A Feasibility Study of a Method for Identification and Modelling of Cybersecurity Risks in the Context of Smart Power Grids

  title={A Feasibility Study of a Method for Identification and Modelling of Cybersecurity Risks in the Context of Smart Power Grids},
  author={Aida Omerovic and Hanne Vefsnmo and Gencer Erdogan and Oddbj{\o}rn Gjerde and Eivind Gramme and Stig Simonsen},
  booktitle={International Conference on Complex Information Systems},
Power grids are undergoing a digital transformation are therefore becoming increasingly complex. As a result of this they are also becoming vulnerable in new ways. With this development come also numerous risks. Cybersecurity is therefore becoming crucial for ensuring resilience of this infrastructure which is critical to safety of humans and societies. Risk analysis of cybersecurity in the context of smart power grids is, however, particularly demanding due to its interdisciplinary nature… 

Figures and Tables from this paper

An Industrial Trial of an Approach to Identification and Modelling of Cybersecurity Risks in the Context of Digital Secondary Substations

Results of applying a partially customized version of the existing “CORAS” risk-analysis approach to cybersecurity risk identification and modelling in the context of another smart grid pilot, namely digital secondary substations indicate that the approach can be applied in a real setting to identify and model cybersecurity risks.

Needs and Challenges Concerning Cyber-risk Assessment in the Cyber-physical Smart Grid

The results indicate the need for the following improvements: 1) ease of use and comprehensible methods, 2) support to determine whether a method is a good match for a given context, 3) adequate preparation to conduct cyber-risk assessment, 4) manage complexity, and 5) adequate support for risk estimation.

Security risks in cyber physical systems—A systematic mapping study

A systematic mapping study on the data collected from 312 papers published between 2000 and 2020, focused on the security requirements, challenges, and the risk management processes of CPS, reveals integrity authentication and confidentiality as the most targeted security attributes in CPS.

Return on Cybersecurity Investment in Operational Technology Systems: Quantifying the Value That Cybersecurity Technologies Provide after Integration

Cybersecurity technology evaluation results are extended to assist organizations to achieve a Return on Cybersecurity Investment within the context of networked critical infrastructure and industrial control systems.

Systematic Review on Cybersecurity Risks and Behaviours: Methodological Approaches

The small number of studies considered for analysis revealed that risk perception and precautionary behaviour concerning cybersecurity is still an under-explored study area and methodological gaps are highlighted for future works.

Industrial microgrids in Russia: regional systemic effects of its implementation

The concept of the “Energy strategy of Russia for the period up to 2035” implies a comprehensive structural transformation of the energy sector and its transition to a qualitatively new level through

Development of Indicators to Monitor Vulnerabilities in Power Systems

An overview of the state of the art in literature regarding indicators to measure the vulnerability of an infrastructure and more specifically of the power system related to extraordinary events is given.

Risk and interdependencies in critical infrastructures : a guideline for analysis

1.A brief overview of some methods and approaches for investigating interdependencies in critical infrastructures.- 2.Defining Concepts and Categorizing Interdependencies.- 3.Risk and Vulnerability

Vulnerability analysis related to extraordinary events in power systems

A novel approach is developed for analyzing power system vulnerability related to extraordinary events. Vulnerability analyses are necessary for identification of barriers to prevent such events and

Model-Driven Risk Analysis - The CORAS Approach

This book serves as an introduction to risk analysis in general, including the central concepts and notions in risk analysis and their relations, and is to support risk analysts in conducting structured and stepwise risk analysis.

The CORAS Language – why it is designed the way it is

This paper presents the most important features of the CORAS language and motivate some of the major design choices the authors did and gives an overview of the language and the different kinds of diagrams that are supported.

Smart fault handling in medium voltage distribution grids

Directional earth-fault indicators were chosen and deployed in real environments to test their functionalities and quantify their benefits for efficient grid operations, and self-healing concepts using these indicators will be tested in the described project.

The cause/consequence diagram method as a basis for quantitative accident analysis

A graphical method for clearing up relevant accidents in complex nuclear installations is presented. The method is a proposal for an expedient presentation of the logical connections between a

Introduction to the OCTAVE ® Approach

By using the OCTAVE approach, an organization makes information-protection decisions based on risks to the confidentiality, integrity, and availability of critical information-related assets, enabling an organization to match a practice-based protection strategy to its security risks.

Design Science Methodology for Information Systems and Software Engineering

This book provides guidelines for practicing design science in the fields of information systems and software engineering research by providing guidelines on how to effectively structure research goals, how to analyze research problems concerning design goals and knowledge questions,How to validate artifact designs and how to empirically investigate artifacts in context and finally how to present the results of the design cycle as a whole.