becomes more dispersed in wide areas. Interdependencies between computer communication system and the physical infrastructure also become more complex as information technologies are further integrated into devices and networks. This paper proposes a vulnerability assessment framework to systematically evaluate the vulnerabilities of SCADA systems at three levels: system, scenarios, and access points. The proposed method is based on cyber systems embedded with the firewall and password models, the primary mode of protection in the power industry today. The impact of a potential electronic intrusion is evaluated by its potential loss of load in the power system. This capability is enabled by integration of a logic-based simulation method and a module for the power flow computation. The IEEE 30-bus system is used to evaluate the impact of attacks launched from outside or from within the substation networks. Countermeasures are identified for improvement of the cybersecurity.
A Test bed dedicated to the Study of Vulnerabilities in IEC 61850 Power Utility Automation Networks
2016 IEEE 21st International Conference on Emerging Technologies and Factory Automation (ETFA), 2016
Industrial control systems rely more and more on digital technologies. Although the cyber risk such technologies induce is widely judged as serious, especially for critical infrastructures, these systems have generally not been designed to serve cybersecurity purposes. Instead they were thought first for serving operational efficiency. It thus becomes critical to study cyber threats in industrial environments and experimental test beds are needed to evaluate risks, physical consequences of cyber incidents, and performance of countermeasures. The test bed we present here focuses on studying cyber risks and their mitigation in IEC 61850 power utility automation systems. The operational part is composed of engineering computers, supervision software, off-the-shelf intelligent relays (Intelligent Electronic Device-IED), a hardware-in-the-loop process simulation, and the cybersecurity tools include an attack generation station and a network analyzer. In this paper, we present the operational part, giving details on the power grid hardware-in-the-loop simulation and its importance in the understanding of cyber consequences on the global system. The article concludes giving preliminary experimental results showing consequences of a false data injection attack on a simple electrical architecture.