The energy sector, as a critical infrastructure essential for the functioning of society and the economy, constantly attracts the interest of attackers. The digitalization of the energy field during the last decade, which includes a variety of operations and devices for the management of energy production and distribution, renders energy-related assets as low-hanging fruits for attackers. Electrical Grids and Electrical Power and Energy Systems (EPES) face a high risk of attack significantly impacting business continuity (e.g., budget loss and restoration effort). In parallel, the increased number of IP-based communications in EPES and smart grids has increased the likelihood of cyber-attacks, such as IP spoofing and Distributed Denial of Service (DDoS) attacks. These types of attacks can cause damages such as wrong smart meter readings, false demands for electricity, and impaired protection devices [1]. Thus, there is a need for cyber risk assessment in the EPES and energy field.
The ELECTRON’s risk assessment focuses on cyber security risk assessment of the EPES infrastructure. ELECTRON’s collaborative risk assessment tool, ARMY, performs a dynamic, continuous, and near real-time cyber-physical security risk assessment that addresses the diverse cascading effects that may occur by security incidents from interacting entities and assets. ARMY dynamically re-computes the risk based on the relevant security events and alarms, considering the applied mitigations for a more accurate risk score. ARMY’s collaborative risk assessment consists of asset, threat, and vulnerability identification and management, providing impact and risk assessment per asset, per attack path, and the EPES infrastructure as a whole. To achieve this, ARMY utilizes novel mathematical modules, interdependency graphs, and quantification techniques based on the Common Vulnerability Scoring System (CVSS) standard. The main advancements of ARMY compared to existing literature are summarized below:
- Asset Identification – ARMY’s asset model is based on novel interdependency graphs, is easily adaptable, and is enhanced to support tangible assets (e.g., a SCADA device) and intangible assets (e.g., software running on the devices, data, and processes) as well as the MUD URL and the Threat MUD ID per tangible asset.
- Threat Identification – ARMY’s threat model is easily adaptable and considers SIEM alarms and other external sources (e.g., ENISA’s threat landscape).
- Vulnerability Identification – ARMY supports the widely adopted v3.1 scoring system for risk calculation, considering vulnerabilities within the EPES ecosystem and the applied mitigation actions.
- Impact Analysis and Risk-level Assessment – ARMY supports three types of risk. It calculates the risk per asset based on a novel calculation formula that considers threats, vulnerabilities, and mitigation actions. It generates the risk graph based on asset interdependencies to calculate the risk per attack path. It also provides the total risk of the EPES infrastructure considering the underlying identified risks.
References:
[1] Maziku, Hellen & Shetty, Sachin & Nicol, David. (2018). Security risk assessment for SDN-enabled smart grids. Computer Communications. 133. 10.1016/j.comcom.2018.10.007