Cyber Security: Perspective of Challenges in Operational Technology Systems in Power Sector

##plugins.themes.academic_pro.article.main##

Debottam Mukherjee
Abhijit Lele
Anand Shankar
T. S. Kiran
Bindhumadhava Bapu
N. Bharghav
Gurunath Gurrala

Abstract

The paper explores the cyber security challenges faced by Operational Technology (OT) systems in the power sector, emphasising the need for a holistic approach that includes employee training, contingency planning, attack detection, and resilient protection schemes. It aims to contribute to a deeper understanding of the unique cyber security challenges and requirements of OT systems in power transmission utilities, enabling stakeholders to develop informed strategies, policies, and investments to mitigate cyber risks and enhance the resilience of electrical grids. Moreover, it also highlights the importance of training employees to identify and mitigate cyber threats, fostering a culture of security awareness. It also states how simulation and modelling can facilitate proactive identification and mitigation of potential cyberattacks on critical infrastructure while exploring robust security solutions for Intelligent Electronic Devices (IEDs) and proposes solutions for mitigating these threats. The importance of evaluating adherence to the IEC 62351 standard through dedicated tools and procedures is also emphasized.

##plugins.themes.academic_pro.article.details##

How to Cite
Mukherjee, D. ., Lele, A., Shankar, A., Kiran, T. S., Bapu, B., Bharghav, N., & Gurrala, G. (2024). Cyber Security: Perspective of Challenges in Operational Technology Systems in Power Sector. Power Research - A Journal of CPRI, 20(1), 35–45. https://doi.org/10.33686/pwj.v20i1.1168

References

  1. Schlegel R, Obermeier S, Schneider J. A security evaluation of IEC 62351. J Inf Secur Appl. 2017; 34:19-204. https://doi.org/10.1016/j.jisa.2016.05.007 DOI: https://doi.org/10.1016/j.jisa.2016.05.007
  2. Malko J, Lis R. Cyberbezpieczen’stwo systemo’w zabezpieczen’ i sterowania. Prz Elektrotech. 2016; 1:182-5.
  3. Ministry of Power. Powergrid inaugurates remote operation of 250th sub-station [Internet]; 2021. Available from: https:// pib.gov.in/PressReleaseIframePage.aspx?PRID=1768492
  4. Ministry of Power. Haryana chief minister dedicates national transmission asset management centre of power grid to the nation [Internet]; 2015. Available from: https:// www.pib.gov.in/newsite/PrintRelease.aspx?relid=120012
  5. The Times of India. Remote control at 22 state power sub-stations [Internet]; 2022. Available from: https://timesofindia.indiatimes.com/city/mumbai/ now-remotecontrol-at-22-state-power-sub-stations/ articleshow/93199340.cms
  6. Macola IG. The five worst cyberattacks against the power industry since 2014 [Internet]; 2020. Available: https:// www.power-technology.com/features/the-five-worstcyberattacksagainst-the-power-industry-since2014/
  7. Dean C. How and why power grid cyberattacks are becoming terrorists’ go-to [Internet]. Available from: https://energycentral.com/c/iu/how-and-why-power-gridcyberattacksare-becoming-terrorists-go 8. M. Phil. UK power grid biz suffers outage after cyberattack [Internet]; 2020. Available from: https://www.infosecurity-magazine.com/news/uk-power-grid-bizsuffersoutage/
  8. Hollerer S, Brenner B, Bhosale PR, Fischer C, Hosseini AM, Maragkou S, et al. Challenges in OT security and their impacts on safety-related cyber-physical production systems. Digital Transformation, Springer; 2023. p. 171202. https://doi.org/10.1007/978-3-662-65004-2_7 DOI: https://doi.org/10.1007/978-3-662-65004-2_7
  9. Scarfò AA. The cyber security challenges in the IoT era. Security and resilience in intelligent data-centric systems and communication networks. Elsevier; 2018. p. 53-76. https://doi.org/10.1016/B978-0-12-811373-8.00003-3 DOI: https://doi.org/10.1016/B978-0-12-811373-8.00003-3
  10. Jesus V, Josephs M. Challenges in cybersecurity for industry 4.0. Innovation in manufacturing through digital technologies and applications: Thoughts and Reflections on Industry 4.0; 2018. p. 61. Availa from: https://research.aston.ac.uk/en/publications/innovation-in-manufacturingthroughdigital-technologies-and-appl
  11. Parsons D. The state of ics/ot cybersecurity in 2022 and beyond. Survey Report; 2022.
  12. He W, Zhang Z (Justin). Enterprise cybersecurity training and awareness programs: Recommendations for success. J Organ Comput Electron Commer. 2019; 29(4):249-57. https://doi.org/10.1080/10919392.2019.1611528 DOI: https://doi.org/10.1080/10919392.2019.1611528
  13. Krumay B, Bernroider EWN, Walser R. Evaluation of cybersecurity management controls and metrics of critical infrastructures: A literature review considering the NIST cybersecurity framework. Secure IT Syst. 2018; 11252:36984. https://doi.org/10.1007/978-3-030-03638-6_23 DOI: https://doi.org/10.1007/978-3-030-03638-6_23
  14. Zonouz S, Davis CM, Davis KR, Berthier R, Bobba RB, Sanders WH. SOCCA: A security-oriented cyber-physical contingency analysis in power infrastructures. IEEE Trans Smart Grid. 2014; 5(1):3-13. https://doi.org/10.1109/TSG.2013.2280399 DOI: https://doi.org/10.1109/TSG.2013.2280399
  15. Mouelhi S, Laarouchi ME, Cancila D, Chaouchi H. Predictive formal analysis of resilience in cyber-physical systems. IEEE Access. 2019; 7:33741-58. https://doi.org/10.1109/ACCESS.2019.2903153 DOI: https://doi.org/10.1109/ACCESS.2019.2903153
  16. Ukwandu E, Farah MAB, Hindy H, Brosset D, Kavallieros D, Atkinson R, et al. A Review of Cyber-Ranges and Test-Beds: Current and Future Trends. Sensors. 2020; 20(24):7148. https://doi.org/10.3390/s20247148 PMid:33322224 PMCid:PMC7764257 DOI: https://doi.org/10.3390/s20247148
  17. Hahn A, Ashok A, Sridhar S, Govindarasu M. Cyberphysical security testbeds: architecture, application, and evaluation for smart grid. IEEE Trans Smart Grid. 2013; 4(2):847-55. https://doi.org/10.1109/TSG.2012.2226919 DOI: https://doi.org/10.1109/TSG.2012.2226919
  18. Moreira N, Molina E, Lázaro J, Jacob E, Astarloa A. Cybersecurity in substation automation systems. Renew Sustain Energy Rev. 2016; 54:1552-62. https://doi.org/10.1016/j.rser.2015.10.124 DOI: https://doi.org/10.1016/j.rser.2015.10.124
  19. Hong J, Liu CC, Govindarasu M. Integrated anomaly detection for cyber security of the substations. IEEE Trans Smart Grid. 2014; 5(4):1643-53. https://doi.org/10.1109/TSG.2013.2294473 DOI: https://doi.org/10.1109/TSG.2013.2294473
  20. Hwang DD, Schaumont P, Tiri K, Verbauwhede I. Securing embedded systems. IEEE Secur Priv Mag. 2006; 4(2):40-9. https://doi.org/10.1109/MSP.2006.51 DOI: https://doi.org/10.1109/MSP.2006.51
  21. Manifavas C, Fysarakis K, Papanikolaou A, Papaefstathiou I. Embedded systems security: A survey of EU research efforts. Secur Commun Netw. 2014; 8(11):2016-36. https://doi.org/10.1002/sec.1151 DOI: https://doi.org/10.1002/sec.1151
  22. Abubakar A, Pranggono B. Machine learning based intrusion detection system for software defined networks. 2017 Seventh Internat Conf Emerg Secu Technol, UK: Canterbury; 2017. https://doi.org/10.1109/EST.2017.8090413 DOI: https://doi.org/10.1109/EST.2017.8090413
  23. Liu H, Lang B. Machine learning and deep learning methods for intrusion detection systems: A survey. Appl Sci. 2019; 9(20):4396. https://doi.org/10.3390/app9204396 DOI: https://doi.org/10.3390/app9204396
  24. Hong J, Nuqui RF, Kondabathini A, Ishchenko D, Martin A. Cyber attack resilient distance protection and circuit breaker control for digital substations. IEEE Trans Ind Informat. 2019; 15(7):4332-41. https://doi.org/10.1109/TII.2018.2884728 DOI: https://doi.org/10.1109/TII.2018.2884728
  25. Todeschini MG, Dondossola G, Terruggia R. Impact evaluation of IEC 62351 cybersecurity on IEC 61850 communications performance [Internet]; 2019. Available from: https://www.cired-repository.org/items/b238105f-1dc9-4db0-8098-629200f0164a