Modeling Mission Impact of Cyber Attacks on Energy Delivery Systems

Today energy delivery systems (EDS) face challenges in dealing with cyberattacks that originate by exploiting the communication network assets. Traditional power systems are highly complex and heterogeneous. These systems focus on reliability, availability, and continuous performance and, thus, not designed to handle security issues. Network administrators often utilize attack graphs to analyze security in EDS. Although attack graphs are useful tools to generate attack paths and estimate possible consequences in a networked system, they lack incorporating the operational or functional dependencies. Localizing the dependencies among operational missions, tasks, and the hosting devices in a large-scale cyber-physical network is also challenging. Current research works handle the system dependency and the attack scenario modeling separately using dependency graphs and attack graphs, respectively. To address the gap of incorporating the mission operational dependencies with possible attack scenarios, in this work, we offer an approach to assess the cyberattack impact on the operational mission of the EDS by combining the logical attack graph and mission functional dependency graph. We provide the graphical modeling details and illustrate the approach using a case study of SCADA (supervisory control and data acquisition) operations within an EDS environment.