Abstract
Identifying risks in modern electric power systems is essential, and one of the main difficulties concerns covering the wide range of technologies that permeate its cyber and physical domains. Different risk identification methods have been proposed, but applying them individually does not guarantee coverage of both domains. On the other hand, the simple non-articulated application of a set of existing risk identification methods can lead to an exhaustive and inefficient process. This paper proposes a new Cyber–Physical Risks Identification Method (CPRIM) to comprehensively and efficiently identify risks in electrical power systems. To systematically cover risks ranging from the cyber domain to the physical domain, CPRIM combines in a complimentary and articulated way the National Institute of Standards and Technology (NIST) Cybersecurity Framework, a Risk Factor model, and the HAZOP, establishing a novel hybrid risk identification approach. This work also proposes a method based on Jaccard and overlap indexes to quantitatively assess the complementarity and superposition that may exist when applying different risk identification methods to electrical power systems. The results obtained in a real computer-managed photovoltaic plant indicate that CPRIM can efficiently identify cyber–physical risks, showing a reasonable trade-off between system coverage and redundancy in identified risks.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
