Security Challenges in Energy Flexibility Markets: A Threat Modelling-Based Cyber-Security Analysis
<p>Reference architecture model for a flexibility market.</p> "> Figure 2
<p>Component description of the technical architecture.</p> "> Figure 3
<p>Overview of coreLang [<a href="#B37-electronics-13-04522" class="html-bibr">37</a>].</p> "> Figure 4
<p>Model view for FAO.</p> "> Figure 5
<p>Attack path for full access on an SM application.</p> "> Figure 6
<p>Attack path for accessing Core Zone LAN in Aggregator.</p> "> Figure 7
<p>Attack path for DoS on SCADA Core Zone LAN.</p> "> Figure 8
<p>Alternate attack path for DoS attack on SCADA Core Zone LAN.</p> "> Figure 9
<p>Attack path for denying an RTU in a substation.</p> "> Figure 10
<p>Attack path for gaining full access on an SM application.</p> "> Figure 11
<p>Attack path for DoS on SCADA Core LAN using social engineering.</p> "> Figure 12
<p>Attack path for hardware supply chain attack on SM.</p> "> Figure 13
<p>Attack Path for Man in the Middle on an SM.</p> "> Figure 14
<p>Supply chain attack on SCADA Core Zone.</p> "> Figure 15
<p>Attack path for denying RTU in substations.</p> ">
Abstract
:1. Introduction
1.1. Related Work
1.2. Contributions
1.3. Structure
2. Reference Architecture Model for a Flexibility Market
2.1. Small Flexibility Asset Owner (FAO)
2.2. DSO SCADA Core Zone
2.3. DSO Engineering Zone
2.4. DSO Public DMZ and Office Zone
2.5. DSO Process Zone
2.6. DSO SCADA DMZ Zone
2.7. Aggregator Core Zone
3. Method
4. Cyber-Security Assessment
4.1. Model Building
4.2. Analysis
- A default and less secure configuration where defences are disabled.
- A more secure configuration where relevant asset defences are switched on.
4.3. Attack Scenarios and Scope
5. Results
5.1. Attacker at the SM in FAOs
- Scenario 1: Full Access on SM Application
- Scenario 2: Man in the Middle on Core Zone LAN in Aggregator
- Scenario 3: Denial of Service (DoS) on SCADA Core Zone LAN
- Scenario 4: Deny RTUs in substations
5.2. Attacker on the Internet
- Scenario 5: Full Access on SM Application
- Scenario 6: Man in the Middle on Core Zone LAN in Aggregator
- Scenario 7: DoS on SCADA Core Zone LAN
- Scenario 8: Deny RTU in substations
5.3. Attacker at the Vendor
- Scenario 9: Full Access on SM Application
- Scenario 10: Man in the Middle on Core Zone LAN in Aggregator
- Scenario 11: DoS on SCADA Core Zone LAN
- Scenario 12: Deny RTU in substations
6. Discussion
7. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Acknowledgments
Conflicts of Interest
References
- European Commission. Proposal for a Directive of the European Parliament and the Council on Common Rules for the Internal Market in Electricity. Available online: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A52016PC0864 (accessed on 10 October 2024).
- Müller, N.; Heussen, K.; Afzal, Z.; Ekstedt, M.; Eliasson, P. Threat Scenarios and Monitoring Requirements for Cyber-Physical Systems of Flexibility Markets. In Proceedings of the 2022 IEEE PES GTD Latin America, La Paz, Bolivia, 20–22 October 2022. [Google Scholar]
- Spiliotis, K.; Gutierrez, A.I.R.; Belmans, R. Demand flexibility versus physical network expansions in distribution grids. Appl. Energy 2016, 182, 613–624. [Google Scholar] [CrossRef]
- Jin, X.; Wu, Q.; Jia, H. Local flexibility markets: Literature review on concepts, models and clearing methods. Appl. Energy 2020, 261, 114387. [Google Scholar] [CrossRef]
- Villar, J.; Bessa, R.; Matos, M. Flexibility products and markets: Literature review. Electr. Power Syst. Res. 2018, 154, 329–340. [Google Scholar] [CrossRef]
- Ziras, C.; Heinrich, C.; Bindner, H.W. Why baselines are not suited for local flexibility markets. Renew. Sustain. Energy Rev. 2021, 135, 110357. [Google Scholar] [CrossRef]
- Marinos, L. Smart Grid threat landscape and good practice guide. In White Paper, European Network and Information Security Agency (ENISA); ENISA: Attiki, Greece, 2013. [Google Scholar]
- Wang, W.; Lu, Z. Cyber security in the smart grid: Survey and challenges. Comput. Netw. 2013, 57, 1344–1371. [Google Scholar] [CrossRef]
- Tatipatri, N.; Arun, S. A Comprehensive Review on Cyber-attacks in Power Systems: Impact Analysis, Detection and Cyber security. IEEE Access 2024, 12, 18147–18167. [Google Scholar] [CrossRef]
- Hansen, A.; Staggs, J.; Shenoi, S. Security analysis of an advanced metering infrastructure. Int. J. Crit. Infrastruct. Prot. 2017, 18, 3–19. [Google Scholar] [CrossRef]
- Costache, M.; Tudor, V. Security Aspects in the Advanced Metering Infrastructure. Master’s Thesis, Department of Civil and Environment, Chalmers University of Technology, Gothenburg, Sweden, 2011. [Google Scholar]
- Costache, M.; Tudor, V.; Almgren, M.; Papatriantafilou, M.; Saunders, C. Remote Control of Smart Meters: Friend or Foe? In Proceedings of the Seventh European Conference on Computer Network Defense, EC2ND 2011, Gothenburg, Sweden, 6–7 September 2011; pp. 49–56. [Google Scholar]
- Sperstad, I.B.; Degefa, M.Z.; Kjølle, G. The impact of flexible resources in distribution systems on the security of electricity supply: A literature review. Electr. Power Syst. Res. 2020, 188, 106532. [Google Scholar] [CrossRef]
- Alizadeh, M.; Moghaddam, M.P.; Amjady, N.; Siano, P.; Sheikh-El-Eslami, M. Flexibility in future power systems with high renewable penetration: A review. Renew. Sustain. Energy Rev. 2016, 57, 1186–1193. [Google Scholar] [CrossRef]
- Liu, D.; Sun, Y.; Qu, Y.; Li, B.; Xu, Y. Analysis and accurate prediction of user’s response behavior in incentive-based demand response. IEEE Access 2018, 7, 3170–3180. [Google Scholar] [CrossRef]
- Kwag, H.G.; Kim, J.O. Reliability modeling of demand response considering uncertainty of customer behavior. Appl. Energy 2014, 122, 24–33. [Google Scholar] [CrossRef]
- Ghose, T.; Pandey, H.W.; Gadham, K.R. Risk assessment of microgrid aggregators considering demand response and uncertain renewable energy sources. J. Mod. Power Syst. Clean Energy 2019, 7, 1619–1631. [Google Scholar] [CrossRef]
- Vernotte, A.; Välja, M.; Korman, M.; Björkman, G.; Ekstedt, M.; Lagerström, R. Load balancing of renewable energy: A cyber security analysis. Energy Inform. 2018, 1, 5. [Google Scholar] [CrossRef]
- Andrade, R.; Praça, I.; Wannous, S.; Ramos, S. The Impact of Attacks in LEM and Prevention Measures Based on Forecasting and Trust Models. Processes 2021, 9, 314. [Google Scholar] [CrossRef]
- Cali, U.; Dynge, M.F.; Ferdous, M.S.; Halden, U. Improved Resilience of Local Energy Markets using Blockchain Technology and Self-Sovereign Identity. In Proceedings of the 2022 IEEE 1st Global Emerging Technology Blockchain Forum: Blockchain & Beyond (iGETblockchain), Irvine, CA, USA, 7–11 November 2022; pp. 1–5. [Google Scholar]
- Dedrick, J.; Perrin, K.A.; Sabaghian, E.; Wilcoxen, P.J. Assessing cyber attacks on local electricity markets using simulation analysis: Impacts and possible mitigations. Sustain. Energy Grids Netw. 2023, 34, 100993. [Google Scholar] [CrossRef]
- HONOR. An ERA-Net Research Project. Available online: https://www.eranet-smartenergysystems.eu/Projects (accessed on 10 October 2024).
- Afzal, Z. Flexibility Market Threat Modeling Repository (flexibility-market-tm). Available online: https://github.com/zeesafza/flexibility-market-tm (accessed on 10 October 2024).
- Müller, N.; Heussen, K.; Afzal, Z.; Ekstedt, M.; Eliasson, P. D6.1 Conceptual Model of Data Streams, Detection and Verification Requirements. Available online: https://github.com/zeesafza/flexibility-market-tm/blob/main/210329_NM_D6-1_conceptual_model_of_data_streams_and_monitoring_requirements.pdf (accessed on 10 October 2024).
- Sommestad, T.; Ekstedt, M.; Johnson, P. Cyber Security Risks Assessment with Bayesian Defense Graphs and Architectural Models. In Proceedings of the 42st Hawaii International International Conference on Systems Science, Big Island, HI, USA, 5–8 January 2009; pp. 1–10. [Google Scholar]
- Phillips, C.A.; Swiler, L.P. A Graph-based System for Network-vulnerability Analysis. In Proceedings of the 1998 Workshop on New Security Paradigms, Charlottsville, VA, USA, 22–25 September 1998; pp. 71–79. [Google Scholar]
- Schneier, B. Attack trees. Dr. Dobb’s J. 1999, 24, 21–29. [Google Scholar]
- Mauw, S.; Oostdijk, M. Foundations of Attack Trees. In Proceedings of the Information Security and Cryptology (ICISC), 8th International Conference, Seoul, Korea, 1–2 December 2005; Lecture Notes in Computer Science. Springer: Berlin/Heidelberg, Germany, 2005; Volume 3935, pp. 186–198. [Google Scholar]
- Kordy, B.; Mauw, S.; Radomirovic, S.; Schweitzer, P. Foundations of Attack-Defense Trees. In Proceedings of the Formal Aspects of Security and Trust—7th International Workshop, FAST, Pisa, Italy, 16–17 September 2010; Volume 6561, pp. 80–95. [Google Scholar]
- Kordy, B.; Piètre-Cambacédès, L.; Schweitzer, P. DAG-based attack and defense modeling: Don’t miss the forest for the attack trees. Comput. Sci. Rev. 2014, 13, 1–38. [Google Scholar] [CrossRef]
- Dantu, R.; Loper, K.; Kolan, P. Risk management using behavior based attack graphs. In Proceedings of the International Conference on Information Technology: Coding and Computing, Las Vegas, NE, USA, 5–7 April 2004; Volume 1, pp. 445–449. [Google Scholar]
- Doynikova, E.; Kotenko, I.V. Enhancement of probabilistic attack graphs for accurate cyber security monitoring. In Proceedings of the IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation, San Francisco, CA, USA, 4–8 August 2017; pp. 1–6. [Google Scholar]
- Liu, Y.; Man, H. Network vulnerability assessment using Bayesian networks. Proc. SPIE 2005, 5812, 61–71. [Google Scholar]
- Yimin, C.; Junmei, L.; Wei, Z.; Cheng, L. Research on Network Security Quantitative Model Based on Probabilistic Attack Graph. ITM Web Conf. 2019, 24, 2003. [Google Scholar]
- Johnson, P.; Lagerström, R.; Ekstedt, M. A Meta Language for Threat Modeling and Attack Simulations. In Proceedings of the 13th International Conference on Availability, Reliability and Security, New York, NY, USA, 27–30 August 2018. [Google Scholar]
- Katsikeas, S.; Hacks, S.; Johnson, P.; Ekstedt, M.; Lagerström, R.; Jacobsson, J.; Wällstedt, M.; Eliasson, P. An Attack Simulation Language for the IT Domain. In Proceedings of the Graphical Models for Security—7th International Workshop, GraMSec 2020, Boston, MA, USA, 22 June 2020; Lecture Notes in Computer Science. Springer: Berlin/Heidelberg, Germany, 2020; Volume 12419, pp. 67–86. [Google Scholar]
- Katsikeas, S.; Buhaiu, A.; Ekstedt, M.; Afzal, Z.; Hacks, S.; Mukherjee, P. Development and validation of coreLang: A threat modeling language for the ICT domain. Comput. Secur. 2024, 146, 104057. [Google Scholar] [CrossRef]
- Vu, A.H.; Tippenhauer, N.O.; Chen, B.; Nicol, D.M.; Kalbarczyk, Z. CyberSAGE: A Tool for Automatic Security Assessment of Cyber-Physical Systems. In Proceedings of the Quantitative Evaluation of Systems—11th International Conference, QEST 2014, Florence, Italy, 8–10 September 2014; Lecture Notes in Computer Science. Springer: Berlin/Heidelberg, Germany, 2014; Volume 8657, pp. 384–387. [Google Scholar]
- Security, S. Risk Analytics for Cyber Security. Available online: https://www.skyboxsecurity.com/ (accessed on 10 October 2024).
- Ekstedt, M.; Johnson, P.; Lagerström, R.; Gorton, D.; Nydren, J.; Shahzad, K. Securi CAD by Foreseeti: A CAD Tool for Enterprise Cyber Security Management. In Proceedings of the 19th IEEE International Enterprise Distributed Object Computing Workshop, Adelaide, Australia, 21–25 September 2015; pp. 152–155. [Google Scholar]
- Sommestad, T.; Ekstedt, M.; Holm, H. The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures. IEEE Syst. J. 2013, 7, 363–373. [Google Scholar] [CrossRef]
- Holm, H. A Large-Scale Study of the Time Required to Compromise a Computer System. IEEE Trans. Dependable Secur. Comput. 2014, 11, 2–15. [Google Scholar] [CrossRef]
- Jonsson, E.; Olovsson, T. A Quantitative Model of the Security Intrusion Process Based on Attacker Behavior. IEEE Trans. Softw. Eng. 1997, 23, 235–245. [Google Scholar] [CrossRef]
- Zetter, K. Inside the Cunning, Unprecedented Hack of Ukraine’s Power Grid. Available online: https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/ (accessed on 10 October 2024).
- Peisert, S.; Schneier, B.; Okhravi, H.; Massacci, F.; Benzel, T.; Landwehr, C.; Mannan, M.; Mirkovic, J.; Prakash, A.; Michael, J.B. Perspectives on the SolarWinds Incident. IEEE Secur. Priv. 2021, 19, 7–13. [Google Scholar] [CrossRef]
- Bouramdane, A.A. Cyberattacks in smart grids: Challenges and solving the multi-criteria decision-making for cybersecurity options, including ones that incorporate artificial intelligence, using an analytical hierarchy process. J. Cybersecur. Priv. 2023, 3, 662–705. [Google Scholar] [CrossRef]
- Rind, Y.M.; Raza, M.H.; Zubair, M.; Mehmood, M.Q.; Massoud, Y. Smart energy meters for smart grids, an internet of things perspective. Energies 2023, 16, 1974. [Google Scholar] [CrossRef]
Scenario | Attacker Start | Target |
---|---|---|
1 | At the SM in FAOs | SM application |
2 | At the SM in FAOs | Core zone LAN in aggregator |
3 | At the SM in FAOs | SCADA core zone LAN |
4 | At the SM in FAOs | RTUs in substations |
5 | On the Internet | SM application |
6 | On the Internet | Core zone LAN in aggregator |
7 | On the Internet | SCADA core Zone LAN |
8 | On the Internet | RTUs in substations |
9 | At the vendor | SM application |
10 | At the vendor | Core zone LAN in aggregator |
11 | At the vendor | SCADA Core zone LAN |
12 | At the vendor | RTUs in substations |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Afzal, Z.; Ekstedt, M.; Müller, N.; Mukherjee, P. Security Challenges in Energy Flexibility Markets: A Threat Modelling-Based Cyber-Security Analysis. Electronics 2024, 13, 4522. https://doi.org/10.3390/electronics13224522
Afzal Z, Ekstedt M, Müller N, Mukherjee P. Security Challenges in Energy Flexibility Markets: A Threat Modelling-Based Cyber-Security Analysis. Electronics. 2024; 13(22):4522. https://doi.org/10.3390/electronics13224522
Chicago/Turabian StyleAfzal, Zeeshan, Mathias Ekstedt, Nils Müller, and Preetam Mukherjee. 2024. "Security Challenges in Energy Flexibility Markets: A Threat Modelling-Based Cyber-Security Analysis" Electronics 13, no. 22: 4522. https://doi.org/10.3390/electronics13224522
APA StyleAfzal, Z., Ekstedt, M., Müller, N., & Mukherjee, P. (2024). Security Challenges in Energy Flexibility Markets: A Threat Modelling-Based Cyber-Security Analysis. Electronics, 13(22), 4522. https://doi.org/10.3390/electronics13224522