International Journal of Critical Infrastructure Protection ( IF 3.6 ) Pub Date : 2021-01-28 , DOI: 10.1016/j.ijcip.2020.100406 Shahbaz Hussain , Javier Hernandez Fernandez , Abdulla Khalid Al-Ali , Abdullatif Shikfa
The impending and continued threat of cyberattacks on modern utility grids has called for action from the different stakeholders of the electricity sector. This calls for a thorough investigation and review of the weaknesses present in the distribution substations – the backbone of the grid – that can attract attackers to achieve their malicious objectives. The present survey deals with this issue and identifies both the common and specific vulnerabilities present in substations that can be exploited by potential attackers. This work approaches the topic, for the first time, from an attacker's perspective, in order to categorize the possible attack vectors that could be used to first access the substation network, and then disrupt the substation operations under the purview of IEC standards. The reported literature in the field was critically analyzed from an attacker's perspective to highlight the potential threats that can become a liability in cyberattacks on substations. Countermeasures pertaining to these cyberattacks are then detailed and the main elements required for a comprehensive electrical substation cybersecurity solution are finally outlined.
中文翻译:
变电站中的漏洞和对策
网络攻击对现代公用电网的迫在眉睫和持续的威胁要求电力部门的不同利益相关者采取行动。这就要求对配电变电站(电网的骨干网)中存在的弱点进行彻底的调查和审查,这些弱点可以吸引攻击者实现其恶意目标。本次调查处理了此问题,并确定了变电站中存在的常见漏洞和特定漏洞,这些漏洞可被潜在的攻击者利用。这项工作首次从攻击者的角度探讨了该主题,以便对可用于首先访问变电站网络,然后在IEC标准权限范围内破坏变电站运行的可能的攻击媒介进行分类。从攻击者的角度对这一领域的报道文献进行了严格的分析,以突显可能成为变电站网络攻击责任的潜在威胁。然后详细介绍了与这些网络攻击有关的对策,并最终概述了综合变电站网络安全解决方案所需的主要要素。