Full Program
Summary:
The integration of intelligent devices in the industry allows the automation and control of industrial processes in an efficient and effective manner. However, the utilization of intelligent devices leads to an increased attack surface in critical infrastructures, threatening regular operations. Such attacks can have disastrous consequences. Thus, the timely identification of vulnerable spots through high-quality risk assessment is considered highly important for avoiding or mitigating potential risks. In this paper, we focus on Distributed Network Protocol 3 (DNP3), a protocol with high utility in smart grids. Specifically, we investigate, identify and describe the vulnerabilities-by-design of DNP3 through 8 DNP3-centered cyberattacks. In addition, we present a novel method for conducting risk assessment, stemming from the combination of two techniques, namely, Attack Defence Trees (ADTs) and Common Vulnerability Scoring System v3.1 (CVSS). Through our proposed technique, the risk of a cyberattack occurring is calculated, thus contributing in securing the critical infrastructure.Author(s):
Vasiliki Kelli
Greece
Panagiotis Radoglou-Grammatikis
Greece
Thomas Lagkas
Greece
Evangelos Markakis
Greece
Panagiotis Sarigiannidis
Greece