Cyber-Physical Energy Systems Security: Threat Modeling, Risk Assessment, Resources, Metrics, and Case Studies

01/25/2021
by   Ioannis Zografopoulos, et al.
0

Cyber-physical systems (CPS) are interconnected architectures that employ analog, digital, and communication resources for their interaction with the physical environment. CPS are the backbone of enterprise, industrial, and critical infrastructure. Thus, their vital importance makes them prominent targets for malicious attacks aiming to disrupt their operations. Attacks targeting cyber-physical energy systems (CPES), given their mission-critical nature, can have disastrous consequences. The security of CPES can be enhanced leveraging testbed capabilities to replicate power system operations, discover vulnerabilities, develop security countermeasures, and evaluate grid operation under fault-induced or maliciously constructed scenarios. In this paper, we provide a comprehensive overview of the CPS security landscape with emphasis on CPES. Specifically, we demonstrate a threat modeling methodology to accurately represent the CPS elements, their interdependencies, as well as the possible attack entry points and system vulnerabilities. Leveraging the threat model formulation, we present a CPS framework designed to delineate the hardware, software, and modeling resources required to simulate the CPS and construct high-fidelity models which can be used to evaluate the system's performance under adverse scenarios. The system performance is assessed using scenario-specific metrics, while risk assessment enables system vulnerability prioritization factoring the impact on the system operation. The overarching framework for modeling, simulating, assessing, and mitigating attacks in a CPS is illustrated using four representative attack scenarios targeting CPES. The key objective of this paper is to demonstrate a step-by-step process that can be used to enact in-depth cybersecurity analyses, thus leading to more resilient and secure CPS.

READ FULL TEXT

page 1

page 3

page 4

page 16

page 24

page 28

page 31

research
05/28/2020

Model-Based Risk Assessment for Cyber Physical Systems Security

Traditional techniques for Cyber-Physical Systems (CPS) security design ...
research
10/21/2022

A critical review of cyber-physical security for building automation systems

Modern Building Automation Systems (BASs), as the brain that enables the...
research
06/22/2020

An In-Depth Security Assessment of Maritime Container Terminal Software Systems

Attacks on software systems occur world-wide on a daily basis targeting ...
research
05/23/2022

Distributed Energy Resources Cybersecurity Outlook: Vulnerabilities, Attacks, Impacts, and Mitigations

The digitalization and decentralization of the electric power grid are k...
research
08/04/2022

Resilient Risk based Adaptive Authentication and Authorization (RAD-AA) Framework

In recent cyber attacks, credential theft has emerged as one of the prim...
research
12/29/2022

Identification and Verification of Attack-Tree Threat Models in Connected Vehicles

As a result of the ever-increasing application of cyber-physical compone...
research
04/26/2019

Risk Assessment of Cyber Attacks on Telemetry Enabled Cardiac Implantable Electronic Devices (CIED)

Cardiac Implantable Electronic Devices (CIED) are fast becoming a fundam...

Please sign up or login with your details

Forgot password? Click here to reset