Threat modelling for digitalized power systems

back to project index

Project abstract

Today's power systems are highly dependent on an underlying ICT-system infrastructure, and increasingly so in an even more digitalized future. This dependency also implies that the power systems are highly vulnerable to cyber attacks. Due to the increasing size and complexity of the ICT infrastructure it is very difficult, and practically impossible, to manually map and understand the large attack exposure surface and the corresponding potential attack vectors that could be exploited by malicious adversaries. At the same time a clear picture of the threats and the resilience of the ICT infrastructure is a fundamental for devising an effective defense.

A growing discipline within the field of cyber security research is the subject of threat modeling and simulations. These methods stem from the larger field of risk analysis using graph-based simulation approaches, often probabilistic in nature. Such methods estimate how difficult it is to penetrate larger system architectures and provide insight how trust can be assigned to different system components and how trust boundaries can be designed. With threat modeling it is thus possible to maintain a holistic understanding of the cyber security posture of ICT infrastructures as well as how effective different protection mechanisms are at defending attacks in various places in the infrastructure.

In previous research we have developed several frameworks and prototypes for conducting threat modeling and analysis. That work is however still largely generic in nature and do not cover much of the specific security properties of industrial control system components (such as PLCs, IEDs, RTUs as well as future IoT-based components) and communication standards. This project aims at developing a refined threat modeling framework taking such industrial control system specific properties into account. This will in the end provide security engineers in the utility sector with a prototype that provides security estimates particularly tailored for the utility sector.

In short, the project will contain the following main phases:
1) Devise a refined domain specific modeling framework
2) In the domain specific modeling framework devise an industrial control system specific threat modeling language
3) Collect evidence and statistics for attack simulations (through experiments, penetration tests, vulnerability databases, historical data, etc., using e.g. probabilistic modeling and machine learning)
4) Validate and test the predictions made by the threat modeling framework by applying it on real systems (in a lab or otherwise).

Summary of work

2019. Began to research substations and cyberattacks on them. Also researched threat modelling and threat modelling languages, specifically Meta Attack Language (MAL).

2020. Developed SCL-Lang, a threat modelling language of the Substation Configuration description Language (SCL) in IEC 61850. Had two master thesis students working on topics connected to the PhD project.

Event log

2020. Presented at SWITS Virtual Conference

2020. Presented at CRITIS Virtual Conference

2020. Presented at Ellevios technology and development day, Stockholm

2020. Visit to ABB Grid Automation, Västerås

Project reference-group

Mathias Ekstedt,  KTH
Vincent Gliniewicz,  Vattenfall
Jonas Hallberg,  FOI
Anders Johnsson,  Vattenfall
Johan Lundberg,  Hitachi ABB Power Grids
Lars Nordström,  KTH
Ola Rådh,  Ellevio
Johan Sälj,  Hitachi ABB Power Grids
Omar Velasco,  Hitachi ABB Power Grids

MSc etc theses connected to the project

2020. Akzharkyn Duisembiyeva, Automated security analysis in a SCADA system.

2020. Luyi Sun, SCLEX-Lang: Threat Modeling Language for Substation Automation Systems.

Publications by this researcher

See alternatively the researcher's full DiVA list of publications, with options for sorting.
Publications in journals and conferences usually will not show until a while after they are published.

A threat modeling language for generating attack graphs of substation automation systems
Engla Ling,   Mathias Ekstedt.
2023,   International Journal of Critical Infrastructure Protection

Estimating Time-To-Compromise for Industrial Control System Attack Techniques Through Vulnerability Data
Engla Rencelj Ling,   Mathias Ekstedt.
2023,   SN Computer Science, vol. 4(3)

Estimating the Time-To-Compromise of Exploiting Industrial Control System Vulnerabilities
Engla Rencelj Ling,   Mathias Ekstedt.
2022,   8th International Conference on Information Systems Security and Privacy - ICISSP

Towards a Systematic Method for Developing Meta Attack Language Instances
Simon Hacks,   Sotirios Katsikeas,   Engla Rencelj Ling,   Wenjun Xiong,   Jerome Pfeiffer,   Andreas Wortmann.
2022,   34th International Conference on Advanced Information Systems Engineering CAiSE 2022

Securing Communication and Identifying Threats in RTUs : A Vulnerability Analysis
Engla Rencelj Ling,   Jose Eduardo Urrea Cabus,   Ismail Butun,   Robert Lagerström,   Johannes Olegård.
2022,   the 17th International Conference on Availability, Reliability and Security, August 23 to August 26, 2022. Austria

Generating Threat Models and Attack Graphs based on the IEC 61850 System Configuration description Language
Engla Rencelj Ling,   Mathias Ekstedt.
2021,   2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems

A Systematic Literature Review of Information Sources for Threat Modeling in the Power Systems Domain
Engla Ling,   Robert Lagerström,   Mathias Ekstedt.
2020,   Critical Information Infrastructures Security, CRITIS. 15th International Conference, CRITIS 2020, Bristol, UK, September 2–3, 2020, Proceedings

powerLang : a probabilistic attack simulation language for the power domain
Simon Hacks,   Sotirios Katsikeas,   Engla Ling,   Robert Lagerström,   Mathias Ekstedt.
2020,   Energy Informatics, vol. 3(1)

Conceptual Abstraction of Attack Graphs : a Use Case of securiCAD
Xinyue Mao,   Mathias Ekstedt,   Engla Ling,   Erik Ringdahl,   Robert Lagerström.
2019,   International Workshop on Graphical Models for Security (GraMSec). Graphical Models for Security 6th International Workshop, GraMSec 2019, Hoboken, NJ, USA, June 24, 2019

Publication list last updated from DiVA on 2024-01-10 15:21.

Page started: 2019-01-14
Last generated: 2024-01-10