Cyber risk assessment of power control systems — A metrics weighed by attack experiments

The paper summarises the results of research activities, both methodological and experimental, performed by RSE to evaluate the exposition to cyber risks of the power grid control systems. On the methodological side a risk metric has been defined assigning a value to the cyber/power risk in relation to the occurrence rate of cyber contingencies and their impact on the power service. The higher criticality threats have been experimented in the RSE Laboratory by simulating selected attack processes on telecontrol test beds of passive interconnected HV/MV distribution grids. The experiments concern cyber threats to ICT network components, such as routers and SCADA systems, having a critical role in power grid operation. The experiments assessed the residual vulnerabilities of protected IEC 60870-5-104 TCP/IP based communications between Control Centres and Substation Automation Systems in presence of attack processes assuming different degrees of knowledge about the attacked system's behaviour. The evaluation framework supporting the experimental activity allows monitoring the communication status through a set of measurements such as Inter Message Time, Number of Lost Messages, Inter Reconnection Time and Time To Failure. The knowledge and measures from controlled experiments are then exploited by the cyber-risk metrics to improve the estimation of the vulnerability and threat probabilities related to the successfulness of a given attack.