The digitization of smart grid distributed generation and industrial control systems has prompted utilities to deploy tools with ubiquitous communications that potentially widen the attack surface. The utilities still continue to rely on the traditional cybersecurity technologies, such as firewalls, anti-malware tools, and passwords that do not ensure security across all dimensions of the information assurance model required for a strong cybersecurity business process. This paper proposes a multidimensional holistic framework that addresses this gap through advanced technologies, intelligent algorithms, and continued assessments. To show proof, the layered defense model, a solution dimension of the framework, is integrated into the National Renewable Energy Laboratory's Security and Resilience Testbed to replicate a utility's enterprise and substation networks. The model is used to evaluate the security and resilience of microgrid control systems, and, based on the insights gathered, recommend best practices for utility cybersecurity analysts for a strong business process. With this baseline, the paper conceptually introduces intelligence-driven solutions comprising contextual data analysis and machine learning to respond to advanced persistent threats sponsored by campaign efforts.

中文翻译：

---

分布式能源和控制系统安全的多维整体框架

智能电网分布式发电和工业控制系统的数字化促使公用事业公司部署具有普遍通信的工具，从而有可能扩大攻击面。这些实用程序仍然继续依赖传统的网络安全技术，例如防火墙，反恶意软件工具和密码，这些技术不能确保强大的网络安全业务流程所需的信息保证模型的所有维度的安全性。本文提出了一个多维整体框架，该框架通过先进技术，智能算法和持续评估来弥补这一差距。为了证明这一点，分层防御模型（该框架的解决方案维度）已集成到国家可再生能源实验室的安全性和弹性测试平台中，以复制公用事业公司的产品。的企业和变电站网络。该模型用于评估微电网控制系统的安全性和弹性，并基于收集到的见解为公用事业网络安全分析人员推荐最佳实践，以建立强大的业务流程。在此基线的基础上，本文从概念上介绍了由情报驱动的解决方案，包括上下文数据分析和机器学习，以应对由竞选活动发起的高级持续威胁。