The assessment and management of cybersecurity status in the Electrical Power and Energy Systems (EPES) is of paramount importance towards providing advanced protection and resilience to the smart electrical grid infrastructures, as those are characterised as de facto critical infrastructures with great importance for the well-functioning of the society and economy [1]. However, EPES infrastructures come with an extensive set of ICT and grid assets dependencies, while multiple actors and stakeholders are engaged in systems’ operation.
In this direction, SDN-microSENSE risk assessment is capable to assess the overall cyber risks considering all the existing power and energy infrastructure (including legacy SCADA/ICS devices), software systems, and energy-related personnel and stakeholders. The risk assessment is based on concrete meta-model for risk calculation and provides a better understanding of the vulnerabilities and threats in the energy sector. To do so, the developed methodology is based on a graph-based correlation model that allows to assess the EPES in a holistic manner. In addition, the process is enhanced by the deployment of honeypots that assist in data collection and analysis of offensive actions, since they go beyond “traditional” network data, used as forensics, to a richer set of evidence based on the execution of actual attacks.
Another facet of the assessment methodology for the EPES is the consideration of the energy-related personnel and security awareness, as cyber-security is not limited to the cyber dimension, but encompasses the people, processes, policies, and technology that contribute to an organisation’s overall cyber-security readiness. Despite having security regulations, personnel have been identified as the weakest link in information security in organisations, and especially in the energy domain, the personnel and stakeholders’ behaviour is critical for the safety of the whole society [2]. For this reason, personnel interactions are taken into account for the creation of an assessment that enhances the overall risk assessment process.
The results of the research conducted on related standards were used in the formulation of the collaborative Energy Chain Risk Assessment approach of SDN-microSENSE (ECRA). The methodology follows standardized notations and consists of seven steps (step 0 to step 6), which are presented bellow:
- Step 0: Scope of the Energy Chain Risk Assessment (ECRA)
- Step 1: Analysis of the EPES
- Step 2: EPES cyber threat analysis
- Step 3: Vulnerability Analysis
- Step 4: Impact Analysis
- Step 5: Risk Assessment
- Step 6: Risk mitigation: Selection of security controls
Based on these methodology steps, which are intuitively presented in Figure 1, the use case requirements and the design aspects of the whole SDN-microSENSE framework, UBITECH’s OLISTIC Enterprise Risk Management Suite [3] has been extended to provide the needed functionality and deliver the SDN-microSENSE risk assessment framework (S-RAF).
S-RAF differentiates from other risk assessment tools and acts as a complementary tool for the security of EPES infrastructure. More specifically, the following three are the key points of differentiation between the adoption of S-RAF methodology and other risk assessment solutions: a) the EPES-focus risk assessment, b) the cumulative risk assessment and calculation methodology, and c) the deep insights on the security of EPES.
Risk Assessment with Focus on EPES
The distributed nature of the EPES poses the requirement for the development of a methodology which considers the collaborative aspects and the involvement of multiple stakeholders (i.e., personnel at different places or task roles) in the risk assessment process. In addition, critical infrastructure such as the EPES contains both cyber and physical assets. Thus, in order to support multiple assets, considering a wide range of legacy ICT and industrial devices, including older legacy SCADA and ICS devices, IoT components, and SDN assets, an EPES-focused assessment model was in need. However, apart from the assets the developed methodology the definition of cyber or physical dependencies among them in order to model chains of assets that may enable cascading effects to the overall topology. Figure 2 offers an overview such a chain of interdependent assets. .
Cumulative risk Assessment and calculation methodology
S-RAF takes into account the collaborative aspects defined among all stakeholders of the energy components and proceeds to the calculation of the cumulative risks. In other words, S-RAF cumulative risk assessment approach enables one to perceive the security state at the level of mission-critical assets that belong either in the same business workflow, or in the same physical (or virtual) networks. In order to address the need for a collaborative risk assessment framework, S-RAF takes advantage of the graph-based modelling of assets interdependencies used in OLISTIC to deliver a collaborative scheme of measuring the risk in a cumulative manner. More specifically, through the interdependency graphs, the risk assessment methodology utilises a calculation methodology to, not solely focus on measuring the risk for individual assets, but to uncover the risks which can be raised as a result of propagated threats or the ability of an attacker to penetrate further into the network. The collaborative aspect of the risk calculation is facilitated by the utilisation of globally accepted standards such as CVSS [4]. This option enabled the risk quantification to be compatible to the wide variety of legacy ICT, energy and SDN-specific assets. Figure 3 presents the S-RAF dashboard that enables the supervision of the security status of the infrastructure.
Deep Insights on the security issues of EPES
S-RAF comes with extended capabilities for gathering security related information from multiple sources of the EPES. Thus, through the inclusion of an engine that detects and manages vulnerabilities and by interacting with other components of SDN-microSENSE that offer asset inventory services and real-time detection of offensive events, S-RAF is capable to provide deep insights on the security risks in a near real-time manner. The aforementioned functionalities offer a level of automation which enables administrators to supervise effectively the security status of the examined EPES infrastructure.
References
[1] ENISA – Smart Grid Threat Landscape and Good Practice Guide, December 17, 2013 [online: https://www.enisa.europa.eu/publications/smart-grid-threat-landscape-and-good-practice-guide ]
[2] D. Nordgård, K. Sand, and I. Wangensteen, “Risk assessment methods applied to electricity distribution system asset management,” Reliability, risk and safety: theory and applications, pp. 429–436, 2009
[3] UBITECH – OLISTIC Enterprise Risk Management Suite: https://olistic.io/
[4] CVSS – A Complete Guide to the Common Vulnerability Scoring System (Version 2.0), [online: https://www.first.org/cvss/v2/guide]