Cyber risk assessment of power control systems — A metrics weighed by attack experiments

The paper summarises the results of research activities, both methodological and experimental, performed by RSE to evaluate the exposition to cyber risks of the power grid control systems. On the methodological side a risk metric has been defined assigning a value to the cyber/power risk in relation to the occurrence rate of cyber contingencies and their impact on the power service. The higher criticality threats have been experimented in the RSE Laboratory by simulating selected attack processes on telecontrol test beds of passive interconnected HV/MV distribution grids. The experiments concern cyber threats to ICT network components, such as routers and SCADA systems, having a critical role in power grid operation. The experiments assessed the residual vulnerabilities of protected IEC 60870–5–104 TCP/IP based communications between Control Centres and Substation Automation Systems in presence of attack processes assuming different degrees of knowledge about the attacked system's behaviour. The evaluation framework supporting the experimental activity allows monitoring the communication status through a set of measurements such as Inter Message Time, Number of Lost Messages, Inter Reconnection Time and Time To Failure. The knowledge and measures from controlled experiments are then exploited by the cyber-risk metrics to improve the estimation of the vulnerability and threat probabilities related to the successfulness of a given attack.

[1]  Eugene Nickolov,et al.  Critical Information Infrastructure Protection , 2005 .

[2]  Ming-Yuh Huang,et al.  A large scale distributed intrusion detection framework based on attack strategy analysis , 1999, Comput. Networks.

[3]  Kip Morison,et al.  REVIEW OF ON-LINE DYNAMIC SECURITY ASSESSMENT TOOLS AND TECHNIQUES , 2007 .

[4]  Paulo Veríssimo,et al.  Experimental Validation of Architectural Solutions , 2008 .

[5]  Giovanna Dondossola,et al.  Assessment of power control systems communications through testbed experiments , 2009 .

[6]  G. Manimaran,et al.  Vulnerability Assessment of Cybersecurity for SCADA Systems , 2008, IEEE Transactions on Power Systems.

[7]  M. Amin,et al.  Toward self-healing energy infrastructure systems , 2001 .

[8]  G. Dondossola,et al.  Supporting cyber risk assessment of Power Control Systems with experimental data , 2009, 2009 IEEE/PES Power Systems Conference and Exposition.

[9]  Silvano Chiaradonna,et al.  Quantification of dependencies in electrical and information infrastructures: The CRUTIAL approach , 2009, 2009 Fourth International Conference on Critical Infrastructures.

[10]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[11]  Steven M. Rinaldi,et al.  Modeling and simulating critical infrastructures and their interdependencies , 2004, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the.

[12]  Annabelle Lee,et al.  Guidelines for Smart Grid Cyber Security , 2010 .