Abstract
As targeted attacks continue to threaten electricity infrastructure, the North American Electricity Reliability Corporation (NERC) and private utilities companies are revising and updating the physical and cybersecurity standards for grid infrastructure in the United States (U.S.). Using information collected about past physical attacks, feasible physical and cyber-physical attacks are modeled against the proposed updated security standards for a U.S.-based generic electric substation. Utilizing the software program Joint Conflict and Tactical Simulation (JCATS), a series of increasingly sophisticated physical attacks are simulated on the substation, as are a set of cyber-enabled physical attacks. The purpose of this study is to determine which of the security upgrades will be most effective at mitigating damages to the electrical infrastructure from an attack. The findings indicate that some of the utility and agency-proposed security measures are more effective than others. Specifically, additional barriers around the substation and physical armored protection of transformers are most effective at mitigating damages from attacks. In contrast, increased lighting at the substation and reducing the surrounding foliage are not as effective. This case study demonstrates a modeling analysis approach to testing the efficacy of physical security measures that can assist in utility and agency decision-making for critical infrastructure security.
Highlights
The electricity infrastructure in the United States (U.S.) is vulnerable to weather events, technical and human errors, and to malicious, intentional attacks [1]
Each Security Level Upgrade scenario is run against the three attacker profiles in “batches,” meaning Joint Conflict and Tactical Simulation (JCATS) cycles through each scenario 100 times each in order to produce a statistical probability of the outcomes
Horoeweeffveecrt,ivthe e levthealnofotmheitrisg.aWtiohniledcelpeaernidngs ovnegtehteatsioecnuarnitdyiinmcrperaosvinegmtehneta, masosuonmt oefilmigphrtoavt eamsietentcsanarheemlpotrheeegfufeacrtdivs e thdaenteoctthaenrsa. tWtahckilequclieckarlyinagnvdergeedtuactieohnidanindgipnlcarceeassifnorgwthoeualdm-boeunattoacfkliegrhs,ttahteaimsitperocavnedhevlipsibthileitgyuaalsrods. The results of these simulations indicate that for a general substation, such as the one described here, incremental security improvements can mitigate the effects of a physical attack
Summary
The electricity infrastructure in the United States (U.S.) is vulnerable to weather events, technical and human errors, and to malicious, intentional attacks [1]. One of the more publicized and costly physical attacks on the grid occurred in 2013 at the Metcalf Power Station, located near San Jose, California. This attack, which resulted in $15 million in damages and required the substation to be shut down for three weeks while initial repairs took place [4], served as a catalyst for a series of attack mitigation strategies aimed at improving grid security. To prevent a similar attack from happening again, utility companies and the North American Electricity Reliability Corporation (NERC) outlined a range of security improvement measures, including more robust physical barriers around key infrastructure, additional security technology and security personnel on site, and new risk mitigation audits to identify and communicate about vulnerabilities amongst sites [5]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
