Lennart Bader, Martin Serror, Olav Lamberts, Ömer Sen, Dennis van der Velde, Immanuel Hacker, Julian Filter, Elmar Padilla, Martin Henze:
In Proceedings of the 8th IEEE European Symposium on Security and Privacy (EuroS&P), IEEE, 2023
@inproceedings{bsl+23,
author = {Bader, Lennart and Serror, Martin and Lamberts, Olav and Sen, Ömer and van der Velde, Dennis and Hacker, Immanuel and Filter, Julian and Padilla, Elmar and Henze, Martin},
title = {{Comprehensively Analyzing the Impact of Cyberattacks on Power Grids}},
year = {2023},
booktitle = {2023 IEEE 8th European Symposium on Security and Privacy (EuroS\&P)},
organization = {IEEE}
}
Abstract
The increasing digitalization of power grids and especially the shift towards IP-based communication drastically increase the susceptibility to cyberattacks, potentially leading to blackouts and physical damage.
Understanding the involved risks, the interplay of communication and physical assets, and the effects of cyberattacks are paramount for the uninterrupted operation of this critical infrastructure.
However, as the impact of cyberattacks cannot be researched in real-world power grids, current efforts tend to focus on analyzing isolated aspects at small scales, often covering only either physical or communication assets.
To fill this gap, we present WATTSON, a comprehensive research environment that facilitates reproducing, implementing, and analyzing cyberattacks against power grids and, in particular, their impact on both communication and physical processes.
We validate WATTSON's accuracy against a physical testbed and show its scalability to realistic power grid sizes.
We then perform authentic cyberattacks, such as Industroyer, within the environment and study their impact on the power grid's energy and communication side.
Besides known vulnerabilities, our results reveal the ripple effects of susceptible communication on complex cyber-physical processes and thus lay the foundation for effective countermeasures.