On the Control of Microgrids Against Cyber-Attacks: A Review of Methods and Applications

Nowadays, the use of renewable generations, energy storage systems (ESSs) and microgrids (MGs) has been developed due to better controllability of distributed energy resources (DERs) as well as their cost-effective and emission-aware operation. The development of MGs as well as the use of hierarchical control has led to data transmission in the communication platform. As a result, the expansion of communication infrastructure has made MGs as cyber-physical systems (CPSs) vulnerable to cyber-attacks (CAs). Accordingly, prevention, detection and isolation of CAs during proper control of MGs is essential. In this paper, a comprehensive review on the control strategies of microgrids against CAs and its defense mechanisms has been done. The general structure of the paper is as follows: firstly, MGs operational conditions, i.e., the secure or insecure mode of the physical and cyber layers are investigated and the appropriate control to return to a safer mode are presented. Then, the common MGs communication system is described which is generally used for multi-agent systems (MASs). Also, classification of CAs in MGs has been reviewed. Afterwards, a comprehensive survey of available researches in the field of prevention, detection and isolation of CA and MG control against CA are summarized. Finally, future trends in this context are clarified

Vulnerability modelling and mitigation strategies for hybrid networks

Hybrid networks nowadays consist of traditional IT components, Internet of Things (IoT) and industrial control systems (ICS) nodes with varying characteristics, making them genuinely heterogeneous in nature. Historically evolving from traditional internet-enabled IT servers, hybrid networks allow organisations to strengthen cybersecurity, increase flexibility, improve efficiency, enhance reliability, boost remote connectivity and easy management. Though hybrid networks offer significant benefits from business and operational perspectives, this integration has increased the complexity and security challenges to all connected nodes. The IT servers of these hybrid networks are high-budget devices with tremendous processing power and significant storage capacity. In contrast, IoT nodes are low-cost devices with limited processing power and capacity. In addition, the ICS nodes are programmed for dedicated functions with the least interference. The available cybersecurity solutions for hybrid networks are either for specific node types or address particular weaknesses. Due to these distinct characteristics, these solutions may place other nodes in vulnerable positions. This study addresses this gap by proposing a comprehensive vulnerability modelling and mitigation strategy. This proposed solution equally applies to each node type of hybrid network while considering their unique characteristics. For this purpose, the industry-wide adoption of the Common Vulnerability Scoring System (CVSS) has been extended to embed the distinct characteristics of each node type in a hybrid network. To embed IoT features, the ‘attack vectors’ and ‘attack complexity vectors’ are modified and another metric “human safety index”, is integrated in the ‘Base metric group’ of CVSS. In addition, the ICS related characteristics are included in the ‘Environmental metric group’ of CVSS. This metric group is further enhanced to reflect the node resilience capabilities when evaluating the vulnerability score. The resilience of a node is evaluated by analysing the complex relationship of numerous contributing cyber security factors and practices. The evolved CVSSR-IoT-ICS framework proposed in the thesis measures the given vulnerabilities by adopting the unique dynamics of each node. These vulnerability scores are then mapped in the attack tree to reveal the critical nodes and shortest path to the target node. The mitigating strategy framework suggests the most efficient mitigation strategy to counter vulnerabilities by examining the node’s functionality, its locality, centrality, criticality, cascading impacts, available resources, and performance thresholds. Various case studies were conducted to analyse and evaluate our proposed vulnerability modelling and mitigation strategies on realistic supply chain systems. These analyses and evaluations confirm that the proposed solutions are highly effective for modelling the vulnerabilities while the mitigation strategies reduce the risks in dynamic and resource-constrained environments. The unified vulnerability modelling of hybrid networks minimises ambiguities, reduces complexities and identifies hidden deficiencies. It also improves system reliability and performance of heterogeneous networks while at the same time gaining acceptance for a universal vulnerability modelling framework across the cyber industry. The contributions have been published in reputable journals and conferences.Doctor of Philosoph

Strategies Security Managers Used to Prevent Security Breaches in SCADA Systems\u27 Networks

Supervisory Control and Data Acquisition (SCADA) systems monitor and control physical processes in critical infrastructure. The impact of successful attacks on the SCADA systems includes the system\u27s downtime and delay in production, which may have a debilitating effect on the national economy and create critical human safety hazards. Grounded in the general systems theory, the purpose of this qualitative multiple case study was to explore strategies SCADA security managers in the Southwest region of the United States use to secure SCADA systems\u27 networks. The participants comprised six SCADA security managers from three oil and gas organizations in the midstream sector located within this region. Data were collected using semistructured interviews and a review of organizational documents. Four themes emerged from the thematic analysis: (a) the importance of security awareness and workforce security training, (b) the use of technical control mechanisms, (c) the establishment of standard security policies, and (d) the use of access and identity management techniques. A key recommendation is for IT managers to adopt security awareness and workforce security training to strengthen the security chain\u27s most vulnerable link. The implications for positive social change include the potential to prevent consequences such as loss of lives, damage to the environment, and the economy resulting from malicious activities

Fight against cyberterrorism in the strategic documents of the Republic of Serbia

Savremeni tehnološki razvoj nameće pitanje: da li države aktuelnim antiterorističkim zakonodavstvom i merama bezbednosti koje primenjuju garantuju sigurnost od kiberterorizma? Iako u svetu postoji velika spremnost među državama za saradnjom po pitanju suočavanja sa aktuelnim problemom kiberterorizma, intenzivan trend razvoja informaciono-komunikacionih tehnologija zahteva konstantni napor za praćenje razvoja savremenih tehnologija i rizika koji iz tog razvoja proizilaze. Tehnološke inovacije su zaista pružile brojne mogućnosti, ali i nove potencijalne pretnje i zloupotrebe. U radu su prikazane mere borbe protiv kiberterorizma koje se primenjuju u strateškim dokumentima Republike Srbije. Savremeno društvo očigledno počiva na tehnološkim postavkama, zato blag zakonski pristup problemu kiberterorizam može da predstavlja velik rizik ne samo za jednu državu, nego i globalno društvo uopšte. Pitanje kiberterorizma je kompleksno pitanje koje se ne postavlja samo pred određenu nacionalnu državu, njeno krivično zakonodavstvo i bezbednosne mere, nego je pitanje koje je otvoreno za celu međunarodnu zajednicu.Contemporary technological development imposes question: Do current states antiterrorism legislation and security measures guarantee cyber-terrorism defence? Despite great willingness among world countries to cooperate on behalf of actuel problem of cyberterrorism, intensive trend of information and communication development requires constant effort for monitoring this technology growth and its risks. Indeed, technological innovations create new opportunities, but they also provide a new potential threats and abuses. This paper presents fight measures against cyberterrorism in the strategic documents of the Republic of Serbia. Obviosly modern society is based on technological settings so soft legal approach to the cyberterrorism can be huge risk not only to one country, but also to global society in general. Cyberterrorism is complex issue that not concern one specific national state, its criminal legislation and security measures, but that is serious issue which concern whole international community