A systematic approach to analysis for assessing the security level of cyber-physical systems in the electricity sector

Abstract

In a context of digitalization and technological evolution in all aspects of our lives, the electricity sector could not be left behind. This opens up a new range of possibilities until now unthinkable, which will facilitate the progress and services that we will be able to enjoy thanks to the development of the smart grid. But it also poses new challenges, both technological and in terms of cybersecurity, as the electricity sector takes on an increasingly important role in our lives. Therefore, after an analysis of the main incidents that have affected the energy sector, a general study is made of the standards that affect it, especially the IEEE 1686 and IEC 62,351 standards, in order to develop a simple and practical methodology to assess the level of security of the cyber-physical systems and equipment that makes up an electrical installation. The aforementioned methodology is developed based on a selection of specific requirements from the aforementioned standards that will serve as a starting point for the development of a series of specific compliance tests to assess the equipment to be installed or modified in a smart grid. This is because every measure is too little to put a stop to the successes achieved so far by cybercriminals. To this end, it is necessary to set out one of the many routes initiated by the many standards, norms, and laws, and thus define an effective and efficient path that will allow us to establish secure pillars on which to build the future.