Cardiff University | Prifysgol Caerdydd ORCA
Online Research @ Cardiff 
WelshClear Cookie - decide language by browser settings

Advancing resilience of cyber-physical smart grid: An integrated co-simulation approach incorporating indicators of compromise

Asiri, Mohammed, Saxena, Neetesh ORCID: https://orcid.org/0000-0002-6437-0807 and Burnap, Peter ORCID: https://orcid.org/0000-0003-0396-633X 2023. Advancing resilience of cyber-physical smart grid: An integrated co-simulation approach incorporating indicators of compromise. Presented at: International Workshop on Re-design Industrial Control Systems with Security (RICSS) in conjunction with IEEE EuroS&P, Delft, Netherlands, 3-7 July 2023. 2023 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). IEEE, pp. 370-378. 10.1109/eurospw59978.2023.00047

[thumbnail of Advancing_Resilience_of_Cyber_Physical_Smart_Grid_Final_version_.pdf]
Preview
PDF - Accepted Post-Print Version
Download (7MB) | Preview

Abstract

Modelling and simulation techniques offer cost-effective solutions for developing frameworks and modules that address the intertwined cyber-physical security challenges in the Smart Grid (SG) domain. While some existing co-simulation approaches consider both communication networks and power systems, they often overlook the importance of incorporating Indicators of Compromise (IOCs) in their analysis, which are crucial for detecting and mitigating cyber threats.In response to this gap, we introduce ARCSG, a co-simulation approach to study and enhance the resilience of complex cyber-physical power systems against cyber threats, with a particular focus on incorporating IOCs. Our design employs the Common Open Research Emulator (CORE) to emulate the cyber network and uses PowerWorld to model the power system processes. We incorporate control system components such as OpenPLC and ScadaBR. The co-simulation supports various protocols for monitoring and controlling the grid, such as Modbus, DNP3, ICCP, and PCCC. We demonstrate the effectiveness of our design by validating it through a false command attack on a PowerWorld case. Our approach aims to bolster the detection and mitigation of cyber threats by facilitating an advanced post-incident analysis. Such analysis empowers operators to rapidly identify the severity of a security violation, understand the strategies the adversary employed to initially breach security defences, and evaluate the comprehensive impact of the incident.

Item Type: Conference or Workshop Item (Paper)
Status: Published
Schools: Computer Science & Informatics
Publisher: IEEE
ISBN: 979-8-3503-2720-5
Date of First Compliant Deposit: 12 August 2024
Date of Acceptance: 20 May 2023
Last Modified: 14 Sep 2024 20:49
URI: https://orca.cardiff.ac.uk/id/eprint/159786

Actions (repository staff only)

Edit Item Edit Item

Downloads

Downloads per month over past year

View more statistics