Cyber Security: Perspective of Challenges in Operational Technology Systems in Power Sector
##plugins.themes.academic_pro.article.main##
Abstract
The paper explores the cyber security challenges faced by Operational Technology (OT) systems in the power sector, emphasising the need for a holistic approach that includes employee training, contingency planning, attack detection, and resilient protection schemes. It aims to contribute to a deeper understanding of the unique cyber security challenges and requirements of OT systems in power transmission utilities, enabling stakeholders to develop informed strategies, policies, and investments to mitigate cyber risks and enhance the resilience of electrical grids. Moreover, it also highlights the importance of training employees to identify and mitigate cyber threats, fostering a culture of security awareness. It also states how simulation and modelling can facilitate proactive identification and mitigation of potential cyberattacks on critical infrastructure while exploring robust security solutions for Intelligent Electronic Devices (IEDs) and proposes solutions for mitigating these threats. The importance of evaluating adherence to the IEC 62351 standard through dedicated tools and procedures is also emphasized.
##plugins.themes.academic_pro.article.details##
References
- Schlegel R, Obermeier S, Schneider J. A security evaluation of IEC 62351. J Inf Secur Appl. 2017; 34:19-204. https://doi.org/10.1016/j.jisa.2016.05.007 DOI: https://doi.org/10.1016/j.jisa.2016.05.007
- Malko J, Lis R. Cyberbezpieczen’stwo systemo’w zabezpieczen’ i sterowania. Prz Elektrotech. 2016; 1:182-5.
- Ministry of Power. Powergrid inaugurates remote operation of 250th sub-station [Internet]; 2021. Available from: https:// pib.gov.in/PressReleaseIframePage.aspx?PRID=1768492
- Ministry of Power. Haryana chief minister dedicates national transmission asset management centre of power grid to the nation [Internet]; 2015. Available from: https:// www.pib.gov.in/newsite/PrintRelease.aspx?relid=120012
- The Times of India. Remote control at 22 state power sub-stations [Internet]; 2022. Available from: https://timesofindia.indiatimes.com/city/mumbai/ now-remotecontrol-at-22-state-power-sub-stations/ articleshow/93199340.cms
- Macola IG. The five worst cyberattacks against the power industry since 2014 [Internet]; 2020. Available: https:// www.power-technology.com/features/the-five-worstcyberattacksagainst-the-power-industry-since2014/
- Dean C. How and why power grid cyberattacks are becoming terrorists’ go-to [Internet]. Available from: https://energycentral.com/c/iu/how-and-why-power-gridcyberattacksare-becoming-terrorists-go 8. M. Phil. UK power grid biz suffers outage after cyberattack [Internet]; 2020. Available from: https://www.infosecurity-magazine.com/news/uk-power-grid-bizsuffersoutage/
- Hollerer S, Brenner B, Bhosale PR, Fischer C, Hosseini AM, Maragkou S, et al. Challenges in OT security and their impacts on safety-related cyber-physical production systems. Digital Transformation, Springer; 2023. p. 171202. https://doi.org/10.1007/978-3-662-65004-2_7 DOI: https://doi.org/10.1007/978-3-662-65004-2_7
- Scarfò AA. The cyber security challenges in the IoT era. Security and resilience in intelligent data-centric systems and communication networks. Elsevier; 2018. p. 53-76. https://doi.org/10.1016/B978-0-12-811373-8.00003-3 DOI: https://doi.org/10.1016/B978-0-12-811373-8.00003-3
- Jesus V, Josephs M. Challenges in cybersecurity for industry 4.0. Innovation in manufacturing through digital technologies and applications: Thoughts and Reflections on Industry 4.0; 2018. p. 61. Availa from: https://research.aston.ac.uk/en/publications/innovation-in-manufacturingthroughdigital-technologies-and-appl
- Parsons D. The state of ics/ot cybersecurity in 2022 and beyond. Survey Report; 2022.
- He W, Zhang Z (Justin). Enterprise cybersecurity training and awareness programs: Recommendations for success. J Organ Comput Electron Commer. 2019; 29(4):249-57. https://doi.org/10.1080/10919392.2019.1611528 DOI: https://doi.org/10.1080/10919392.2019.1611528
- Krumay B, Bernroider EWN, Walser R. Evaluation of cybersecurity management controls and metrics of critical infrastructures: A literature review considering the NIST cybersecurity framework. Secure IT Syst. 2018; 11252:36984. https://doi.org/10.1007/978-3-030-03638-6_23 DOI: https://doi.org/10.1007/978-3-030-03638-6_23
- Zonouz S, Davis CM, Davis KR, Berthier R, Bobba RB, Sanders WH. SOCCA: A security-oriented cyber-physical contingency analysis in power infrastructures. IEEE Trans Smart Grid. 2014; 5(1):3-13. https://doi.org/10.1109/TSG.2013.2280399 DOI: https://doi.org/10.1109/TSG.2013.2280399
- Mouelhi S, Laarouchi ME, Cancila D, Chaouchi H. Predictive formal analysis of resilience in cyber-physical systems. IEEE Access. 2019; 7:33741-58. https://doi.org/10.1109/ACCESS.2019.2903153 DOI: https://doi.org/10.1109/ACCESS.2019.2903153
- Ukwandu E, Farah MAB, Hindy H, Brosset D, Kavallieros D, Atkinson R, et al. A Review of Cyber-Ranges and Test-Beds: Current and Future Trends. Sensors. 2020; 20(24):7148. https://doi.org/10.3390/s20247148 PMid:33322224 PMCid:PMC7764257 DOI: https://doi.org/10.3390/s20247148
- Hahn A, Ashok A, Sridhar S, Govindarasu M. Cyberphysical security testbeds: architecture, application, and evaluation for smart grid. IEEE Trans Smart Grid. 2013; 4(2):847-55. https://doi.org/10.1109/TSG.2012.2226919 DOI: https://doi.org/10.1109/TSG.2012.2226919
- Moreira N, Molina E, Lázaro J, Jacob E, Astarloa A. Cybersecurity in substation automation systems. Renew Sustain Energy Rev. 2016; 54:1552-62. https://doi.org/10.1016/j.rser.2015.10.124 DOI: https://doi.org/10.1016/j.rser.2015.10.124
- Hong J, Liu CC, Govindarasu M. Integrated anomaly detection for cyber security of the substations. IEEE Trans Smart Grid. 2014; 5(4):1643-53. https://doi.org/10.1109/TSG.2013.2294473 DOI: https://doi.org/10.1109/TSG.2013.2294473
- Hwang DD, Schaumont P, Tiri K, Verbauwhede I. Securing embedded systems. IEEE Secur Priv Mag. 2006; 4(2):40-9. https://doi.org/10.1109/MSP.2006.51 DOI: https://doi.org/10.1109/MSP.2006.51
- Manifavas C, Fysarakis K, Papanikolaou A, Papaefstathiou I. Embedded systems security: A survey of EU research efforts. Secur Commun Netw. 2014; 8(11):2016-36. https://doi.org/10.1002/sec.1151 DOI: https://doi.org/10.1002/sec.1151
- Abubakar A, Pranggono B. Machine learning based intrusion detection system for software defined networks. 2017 Seventh Internat Conf Emerg Secu Technol, UK: Canterbury; 2017. https://doi.org/10.1109/EST.2017.8090413 DOI: https://doi.org/10.1109/EST.2017.8090413
- Liu H, Lang B. Machine learning and deep learning methods for intrusion detection systems: A survey. Appl Sci. 2019; 9(20):4396. https://doi.org/10.3390/app9204396 DOI: https://doi.org/10.3390/app9204396
- Hong J, Nuqui RF, Kondabathini A, Ishchenko D, Martin A. Cyber attack resilient distance protection and circuit breaker control for digital substations. IEEE Trans Ind Informat. 2019; 15(7):4332-41. https://doi.org/10.1109/TII.2018.2884728 DOI: https://doi.org/10.1109/TII.2018.2884728
- Todeschini MG, Dondossola G, Terruggia R. Impact evaluation of IEC 62351 cybersecurity on IEC 61850 communications performance [Internet]; 2019. Available from: https://www.cired-repository.org/items/b238105f-1dc9-4db0-8098-629200f0164a