TY - JOUR
T1 - SecuriDN: A Modeling Tool Supporting the Early Detection of Cyberattacks to Smart Energy Systems
AU - CEROTTI, DAVIDE
AU - CODETTA RAITERI, Daniele
AU - Dondossola, Giovanna
AU - EGIDI, Lavinia
AU - FRANCESCHINIS, Giuliana Annamaria
AU - PORTINALE, Luigi
AU - Savarro, Davide
AU - Terruggia, Roberta
PY - 2024
Y1 - 2024
N2 - SecuriDN v. 0.1 is a tool for the representation of the assets composing the IT and the OT subsystems of Distributed Energy Resources (DERs) control networks and the possible cyberattacks that can threaten them. It is part of a platform that allows the evaluation of the security risks of DER control systems. SecuriDN is a multi-formalism tool, meaning that it manages several types of models: architecture graph, attack graphs and Dynamic Bayesian Networks (DBNs). In particular, each asset in the architecture is characterized by an attack graph showing the combinations of attack techniques that may affect the asset. By merging the attack graphs according to the asset associations in the architecture, a DBN is generated. Then, the evidence-based and time-driven probabilistic analysis of the DBN permits the quantification of the system security level. Indeed, the DBN probabilistic graphical model can be analyzed through inference algorithms, suitable for forward and backward assessment of the system’s belief state. In this paper, the features and the main goals of SecuriDN are described and illustrated through a simplified but realistic case study.
AB - SecuriDN v. 0.1 is a tool for the representation of the assets composing the IT and the OT subsystems of Distributed Energy Resources (DERs) control networks and the possible cyberattacks that can threaten them. It is part of a platform that allows the evaluation of the security risks of DER control systems. SecuriDN is a multi-formalism tool, meaning that it manages several types of models: architecture graph, attack graphs and Dynamic Bayesian Networks (DBNs). In particular, each asset in the architecture is characterized by an attack graph showing the combinations of attack techniques that may affect the asset. By merging the attack graphs according to the asset associations in the architecture, a DBN is generated. Then, the evidence-based and time-driven probabilistic analysis of the DBN permits the quantification of the system security level. Indeed, the DBN probabilistic graphical model can be analyzed through inference algorithms, suitable for forward and backward assessment of the system’s belief state. In this paper, the features and the main goals of SecuriDN are described and illustrated through a simplified but realistic case study.
KW - Bayesian Networks
KW - IEC 61850
KW - MITRE ATT&CK framework
KW - attack graphs
KW - cyber physical power systems
KW - cyberattack detection
KW - distributed energy resources
KW - evidence-based and time-driven probabilistic analysis
KW - multiformalism models
KW - risk assessment
KW - Bayesian Networks
KW - IEC 61850
KW - MITRE ATT&CK framework
KW - attack graphs
KW - cyber physical power systems
KW - cyberattack detection
KW - distributed energy resources
KW - evidence-based and time-driven probabilistic analysis
KW - multiformalism models
KW - risk assessment
UR - https://iris.uniupo.it/handle/11579/189344
U2 - 10.3390/en17163882
DO - 10.3390/en17163882
M3 - Article
SN - 1996-1073
VL - 17
JO - Energies
JF - Energies
IS - 16
ER -