Nachaat Mohamed,Mohamed El-Guindy El-Guindy,Adel Oubelaid,Saif khameis Almazrouei

DOI: https://doi.org/10.37391/ijeer.110313

2023-08-10

International Journal of Electrical and Electronics Research

Abstract:The rapid adoption of renewable energy systems has brought forth a new set of cybersecurity challenges that require innovative solutions. In this context, artificial intelligence (AI) has emerged as a promising approach to tackle these challenges. This paper provides a comprehensive review of more than 19 studies that investigate the applications of AI in cybersecurity for renewable energy systems. By analyzing these studies, a range of opportunities and challenges associated with the integration of AI in this domain are identified. Notably, the findings indicate that over 75% of the studies acknowledge the significant potential of AI in enhancing the security of renewable energy systems. Among the various AI techniques employed, machine learning emerges as the most extensively utilized method, demonstrating an impressive detection rate of 85% and a false positive rate below 5%. However, certain challenges persist, including the limited availability of relevant data and concerns regarding the interpretability of AI models. To address these challenges, this paper concludes by providing recommendations for future research directions in this field, aiming to drive advancements in the intersection of smart energy and smart security.

Temitayo Oluwaseun Abrahams,Sarah Kuzankah Ewuga,Samuel Onimisi Dawodu,Abimbola Oluwatoyin Adegbite,Azeez Olanipekun Hassan

DOI: https://doi.org/10.51594/csitrj.v5i1.699

2024-01-09

Computer Science & IT Research Journal

Abstract:In an era where digital threats are increasingly pervasive, understanding the evolution and efficacy of cybersecurity strategies in modern organizations is paramount. This study provides a comprehensive analysis of the dynamic landscape of cybersecurity, exploring its progression from traditional methods to innovative, technology-driven approaches. The digital age has ushered in complex cyber threats, necessitating robust cybersecurity measures. This study examines cybersecurity strategies' historical development, current trends, and future directions across different organizational contexts and industries. The primary aim is to assess the evolution and effectiveness of cybersecurity measures, identify existing gaps, and understand the interplay between human behavior, technology, and policy in cybersecurity. The paper encompasses a comprehensive methodological framework for cybersecurity analysis, exploring the effectiveness of traditional versus modern approaches, the role of AI and ML, and the impact of international policies. It also presents case studies to illustrate successes and failures in cybersecurity implementation. Key findings reveal a significant shift towards advanced technologies like AI and ML in cybersecurity, the critical role of human factors in shaping cybersecurity outcomes, and the influence of international policies in standardizing cybersecurity practices. The study concludes that effective cybersecurity strategies require a balanced approach, combining technological advancements with understanding human factors and adherence to international standards. Recommendations include continuous education and training, adopting holistic cybersecurity strategies, and aligning with international policies. Keywords: Cybersecurity, Artificial Intelligence, Machine Learning, International Policies, Human Factors, Cyber Threats.

Alexandre Rekeraho,Daniel Tudor Cotfas,Petru Adrian Cotfas,Emmanuel Tuyishime,Titus Constantin Balan,Rebecca Acheampong

DOI: https://doi.org/10.3390/electronics13040756

IF: 2.9

2024-02-14

Electronics

Abstract:Renewable energy is an essential solution for addressing climate change, providing sustainable options that are vital for a more environmentally friendly future. Integrating information technology (IT) into renewable energy systems has driven remarkable progress, enhanced efficiency, and enabled remote monitoring. Nevertheless, integrating IT into these systems dramatically increases their vulnerability to cyber threats and potential attacks. This study thoroughly investigates the enhancement of security measures in an IoT-based solar energy remote monitoring system. The research integrates advanced technologies, including Advanced Encryption Standard (AES), myRIO board, and NI's SystemLink Cloud platform, to enhance data security in smart solar energy monitoring systems. Emphasizing AES encryption ensures secure information exchange between the myRIO board and the computer. NI's SystemLink Cloud offers a user-friendly interface for real-time monitoring of critical solar system parameters, supported by robust security measures such as HTTPS encryption and access control. This study sets higher data protection standards in smart energy systems by promoting advanced encryption and secure cloud infrastructures. The approach involves seamlessly integrating renewable energy sources with IT innovations while prioritizing proactive measures to strengthen solar energy system security.

engineering, electrical & electronic,computer science, information systems,physics, applied

Scholar Chinenye Obasi,Nko Okina Solomon,Olubunmi Adeolu Adenekan,Peter Simpa

DOI: https://doi.org/10.51594/csitrj.v5i5.1140

2024-05-13

Computer Science & IT Research Journal

Abstract:This study investigates the pivotal role of cybersecurity in bolstering environmental protection and sustainable development, a critical yet underexplored nexus in contemporary research. Employing a systematic literature review and content analysis, the research scrutinizes peer-reviewed articles, conference proceedings, and industry reports from 2015 to 2023, sourced from databases such as IEEE Xplore, ScienceDirect, and Google Scholar. The methodology is anchored in a rigorous search strategy, leveraging keywords related to cybersecurity, sustainability, and communication technologies, and adheres to defined inclusion and exclusion criteria to ensure the relevance and quality of the literature reviewed. Key findings highlight cybersecurity as an indispensable enabler of sustainable development initiatives, safeguarding the technological infrastructure essential for environmental conservation efforts. The study identifies evolving cyber threats as a significant challenge, necessitating adaptive security measures that anticipate and mitigate potential vulnerabilities. Furthermore, it underscores the opportunities presented by advanced cybersecurity technologies, such as artificial intelligence and blockchain, in enhancing the security and efficiency of sustainable practices. Strategic recommendations emphasize the need for comprehensive cybersecurity frameworks, stakeholder collaboration, cybersecurity education, and alignment with regulatory standards to fortify the resilience of sustainability initiatives against cyber threats. The study concludes that integrating robust cybersecurity measures is paramount in the pursuit of sustainable development goals, calling for ongoing vigilance, innovation, and interdisciplinary collaboration to navigate the complex landscape of digital threats and opportunities. This research contributes valuable insights into the critical intersection of cybersecurity and sustainability, offering a foundation for future studies and strategic initiatives aimed at securing sustainable development in the digital age. Keywords: Cybersecurity, Sustainable Development, Environmental Protection, Advanced Security Technologies.

Malka N. Halgamuge

DOI: https://doi.org/10.1109/COMST.2024.3365076

Abstract:Deep learning shows immense potential for strengthening the cyber-resilience of renewable energy supply chains. However, research gaps in comprehensive benchmarks, real-world model evaluations, and data generation tailored to the renewable domain persist. This study explores applying state-of-the-art deep learning techniques to secure renewable supply chains, drawing insights from over 300 publications. We aim to provide an updated, rigorous analysis of deep learning applications in this field to guide future research. We systematically review literature spanning 2020–2023, retrieving relevant articles from major databases. We examine deep learning’s role in intrusion/anomaly detection, supply chain cyberattack detection frameworks, security standards, historical attack analysis, data management strategies, model architectures, and supply chain cyber datasets. Our analysis demonstrates deep learning enables renewable supply chain anomaly detection by processing massively distributed data. We highlight crucial model design factors, including accuracy, adaptation capability, communication security, and resilience to adversarial threats. Comparing 18 major historical attacks informs risk analysis. We also showcase potential deep learning architectures, evaluating their relative strengths and limitations in security applications. Moreover, our review emphasizes best practices for renewable data curation, considering quality, labeling, access efficiency, and governance. Effective deep learning integration necessitates tailored benchmarks, model tuning guidance, and renewable energy data generation. Our multi-dimensional analysis motivates focused efforts on enhancing detection explanations, securing communications, continually retraining models, and establishing standardized assessment protocols. Overall, we provide a comprehensive roadmap to progress renewable supply chain cyber-resilience leveraging deep learning’s immense potential.

Computer Science,Engineering,Environmental Science

Harshavardhan Palahalli,Marziyeh Hemmati,Giambattista Gruosso

DOI: https://doi.org/10.3390/electronics11121861

IF: 2.9

2022-06-13

Electronics

Abstract:This article presents an optimal distributed energy resource management system for a smart grid connected to photovoltaics, battery energy storage, and an electric vehicle aggregator. These management systems are one of the key factors for the optimal control of power converters connected to the grid. The proposed management system includes the communication architecture necessary for realizing the information flow between the individual control of the distributed generators and the master supervisory control algorithm. The work carried out on two levels is first to design a control strategy for energy management and validate it with the grid in real-time hardware-in-the-loop simulation integrating the IEC61850 communication layer and physical intelligent electronic devices. The second is to analyze the vulnerabilities of the designed methodology for cybersecurity threats explicitly with the extension of IEC61850 to electric vehicle aggregators for communication with the master energy management. A man-in-the-middle attack conducted in the supervisory communication layer enabled us to investigate the effects of such an attack on the performance and operation of the smart electric grid.

engineering, electrical & electronic,computer science, information systems,physics, applied

Ioannis Zografopoulos,Nikos D. Hatziargyriou,Charalambos Konstantinou

DOI: https://doi.org/10.1109/JSYST.2023.3305757

2023-10-02

Abstract:The digitization and decentralization of the electric power grid are key thrusts for an economically and environmentally sustainable future. Towards this goal, distributed energy resources (DER), including rooftop solar panels, battery storage, electric vehicles, etc., are becoming ubiquitous in power systems. Power utilities benefit from DERs as they minimize operational costs; at the same time, DERs grant users and aggregators control over the power they produce and consume. DERs are interconnected, interoperable, and support remotely controllable features, thus, their cybersecurity is of cardinal importance. DER communication dependencies and the diversity of DER architectures widen the threat surface and aggravate the cybersecurity posture of power systems. In this work, we focus on security oversights that reside in the cyber and physical layers of DERs and can jeopardize grid operations. Existing works have underlined the impact of cyberattacks targeting DER assets, however, they either focus on specific system components (e.g., communication protocols), do not consider the mission-critical objectives of DERs, or neglect the adversarial perspective (e.g., adversary/attack models) altogether. To address these omissions, we comprehensively analyze adversarial capabilities and objectives when manipulating DER assets, and then present how protocol and device-level vulnerabilities can materialize into cyberattacks impacting power system operations. Finally, we provide mitigation strategies to thwart adversaries and directions for future DER cybersecurity research.

Cryptography and Security,Systems and Control

DOI: https://doi.org/10.37075/yb.2021.2.10

2021-12-28

Yearbook of UNWE

Abstract:Technical constraints in the field of transport of energy resources following the digitization are particularly relevant in the case of critical infrastructure and Industry 4.0. Since all industrial facilities, of the sector like petrochemical pipelines, expensive to build and designed without any particular form of protection against cyber-attacks, followed a plug-in approach: new technologies have been added on top of existing layers to ensure compatibility and as such became exposed to cyber-attacks. Cyberattacks on energy plants and transportation means could become the most serious threat to any country’s national security, to the impact on the population and the physical destruction of structures, usually in an extremely wide area. The paper justifies and sums up some steps that both governments and industry should follow and plan for: a) creating instruments and structures in place for conducting strategic intelligence prior to attacks on the network b) invest in designing programs that will raise the awareness of the potential threats and will map out the weak points c) boost collaboration and industry partnerships to address the increasing convergence of physical and virtual threats.

Jun'e Li,Jiaqi Liang,Quanying Liu,Donglian Qi,Jianliang Zhang,Yangrong Chen

DOI: https://doi.org/10.3389/fenrg.2022.971725

IF: 3.4

2022-01-01

Frontiers in Energy Research

Abstract:With the rapid development of integrated energy system, the large-scale and high-permeability access of distributed generations (DGs) is making the distribution networks develop into active distribution networks (ADNs). The increased complexity of ADNs also increases the vulnerabilities for cyberattacks. It is a new challenge how to evaluate the situation of an ADN so as to support the decision-making of grid control policies in the condition of cyberattacks probably occur. Hence, in this paper, we proposed a method of situation assessment for ADNs considering cyberattacks. This method is aggregated by two parts. 1) An index system is presented, which includes the indexes of DGs stability, the indexes of security risk considering cyberattacks along with the traditional safety indexes. 2) The entropy weight method is used to assign weights to each index, and taking the normal operation status of ADNs as the reference scenario, an operating situation assessment method for ADNs is proposed based on grey correlation analysis method. Finally, in order to verify the effectiveness of the proposed index system and assessment method, 12 attack scenarios are established from three categories: attacks on DGs, attacks on controllable loads and attacks on both of them, and the situation of the ADN, a case based on IEEE 33-node standard distribution system, is evaluated under each scenario.

Naveen Tatipatri,S. L. Arun

DOI: https://doi.org/10.1109/access.2024.3361039

IF: 3.9

2024-02-10

IEEE Access

Abstract:Continuous communication and information technology advancements facilitate the modernization of the conventional energy grid into an integrated platform. Internet-of-Things (IoT) incorporates power systems, particularly smart grid features and the delivery of new services from the utility side to the end user over a two-way communication channel. However, severe security vulnerabilities have been created due to over-dependency on IoT based communication systems. In addition, critical information exchange between any two entities or devices is always an appealing target for cyber-attackers, especially with financial interest motive by damaging integrity, confidentiality and authenticity in a communication channel. Maintaining data security and preserving privacy in between two entities during the transmission or any data distribution are essential. The potential attacks and impacts of those attacks need to be investigated to develop an effective cyber security infrastructure. Thus, considerable researchers focused on detection and mitigation of these vulnerable cyber-attacks using advanced computation tools. This review article thoroughly investigated possible ways to address cyber security challenges such as smart meter security, end-users privacy, electricity theft cyber-attacks using blockchain and cryptography against communication attacks in smart grid. The operational impacts of cyber-attacks on power system security, as well as the economic impact on deregulated energy markets, have been extensively explored. In addition, the robustness of security features and cryptographic methods against various cyber-attacks is investigated to suggest unexplored cyber-attacks for future scope. Specially, the study of real-world cyber security events, case studies, new findings and new scopes in diverse power industries are carried out. More than 135 research articles has been examined for this review article. This paper mainly concentrates on distribution-side cyber-attacks with impact analysis, detection and protection techniques.

computer science, information systems,telecommunications,engineering, electrical & electronic

Abimbola Oluwatoyin Adegbite,Deborah Idowu Akinwolemiwa,Prisca Ugomma Uwaoma,Simon Kaggwa,Odunayo Josephine Akindote,Samuel Onimisi Dawodu

DOI: https://doi.org/10.51594/csitrj.v4i3.658

2023-12-24

Computer Science & IT Research Journal

Abstract:This review analyses cybersecurity methods in the USA, focusing on protecting national infrastructure, with lessons and implications for global cybersecurity practices. In an era dominated by digital interconnectedness, the protection of national infrastructure from cyber threats is of paramount importance. This paper provides a comprehensive review of cybersecurity strategies employed by the United States to safeguard critical national infrastructure. As the nation's reliance on technology continues to grow, so does the complexity and sophistication of cyber threats. The paper examines key frameworks, policies, and initiatives implemented by the USA to fortify its critical infrastructure against cyber-attacks. It outlines the current threat landscape, the evolving nature of cyber threats and the potential consequences of successful attacks on critical sectors such as energy, transportation, and finance. It also analyzes the strategic approaches adopted by the USA, including the National Infrastructure Protection Plan (NIPP), the National Institute of Standards and Technology (NIST) Cybersecurity Framework, and collaborative efforts between the public and private sectors. The paper explores the role of government agencies, regulatory bodies, and private enterprises in implementing and enforcing cybersecurity measures. It assesses the effectiveness of information sharing initiatives, public-private partnerships, and international collaborations in enhancing the resilience of national infrastructure against cyber threats. Furthermore, the review addresses emerging technologies such as Artificial Intelligence (AI) and the Internet of Things (IoT) in the context of cybersecurity. It evaluates how these technologies are leveraged to detect, prevent, and respond to cyber threats in real-time, considering both their benefits and potential risks. Ethical considerations, privacy concerns, and challenges associated with the implementation of robust cybersecurity strategies are also discussed. The paper concludes with insights into the evolving nature of cyber threats and recommendations for continuous improvement in national cybersecurity strategies, emphasizing the need for agility, adaptability, and collaboration to stay ahead of an ever-changing threat landscape. This study contributes to the broader understanding of cybersecurity practices, offering insights that are not only relevant to the USA but also applicable to other nations facing similar challenges in safeguarding their critical infrastructure in an increasingly interconnected and digital world. Keywords: Cybersecurity, Strategies, Protecting, National Infrastructure, USA, NIST, Artificial Intelligence.

Mengxiang Liu,Fei Teng,Zhenyong Zhang,Pudong Ge,Ruilong Deng,Mingyang Sun,Peng Cheng,Jiming Chen

DOI: https://doi.org/10.1109/TSG.2024.3373008

2024-03-06

Abstract:The rapid development of information and communications technology has enabled the use of digital-controlled and software-driven distributed energy resources (DERs) to improve the flexibility and efficiency of power supply, and support grid operations. However, this evolution also exposes geographically-dispersed DERs to cyber threats, including hardware and software vulnerabilities, communication issues, and personnel errors, etc. Therefore, enhancing the cyber-resiliency of DER-based smart grid - the ability to survive successful cyber intrusions - is becoming increasingly vital and has garnered significant attention from both industry and academia. In this survey, we aim to provide a systematical and comprehensive review regarding the cyber-resiliency enhancement (CRE) of DER-based smart grid. Firstly, an integrated threat modeling method is tailored for the hierarchical DER-based smart grid with special emphasis on vulnerability identification and impact analysis. Then, the defense-in-depth strategies encompassing prevention, detection, mitigation, and recovery are comprehensively surveyed, systematically classified, and rigorously compared. A CRE framework is subsequently proposed to incorporate the five key resiliency enablers. Finally, challenges and future directions are discussed in details. The overall aim of this survey is to demonstrate the development trend of CRE methods and motivate further efforts to improve the cyber-resiliency of DER-based smart grid.

Systems and Control,Cryptography and Security

Tania Wallis,Paul Dorey

DOI: https://doi.org/10.3390/en16041868

IF: 3.2

2023-02-16

Energies

Abstract:This study describes the implementation of an energy sector community to examine the practice of cybersecurity for operational technology environments and their supply chains. Evaluating cybersecurity from the perspectives of different actors participating in the energy sector, the progress and challenges of operators and suppliers in delivering cybersecurity for the sector are explored. While regulatory frameworks incentivize individual organizations to improve their cybersecurity, operational services contain contributions from many organizations, and this supply chain of activity needs to be influenced and managed to achieve desired security and resilience outcomes. Through collaborations and systems engineering approaches, a reference model is created to facilitate improvements in managing the cybersecurity of supply chains for different actors, including service operators, maintainers, manufacturers, and systems integrators. This study provides an illustration of implementing a common vision of cybersecurity improvement across a community of actors. It utilizes a collaborative framework that has facilitated the co-production of cybersecurity guidance for energy sector participants.

energy & fuels

Bright Ojo,Justine Chilenovu Ogborigbo,Maureen Oluchukwuamaka Okafor

DOI: https://doi.org/10.30574/wjarr.2024.22.3.1921

2024-06-30

World Journal of Advanced Research and Reviews

Abstract:Critical infrastructure must withstand cyber and physical assaults in today's interconnected world. This study explores innovative strategies to shield these systems from cyber-physical threats. As networks become more connected, cyberattacks grow more sophisticated, making it imperative to safeguard sectors like transportation, energy, water, and information. The paper analyzes the present and future threat landscape, identifying vulnerabilities within critical infrastructures and proposing targeted mitigation strategies to enhance security. The research leverages AI and machine learning to develop detection tools that identify and predict cyber-physical attacks, enhancing response times and preventive measures. Additionally, resilience engineering and architecture are crucial in fortifying infrastructure, enabling it to withstand and recover from attacks while maintaining essential functions. The study also reviews legislation and policies surrounding infrastructure protection, pinpointing shortcomings and recommending improvements to bolster national security. Effective countermeasures against cyber-physical threats require collaboration and information sharing among government bodies, industry stakeholders, and educational institutions. These partnerships facilitate the exchange of knowledge, best practices, and tools to address threats efficiently. Furthermore, the paper highlights the importance of training programs that equip professionals with skills to integrate cyber and physical security defenses. Exploring the integration of blockchain, IoT, and autonomous technologies could further enhance the resilience of critical systems. These technologies foster secure communications and automated responses to incidents. Lastly, community awareness initiatives play a vital role in preparing for and mitigating cyber-physical attacks, ensuring that public readiness and resilience are maintained. This comprehensive approach aims to fortify critical infrastructure against evolving cyber threats, ensuring continuous operation and security.

Mengxiang Liu,Fei Teng,Zhenyong Zhang,Pudong Ge,Mingyang Sun,Ruilong Deng,Peng Cheng,Jiming Chen

DOI: https://doi.org/10.1109/tsg.2024.3373008

IF: 10.275

2024-01-01

IEEE Transactions on Smart Grid

Abstract:The rapid development of information and communications technology has enabled the use of digital-controlled and software-driven distributed energy resources (DERs) to improve the flexibility and efficiency of power supply, and support grid operations. However, this evolution also exposes geographically-dispersed DERs to cyber threats, including hardware and software vulnerabilities, communication issues, and personnel errors, etc. Therefore, enhancing the cyber-resiliency of DER-based smart grid -the ability to survive successful cyber intrusions -is becoming increasingly vital and has garnered significant attention from both industry and academia. In this survey, we aim to provide a comprehensive review regarding the cyber-resiliency enhancement (CRE) developments of the DER-based smart grid, present a holistic CRE framework, and thoroughly discuss the research directions of the next-generation CRE methods. Firstly, an integrated threat modeling method is tailored for the hierarchical DER-based smart grid with special emphasises on vulnerability identification and impact analysis. Then, the defense-in-depth strategies encompassing prevention, detection, mitigation, and recovery are comprehensively surveyed, systematically classified, and rigorously summarized. A holistic CRE framework is subsequently proposed to incorporate the five key resiliency enablers. Finally, challenges and future directions are discussed in details. The overall aim of this survey is to illustrates the recent development of CRE methods and motivate further efforts to improve the cyber-resiliency of DER-based smart grid.

engineering, electrical & electronic

Amjad Mehmood,Gregory Epiphaniou,Carsten Maple,Nikolaos Ersotelos,Richard Wiseman

DOI: https://doi.org/10.3390/s23218720

IF: 3.9

2023-10-26

Sensors

Abstract:Cyber threats and vulnerabilities present an increasing risk to the safe and frictionless execution of business operations. Bad actors ("hackers"), including state actors, are increasingly targeting the operational technologies (OTs) and industrial control systems (ICSs) used to protect critical national infrastructure (CNI). Minimisations of cyber risk, attack surfaces, data immutability, and interoperability of IoT are some of the main challenges of today's CNI. Cyber security risk assessment is one of the basic and most important activities to identify and quantify cyber security threats and vulnerabilities. This research presents a novel i-TRACE security-by-design CNI methodology that encompasses CNI key performance indicators (KPIs) and metrics to combat the growing vicarious nature of remote, well-planned, and well-executed cyber-attacks against CNI, as recently exemplified in the current Ukraine conflict (2014–present) on both sides. The proposed methodology offers a hybrid method that specifically identifies the steps required (typically undertaken by those responsible for detecting, deterring, and disrupting cyber attacks on CNI). Furthermore, we present a novel, advanced, and resilient approach that leverages digital twins and distributed ledger technologies for our chosen i-TRACE use cases of energy management and connected sites. The key steps required to achieve the desired level of interoperability and immutability of data are identified, thereby reducing the risk of CNI-specific cyber attacks and minimising the attack vectors and surfaces. Hence, this research aims to provide an extra level of safety for CNI and OT human operatives, i.e., those tasked with and responsible for detecting, deterring, disrupting, and mitigating these cyber-attacks. Our evaluations and comparisons clearly demonstrate that i-TRACE has significant intrinsic advantages compared to existing "state-of-the-art" mechanisms.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Tawfiq M. Aljohani

DOI: https://doi.org/10.48550/arXiv.2208.14225

2022-08-28

Cryptography and Security

Abstract:Recent high-profile cyberattacks on energy infrastructures, such as the security breach of the Colonial Pipeline in 2021 and attacks that have disrupted Ukraine's power grid from the mid-2010s till date, have pushed cybersecurity as a top priority. As political tensions have escalated in Europe this year, concerns about critical infrastructure security have increased. Operators in the industrial sector face new cybersecurity threats that increase the risk of disruptions in services, property damages, and environmental harm. Amid rising geopolitical tensions, industrial companies, with their network-connected systems, are now considered major targets for adversaries to advance political, social, or military agendas. Moreover, the recent Russian-Ukrainian conflict has set the alarm worldwide about the danger of targeting energy grids via cyberattacks. Attack methodologies, techniques, and procedures used successfully to hack energy grids in Ukraine can be used elsewhere. This work aims to present a thorough analysis of the cybersecurity of the energy infrastructure amid the increased rise of cyberwars. The article navigates through the recent history of energy-related cyberattacks and their reasoning, discusses the grid's vulnerability, and makes a precautionary argument for securing the grids against them.

Alexis Pengfei Zhao,Shuangqi Li,Chenghong Gu,Xiaohe Yan,Paul Jen-Hwa Hu,Zhaoyu Wang,Da Xie,Zhidong Cao,Xinlei Chen,Chenye Wu,Tianyi Luo,Zikang Wang,Ignacio Hernando-Gil

DOI: https://doi.org/10.1109/jestie.2024.3434350

2024-01-01

IEEE Journal of Emerging and Selected Topics in Industrial Electronics

Abstract:In an era characterized by extensive use of and reliance on information and communications technology (ICT), cyber-physical power systems (CPPS) have emerged as a critical integral of modern power infrastructures, providing vital energy sources to consumers, communities, and industries worldwide. The integration of ICT in these systems, while beneficial, introduces a rapidly evolving range of cybersecurity challenges that significantly threaten their confidentiality, integrity, and availability. To address this, our article offers a comprehensive and timely survey of the current landscape of cyber vulnerabilities in CPPS, reflecting the latest developments in the field up to the present. This includes an in-depth analysis of the diverse types of cyber threats to CPPS and their potential consequences, underscoring the necessity for a broad, multidisciplinary approach. Our review is distinguished by its thoroughness and timeliness, covering recent research to offer one of the most current overviews of cybersecurity in CPPSs. We adopt a holistic perspective, integrating technical, societal, environmental, and policy implications, thereby providing a more comprehensive understanding of cybersecurity in CPPSs. We delve into the complexities of cyberattacks, exploring sophisticated, targeted attacks alongside common threats, and emphasize the dynamic nature of cyber threats, providing insights into their evolution and future trends. Additionally, our review highlights critical yet often overlooked challenges such as system visibility and standardization in security protocols, arguing their significance in enhancing CPPS resilience. Furthermore, our work gives special attention to the aspects of restoration and recovery post-cyberattack, an area less emphasized in existing literature. Through this comprehensive overview of the current state and evolving challenges of CPPS security, our article serves as an indispensable resource for research, practice, and policymaking dedicated to safeguarding the safety, reliability, and resilience of ICTempowered energy systems.

Ihor Fursov,Klym Yamkovyi,Oleksandr Shmatko

DOI: https://doi.org/10.32620/reks.2022.4.04

2022-11-29

RADIOELECTRONIC AND COMPUTER SYSTEMS

Abstract:The subject of this study is the cyber vulnerability of wind generators, as part of the cyberphysical system of intelligent power supply networks, Smart Grid. Wind generators produce electricity for further distribution in the network between «smart» electricity consumers, which often include autonomous power systems in medical institutions, autonomous power supply of homes, charging stations for cars, etc. Wind generators operate in two aspects: in the physical and information space. Thus, a violation of the security of the information flow of a wind generator can affect the physical performance of electricity generation, and disable equipment. The study aims to identify types of cyber threats in the wind generator network based on the analysis of known attack incidents, analysis of the Smart Grid network structure, network devices, protocols, and control mechanisms of a wind generator. The tasks of the work are: review and analyze known cyberattack incidents; review the classification of cyber threats to wind farms; consider the most common methods of attacks on the cyberphysical system of wind farms; consider ways of intrusions into the information flow of the cyberphysical system wind generator; consider resilience mechanisms of wind generators in case of a cyberattack, consider the directions of further research. The methods are a systematic approach that provides a comprehensive study of the problem, quantitative and qualitative analysis of incidents of cyber attacks on wind generators, and methods of attacks. The following results were obtained: 11 large-scale known incidents of cyber attacks on the cyberphysical systems of the energy sector and smart power supply networks were analyzed, and information flow features and structure of the wind generators were considered. Main communication interfaces of the Smart Grid network were reviewed, control mechanisms for the physical parts of the wind generator system such as automatic voltage regulator, and automatic generation control were observed, vulnerable data transmission protocols, DNP3 in particular, were analyzed, possible consequences in the case of a cyber-intrusion into the network were considered. Conclusions: wind farms, as part of the Smart Grid system, are a convenient target for cyberattacks, as the number of potential ways to interfere with the information flow of the cyberphysical system is growing due to an increase in the number of sensors, communication channels in the network. This is especially important for the further development of wind farm security systems, which at the time, are not able to provide high accuracy of intrusion detection into the information flow.

Dajun Du,Minggao Zhu,Xue Li,Minrui Fei,Siqi Bu,Lei Wu,Kang Li

DOI: https://doi.org/10.35833/mpce.2021.000604

IF: 4.469

2023-01-01

Journal of Modern Power Systems and Clean Energy

Abstract:Potential malicious cyber-attacks to power systems which are connected to a wide range of stakeholders from the top to tail will impose significant societal risks and challenges. The timely detection and defense are of crucial importance for safe and reliable operation of cyber-physical power systems (CPPSs). This paper presents a comprehensive review of some of the latest attack detection and defense strategies. Firstly, the vulnerabilities brought by some new information and communication technologies (ICTs) are analyzed, and their impacts on the security of CPPSs are discussed. Various malicious cyber-attacks on cyber and physical layers are then analyzed within CPPSs framework, and their features and negative impacts are discussed. Secondly, two current mainstream attack detection methods including state estimation based and machine learning based methods are analyzed, and their benefits and drawbacks are discussed. Moreover, two current mainstream attack defense methods including active defense and passive defense methods are comprehensively discussed. Finally, the trends and challenges in attack detection and defense strategies in CPPSs are provided.

engineering, electrical & electronic