IDEAS home Printed from https://ideas.repec.org/a/eee/ijocip/v41y2023ics1874548223000148.html
   My bibliography  Save this article

A threat modeling language for generating attack graphs of substation automation systems

Author

Listed:
  • Rencelj Ling, Engla
  • Ekstedt, Mathias

Abstract

The substation automation system consists of many different complex assets and data flows. The system is also often externally connected to allow for remote management. The complexity and remote access to the substation automation system makes it vulnerable to cyber attacks. It also makes it difficult to assess the overall security of the system. One method of assessing the potential threats against a system is threat modeling. In this paper we create a language for producing threat models specifically for the substation automation systems. We focus on the method used to create the language where we review industry designs, build the language based on existing languages and consider attack scenarios from a literature study. Finally we present the language, model two different attack scenarios and generate attack graphs from the threat models.

Suggested Citation

  • Rencelj Ling, Engla & Ekstedt, Mathias, 2023. "A threat modeling language for generating attack graphs of substation automation systems," International Journal of Critical Infrastructure Protection, Elsevier, vol. 41(C).
  • Handle: RePEc:eee:ijocip:v:41:y:2023:i:c:s1874548223000148
    DOI: 10.1016/j.ijcip.2023.100601
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1874548223000148
    Download Restriction: Full text for ScienceDirect subscribers only

    File URL: https://libkey.io/10.1016/j.ijcip.2023.100601?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Giovanna Dondossola & Judit Szanto & Marcelo Masera & Igor Nai Fovino, 2008. "Effects of intentional threats to power substation control systems," International Journal of Critical Infrastructures, Inderscience Enterprises Ltd, vol. 4(1/2), pages 129-143.
    2. Halevi, Gali & Moed, Henk & Bar-Ilan, Judit, 2017. "Suitability of Google Scholar as a source of scientific information and as a source of data for scientific evaluation—Review of the Literature," Journal of Informetrics, Elsevier, vol. 11(3), pages 823-834.
    3. Lahza, Hassan & Radke, Kenneth & Foo, Ernest, 2018. "Applying domain-specific knowledge to construct features for detecting distributed denial-of-service attacks on the GOOSE and MMS protocols," International Journal of Critical Infrastructure Protection, Elsevier, vol. 20(C), pages 48-67.
    4. Moreira, Naiara & Molina, Elías & Lázaro, Jesús & Jacob, Eduardo & Astarloa, Armando, 2016. "Cyber-security in substation automation systems," Renewable and Sustainable Energy Reviews, Elsevier, vol. 54(C), pages 1552-1562.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Naseri, F. & Gil, S. & Barbu, C. & Cetkin, E. & Yarimca, G. & Jensen, A.C. & Larsen, P.G. & Gomes, C., 2023. "Digital twin of electric vehicle battery systems: Comprehensive review of the use cases, requirements, and platforms," Renewable and Sustainable Energy Reviews, Elsevier, vol. 179(C).
    2. Zoltán Lakner & Brigitta Plasek & Gyula Kasza & Anna Kiss & Sándor Soós & Ágoston Temesi, 2021. "Towards Understanding the Food Consumer Behavior–Food Safety–Sustainability Triangle: A Bibliometric Approach," Sustainability, MDPI, vol. 13(21), pages 1-23, November.
    3. Pantea Kamrani & Isabelle Dorsch & Wolfgang G. Stock, 2021. "Do researchers know what the h-index is? And how do they estimate its importance?," Scientometrics, Springer;Akadémiai Kiadó, vol. 126(7), pages 5489-5508, July.
    4. Perez-Vega, Rodrigo & Hopkinson, Paul & Singhal, Aishwarya & Mariani, Marcello M., 2022. "From CRM to social CRM: A bibliometric review and research agenda for consumer research," Journal of Business Research, Elsevier, vol. 151(C), pages 1-16.
    5. Ignacio Rodríguez-Rodríguez & José-Víctor Rodríguez & Niloofar Shirvanizadeh & Andrés Ortiz & Domingo-Javier Pardo-Quiles, 2021. "Applications of Artificial Intelligence, Machine Learning, Big Data and the Internet of Things to the COVID-19 Pandemic: A Scientometric Review Using Text Mining," IJERPH, MDPI, vol. 18(16), pages 1-29, August.
    6. Thelwall, Mike, 2018. "Dimensions: A competitor to Scopus and the Web of Science?," Journal of Informetrics, Elsevier, vol. 12(2), pages 430-435.
    7. Hussain, Shahbaz & Hernandez Fernandez, Javier & Al-Ali, Abdulla Khalid & Shikfa, Abdullatif, 2021. "Vulnerabilities and countermeasures in electrical substations," International Journal of Critical Infrastructure Protection, Elsevier, vol. 33(C).
    8. Deepani B. Guruge & Rajan Kadel & Sharly J. Halder, 2021. "The State of the Art in Methodologies of Course Recommender Systems—A Review of Recent Research," Data, MDPI, vol. 6(2), pages 1-30, February.
    9. Martín-Martín, Alberto & Orduna-Malea, Enrique & Thelwall, Mike & Delgado López-Cózar, Emilio, 2018. "Google Scholar, Web of Science, and Scopus: A systematic comparison of citations in 252 subject categories," Journal of Informetrics, Elsevier, vol. 12(4), pages 1160-1177.
    10. Mike Thelwall, 2018. "Early Mendeley readers correlate with later citation counts," Scientometrics, Springer;Akadémiai Kiadó, vol. 115(3), pages 1231-1240, June.
    11. Mike Thelwall, 2017. "Are Mendeley reader counts useful impact indicators in all fields?," Scientometrics, Springer;Akadémiai Kiadó, vol. 113(3), pages 1721-1731, December.
    12. Gali Halevi, 2020. "The scientific legacy of Judit Bar-Ilan," Scientometrics, Springer;Akadémiai Kiadó, vol. 123(3), pages 1201-1209, June.
    13. Thelwall, Mike, 2018. "Microsoft Academic automatic document searches: Accuracy for journal articles and suitability for citation analysis," Journal of Informetrics, Elsevier, vol. 12(1), pages 1-9.
    14. Anna Tietze & Philip Hofmann, 2019. "The h-index and multi-author hm-index for individual researchers in condensed matter physics," Scientometrics, Springer;Akadémiai Kiadó, vol. 119(1), pages 171-185, April.
    15. Salim Moussa, 2022. "The propagation of error: retracted articles in marketing and their citations," Italian Journal of Marketing, Springer, vol. 2022(1), pages 11-36, March.
    16. Wang, Guoyan & Hu, Guangyuan & Li, Chuanfeng & Tang, Li, 2018. "Long live the scientists: Tracking the scientific fame of great minds in physics," Journal of Informetrics, Elsevier, vol. 12(4), pages 1089-1098.
    17. Wajeeha Aslam & Syed Tehseen Jawaid, 2023. "Systematic Review of Green Banking Adoption: Following PRISMA Protocols," IIM Kozhikode Society & Management Review, , vol. 12(2), pages 213-233, July.
    18. Avick Kumar Dey & Pijush Kanti Dutta Pramanik & Prasenjit Choudhury & Goutam Bandopadhyay, 2021. "Distinctive author ranking using DEA indexing," Quality & Quantity: International Journal of Methodology, Springer, vol. 55(2), pages 601-620, April.
    19. Tessmann, R. & Elbert, R., 2022. "Multi sided platforms in competitive B2B networks with varying governmental influence – a taxonomy of Port and Cargo Community System business models," Publications of Darmstadt Technical University, Institute for Business Studies (BWL) 132320, Darmstadt Technical University, Department of Business Administration, Economics and Law, Institute for Business Studies (BWL).
    20. Gennifer Meldrum & Stefano Padulosi & Gaia Lochetti & Rose Robitaille & Stefano Diulgheroff, 2018. "Issues and Prospects for the Sustainable Use and Conservation of Cultivated Vegetable Diversity for More Nutrition-Sensitive Agriculture," Agriculture, MDPI, vol. 8(7), pages 1-21, July.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijocip:v:41:y:2023:i:c:s1874548223000148. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-critical-infrastructure-protection .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.