Auto-SGCR: Automated Generation of Smart Grid Cyber Range Using IEC 61850 Standard Models

• URL: http://arxiv.org/abs/2507.18249v1
• Date: Thu, 24 Jul 2025 09:44:03 GMT
• Title: Auto-SGCR: Automated Generation of Smart Grid Cyber Range Using IEC 61850 Standard Models
• Authors: Muhammad M. Roomi, S. M. Suhail Hussain, Ee-Chien Chang, David M. Nicol, Daisuke Mashima,
• Abstract summary: Digitalization of power grids has made them increasingly susceptible to cyber-attacks in the past decade.<n>Iterative cybersecurity testing is indispensable to counter emerging attack vectors and to ensure dependability of critical infrastructure.<n>A high-fidelity cyber range is vital as it is often infeasible to conduct such experiments and training using production environment.
• Score: 8.55849957500108
• License: http://creativecommons.org/licenses/by/4.0/
• Abstract: Digitalization of power grids have made them increasingly susceptible to cyber-attacks in the past decade. Iterative cybersecurity testing is indispensable to counter emerging attack vectors and to ensure dependability of critical infrastructure. Furthermore, these can be used to evaluate cybersecurity configuration, effectiveness of the cybersecurity measures against various attack vectors, as well as to train smart grid cybersecurity experts defending the system. Enabling extensive experiments narrows the gap between academic research and production environment. A high-fidelity cyber range is vital as it is often infeasible to conduct such experiments and training using production environment. However, the design and implementation of cyber range requires extensive domain knowledge of physical and cyber aspect of the infrastructure. Furthermore, costs incurred for setup and maintenance of cyber range are significant. Moreover, most existing smart grid cyber ranges are designed as a one-off, proprietary system, and are limited in terms of configurability, accessibility, portability, and reproducibility. To address these challenges, an automated Smart grid Cyber Range generation framework is presented in this paper. Initially a human-/machine-friendly, XML-based modeling language called Smart Grid Modeling Language was defined, which incorporates IEC 61850 System Configuration Language files. Subsequently, a toolchain to parse SG-ML model files and automatically instantiate a functional smart grid cyber range was developed. The developed SG-ML models can be easily shared and/or modified to reproduce or customize for any cyber range. The application of Auto-SGCR is demonstrated through case studies with large-scale substation models. The toolchain along with example SG-ML models have been open-sourced.

Related papers

• CANDoSA: A Hardware Performance Counter-Based Intrusion Detection System for DoS Attacks on Automotive CAN bus [45.24207460381396]
  This paper presents a novel Intrusion Detection System (IDS) designed for the Controller Area Network (CAN) environment.<n>A RISC-V-based CAN receiver is simulated using the gem5 simulator, processing CAN frame payloads with AES-128 encryption as FreeRTOS tasks.<n>Results indicate that this approach could significantly improve CAN security and address emerging challenges in automotive cybersecurity.
  arXiv  Detail & Related papers  (2025-07-19T20:09:52Z)
• CyFence: Securing Cyber-Physical Controllers via Trusted Execution Environment [45.86654759872101]
  Cyber-physical systems (CPSs) have experienced a significant technological evolution and increased connectivity, at the cost of greater exposure to cyber-attacks.<n>We propose CyFence, a novel architecture that improves the resilience of closed-loop control systems against cyber-attacks by adding a semantic check.<n>We evaluate CyFence considering a real-world application, consisting of an active braking digital controller, demonstrating that it can mitigate different types of attacks with a negligible overhead.
  arXiv  Detail & Related papers  (2025-06-12T12:22:45Z)
• CyberGym: Evaluating AI Agents' Cybersecurity Capabilities with Real-World Vulnerabilities at Scale [46.76144797837242]
  Large language model (LLM) agents are becoming increasingly skilled at handling cybersecurity tasks autonomously.<n>Existing benchmarks fall short, often failing to capture real-world scenarios or being limited in scope.<n>We introduce CyberGym, a large-scale and high-quality cybersecurity evaluation framework featuring 1,507 real-world vulnerabilities.
  arXiv  Detail & Related papers  (2025-06-03T07:35:14Z)
• Llama-3.1-FoundationAI-SecurityLLM-Base-8B Technical Report [50.268821168513654]
  We present Foundation-Sec-8B, a cybersecurity-focused large language model (LLMs) built on the Llama 3.1 architecture.<n>We evaluate it across both established and new cybersecurity benchmarks, showing that it matches Llama 3.1-70B and GPT-4o-mini in certain cybersecurity-specific tasks.<n>By releasing our model to the public, we aim to accelerate progress and adoption of AI-driven tools in both public and private cybersecurity contexts.
  arXiv  Detail & Related papers  (2025-04-28T08:41:12Z)
• Towards Zero Touch Networks: Cross-Layer Automated Security Solutions for 6G Wireless Networks [39.08784216413478]
  This paper proposes an automated security framework targeting Physical Layer Authentication and Cross-Layer Intrusion Detection Systems.<n>The proposed framework employs drift-adaptive online learning techniques and a novel enhanced Successive Halving (SH)-based Automated ML (AutoML) method to automatically generate optimized ML models for dynamic networking environments.
  arXiv  Detail & Related papers  (2025-02-28T01:16:11Z)
• AI-based Attacker Models for Enhancing Multi-Stage Cyberattack Simulations in Smart Grids Using Co-Simulation Environments [1.4563527353943984]
  The transition to smart grids has increased the vulnerability of electrical power systems to advanced cyber threats.<n>We propose a co-simulation framework that employs an autonomous agent to execute modular cyberattacks.<n>Our approach offers a flexible, versatile source for data generation, aiding in faster prototyping and reducing development resources and time.
  arXiv  Detail & Related papers  (2024-12-05T08:56:38Z)
• Towards Automated Generation of Smart Grid Cyber Range for Cybersecurity Experiments and Training [8.492135678037787]
  We have developed a framework for modelling a smart grid cyber range using an XML-based language, called SG-ML. The framework aims at making a smart grid cyber range available to broader user bases to facilitate cybersecurity R&D and hands-on exercises.
  arXiv  Detail & Related papers  (2024-04-01T02:34:53Z)
• Large Language Models Empowered Autonomous Edge AI for Connected Intelligence [51.269276328087855]
  Edge artificial intelligence (Edge AI) is a promising solution to achieve connected intelligence. This article presents a vision of autonomous edge AI systems that automatically organize, adapt, and optimize themselves to meet users' diverse requirements.
  arXiv  Detail & Related papers  (2023-07-06T05:16:55Z)
• Graph Mining for Cybersecurity: A Survey [61.505995908021525]
  The explosive growth of cyber attacks nowadays, such as malware, spam, and intrusions, caused severe consequences on society. Traditional Machine Learning (ML) based methods are extensively used in detecting cyber threats, but they hardly model the correlations between real-world cyber entities. With the proliferation of graph mining techniques, many researchers investigated these techniques for capturing correlations between cyber entities and achieving high performance.
  arXiv  Detail & Related papers  (2023-04-02T08:43:03Z)
• In-situ Model Downloading to Realize Versatile Edge AI in 6G Mobile Networks [61.416494781759326]
  In-situ model downloading aims to achieve transparent and real-time replacement of on-device AI models by downloading from an AI library in the network. A key component of the presented framework is a set of techniques that dynamically compress a downloaded model at the depth-level, parameter-level, or bit-level. We propose a 6G network architecture customized for deploying in-situ model downloading with the key feature of a three-tier (edge, local, and central) AI library.
  arXiv  Detail & Related papers  (2022-10-07T13:41:15Z)
• A Data-Centric Approach to Generate Invariants for a Smart Grid Using Machine Learning [5.447524543941443]
  The study proposed here focuses on detecting those anomalies which could be the cause of cyber-attacks. This is achieved by deriving the rules that govern the physical behavior of a process within a plant. The entire study was conducted using the operational data of a functional smart power grid which is also a living lab.
  arXiv  Detail & Related papers  (2022-02-14T14:05:57Z)
• Machine Learning in Generation, Detection, and Mitigation of Cyberattacks in Smart Grid: A Survey [1.3299946892361474]
  Smart grid (SG) is a complex cyber-physical system that utilizes modern cyber and physical equipment to run at an optimal operating point. Cyberattacks are the principal threats confronting the usage and advancement of the state-of-the-art systems. Machine learning (ML) is being used to exploit and defend the cyberattacks in SG by the attackers and system operators.
  arXiv  Detail & Related papers  (2020-09-01T05:16:51Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.