Cyber Threat and Vulnerability Analysis of the U.S. Electric Sector

Glenn, Colleen; Sterbentz, Dane M.; Wright, Aaron

doi:10.2172/1337873

Cited by 36 publications

(10 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The spies aimed to gain information about critical infrastructure specifications using network mapping tools. The communications throughout the U.S. power grid are enabled by various well-known protocols such as Modbus, DNP3, and IEC 61850 [39]. However, the technical details of the attack still remain vague.…”

Section: A Security Incidents In Scada Systemsmentioning

confidence: 99%

A Survey on SCADA Systems: Secure Protocols, Incidents, Threats and Tactics

Pliatsios

Sarigiannidis

Λάγκας

et al. 2020

IEEE Commun. Surv. Tutorials

189

View full text Add to dashboard Cite

Supervisory Control and Data Acquisition (SCADA) systems are the underlying monitoring and control components of critical infrastructures, such as power, telecommunication, transportation, pipelines, chemicals and manufacturing plants. Legacy SCADA systems operated on isolated networks, that made them less exposed to Internet threats. However, the increasing connection of SCADA systems to the Internet, as well as corporate networks, introduces severe security issues. Security considerations for SCADA systems are gaining higher attention, as the number of security incidents against these critical infrastructures is increasing. In this survey, we provide an overview of the general SCADA architecture, along with a detailed description of the SCADA communication protocols. Additionally, we discuss certain high-impact security incidents, objectives, and threats. Furthermore, we carry out an extensive review of the security proposals and tactics that aim to secure SCADA systems. We also discuss the state of SCADA system security. Finally, we present the current research trends and future advancements of SCADA security.

show abstract

Section: A Security Incidents In Scada Systemsmentioning

confidence: 99%

A Survey on SCADA Systems: Secure Protocols, Incidents, Threats and Tactics

Pliatsios

Sarigiannidis

Λάγκας

et al. 2020

IEEE Commun. Surv. Tutorials

189

View full text Add to dashboard Cite

show abstract

“…Integration of ICS networks with internet-connected networks has made them vulnerable to cyber attack [18]. Despite this increased risk, networking is often an operational requirement for processes where system components are difficult to access or geographically distant.…”

Section: Networked Industrial Control Systemsmentioning

confidence: 99%

Reinforcement Learning for Industrial Control Network Cyber Security Orchestration

Mern,

Hatch,

Silva

et al. 2021

Preprint

View full text Add to dashboard Cite

Defending computer networks from cyber attack requires coordinating actions across multiple nodes based on imperfect indicators of compromise while minimizing disruptions to network operations. Advanced attacks can progress with few observable signals over several months before execution. The resulting sequential decision problem has large observation and action spaces and a long time-horizon, making it difficult to solve with existing methods. In this work, we present techniques to scale deep reinforcement learning to solve the cyber security orchestration problem for large industrial control networks. We propose a novel attention-based neural architecture with size complexity that is invariant to the size of the network under protection. A pre-training curriculum is presented to overcome early exploration difficulty. Experiments show in that the proposed approaches greatly improve both the learning sample complexity and converged policy performance over baseline methods in simulation.

show abstract

“…The inclusion of the aforementioned components within T&D systems, however, increases the threat surface. Vulnerabilities of such units can be ported to the power grid [7], while insecure control networks and protocol implementations further exacerbate the problem [8]- [10]. We refer to mission-critical system assets that can jeopardize grid operations if compromised by malicious actors as crownjewels [11].…”

Section: Threat Modeling and Risk Assessmentmentioning

confidence: 99%

Security Assessment and Impact Analysis of Cyberattacks in Integrated T&D Power Systems

Zografopoulos¹,

Konstantinou²,

Tsoutsos³

et al. 2021

Preprint

View full text Add to dashboard Cite

In this paper, we examine the impact of cyberattacks in an integrated transmission and distribution (T&D) power grid model with distributed energy resource (DER) integration. We adopt the OCTAVE Allegro methodology to identify critical system assets, enumerate potential threats, analyze, and prioritize risks for threat scenarios. Based on the analysis, attack strategies and exploitation scenarios are identified which could lead to system compromise. Specifically, we investigate the impact of data integrity attacks in inverted-based solar PV controllers, control signal blocking attacks in protective switches and breakers, and coordinated monitoring and switching time-delay attacks.

show abstract

Cyber Threat and Vulnerability Analysis of the U.S. Electric Sector

Cited by 36 publications

References 0 publications

A Survey on SCADA Systems: Secure Protocols, Incidents, Threats and Tactics

A Survey on SCADA Systems: Secure Protocols, Incidents, Threats and Tactics

Reinforcement Learning for Industrial Control Network Cyber Security Orchestration

Security Assessment and Impact Analysis of Cyberattacks in Integrated T&D Power Systems

Contact Info

Product

Resources

About