Threat Modeling of a Smart Grid Secondary Substation

A full smart grid implementation requires the digitization of all parts of the smart grid infrastructure, including secondary electrical substations. Unfortunately, this introduces new security threats, which were not apparent before. This article uses a Smart Grid Threat Modeling Template implement...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
Veröffentlicht in:	Electronics (Basel) 2022-03, Vol.11 (6), p.850
Hauptverfasser:	Holik, Filip, Flå, Lars Halvdan, Jaatun, Martin Gilje, Yayilgan, Sule Yildirim, Foros, Jørn
Format:	Artikel
Sprache:	eng
Schlagworte:	Communication Control centres Denial of service attacks Digitization Electricity Electricity distribution Infrastructure Malware Observability (systems) Simulation Smart grid Substations Terminology Threat models Threats
Online-Zugang:	Volltext
Tags:	Tag hinzufügen Keine Tags, Fügen Sie den ersten Tag hinzu!

container_end_page
container_issue	6
container_start_page	850
container_title	Electronics (Basel)
container_volume	11
creator	Holik, Filip Flå, Lars Halvdan Jaatun, Martin Gilje Yayilgan, Sule Yildirim Foros, Jørn
description	A full smart grid implementation requires the digitization of all parts of the smart grid infrastructure, including secondary electrical substations. Unfortunately, this introduces new security threats, which were not apparent before. This article uses a Smart Grid Threat Modeling Template implementing the STRIDE model to create a threat model of a digital secondary substation and its communication with the control center. Threats are classified by priority and need for further investigation. The tool was compared with a CORAS analysis, and was determined to be more time efficient. Denial of service (DoS) threats were classified as the most critical, and they were further evaluated in a precise simulation model created for this purpose. This model combines simulation with emulated communication, and enables verification of threat likelihoods and impacts. The results show that even publicly available tools can be easily used to disrupt grid communication and potentially cause loss of the entire grid’s observability and controllability.
doi_str_mv	10.3390/electronics11060850
format	Article
fullrecord	<record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_2642367555</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2642367555</sourcerecordid><originalsourceid>FETCH-LOGICAL-c322t-d254e9109e08b6a3ccbbccab5fc53d4adda1f417dbb7fcb3958247a70c93c2a33</originalsourceid><addsrcrecordid>eNptULFOwzAUtBBIVKVfwGKJOWD7xUk8ogoKUhFDyhzZzzakCnGxnaF_T1AZGLjlbjjd6Y6Qa85uARS7c4PDHMPYY-KcVayR7IwsBKtVoYQS53_0JVmltGczFIcG2IKUu4_odKYvwbqhH99p8FTT9lPHTDext7R1GEar45G2k0lZ5z6MV-TC6yG51S8vydvjw279VGxfN8_r-22BIEQurJClU5wpxxpTaUA0BlEb6VGCLbW1mvuS19aY2qMBJRtR1rpmqACFBliSm1PuIYavyaXc7cMUx7myE1UpoKqllLMLTi6MIaXofHeI_Tzg2HHW_TzU_fMQfAP8sFwq</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2642367555</pqid></control><display><type>article</type><title>Threat Modeling of a Smart Grid Secondary Substation</title><source>MDPI - Multidisciplinary Digital Publishing Institute</source><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><creator>Holik, Filip ; Flå, Lars Halvdan ; Jaatun, Martin Gilje ; Yayilgan, Sule Yildirim ; Foros, Jørn</creator><creatorcontrib>Holik, Filip ; Flå, Lars Halvdan ; Jaatun, Martin Gilje ; Yayilgan, Sule Yildirim ; Foros, Jørn</creatorcontrib><description>A full smart grid implementation requires the digitization of all parts of the smart grid infrastructure, including secondary electrical substations. Unfortunately, this introduces new security threats, which were not apparent before. This article uses a Smart Grid Threat Modeling Template implementing the STRIDE model to create a threat model of a digital secondary substation and its communication with the control center. Threats are classified by priority and need for further investigation. The tool was compared with a CORAS analysis, and was determined to be more time efficient. Denial of service (DoS) threats were classified as the most critical, and they were further evaluated in a precise simulation model created for this purpose. This model combines simulation with emulated communication, and enables verification of threat likelihoods and impacts. The results show that even publicly available tools can be easily used to disrupt grid communication and potentially cause loss of the entire grid’s observability and controllability.</description><identifier>ISSN: 2079-9292</identifier><identifier>EISSN: 2079-9292</identifier><identifier>DOI: 10.3390/electronics11060850</identifier><language>eng</language><publisher>Basel: MDPI AG</publisher><subject>Communication ; Control centres ; Denial of service attacks ; Digitization ; Electricity ; Electricity distribution ; Infrastructure ; Malware ; Observability (systems) ; Simulation ; Smart grid ; Substations ; Terminology ; Threat models ; Threats</subject><ispartof>Electronics (Basel), 2022-03, Vol.11 (6), p.850</ispartof><rights>2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c322t-d254e9109e08b6a3ccbbccab5fc53d4adda1f417dbb7fcb3958247a70c93c2a33</citedby><cites>FETCH-LOGICAL-c322t-d254e9109e08b6a3ccbbccab5fc53d4adda1f417dbb7fcb3958247a70c93c2a33</cites><orcidid>0000-0002-3069-6788 ; 0000-0003-3596-569X ; 0000-0001-6595-0419 ; 0000-0002-1982-6609 ; 0000-0001-7127-6694</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,776,780,27901,27902</link.rule.ids></links><search><creatorcontrib>Holik, Filip</creatorcontrib><creatorcontrib>Flå, Lars Halvdan</creatorcontrib><creatorcontrib>Jaatun, Martin Gilje</creatorcontrib><creatorcontrib>Yayilgan, Sule Yildirim</creatorcontrib><creatorcontrib>Foros, Jørn</creatorcontrib><title>Threat Modeling of a Smart Grid Secondary Substation</title><title>Electronics (Basel)</title><description>A full smart grid implementation requires the digitization of all parts of the smart grid infrastructure, including secondary electrical substations. Unfortunately, this introduces new security threats, which were not apparent before. This article uses a Smart Grid Threat Modeling Template implementing the STRIDE model to create a threat model of a digital secondary substation and its communication with the control center. Threats are classified by priority and need for further investigation. The tool was compared with a CORAS analysis, and was determined to be more time efficient. Denial of service (DoS) threats were classified as the most critical, and they were further evaluated in a precise simulation model created for this purpose. This model combines simulation with emulated communication, and enables verification of threat likelihoods and impacts. The results show that even publicly available tools can be easily used to disrupt grid communication and potentially cause loss of the entire grid’s observability and controllability.</description><subject>Communication</subject><subject>Control centres</subject><subject>Denial of service attacks</subject><subject>Digitization</subject><subject>Electricity</subject><subject>Electricity distribution</subject><subject>Infrastructure</subject><subject>Malware</subject><subject>Observability (systems)</subject><subject>Simulation</subject><subject>Smart grid</subject><subject>Substations</subject><subject>Terminology</subject><subject>Threat models</subject><subject>Threats</subject><issn>2079-9292</issn><issn>2079-9292</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><sourceid>BENPR</sourceid><recordid>eNptULFOwzAUtBBIVKVfwGKJOWD7xUk8ogoKUhFDyhzZzzakCnGxnaF_T1AZGLjlbjjd6Y6Qa85uARS7c4PDHMPYY-KcVayR7IwsBKtVoYQS53_0JVmltGczFIcG2IKUu4_odKYvwbqhH99p8FTT9lPHTDext7R1GEar45G2k0lZ5z6MV-TC6yG51S8vydvjw279VGxfN8_r-22BIEQurJClU5wpxxpTaUA0BlEb6VGCLbW1mvuS19aY2qMBJRtR1rpmqACFBliSm1PuIYavyaXc7cMUx7myE1UpoKqllLMLTi6MIaXofHeI_Tzg2HHW_TzU_fMQfAP8sFwq</recordid><startdate>20220301</startdate><enddate>20220301</enddate><creator>Holik, Filip</creator><creator>Flå, Lars Halvdan</creator><creator>Jaatun, Martin Gilje</creator><creator>Yayilgan, Sule Yildirim</creator><creator>Foros, Jørn</creator><general>MDPI AG</general><scope>AAYXX</scope><scope>CITATION</scope><scope>7SP</scope><scope>8FD</scope><scope>8FE</scope><scope>8FG</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ARAPS</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L7M</scope><scope>P5Z</scope><scope>P62</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><orcidid>https://orcid.org/0000-0002-3069-6788</orcidid><orcidid>https://orcid.org/0000-0003-3596-569X</orcidid><orcidid>https://orcid.org/0000-0001-6595-0419</orcidid><orcidid>https://orcid.org/0000-0002-1982-6609</orcidid><orcidid>https://orcid.org/0000-0001-7127-6694</orcidid></search><sort><creationdate>20220301</creationdate><title>Threat Modeling of a Smart Grid Secondary Substation</title><author>Holik, Filip ; Flå, Lars Halvdan ; Jaatun, Martin Gilje ; Yayilgan, Sule Yildirim ; Foros, Jørn</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c322t-d254e9109e08b6a3ccbbccab5fc53d4adda1f417dbb7fcb3958247a70c93c2a33</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Communication</topic><topic>Control centres</topic><topic>Denial of service attacks</topic><topic>Digitization</topic><topic>Electricity</topic><topic>Electricity distribution</topic><topic>Infrastructure</topic><topic>Malware</topic><topic>Observability (systems)</topic><topic>Simulation</topic><topic>Smart grid</topic><topic>Substations</topic><topic>Terminology</topic><topic>Threat models</topic><topic>Threats</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Holik, Filip</creatorcontrib><creatorcontrib>Flå, Lars Halvdan</creatorcontrib><creatorcontrib>Jaatun, Martin Gilje</creatorcontrib><creatorcontrib>Yayilgan, Sule Yildirim</creatorcontrib><creatorcontrib>Foros, Jørn</creatorcontrib><collection>CrossRef</collection><collection>Electronics & Communications Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Advanced Technologies & Aerospace Collection</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection (ProQuest)</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Advanced Technologies & Aerospace Database</collection><collection>ProQuest Advanced Technologies & Aerospace Collection</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><jtitle>Electronics (Basel)</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Holik, Filip</au><au>Flå, Lars Halvdan</au><au>Jaatun, Martin Gilje</au><au>Yayilgan, Sule Yildirim</au><au>Foros, Jørn</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Threat Modeling of a Smart Grid Secondary Substation</atitle><jtitle>Electronics (Basel)</jtitle><date>2022-03-01</date><risdate>2022</risdate><volume>11</volume><issue>6</issue><spage>850</spage><pages>850-</pages><issn>2079-9292</issn><eissn>2079-9292</eissn><abstract>A full smart grid implementation requires the digitization of all parts of the smart grid infrastructure, including secondary electrical substations. Unfortunately, this introduces new security threats, which were not apparent before. This article uses a Smart Grid Threat Modeling Template implementing the STRIDE model to create a threat model of a digital secondary substation and its communication with the control center. Threats are classified by priority and need for further investigation. The tool was compared with a CORAS analysis, and was determined to be more time efficient. Denial of service (DoS) threats were classified as the most critical, and they were further evaluated in a precise simulation model created for this purpose. This model combines simulation with emulated communication, and enables verification of threat likelihoods and impacts. The results show that even publicly available tools can be easily used to disrupt grid communication and potentially cause loss of the entire grid’s observability and controllability.</abstract><cop>Basel</cop><pub>MDPI AG</pub><doi>10.3390/electronics11060850</doi><orcidid>https://orcid.org/0000-0002-3069-6788</orcidid><orcidid>https://orcid.org/0000-0003-3596-569X</orcidid><orcidid>https://orcid.org/0000-0001-6595-0419</orcidid><orcidid>https://orcid.org/0000-0002-1982-6609</orcidid><orcidid>https://orcid.org/0000-0001-7127-6694</orcidid><oa>free_for_read</oa></addata></record>
fulltext	fulltext
identifier	ISSN: 2079-9292
ispartof	Electronics (Basel), 2022-03, Vol.11 (6), p.850
issn	2079-9292 2079-9292
language	eng
recordid	cdi_proquest_journals_2642367555
source	MDPI - Multidisciplinary Digital Publishing Institute; Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals
subjects	Communication Control centres Denial of service attacks Digitization Electricity Electricity distribution Infrastructure Malware Observability (systems) Simulation Smart grid Substations Terminology Threat models Threats
title	Threat Modeling of a Smart Grid Secondary Substation
url	https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-31T14%3A54%3A38IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Threat%20Modeling%20of%20a%20Smart%20Grid%20Secondary%20Substation&rft.jtitle=Electronics%20(Basel)&rft.au=Holik,%20Filip&rft.date=2022-03-01&rft.volume=11&rft.issue=6&rft.spage=850&rft.pages=850-&rft.issn=2079-9292&rft.eissn=2079-9292&rft_id=info:doi/10.3390/electronics11060850&rft_dat=%3Cproquest_cross%3E2642367555%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2642367555&rft_id=info:pmid/&rfr_iscdi=true