SecuriDN: A Modeling Tool Supporting the Early Detection of Cyberattacks to Smart Energy Systems-Reference-Cited by-同舟云学术

SecuriDN: A Modeling Tool Supporting the Early Detection of Cyberattacks to Smart Energy Systems

Published:2024-08-06 Issue:16 Volume:17 Page:3882
ISSN:1996-1073
Container-title:Energies
language:en
Short-container-title:Energies

Author:

Cerotti Davide¹²^ORCID,Codetta Raiteri Daniele¹²^ORCID,Dondossola Giovanna³^ORCID,Egidi Lavinia¹^ORCID,Franceschinis Giuliana¹²^ORCID,Portinale Luigi¹²^ORCID,Savarro Davide⁴^ORCID,Terruggia Roberta³^ORCID

Affiliation:

1. Computer Science Institute, DiSIT, Università del Piemonte Orientale (UPO), 15121 Alessandria, Italy

2. Consorzio Nazionale Interuniversitario per le Telecomunicazioni (CNIT), 43124 Parma, Italy

3. Transmission and Distribution Technologies Department, Ricerca sul Sistema Energetico (RSE S.p.A.), 20134 Milano, Italy

4. Computer Science Department, Università di Torino, 10149 Torino, Italy

Abstract

SecuriDN v. 0.1 is a tool for the representation of the assets composing the IT and the OT subsystems of Distributed Energy Resources (DERs) control networks and the possible cyberattacks that can threaten them. It is part of a platform that allows the evaluation of the security risks of DER control systems. SecuriDN is a multi-formalism tool, meaning that it manages several types of models: architecture graph, attack graphs and Dynamic Bayesian Networks (DBNs). In particular, each asset in the architecture is characterized by an attack graph showing the combinations of attack techniques that may affect the asset. By merging the attack graphs according to the asset associations in the architecture, a DBN is generated. Then, the evidence-based and time-driven probabilistic analysis of the DBN permits the quantification of the system security level. Indeed, the DBN probabilistic graphical model can be analyzed through inference algorithms, suitable for forward and backward assessment of the system’s belief state. In this paper, the features and the main goals of SecuriDN are described and illustrated through a simplified but realistic case study.

Publisher

MDPI AG

Link

https://www.mdpi.com/1996-1073/17/16/3882/pdf

Reference59 articles.

1. (2024, July 31). CEI0-16. Norma CEI 0-16:2022-03, Regola Tecnica di Riferimento per la Connessione di Utenti Attivi e Passivi alle reti AT e MT delle Imprese Distributrici di Energia Elettrica. CEI, Milano, Italy. Available online: https://static.ceinorme.it/strumenti-online/doc/18308.pdf.

2. (2024, July 31). CEI0-21. Variante V1 della Norma CEI 0-21:2022-03, Regola Tecnica di Riferimento per la Connessione di Utenti Attivi e Passivi alle reti BT delle Imprese Distributrici di Energia Elettrica CEI, Milano, Italy. Available online: https://static.ceinorme.it/strumenti-online/doc/18066.pdf.

3. (2024, July 31). ISA/IEC 62443. Standard IEC 62443-4-2:2019, Security for Industrial Automation and Control Systems-Part 4-2: Technical Security Requirements for IACS Components IEC, Geneva, Switzerland, 2019. Available online: https://webstore.iec.ch/en/publication/34421.

4. Cerotti, D., Codetta, D., Dondossola, G., Egidi, L., Franceschinis, G., Portinale, L., Savarro, D., and Terruggia, R. (2024, January 9–11). SecuriDN: A Customizable GUI Generating Cybersecurity Models for DER Control Architectures. Proceedings of the Italian Conference on Cybersecurity, ITASEC 2024, Salerno, Italy. Available online: http://ceur-ws.org/Vol-3731/.

5. The meta attack language—A formal description;Hacks;Comput. Secur.,2023