Cyber Security: Perspective of Challenges in Operational Technology Systems in Power Sector

Authors

  • Debottam Mukherjee Power Grid Center of Excellence, Indian Institute of Science, Bengaluru – 560012, Karnataka
  • Abhijit Lele Power Grid Center of Excellence, Indian Institute of Science, Bengaluru – 560012, Karnataka
  • Anand Shankar Power Grid Corporation of India Limited, New Delhi – 110016
  • T. S. Kiran Power Grid Center of Excellence, Indian Institute of Science, Bengaluru – 560012, Karnataka
  • Bindhumadhava Bapu Power Grid Center of Excellence, Indian Institute of Science, Bengaluru – 560012, Karnataka
  • N. Bharghav Power Grid Center of Excellence, Indian Institute of Science, Bengaluru – 560012, Karnataka
  • Gurunath Gurrala Department of Electrical Engineering, Indian Institute of Science, Bengaluru – 560012, Karnataka

DOI:

https://doi.org/10.33686/pwj.v20i1.1168

Keywords:

Cyber-Physical Power Network, Embedded Security, IEC 62351

Abstract

The paper explores the cyber security challenges faced by Operational Technology (OT) systems in the power sector, emphasising the need for a holistic approach that includes employee training, contingency planning, attack detection, and resilient protection schemes. It aims to contribute to a deeper understanding of the unique cyber security challenges and requirements of OT systems in power transmission utilities, enabling stakeholders to develop informed strategies, policies, and investments to mitigate cyber risks and enhance the resilience of electrical grids. Moreover, it also highlights the importance of training employees to identify and mitigate cyber threats, fostering a culture of security awareness. It also states how simulation and modelling can facilitate proactive identification and mitigation of potential cyberattacks on critical infrastructure while exploring robust security solutions for Intelligent Electronic Devices (IEDs) and proposes solutions for mitigating these threats. The importance of evaluating adherence to the IEC 62351 standard through dedicated tools and procedures is also emphasized.

Downloads

Download data is not yet available.

Metrics

Metrics Loading ...

Downloads

Published

2024-09-24

How to Cite

Mukherjee, D. ., Lele, A., Shankar, A., Kiran, T. S., Bapu, B., Bharghav, N., & Gurrala, G. (2024). Cyber Security: Perspective of Challenges in Operational Technology Systems in Power Sector. Power Research - A Journal of CPRI, 20(1), 35–45. https://doi.org/10.33686/pwj.v20i1.1168

Issue

Section

Articles

References

Schlegel R, Obermeier S, Schneider J. A security evaluation of IEC 62351. J Inf Secur Appl. 2017; 34:19-204. https://doi.org/10.1016/j.jisa.2016.05.007 DOI: https://doi.org/10.1016/j.jisa.2016.05.007

Malko J, Lis R. Cyberbezpieczen’stwo systemo’w zabezpieczen’ i sterowania. Prz Elektrotech. 2016; 1:182-5.

Ministry of Power. Powergrid inaugurates remote operation of 250th sub-station [Internet]; 2021. Available from: https:// pib.gov.in/PressReleaseIframePage.aspx?PRID=1768492

Ministry of Power. Haryana chief minister dedicates national transmission asset management centre of power grid to the nation [Internet]; 2015. Available from: https:// www.pib.gov.in/newsite/PrintRelease.aspx?relid=120012

The Times of India. Remote control at 22 state power sub-stations [Internet]; 2022. Available from: https://timesofindia.indiatimes.com/city/mumbai/ now-remotecontrol-at-22-state-power-sub-stations/ articleshow/93199340.cms

Macola IG. The five worst cyberattacks against the power industry since 2014 [Internet]; 2020. Available: https:// www.power-technology.com/features/the-five-worstcyberattacksagainst-the-power-industry-since2014/

Dean C. How and why power grid cyberattacks are becoming terrorists’ go-to [Internet]. Available from: https://energycentral.com/c/iu/how-and-why-power-gridcyberattacksare-becoming-terrorists-go 8. M. Phil. UK power grid biz suffers outage after cyberattack [Internet]; 2020. Available from: https://www.infosecurity-magazine.com/news/uk-power-grid-bizsuffersoutage/

Hollerer S, Brenner B, Bhosale PR, Fischer C, Hosseini AM, Maragkou S, et al. Challenges in OT security and their impacts on safety-related cyber-physical production systems. Digital Transformation, Springer; 2023. p. 171202. https://doi.org/10.1007/978-3-662-65004-2_7 DOI: https://doi.org/10.1007/978-3-662-65004-2_7

Scarfò AA. The cyber security challenges in the IoT era. Security and resilience in intelligent data-centric systems and communication networks. Elsevier; 2018. p. 53-76. https://doi.org/10.1016/B978-0-12-811373-8.00003-3 DOI: https://doi.org/10.1016/B978-0-12-811373-8.00003-3

Jesus V, Josephs M. Challenges in cybersecurity for industry 4.0. Innovation in manufacturing through digital technologies and applications: Thoughts and Reflections on Industry 4.0; 2018. p. 61. Availa from: https://research.aston.ac.uk/en/publications/innovation-in-manufacturingthroughdigital-technologies-and-appl

Parsons D. The state of ics/ot cybersecurity in 2022 and beyond. Survey Report; 2022.

He W, Zhang Z (Justin). Enterprise cybersecurity training and awareness programs: Recommendations for success. J Organ Comput Electron Commer. 2019; 29(4):249-57. https://doi.org/10.1080/10919392.2019.1611528 DOI: https://doi.org/10.1080/10919392.2019.1611528

Krumay B, Bernroider EWN, Walser R. Evaluation of cybersecurity management controls and metrics of critical infrastructures: A literature review considering the NIST cybersecurity framework. Secure IT Syst. 2018; 11252:36984. https://doi.org/10.1007/978-3-030-03638-6_23 DOI: https://doi.org/10.1007/978-3-030-03638-6_23

Zonouz S, Davis CM, Davis KR, Berthier R, Bobba RB, Sanders WH. SOCCA: A security-oriented cyber-physical contingency analysis in power infrastructures. IEEE Trans Smart Grid. 2014; 5(1):3-13. https://doi.org/10.1109/TSG.2013.2280399 DOI: https://doi.org/10.1109/TSG.2013.2280399

Mouelhi S, Laarouchi ME, Cancila D, Chaouchi H. Predictive formal analysis of resilience in cyber-physical systems. IEEE Access. 2019; 7:33741-58. https://doi.org/10.1109/ACCESS.2019.2903153 DOI: https://doi.org/10.1109/ACCESS.2019.2903153

Ukwandu E, Farah MAB, Hindy H, Brosset D, Kavallieros D, Atkinson R, et al. A Review of Cyber-Ranges and Test-Beds: Current and Future Trends. Sensors. 2020; 20(24):7148. https://doi.org/10.3390/s20247148 PMid:33322224 PMCid:PMC7764257 DOI: https://doi.org/10.3390/s20247148

Hahn A, Ashok A, Sridhar S, Govindarasu M. Cyberphysical security testbeds: architecture, application, and evaluation for smart grid. IEEE Trans Smart Grid. 2013; 4(2):847-55. https://doi.org/10.1109/TSG.2012.2226919 DOI: https://doi.org/10.1109/TSG.2012.2226919

Moreira N, Molina E, Lázaro J, Jacob E, Astarloa A. Cybersecurity in substation automation systems. Renew Sustain Energy Rev. 2016; 54:1552-62. https://doi.org/10.1016/j.rser.2015.10.124 DOI: https://doi.org/10.1016/j.rser.2015.10.124

Hong J, Liu CC, Govindarasu M. Integrated anomaly detection for cyber security of the substations. IEEE Trans Smart Grid. 2014; 5(4):1643-53. https://doi.org/10.1109/TSG.2013.2294473 DOI: https://doi.org/10.1109/TSG.2013.2294473

Hwang DD, Schaumont P, Tiri K, Verbauwhede I. Securing embedded systems. IEEE Secur Priv Mag. 2006; 4(2):40-9. https://doi.org/10.1109/MSP.2006.51 DOI: https://doi.org/10.1109/MSP.2006.51

Manifavas C, Fysarakis K, Papanikolaou A, Papaefstathiou I. Embedded systems security: A survey of EU research efforts. Secur Commun Netw. 2014; 8(11):2016-36. https://doi.org/10.1002/sec.1151 DOI: https://doi.org/10.1002/sec.1151

Abubakar A, Pranggono B. Machine learning based intrusion detection system for software defined networks. 2017 Seventh Internat Conf Emerg Secu Technol, UK: Canterbury; 2017. https://doi.org/10.1109/EST.2017.8090413 DOI: https://doi.org/10.1109/EST.2017.8090413

Liu H, Lang B. Machine learning and deep learning methods for intrusion detection systems: A survey. Appl Sci. 2019; 9(20):4396. https://doi.org/10.3390/app9204396 DOI: https://doi.org/10.3390/app9204396

Hong J, Nuqui RF, Kondabathini A, Ishchenko D, Martin A. Cyber attack resilient distance protection and circuit breaker control for digital substations. IEEE Trans Ind Informat. 2019; 15(7):4332-41. https://doi.org/10.1109/TII.2018.2884728 DOI: https://doi.org/10.1109/TII.2018.2884728

Todeschini MG, Dondossola G, Terruggia R. Impact evaluation of IEC 62351 cybersecurity on IEC 61850 communications performance [Internet]; 2019. Available from: https://www.cired-repository.org/items/b238105f-1dc9-4db0-8098-629200f0164a