June 17, 2022
Conference Paper

Cyber Attack Sequences Generation for Electric Power Grid


Security assessment of cyber-physical energy systems (CPESs) such as the electric power grid is a critical operation to maintain availability, reliability, and quality of service in the presence of persistent threats from malicious cyber actors. Existing security assessment approaches such as penetration testing and red teaming rely on subject matter expert experience and forensic cyber analysis of historical events to perform realistic, threat-informed assessments of CPES defense. CPESs have a large attack surface because of the heterogeneity and complexity of underlying topology, devices, measurements, and vulnerabilities. The aforementioned approaches lead to partial coverage of the attack surface with a large set of unknown but possible exploits. There is a need to automate the CPES attack surface discovery and contextualize it for relevant, highly probable, real-world attack scenarios. We propose a methodology and framework to facilitate the discovery of the CPES attack surface. We present a multilayer attack graph with ranked attack sequences to describe CPES failure scenarios. We present a work-in-progress framework that lists key components to automate the attack modeling and sequence generation. We demonstrate the published National Electric Sector Cybersecurity Organization Resource CPES failure scenario to highlight the trustworthiness of generated attack sequences.

Published: June 17, 2022


Dutta A., S. Purohit, A. Bhattacharya, and O. Bel. 2022. Cyber Attack Sequences Generation for Electric Power Grid. In 10th Workshop on Modeling and Simulation of Cyber-Physical Energy Systems (MSCPES 2022), May 3, 2022, Milan, Italy, 1-6. Piscataway, New Jersey:IEEE. PNNL-SA-170464. doi:10.1109/MSCPES55116.2022.9770105

Research topics