Editorial

Use Case 1: Investigation of Versatile Cyber-attack Scenarios and Methodologies Against EPES (methodologies and tools)

Investigating attack scenarios in a controlled but highly realistic laboratory environment is highly important, since it is not always feasible to deploy real-life cyber-attack scenarios in running EPES infrastructure for safety reasons. As part of the simulation and validation effort, a laboratory environment consisting of a realistic (if scaled-down to the kW range) power system together with a realistic, scaled-down control system architecture are employed to act as a test bed for examining the effectiveness of attack scenarios as well as effectiveness and efficacy of detection and mitigation mechanisms, particularly also performance characteristics critical for mitigation. To this end, the Norwegian National Smart Grid laboratory is well equipped with different components and equipment for research related to smart grids and renewable generation. The laboratory is suitable for studying different grid configurations, hybrid ac/dc networks, microgrids, offshore grids and grid connection issues regarding small hydro power plants and wind generation. It includes a Grid emulator (200 kVA amplifier, DC to 5 kHz), a Real-Time Digital Simulators, HIL testing equipment and Rapid Control Prototyping (RCP) systems (OPAL-RT), Rotating machinery: Induction generators/motors, Synchronous generators/motors, Permanent magnet generators/motors and AC/DC converters: Voltage Source Converters and Multi-Level Converters.

Use Case 1: Investigation of Versatile Cyber-attack Scenarios and Methodologies Against EPES (setup for each methodology)

• Setup Methodology#1: A laboratory setup will be implemented for simulating an SDN-based network topology hosting a number of (virtual) systems replicating enterprise functionality and traffic as well as connectivity to the SCADA systems. Key impact is a better understanding of the types of attacks possible in modern network architectures and of attack signatures, particularly directed towards control systems.
• Setup Methodology#2: A laboratory environment based on a selection of industry standard components will be combined with co-emulated components primarily to represent IED units.The actual component interconnection is to be effected by a combination of real and simulated components using the Software Defined Network (SDN). The externally visible effects produced by the well known attack methodologies to Remote Terminal Units (RTUs) and PLC programmable control devices will be monitored in order to determine the repercussions on the operation of the entire platform.

Use Case 1: Investigation of Versatile Cyber-attack Scenarios and Methodologies Against EPES (the demonstrations)

• target spear-phishing attacks via web browser, email and document transfers,
• direct attacks against operating systems and applications relying on insecure or outdated configurations
• multi-stage attacks targeting systems across such networks (including eavesdropping attack and Man-in-the-Middle attack.
• Rootkits

Also, a set of attacks will be planned against HMI, data historian and engineering workstations, accompanied by supply chain attacks and indirect attacks, i.e., injection of malicious software updates, interference with the Human Management Interface – also known ad HMI – and engineering systems interaction with the SCADA systems , aka Denial od f Service (DoS) attack and Man-in-the-middle attack (MitM)

Events

About SDN-microSENSE