Fostering security research in the energy sector: A validation of open source intelligence for power grid model data

IF 4.8 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security Pub Date : 2024-08-08 DOI:10.1016/j.cose.2024.104042

{"title":"Fostering security research in the energy sector: A validation of open source intelligence for power grid model data","authors":"","doi":"10.1016/j.cose.2024.104042","DOIUrl":null,"url":null,"abstract":"<div><p>Cyber attacks against power grids, interrupting utility service and causing blackouts are on the rise, and increasingly motivate researchers to investigate this topic. Thereby, models of real-world power grids are an indispensable prerequisite, but operators do not make them available, allegedly for reasons of protection. This security-by-obscurity strategy appears futile as grid artifacts (lines, plants, substations) are large and cannot be easily hidden. It seems promising to infer real-world model data from publicly available data, and indeed, multiple models were generated through Open Source Intelligence (OSINT). Questions on the models’ quality remain, however, open but are of utter importance for research building on these models, especially as the results might have considerable impact on society and national security. This paper approaches this particular point and investigates whether OSINT leads to data on real-world power grids of sufficient quality; by the example of the European country of Austria, we investigate whether all parameters that are relevant for power flow analysis, a standard approach in power engineering, can be inferred from publicly available data (OpenStreetMap, national statistics, etc.), and validate this data against ground truths, including governmental land use plans, Google Street View and the power sector’s information material. Our validation shows that the inferred data meets reality well — among others, the extra-high voltage level is 100% (lines) rsp. 98% (substations) complete. Beyond, the inferred data is up-to-date as the construction of lines or substations is always documented in OSM, in 76% of the cases even before finalization of the construction works. An analysis of 24 other European countries revealed that electric systems, substations, and power plants are documented in OSM to a similar extent as in Austria, motivating the application of our approach also to these countries. The contribution of our OSINT-based approach is twofold: First, it facilitates the development of models of real-world power grids, fostering research and discussion that is independent of the power grid operators, in the security domain and beyond. Second, our method represents an attack itself, challenging the energy sector’s security-by-obscurity approach.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":null,"pages":null},"PeriodicalIF":4.8000,"publicationDate":"2024-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S016740482400347X/pdfft?md5=522880a5fc919ec2227cfbfbeb5e4de3&pid=1-s2.0-S016740482400347X-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S016740482400347X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Cyber attacks against power grids, interrupting utility service and causing blackouts are on the rise, and increasingly motivate researchers to investigate this topic. Thereby, models of real-world power grids are an indispensable prerequisite, but operators do not make them available, allegedly for reasons of protection. This security-by-obscurity strategy appears futile as grid artifacts (lines, plants, substations) are large and cannot be easily hidden. It seems promising to infer real-world model data from publicly available data, and indeed, multiple models were generated through Open Source Intelligence (OSINT). Questions on the models’ quality remain, however, open but are of utter importance for research building on these models, especially as the results might have considerable impact on society and national security. This paper approaches this particular point and investigates whether OSINT leads to data on real-world power grids of sufficient quality; by the example of the European country of Austria, we investigate whether all parameters that are relevant for power flow analysis, a standard approach in power engineering, can be inferred from publicly available data (OpenStreetMap, national statistics, etc.), and validate this data against ground truths, including governmental land use plans, Google Street View and the power sector’s information material. Our validation shows that the inferred data meets reality well — among others, the extra-high voltage level is 100% (lines) rsp. 98% (substations) complete. Beyond, the inferred data is up-to-date as the construction of lines or substations is always documented in OSM, in 76% of the cases even before finalization of the construction works. An analysis of 24 other European countries revealed that electric systems, substations, and power plants are documented in OSM to a similar extent as in Austria, motivating the application of our approach also to these countries. The contribution of our OSINT-based approach is twofold: First, it facilitates the development of models of real-world power grids, fostering research and discussion that is independent of the power grid operators, in the security domain and beyond. Second, our method represents an attack itself, challenging the energy sector’s security-by-obscurity approach.

查看原文本刊更多论文

促进能源领域的安全研究：电网模型数据的开源智能验证

针对电网的网络攻击、中断电力服务和造成停电的事件日益增多，越来越多的研究人员开始研究这一课题。因此，现实世界中的电网模型是不可或缺的先决条件，但运营商并不提供这些模型，据称是出于保护的考虑。由于电网人工制品（线路、发电厂、变电站）体积庞大，不易隐藏，因此这种 "隐蔽安全 "策略似乎是徒劳的。从公开数据中推断真实世界的模型数据似乎大有可为，事实上，多个模型都是通过开源情报（OSINT）生成的。然而，有关模型质量的问题仍未解决，但对基于这些模型的研究却极为重要，尤其是因为研究结果可能会对社会和国家安全产生重大影响。本文从这一特殊的角度出发，研究 OSINT 是否能提供具有足够质量的真实电网数据；以欧洲国家奥地利为例，我们研究了是否能从公开数据（OpenStreetMap、国家统计数据等）中推断出与电力工程标准方法--电力流分析--相关的所有参数，并将这些数据与政府土地利用规划、谷歌街景和电力部门的信息资料等地面事实进行验证。我们的验证结果表明，推断出的数据与实际情况非常吻合--其中，特高压水平为 100%（线路）rsp.98%（变电站）。此外，推断的数据也是最新的，因为线路或变电站的建设始终记录在 OSM 中，在 76% 的情况下，甚至在建设工程最终完成之前。对其他 24 个欧洲国家的分析表明，电力系统、变电站和发电厂在 OSM 中的记录程度与奥地利相似，因此我们的方法也适用于这些国家。我们基于 OSINT 的方法有两方面的贡献：首先，它有助于开发真实世界电网的模型，促进独立于电网运营商的安全领域内外的研究和讨论。其次，我们的方法本身就是一种攻击，对能源部门的 "逐一安全 "方法提出了挑战。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Security 工程技术-计算机：信息系统

CiteScore

12.40

自引率

7.10%

发文量

365

审稿时长

10.7 months

期刊介绍： Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world. Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.

文献相关原料

公司名称	产品信息	采购帮参考价格