Current Efforts Concerning ICT Security of the Power Grid

GRID is a Coordination Action funded under the Trust and Security objective of the IST Programme of the 6th Framework to achieve consensus at the European level on the key issues involved by power systems vulnerabilities, in view of the challenges driven by the transformation of the European power infrastructure and ICT integration. GRID wants to assess the needs of the EU power sector on these issues, so as to establish a Roadmap for collaborative research in this area. The present report provides a survey on current efforts somewhat related to the objectives of GRID. Similar to GRID, a number of European and US endeavours have attempted in recent years to draw a Road Map so as to coordinate efforts concerning energy transport/distribution research and CIP.JRC.G.6-Sensors, radar technologies and cybersecurit

A Bayesian Network Approach for the Interpretation of Cyber Attacks to Power Systems

The focus of this paper is on the analysis of the cyber security resilience of digital infrastructures deployed by power grids, internationally recognized as a priority since several recent cyber attacks targeted energy systems and in particular the power service. In response to the regulatory framework, this paper presents an analysis approach based on the Bayesian Networks formalism and on real world threat scenarios. Our approach enables analyses oriented to planning of security measures and monitoring, and to forecasting of adversarial behaviours

Analisi e rilevamento intelligente di processi di attacco alle Smart-Grid

Proponiamo una metodologia basata sulle Reti Bayesiane come strumento di supporto all’analisi della sicurezza di Smart Grid, ed in particolare per la previsione di intrusioni e attività ostili

Security Analysis of Power Control Systems: Emerging Standards and Methodological Issues

information and communication devices are an unavoidable concern of modern infrastructures. There is a generalized perception (although no major related catastrophe has happened yet) that the probability and potential impact of security breaches have grown heavily in recent years due to the increasing interconnectedness among systems and organisations. It is also recognised that potential chains of events, concatenated across interlinked infrastructures, could propagate magnifying the effects of perhaps minor triggering glitches. The primary role played by electric energy and the highly dynamic context that characterises the new economic and organisational models of national deregulated energy markets, put highly critical security issues on the power systems. This requires on the one hand robust technologies and architectures, and on the other effective methodologies for the assessment of the security risks. The importance of the security aspects in the electric power field is confirmed by the constitution of security working groups by standard organisations, such as the Working Group 15 “Data and communication security” (WG15) inside the Technical Committee No. 57 “Power system control and associated communications” of the IEC – International Electro-technical Commission (IEC TC57). IEC TC57 WG15 has published a Technical Report 62210 “Power system control and associated communications – Data and communication security” [1] which represents a valuable approach for introducing security in power system control. In this paper we present a contribution to the security analysis of power systems. Section 2 describes and comments on the IEC TR 62210 report; section 3 illustrates key aspects of our methodology under development.JRC.G.6-Sensors, radar technologies and cybersecurit

Evaluation of the Effects of Intentional Threats to Power Substation Control Systems

Power station control and management systems represent key elements for guaranteeing the security of the power grid infrastructure. Intrinsically conceived to support the continuous provision of power in secure conditions, those systems make today intensive use of network based information and communication systems and are therefore exposed to the related accidental and intentional cyber–threats. This paper describes a simulation of intentional cyber–attacks conducted in the CESI laboratory testbed on a prototypical substation control infrastructure with the purpose of testing their feasibility and illustrating their impact on the control system services. A set of attack scenarios has been experimented in the testbed, targeting different subsystems, with different simulated threat motivations and different degrees of impact on the global substation service. The paper reports some considerations about the consequences of the implemented attacks, focusing on different facets of the problem, in an effort to elucidate the full significance of the potential cyber–threats. The simulated attack scenarios include the following cases: phishing, denial of services, viral infections and intrusions.JRC.G.6-Sensors, radar technologies and cybersecurit

Representing the CRUTIAL project domain by means of UML diagrams Acronym list: ATS Area Telecontrol System AVR Area Voltage Regulator CD Class Diagram DSO Distribution System Operator EHV Extra High Voltage EPS Electric Power System HMI Human Machine Inte

Abstract. The paper proposes the representation in form of UML class diagrams of the electric power system (EPS) intended to be composed by two kinds of interdependent infrastructures: the physical infrastructure for the production and the distribution of the electric power, and the ICT infrastructure for the control, the management and monitoring of the physical infrastructure. Such work was developed inside the EU funded project CRUTIAL pursuing the resilience of the EPS. The paper first motivates the use of UML. Then several UML class diagrams representing the EPS organization are presented and described. An example of critical scenario is represented by means of UML diagrams