Taxonomy of Security Threats in Energy Systems

Steadily energy systems are going to be linked with web technologies, information, communication, and automation technologies. The connectivity aims to employ maximum benefit of the Industrial Internet of Things in the energy sector and accelerate the transition to clean energy systems. However, the continuous integration intensifies the complexities surrounding protection of critical infrastructures against cyber-physical attackers concerning both operational and monetary issues associated with electricity market operations. The diverse nature of cyber-physical attacks attributed to the different domains in energy systems drives security researchers to pursue a robust categorization of attacks depended on the attack surface on energy systems. However, most of the attack categorization found in the literature lack the flexibility or multidimensional categorisation. In this paper, a multidimensional taxonomy of security threats in energy systems is proposed for enhanced flexibility. Moreover, other taxonomies found in the literature are also examined according to our criteria.

[1]  John D. Howard,et al.  An analysis of security incidents on the Internet 1989-1995 , 1998 .

[2]  Adnan Masood,et al.  Cyber security for service oriented architectures in a Web 2.0 world: An overview of SOA vulnerabilities in financial services , 2013, 2013 IEEE International Conference on Technologies for Homeland Security (HST).

[3]  Yang Xiao,et al.  Smart Grid Attacks and Countermeasures , 2015, EAI Endorsed Trans. Ind. Networks Intell. Syst..

[4]  Ron S. Kenett,et al.  Systems Engineering in the Fourth Industrial Revolution , 2019 .

[5]  Sylvain P. Leblanc,et al.  Taxonomy of cyber attacks and simulation of their effects , 2011, SpringSim.

[6]  Hanumat Prasad Alahari,et al.  Performance Analysis of Denial of Service DoS and Distributed DoS Attack of Application and Network Layer of IoT , 2019, 2019 Third International Conference on Inventive Systems and Control (ICISC).

[7]  Naima Kaabouch,et al.  Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.

[8]  D. L. Lough,et al.  A taxonomy of computer attacks with applications to wireless networks , 2001 .

[9]  S. Shankar Sastry,et al.  A Taxonomy of Cyber Attacks on SCADA Systems , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[10]  Scott O. Bradner,et al.  Key words for use in RFCs to Indicate Requirement Levels , 1997, RFC.

[11]  Jean-Pierre Seifert,et al.  Breaking and entering through the silicon , 2013, CCS.

[12]  Shingo Yamaguchi,et al.  Malware propagation effects on SCADA system and smart power grid , 2018, 2018 IEEE International Conference on Consumer Electronics (ICCE).

[13]  David M. Nicol,et al.  Prevention of malware propagation in AMI , 2013, 2013 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[14]  Peter Maynard,et al.  Investigating cyber-physical attacks against IEC 61850 photovoltaic inverter installations , 2015, 2015 IEEE 20th Conference on Emerging Technologies & Factory Automation (ETFA).

[15]  Xiaohui Liang,et al.  Securing smart grid: cyber attacks, countermeasures, and challenges , 2012, IEEE Communications Magazine.

[16]  Mihui Kim,et al.  Intrusion Detection of NSM Based DoS Attacks Using Data Mining in Smart Grid , 2012 .

[17]  Lingfeng Wang,et al.  Power System Reliability Analysis With Intrusion Tolerance in SCADA Systems , 2016, IEEE Transactions on Smart Grid.

[18]  Akhtar Kalam,et al.  Review of web-based information security threats in smart grid , 2017, 2017 7th International Conference on Power Systems (ICPS).

[19]  Michail Maniatakos,et al.  Hardware-Layer Intelligence Collection for Smart Grid Embedded Systems , 2019, Journal of Hardware and Systems Security.

[20]  D M Faissol,et al.  Taxonomies of Cyber Adversaries and Attacks: A Survey of Incidents and Approaches , 2009 .

[21]  Kemal Bicakci,et al.  A Taxonomy of the Emerging Denial-of-Service Attacks in the Smart Grid and Countermeasures , 2018, 2018 26th Telecommunications Forum (TELFOR).

[22]  M. Bishop Vulnerabilities Analysis , 1967 .

[23]  Maurizio Aiello,et al.  Remotely Exploiting AT Command Attacks on ZigBee Networks , 2017, Secur. Commun. Networks.

[24]  Joachim Fabini,et al.  Cyber attack models for smart grid environments , 2017 .

[25]  Zhuo Lu,et al.  Cyber security in the Smart Grid: Survey and challenges , 2013, Comput. Networks.

[26]  Edward G. Amoroso,et al.  Fundamentals of computer security technology , 1994 .

[27]  Michail Maniatakos,et al.  Impact of firmware modification attacks on power systems field devices , 2015, 2015 IEEE International Conference on Smart Grid Communications (SmartGridComm).

[28]  Mohamed Amine Ferrag,et al.  A systematic review of data protection and privacy preservation schemes for smart grid communications , 2018 .

[29]  Erdal Irmak,et al.  EXPERIMENTAL ANALYSIS OF THE INTERNAL ATTACKS ON SCADA SYSTEMS , 2017 .

[30]  Arif I. Sarwat,et al.  A Survey of Protocol-Level Challenges and Solutions for Distributed Energy Resource Cyber-Physical Security , 2018, Energies.

[31]  Qishi Wu,et al.  AVOIDIT: A Cyber Attack Taxonomy , 2009 .

[32]  Jin Song Dong,et al.  Smart Grid Metering Networks: A Survey on Security, Privacy and Open Research Issues , 2019, IEEE Communications Surveys & Tutorials.

[33]  David M. Nicol,et al.  An event buffer flooding attack in DNP3 controlled SCADA systems , 2011, Proceedings of the 2011 Winter Simulation Conference (WSC).

[34]  Wenyuan Xu,et al.  Detecting Buffer-Overflow Vulnerabilities in Smart Grid Devices via Automatic Static Analysis , 2019, 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC).

[35]  Deepa Kundur,et al.  Modeling and Simulation of the Aurora Attack on Microgrid Point of Common Coupling , 2019, 2019 7th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems (MSCPES).

[36]  Alexander Solodov,et al.  Analyzing the threat of unmanned aerial vehicles (UAV) to nuclear facilities , 2018 .

[37]  Juan Lopez,et al.  Firmware modification attacks on programmable logic controllers , 2013, Int. J. Crit. Infrastructure Prot..

[38]  Mohd Wazir Mustafa,et al.  Smart grids security challenges: Classification by sources of threats , 2018, Journal of Electrical Systems and Information Technology.

[39]  Siddhartha Kumar Khaitan,et al.  Cyber Physical Systems Approach to Smart Electric Power Grid , 2015 .

[40]  Jagath Samarabandu,et al.  An Intrusion Detection System for IEC61850 Automated Substations , 2010, IEEE Transactions on Power Delivery.

[41]  Roslan Ismail,et al.  A review of security attacks on IEC61850 substation automation system network , 2014, Proceedings of the 6th International Conference on Information Technology and Multimedia.

[42]  Ray Hunt,et al.  A taxonomy of network and computer attacks , 2005, Comput. Secur..

[43]  David Hutchison,et al.  An Analysis of Cyber Security Attack Taxonomies , 2018, 2018 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW).

[44]  Yutian Gui,et al.  Security Vulnerabilities of Smart Meters in Smart Grid , 2019, IECON 2019 - 45th Annual Conference of the IEEE Industrial Electronics Society.

[45]  Kibet Langat,et al.  Cyber security challenges for IoT-based smart grid networks , 2019, Int. J. Crit. Infrastructure Prot..

[46]  Dale C. Rowe,et al.  A survey SCADA of and critical infrastructure incidents , 2012, RIIT '12.

[47]  Zubair A. Baig,et al.  An Analysis of Smart Grid Attacks and Countermeasures , 2013, J. Commun..

[48]  Erland Jonsson,et al.  How to systematically classify computer security intrusions , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[49]  Sandeep K. Shukla,et al.  Vulnerability Assessment and Mitigation for Industrial Critical Infrastructures with Cyber Physical Test Bed , 2019, 2019 IEEE International Conference on Industrial Cyber Physical Systems (ICPS).

[50]  Michail Maniatakos,et al.  Taxonomy of firmware Trojans in smart grid devices , 2016, 2016 IEEE Power and Energy Society General Meeting (PESGM).