2022 IEEE International Conference on Cyber Security and Resilience

Full Program

Summary:

The integration of intelligent devices in the industry allows the automation and control of industrial processes in an efficient and effective manner. However, the utilization of intelligent devices leads to an increased attack surface in critical infrastructures, threatening regular operations. Such attacks can have disastrous consequences. Thus, the timely identification of vulnerable spots through high-quality risk assessment is considered highly important for avoiding or mitigating potential risks. In this paper, we focus on Distributed Network Protocol 3 (DNP3), a protocol with high utility in smart grids. Specifically, we investigate, identify and describe the vulnerabilities-by-design of DNP3 through 8 DNP3-centered cyberattacks. In addition, we present a novel method for conducting risk assessment, stemming from the combination of two techniques, namely, Attack Defence Trees (ADTs) and Common Vulnerability Scoring System v3.1 (CVSS). Through our proposed technique, the risk of a cyberattack occurring is calculated, thus contributing in securing the critical infrastructure.

Author(s):

Vasiliki Kelli    
Greece

Panagiotis Radoglou-Grammatikis    
Greece

Thomas Lagkas    
Greece

Evangelos Markakis    
Greece

Panagiotis Sarigiannidis    
Greece

 


Copyright © 2022 SUMMIT-TEC GROUP LTD