Cerca nel sito per parola chiave

pubblicazioni - Memoria

Experimental Evaluation of Cyber Risks for Electric Power Utilities – towards the operation of smarter grids

pubblicazioni - Memoria

Experimental Evaluation of Cyber Risks for Electric Power Utilities – towards the operation of smarter grids

The cyber-risk activity presented in the paper intends to provide the Power Utilities with a framework to be used in the new generation power systems where smarter super grids will be interconnected to active distribution grids controlling distributed energy resources, intelligent loads and storagesystems.

The likelihood of cyber threats to critical infrastructures has been increasing in this last decade with the deployment of advanced automation and communication technologies relying on standardized protocols. The paper summarises the results of research activities, both methodological and experimental, performed in National and European research projects to evaluate the exposition to cyber risks of the power grid control systems. On the methodological side a risk metric has been defined assigning a value to the cyber-power risk in relation to the occurrence rate of cyber contingencies and their impact on the power service. The higher ranking threats have been experimented by simulating selected attack processes on a telecontrol test bed of interconnected distribution grids. The test bed includes a set of security mechanisms positioned at different layers of the ICT (Information and Communication Technology) architecture. The experiments covered cyber threats to ICT network components, such as routers and SCADA (Supervisory Control And Data Acquisition) systems, having a critical role in power grid operation and assessed the residual vulnerabilities of protected IEC 60870-5-104 communications in presence of attack processes based on different degrees of knowledge of the target system’s behaviour. Both simple denial of service attacks and complex intrusion processes have been deployed in the test bed and their impact evaluated during normal and emergency operation. An attack process consists of a sequence of intrusion steps along a compromise path in the control network topology, its purpose being the manipulation of the information flows of process status data, events and commands. In complex intrusion scenarios the attacker is presumed to have a detailed knowledge of the target systems and their communication profiles. S/he forces the protective barriers deployed at different layers of the ICT architecture thus gaining access to sensitive connections in order to arbitrarily modify the state of the power system. Performance measures have been extracted by the communication logs recorded during the attack experiments. The knowledge and measures derived from the attack experiments have been integrated into the cyber-risk metric to improve the estimation of the vulnerability and threat probabilities related to the successfulness of a given attack. The rationale underlying the application of the methodology to smarter distribution grids of the future is illustrated through a sample use case

Progetti

Commenti