Smart Grid Security: Assessing and Strengthening Cyber Security Awareness in Power Systems
Doctoral thesis
Permanent lenke
https://hdl.handle.net/11250/3153042Utgivelsesdato
2024Metadata
Vis full innførselSamlinger
Sammendrag
The emergence of Smart Grid as a modernization of the traditional power system interweaves critical infrastructure reliability with the complexities of cybersecurity. This doctoral thesis investigates the multi-faceted cyber risks inherent in Smart Grids, the simulation and detection of cyber attacks, and the methodologies for verifying the consequences of such attacks.
This study starts by addressing the key security challenges and threats facing IoTbased smart grids, highlighting specific vulnerabilities in critical smart grid components and systems such as smart meters, substation automation systems, and distributed energy resources. For instance, it identifies vulnerabilities such as weak authentication mechanisms, unencrypted data transmissions, and exploiting software or firmware vulnerabilities that could be manipulated to disrupt power supply or alter energy consumption readings. By demonstrating how these cybersecurity threats can severely undermine the operational integrity and confidentiality of smart grids, this research empowers stakeholders to grasp the practical implications of these vulnerabilities. The proposed security pyramid approach and strategies for robust defence mechanisms provide a roadmap for implementing the findings, making the stakeholders feel capable of safeguarding against these threats.
The thesis further explores the efficacy of simulating cyber attacks on power grids, using digital substations as a specific use case, to evaluate detection mechanisms. By employing various machine learning algorithms, the research highlights the critical role of accurate simulation environments in developing and fine-tuning cyber attack detection models. The findings suggest that logistic regression and support vector machines can significantly enhance the early detection of sophisticated cyber threats, enabling timely responses to prevent potential disruptions.
In addressing the verification of cyber attack consequences, the thesis emphasizes the critical role of comprehensive and dynamic risk assessments tailored to smart grid environments. This research integrates theoretical models and empirical simulations to evaluate the potential impacts of cyber threats, such as service disruptions, unauthorized data access and compromised operational integrity on smart grid operations, among others. Employing advanced frameworks like the MITRE ATT&CK for Industrial Control Systems and the CIA (Confidentiality, Integrity, and Availability) model, the research enhances the precision of threat modelling and evaluates the effectiveness of mitigation strategies. This thorough approach not only deepens the understanding of the diverse consequences of cyber threats but also validates the resilience of mitigation strategies under realistic conditions, providing stakeholders with a robust foundation to trust the research findings.
In conclusion, this research not only enriches the academic understanding of smart grid cybersecurity but also provides practical insights by offering a detailed analysis of attack vectors, detection methodologies, and risk assessment practices. The thesis equips energy sector stakeholders with a strategic framework to navigate the increasingly complex landscape of cyber threats, thereby enhancing the security posture of Smart Grids.
Består av
Paper 1: Abraham, Doney; Yildirim Yayilgan, Sule; Abomhara, Mohamed; Gebremedhin, Alemayehu; Dalipi, Fisnik. Security and Privacy issues in IoT based Smart Grids: A case study in a digital substation. I: Holistic Approach for Decision Making Towards Designing Smart Cities. Springer 2022 ISBN 978-3-030-85565-9. s. 57-74. Copyright© 2022 Springer. Available at: http://dx.doi.org/10.1007/978-3-030-85566-6_4Paper 2: Abraham, Doney; Yildirim-Yayilgan, Sule; Holik, Filip; Sanchez Acevedo, Santiago; Gebremedhin, Alemayehu. Cyber Attack Simulation and Detection in Digital Substation. I: 2023 Third International Conference on Secure Cyber Computing and Communication - ICSCCC. IEEE (Institute of Electrical and Electronics Engineers) 2023 ISBN 979-8-3503-0071-0. s. 762-768. Copyright © 2023 IEEE. Available at: https://doi.org/10.1109/ICSCCC58608.2023.10176955
Paper 3: Abraham, Doney; Toftegaard, Øyvind Anders Arntzen; Yildirim-Yayilgan, Sule; Gebremedhin, Alemayehu. Consequence verification during risk assessment of Smart Grids. In Jason Staggs and Sujeet Shenoi, editors, Critical Infrastructure Protection XVII, pages 40–61, Cham, 2024. Springer Nature Switzerland. Copyright © 2023 Springer. Available at: https://doi.org/10.1007/978-3-031-49585-4_3
Paper 4: Abraham, Doney; Toftegaard, Øyvind Anders Arntzen; Ben Jose D. R., Binu; Gebremedhin, Alemayehu; Yildirim-Yayilgan, Sule. Consequence simulation of cyber attacks on key smart grid business cases. Frontiers in Energy Research 2024 ;Volum 12. Published by Frontiers Media. This is an open-access article distributed under the terms of the Creative Commons Attribution License (CC BY). Available at: 10.3389/fenrg.2024.1395954
Paper 5: Abraham, Doney; Yayilgan, Sule; Abomhara, Mohamed. Evaluating Cyber Security Risks and Mitigation Strategies for Smart Grids based on Business Case Scenarios." In Critical Infrastructure Protection XVIII: 18th IFIP WG 11.10 International Conference. Springer, 2024