This paper proposes a methodology to assess cyber-related risks and to identify critical assets both at power grid and substation levels. The methodology is based on a two-pass engine model. The first pass engine is developed to identify the most critical substation(s) in a power grid. A mixture of Analytical hierarchy process (AHP) and (N-1) contingent analysis is used to calculate risks. The second pass engine is developed to identify risky assets within a substation and improve the vulnerability of a substation against the intrusion and malicious acts of cyber hackers. The risk methodology uniquely combines asset reliability, vulnerability and costs of attack into a risk index. A methodology is also presented to improve the overall security of a substation by optimally placing security agent(s) on the automation system.
[1]
Guo Zhizhong,et al.
Vulnerability Assessment of Cyber Security in Power Industry
,
2006,
2006 IEEE PES Power Systems Conference and Exposition.
[2]
G. Manimaran,et al.
Vulnerability Assessment of Cybersecurity for SCADA Systems
,
2008,
IEEE Transactions on Power Systems.
[3]
Thomas L. Saaty,et al.
Multicriteria Decision Making: The Analytic Hierarchy Process: Planning, Priority Setting, Resource Allocation
,
1990
.
[4]
Guo Zhizhong,et al.
Electric power grid structural vulnerability assessment
,
2006,
2006 IEEE Power Engineering Society General Meeting.