Related papers: Cyber-attack TTP analysis for EPES systems

Cyber-attack TTP analysis for EPES systems

URL: http://arxiv.org/abs/2302.09164v2
Date: Sat, 26 Jul 2025 07:15:04 GMT
Title: Cyber-attack TTP analysis for EPES systems
Authors: Alexios Lekidis,
Abstract summary: As we move towards the Industry 4.0 area, a high-degree of automation and connectivity provides easier maintenance and handling of mis-configurations and operational errors.<n>Even though considerations are present about the security implications of the Industry 4.0 era in the electrical grid, electricity stakeholders deem their infrastructures as secure since they are isolated and allow no external connections.<n>The Tactics, Techniques and Procedures (TTPs) that are employed by adversaries to perform cyber-attack towards the critical Electrical Power and Energy System infrastructures are gradually becoming highly advanced and sophisticated.
Score: 0.32634122554913997
License: http://creativecommons.org/licenses/by/4.0/
Abstract: The electrical grid consists of legacy systems that were built with no security in mind. As we move towards the Industry 4.0 area though, a high-degree of automation and connectivity provides: 1) fast and flexible configuration and updates as well as 2) easier maintenance and handling of mis-configurations and operational errors. Even though considerations are present about the security implications of the Industry 4.0 era in the electrical grid, electricity stakeholders deem their infrastructures as secure since they are isolated and allow no external connections. However, external connections are not the only security risk for electrical utilities. The Tactics, Techniques and Procedures (TTPs) that are employed by adversaries to perform cyber-attack towards the critical Electrical Power and Energy System (EPES) infrastructures are gradually becoming highly advanced and sophisticated. In this article, we elaborate on these techniques and demonstrate them in a Power Plant of a major utility company within the Greek area. The demonstrated TTPs allow exploiting and executing remote commands in smart meters as well as Programmable Logic Controllers (PLCs) that are responsible for the power generator operation.

Related papers

CyFence: Securing Cyber-Physical Controllers via Trusted Execution Environment [45.86654759872101]
Cyber-physical systems (CPSs) have experienced a significant technological evolution and increased connectivity, at the cost of greater exposure to cyber-attacks.<n>We propose CyFence, a novel architecture that improves the resilience of closed-loop control systems against cyber-attacks by adding a semantic check.<n>We evaluate CyFence considering a real-world application, consisting of an active braking digital controller, demonstrating that it can mitigate different types of attacks with a negligible overhead.
arXiv Detail & Related papers (2025-06-12T12:22:45Z)
Cyber security of OT networks: A tutorial and overview [1.4361933642658902]
This manuscript explores the cybersecurity challenges of Operational Technology (OT) networks.<n> OT systems increasingly integrate with Information Technology (IT) systems due to Industry 4.0 initiatives.<n>The study examines key components of OT systems, such as SCADA (Supervisory Control and Data Acquisition), PLCs (Programmable Logic Controllers), and RTUs (Remote Terminal Units)
arXiv Detail & Related papers (2025-02-19T17:23:42Z)
An Efficiency Firmware Verification Framework for Public Key Infrastructure with Smart Grid and Energy Storage System [0.6757476692230008]
Rapid evolution of smart grids has attracted numerous nation-state actors seeking to disrupt the power infrastructure of adversarial nations.<n>We propose a digital signing and verification framework grounded in Public Key Infrastructure (PKI), specifically tailored for resource-constrained devices such as smart meters.
arXiv Detail & Related papers (2025-01-10T05:43:31Z)
ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
arXiv Detail & Related papers (2024-11-21T18:26:05Z)
SafePowerGraph: Safety-aware Evaluation of Graph Neural Networks for Transmission Power Grids [55.35059657148395]
We present SafePowerGraph, the first simulator-agnostic, safety-oriented framework and benchmark for Graph Neural Networks (GNNs) in power systems (PS) operations. SafePowerGraph integrates multiple PF and OPF simulators and assesses GNN performance under diverse scenarios, including energy price variations and power line outages.
arXiv Detail & Related papers (2024-07-17T09:01:38Z)
On Practicality of Using ARM TrustZone Trusted Execution Environment for Securing Programmable Logic Controllers [8.953939389578116]
This paper investigates the application of ARM TrustZone TEE technology for enhancing the security of PLC. Our aim is to evaluate the feasibility and practicality of the TEE-based PLCs through the proof-of-concept design and implementation using open-source software such as OP-TEE and OpenPLC.
arXiv Detail & Related papers (2024-03-08T16:55:20Z)
SoK: Security of Programmable Logic Controllers [2.4833449443424245]
We conduct the first comprehensive systematization of knowledge that explores the security of PLCs. We introduce a novel threat taxonomy for PLCs and Industrial Control Systems. We identify and point out research gaps that, if left ignored, could lead to new catastrophic attacks against critical infrastructures.
arXiv Detail & Related papers (2024-03-01T04:53:41Z)
HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs) TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks. We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z)
Cybersecurity in Critical Infrastructures: A Post-Quantum Cryptography Perspective [0.0]
Implementing cryptosystems in industrial communication networks faces a trade-off between the security of the communications and the amortization of the industrial infrastructure. New threat to cybersecurity has arisen with the theoretical proposal of quantum computers. Many global agents have become aware that transitioning their secure communications to a quantum secure paradigm is a priority that should be established before the arrival of fault-tolerance.
arXiv Detail & Related papers (2024-01-08T10:02:48Z)
Cybersecurity Threats to Power Grid Operations from the Demand-Side Response Ecosystem [6.130103399323566]
This article focuses on cyber security threats from IoT-enabled energy smart appliances (ESAs) to power grid operations.<n>It presents an in-depth analysis of the demand side threats, including (i) an overview of the vulnerabilities in ESAs and the wider risk from the demand-side response ecosystem, (ii) key factors influencing the attack impact on power grid operations, and (iii) measures to improve the cyber-physical resilience of power grids.
arXiv Detail & Related papers (2023-10-28T20:56:43Z)
Learning, Computing, and Trustworthiness in Intelligent IoT Environments: Performance-Energy Tradeoffs [62.91362897985057]
An Intelligent IoT Environment (iIoTe) is comprised of heterogeneous devices that can collaboratively execute semi-autonomous IoT applications. This paper provides a state-of-the-art overview of these technologies and illustrates their functionality and performance, with special attention to the tradeoff among resources, latency, privacy and energy consumption.
arXiv Detail & Related papers (2021-10-04T19:41:42Z)
Smart Home, security concerns of IoT [91.3755431537592]
The IoT (Internet of Things) has become widely popular in the domestic environments. People are renewing their homes into smart homes; however, the privacy concerns of owning many Internet connected devices with always-on environmental sensors remain insufficiently addressed. Default and weak passwords, cheap materials and hardware, and unencrypted communication are identified as the principal threats and vulnerabilities of IoT devices.
arXiv Detail & Related papers (2020-07-06T10:36:11Z)

This list is automatically generated from the titles and abstracts of the papers in this site.