A Feasibility Study of a Method for Identification and Modelling of Cybersecurity Risks in the Context of Smart Power Grids

Aida Omerovic, Hanne Vefsnmo, Gencer Erdogan, Oddbjørn Gjerde, Eivind Gramme, Stig Simonsen

Abstract

Power grids are undergoing a digital transformation are therefore becoming increasingly complex. As a result of this they are also becoming vulnerable in new ways. With this development come also numerous risks. Cybersecurity is therefore becoming crucial for ensuring resilience of this infrastructure which is critical to safety of humans and societies. Risk analysis of cybersecurity in the context of smart power grids is, however, particularly demanding due to its interdisciplinary nature, including domains such as digital security, the energy domain, power networks, the numerous control systems involved, and the human in the loop. This poses special requirements to cybersecurity risk identification within smart power grids, which challenge the existing state-of-the-art. This paper proposes a customized four-step approach to identification and modelling of cybersecurity risks in the context of smart power grids. The aim is that the risk model can be presented to decision makers in a suitable interface, thereby serving as a useful support for planning, design and operation of smart power grids. The approach applied in this study is based on parts of the "CORAS" method for model-based risk analysis. The paper also reports on results and experiences from applying the approach in a realistic industrial case with a distribution system operator (DSO) responsible for hosting a pilot installation of the self-healing functionality within a power distribution grid. The evaluation indicates that the approach can be applied in a realistic setting to identify cybersecurity risks. The experiences from the case study moreover show that the presented approach is, to a large degree, well suited for its intended purpose, but it also points to areas in need for improvement and further evaluation.

Download


Paper Citation


in Harvard Style

Omerovic A., Vefsnmo H., Erdogan G., Gjerde O., Gramme E. and Simonsen S. (2019). A Feasibility Study of a Method for Identification and Modelling of Cybersecurity Risks in the Context of Smart Power Grids.In Proceedings of the 4th International Conference on Complexity, Future Information Systems and Risk - Volume 1: COMPLEXIS, ISBN 978-989-758-366-7, pages 39-51. DOI: 10.5220/0007697800390051


in Bibtex Style

@conference{complexis19,
author={Aida Omerovic and Hanne Vefsnmo and Gencer Erdogan and Oddbjørn Gjerde and Eivind Gramme and Stig Simonsen},
title={A Feasibility Study of a Method for Identification and Modelling of Cybersecurity Risks in the Context of Smart Power Grids},
booktitle={Proceedings of the 4th International Conference on Complexity, Future Information Systems and Risk - Volume 1: COMPLEXIS,},
year={2019},
pages={39-51},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007697800390051},
isbn={978-989-758-366-7},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 4th International Conference on Complexity, Future Information Systems and Risk - Volume 1: COMPLEXIS,
TI - A Feasibility Study of a Method for Identification and Modelling of Cybersecurity Risks in the Context of Smart Power Grids
SN - 978-989-758-366-7
AU - Omerovic A.
AU - Vefsnmo H.
AU - Erdogan G.
AU - Gjerde O.
AU - Gramme E.
AU - Simonsen S.
PY - 2019
SP - 39
EP - 51
DO - 10.5220/0007697800390051