Power systems resilience against cyber-attacks. A systematic analysis

Power outages can have serious consequences for national security and a country's economy. Today, electricity generation, transmission and distribution rely on digital systems such as computer systems and communication networks. This development introduces new vulnerabilities in the reliability of electricity supply due to cyber-attacks on information and communication systems. Cyber-attacks evolve from insignificant crime to state-sponsored cyber terrorism. This paper provides a systemic analysis of the most relevant cyber security studies that address the power systems resilience to cyber-attacks. Research that defines cyber security risks and studies that develop solutions to improve the security of power systems are reviewed. Publications between 2013 and 2023 have been reviewed and quantitatively evaluated, contributing to the identity and evaluation of studies developments over the past ten years. The paper additionally proposes an evaluation of a reference attack, the only one executed in 2015 in Ukraine, which caused energy outages for nearly 225,000 clients in western Ukraine. Data about the target of the attack, the method of attack, the purpose, the result obtained by the attackers, the consequences of the attack are documented. After the analysis of this security incident on the power system in Ukraine, a series of measures meant to prevent this type of attacks are going to be proposed.

[1]  Tsvetan G. Tsvetanov,et al.  The effect of the Colonial Pipeline shutdown on gasoline prices , 2021, Economics Letters.

[2]  Jörg Franke,et al.  An Analysis of Black Energy 3, Crashoverride, and Trisis, Three Malware Approaches Targeting Operational Technology Systems , 2020, 2020 25th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA).

[3]  Ming Jin,et al.  Power Grid AC-Based State Estimation: Vulnerability Analysis Against Cyber Attacks , 2019, IEEE Transactions on Automatic Control.

[4]  A. Cárdenas,et al.  ALERT , 2018, Proceedings of the 26th ACM international conference on Multimedia.

[5]  Ravishankar K. Iyer,et al.  Self-Healing Attack-Resilient PMU Network for Power System Operation , 2018, IEEE Transactions on Smart Grid.

[6]  Yang Xiang,et al.  A survey on security control and attack detection for industrial cyber-physical systems , 2018, Neurocomputing.

[7]  Golshan Madraki,et al.  Cyber-Physical Resilience of Electrical Power Systems Against Malicious Attacks: a Review , 2018 .

[8]  Jess Smith,et al.  Ukraine cyber-induced power outage: Analysis and practical mitigation strategies , 2017, 2017 70th Annual Conference for Protective Relay Engineers (CPRE).

[9]  Yuan Zhang,et al.  Resilient Distributed Energy Management Subject to Unexpected Misbehaving Generation Units , 2017, IEEE Transactions on Industrial Informatics.

[10]  Deepa Kundur,et al.  A Game-Theoretic Analysis of Cyber Switching Attacks and Mitigation in Smart Grid Systems , 2016, IEEE Transactions on Smart Grid.

[11]  Haris M. Khalid,et al.  A Bayesian Algorithm to Enhance the Resilience of WAMS Applications Against Cyber Attacks , 2016, IEEE Transactions on Smart Grid.

[12]  Deepa Kundur,et al.  A Flocking-Based Paradigm for Hierarchical Cyber-Physical Smart Grid Modeling and Control , 2014, IEEE Transactions on Smart Grid.

[13]  Karl Henrik Johansson,et al.  Efficient Computations of a Security Index for False Data Attacks in Power Networks , 2012, IEEE Transactions on Automatic Control.

[14]  Ralph Langner,et al.  Stuxnet: Dissecting a Cyberwarfare Weapon , 2011, IEEE Security & Privacy.

[15]  Guofei Gu,et al.  Conficker and beyond: a large-scale empirical study , 2010, ACSAC '10.

[16]  M. Pirani,et al.  A systems and control perspective of CPS security , 2019, Annu. Rev. Control..

[17]  Grant Smith,et al.  Department of Homeland Security , 2007, Disaster Medicine and Public Health Preparedness.