Kuroptev, Kirill ; Steinke, Florian (2023)
Coordinated cyber attacks on smart grids considering software supply chains.
2023 IEEE PES Innovative Smart Grid Technologies Europe. Grenoble, France (23.10.2023 - 26.10.2023)
doi: 10.1109/ISGTEUROPE56780.2023.10407630
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
The increasing number of IoT devices in power systems introduces the threat of load altering attacks on power grids using high wattage appliances. Sophisticated adversaries can launch such coordinated attacks by exploiting weaknesses in the IT system used to monitor and control the devices as well as the supply chains of the involved software systems. This paper proposes an ontology-based directed attack graph to model the possible attack paths targeting the devices. Based on this model, we determine the optimal attack strategies of an adversary, assuming that the attacker has complete knowledge of the system and its defenses. We evaluate the resulting attack strategies and quantify the influence of different defense strategies in a case study. The simulation results suggest the high efficiency of the Zero Trust security paradigm, which aims to minimize attack transition probabilities. In our study, this measure can decrease the potential influence of an adversary by 90% in terms of the expected manipulable load, especially for high numbers of targeted devices.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2023 |
| Autor(en): | Kuroptev, Kirill ; Steinke, Florian |
| Art des Eintrags: | Bibliographie |
| Titel: | Coordinated cyber attacks on smart grids considering software supply chains |
| Sprache: | Englisch |
| Publikationsjahr: | 27 Oktober 2023 |
| Verlag: | IEEE |
| Buchtitel: | Proceedings of 2023 IEEE PES Innovative Smart Grid Technologies Europe (ISGT-Europe) |
| Veranstaltungstitel: | 2023 IEEE PES Innovative Smart Grid Technologies Europe |
| Veranstaltungsort: | Grenoble, France |
| Veranstaltungsdatum: | 23.10.2023 - 26.10.2023 |
| DOI: | 10.1109/ISGTEUROPE56780.2023.10407630 |
| Kurzbeschreibung (Abstract): | The increasing number of IoT devices in power systems introduces the threat of load altering attacks on power grids using high wattage appliances. Sophisticated adversaries can launch such coordinated attacks by exploiting weaknesses in the IT system used to monitor and control the devices as well as the supply chains of the involved software systems. This paper proposes an ontology-based directed attack graph to model the possible attack paths targeting the devices. Based on this model, we determine the optimal attack strategies of an adversary, assuming that the attacker has complete knowledge of the system and its defenses. We evaluate the resulting attack strategies and quantify the influence of different defense strategies in a case study. The simulation results suggest the high efficiency of the Zero Trust security paradigm, which aims to minimize attack transition probabilities. In our study, this measure can decrease the potential influence of an adversary by 90% in terms of the expected manipulable load, especially for high numbers of targeted devices. |
| Fachbereich(e)/-gebiet(e): | 18 Fachbereich Elektrotechnik und Informationstechnik 18 Fachbereich Elektrotechnik und Informationstechnik > Institut für Datentechnik > Energieinformationsnetze und Systeme (EINS) 18 Fachbereich Elektrotechnik und Informationstechnik > Institut für Datentechnik Profilbereiche Profilbereiche > Energiesysteme der Zukunft Forschungsfelder Forschungsfelder > Energy and Environment Forschungsfelder > Energy and Environment > Integrated Energy Systems |
| Hinterlegungsdatum: | 22 Jul 2024 08:41 |
| Letzte Änderung: | 22 Jul 2024 08:41 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum