Modern energy systems are interconnected through public and private networks, hence, such systems can be target of cyber attacks – Smart Grid is an example of a system of systems which can be targeted for security breaches. Smart grid systems may be targeted using the vulnerabilities are unknown, zero day attacks. It is important to have a comprehensive support infrastructure for identifying and mitigating potential risks to smart grid systems. However, such an infrastructure should be developed and evaluated after having a deep understanding of the existing practices and processes of managing cyber security risk in the energy sector for smart grid systems. I’ve recently supervised a project that was aimed at addressing the challenges, tends, and requirements in the Danish electricity sector.
The project purports to explore the practices and processes in the Danish energy sectors for cyber security and develop knowledge and understanding that can be used for developing and evaluating a rigorous methodology and appropriate tool support for security risk identification and management for smart grid system. This project has been carried out by Christian Rønn, who has done an excellent work and successfully achieve the top grade in his examination of the project. Now we are working on making a technical report based on the work reported in the thesis and our further understanding of the domain and types of cyber security risks that may be considered for smart grid systems. We plan to extend this project for the second phase in which we will develop and evaluation a comprehensive framework and associated tool for identifying and manning cyber security risks to smart grid systems. We are happy to share the report and the knowledge we have been gaining this project for collaboration or general use purposes.