SecuriDN: A Modeling Tool Supporting the Early Detection of Cyberattacks to Smart Energy Systems

Davide Cerotti; Daniele Codetta Raiteri; Giovanna Dondossola; Lavinia Egidi; Giuliana Franceschinis; Luigi Portinale; Davide Savarro; Roberta Terruggia

doi:10.3390/en17163882

SecuriDN: A Modeling Tool Supporting the Early Detection of Cyberattacks to Smart Energy Systems

Davide Cerotti
, Daniele Codetta Raiteri
, Giovanna Dondossola
, Lavinia Egidi
, Giuliana Franceschinis
, Luigi Portinale
, Davide Savarro
, Roberta Terruggia

Department of Science and Technological Innovation

Research output: Contribution to journal › Article › peer-review

Abstract

SecuriDN v. (Formula presented.) is a tool for the representation of the assets composing the IT and the OT subsystems of Distributed Energy Resources (DERs) control networks and the possible cyberattacks that can threaten them. It is part of a platform that allows the evaluation of the security risks of DER control systems. SecuriDN is a multi-formalism tool, meaning that it manages several types of models: architecture graph, attack graphs and Dynamic Bayesian Networks (DBNs). In particular, each asset in the architecture is characterized by an attack graph showing the combinations of attack techniques that may affect the asset. By merging the attack graphs according to the asset associations in the architecture, a DBN is generated. Then, the evidence-based and time-driven probabilistic analysis of the DBN permits the quantification of the system security level. Indeed, the DBN probabilistic graphical model can be analyzed through inference algorithms, suitable for forward and backward assessment of the system’s belief state. In this paper, the features and the main goals of SecuriDN are described and illustrated through a simplified but realistic case study.

Original language	English
Article number	3882
Journal	Energies
Volume	17
Issue number	16
DOIs	https://doi.org/10.3390/en17163882
Publication status	Published - Aug 2024

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

SDG 7 Affordable and Clean Energy

Keywords

Bayesian Networks
IEC 61850
MITRE ATT&CK framework
attack graphs
cyber physical power systems
cyberattack detection
distributed energy resources
evidence-based and time-driven probabilistic analysis
multiformalism models
risk assessment

Access to Document

10.3390/en17163882

Cite this

@article{da738c1ead2341b7bbca1335b740d398,

title = "SecuriDN: A Modeling Tool Supporting the Early Detection of Cyberattacks to Smart Energy Systems",

abstract = "SecuriDN v. (Formula presented.) is a tool for the representation of the assets composing the IT and the OT subsystems of Distributed Energy Resources (DERs) control networks and the possible cyberattacks that can threaten them. It is part of a platform that allows the evaluation of the security risks of DER control systems. SecuriDN is a multi-formalism tool, meaning that it manages several types of models: architecture graph, attack graphs and Dynamic Bayesian Networks (DBNs). In particular, each asset in the architecture is characterized by an attack graph showing the combinations of attack techniques that may affect the asset. By merging the attack graphs according to the asset associations in the architecture, a DBN is generated. Then, the evidence-based and time-driven probabilistic analysis of the DBN permits the quantification of the system security level. Indeed, the DBN probabilistic graphical model can be analyzed through inference algorithms, suitable for forward and backward assessment of the system{\textquoteright}s belief state. In this paper, the features and the main goals of SecuriDN are described and illustrated through a simplified but realistic case study.",

keywords = "Bayesian Networks, IEC 61850, MITRE ATT\&CK framework, attack graphs, cyber physical power systems, cyberattack detection, distributed energy resources, evidence-based and time-driven probabilistic analysis, multiformalism models, risk assessment",

author = "Davide Cerotti and \{Codetta Raiteri\}, Daniele and Giovanna Dondossola and Lavinia Egidi and Giuliana Franceschinis and Luigi Portinale and Davide Savarro and Roberta Terruggia",

note = "Publisher Copyright: {\textcopyright} 2024 by the authors.",

year = "2024",

month = aug,

doi = "10.3390/en17163882",

language = "English",

volume = "17",

journal = "Energies",

issn = "1996-1073",

publisher = "Multidisciplinary Digital Publishing Institute (MDPI)",

number = "16",

}

TY - JOUR

T1 - SecuriDN

T2 - A Modeling Tool Supporting the Early Detection of Cyberattacks to Smart Energy Systems

AU - Cerotti, Davide

AU - Codetta Raiteri, Daniele

AU - Dondossola, Giovanna

AU - Egidi, Lavinia

AU - Franceschinis, Giuliana

AU - Portinale, Luigi

AU - Savarro, Davide

AU - Terruggia, Roberta

PY - 2024/8

Y1 - 2024/8

N2 - SecuriDN v. (Formula presented.) is a tool for the representation of the assets composing the IT and the OT subsystems of Distributed Energy Resources (DERs) control networks and the possible cyberattacks that can threaten them. It is part of a platform that allows the evaluation of the security risks of DER control systems. SecuriDN is a multi-formalism tool, meaning that it manages several types of models: architecture graph, attack graphs and Dynamic Bayesian Networks (DBNs). In particular, each asset in the architecture is characterized by an attack graph showing the combinations of attack techniques that may affect the asset. By merging the attack graphs according to the asset associations in the architecture, a DBN is generated. Then, the evidence-based and time-driven probabilistic analysis of the DBN permits the quantification of the system security level. Indeed, the DBN probabilistic graphical model can be analyzed through inference algorithms, suitable for forward and backward assessment of the system’s belief state. In this paper, the features and the main goals of SecuriDN are described and illustrated through a simplified but realistic case study.

AB - SecuriDN v. (Formula presented.) is a tool for the representation of the assets composing the IT and the OT subsystems of Distributed Energy Resources (DERs) control networks and the possible cyberattacks that can threaten them. It is part of a platform that allows the evaluation of the security risks of DER control systems. SecuriDN is a multi-formalism tool, meaning that it manages several types of models: architecture graph, attack graphs and Dynamic Bayesian Networks (DBNs). In particular, each asset in the architecture is characterized by an attack graph showing the combinations of attack techniques that may affect the asset. By merging the attack graphs according to the asset associations in the architecture, a DBN is generated. Then, the evidence-based and time-driven probabilistic analysis of the DBN permits the quantification of the system security level. Indeed, the DBN probabilistic graphical model can be analyzed through inference algorithms, suitable for forward and backward assessment of the system’s belief state. In this paper, the features and the main goals of SecuriDN are described and illustrated through a simplified but realistic case study.

KW - Bayesian Networks

KW - IEC 61850

KW - MITRE ATT&CK framework

KW - attack graphs

KW - cyber physical power systems

KW - cyberattack detection

KW - distributed energy resources

KW - evidence-based and time-driven probabilistic analysis

KW - multiformalism models

KW - risk assessment

UR - https://www.scopus.com/pages/publications/85202442945

U2 - 10.3390/en17163882

DO - 10.3390/en17163882

M3 - Article

SN - 1996-1073

VL - 17

JO - Energies

JF - Energies

IS - 16

M1 - 3882

ER -

SecuriDN: A Modeling Tool Supporting the Early Detection of Cyberattacks to Smart Energy Systems

Abstract

UN SDGs

Keywords

Access to Document

Other files and links

Fingerprint

Cite this