Risk Indices Assessment of Different Cyber-Attack Actions for an SDN-Enabled IEC 61850 Substation Using Markov Decision Process

Risk Indices Assessment of Different Cyber-Attack Actions for an SDN-Enabled IEC 61850 Substation Using Markov Decision Process

IEC61850-based digital substations are widely used for electricity network power flow to be controlled and directed safely and securely from generation to demand. As digital substations become software-intensive and digitally connected to the grid cyberspace, they are vulnerable to cyberattacks. Thu...

Full description

Saved in:
Bibliographic Details
Main Authors: Zhihao Wu, Sugandh Seth, Haiyu Li, Zhirun Hu, James Yu
Format: Article
Language:English
Published: IEEE 2025-01-01
Series:IEEE Access
Subjects:
Substation automation and protection
software defined network (SDN)-enabled substation
cybersecurity
cyber risk indices
Markov decision process (MDP)
Online Access:https://ieeexplore.ieee.org/document/11050378/
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:IEC61850-based digital substations are widely used for electricity network power flow to be controlled and directed safely and securely from generation to demand. As digital substations become software-intensive and digitally connected to the grid cyberspace, they are vulnerable to cyberattacks. Thus, Software-Defined Networking (SDN) technology can be utilized to enhance the security of digital substations. This paper aims to evaluate the security posture of SDN-enabled substations and to calculate the cyber risk indices of a substation under different attacks. The proposed approach uses 1) the Purdue Model to model attack scenarios using cyber-physical devices at different layers based on typical protection control device arrangement in a substation and 2) the Markov Decision Process (MDP) model to assess cybersecurity risk indices for the substation. The assessment evaluates all possible attack patterns by an attacker to determine the severity of each attack path within the substation. The paper further compares the cybersecurity risk indices of SDN-enabled substations with those of traditional switch-based substations. Results show that implementing SDN technology can significantly enhance substation security with improvements ranging from 6.9% to 100% and an average security enhancement of 68%.
ISSN:2169-3536

Similar Items