=Paper=
{{Paper
|id=Vol-3731/paper03
|storemode=property
|title=Cybersecurity Assessment of Digital Twin in Smart Grids
|pdfUrl=https://ceur-ws.org/Vol-3731/paper03.pdf
|volume=Vol-3731
|authors=Mulualem B. Anley,Otuekong Ekpo,T. Milinda H. Gedara
|dblpUrl=https://dblp.org/rec/conf/itasec/AnleyEG24
}}
==Cybersecurity Assessment of Digital Twin in Smart Grids==
https://ceur-ws.org/Vol-3731/paper03.pdf
Cybersecurity Assessment of Digital Twin in Smart Grids
Mulualem Bitew Anley1,4 , Otuekong Ekpo2,4 and T. Milinda H. Gedara3,4
1
Università degli Studi di Milano, Milano, Italy
2
Università degli Studi di Napoli, Napoli, Italy
3
Università degli Studi di Salerno, Salerno, Italy
4
IMT School for Advanced Studies Lucca, Italy
Abstract
The advent of the digital twin paradigm marks a technological revolution, particularly within smart grid systems
enhanced by the Internet of Things (IoT). This study investigates the application of the PILAR tool for assessing
the potential cyber risk in a smart grid, leveraging digital twins for improved data management and system
performance. Our methodology, informed by standards such as ISO/IEC 27002:2022, the cybersecurity framework,
and GDPR, evaluates the security measures necessary for protecting these infrastructures. The effectiveness of
PILAR in risk and security control identification is underscored through a comparative analysis with current
literature, establishing a proactive risk management approach vital for the cyber-resilience of a smart grid.
Keywords
Cybersecurity, Digital Twin, Risk Assessment, Smart Grid
1. Introduction
Smart grids are a key part of today’s energy systems. They bring together efficiency, sustainability,
smart management, and energy distribution. Central to this innovation is the integration of Cyber-
Physical Systems (CPS) and the Internet of Things (IoT), with the Digital Twin (DT) concept significantly
enhancing the performance and operational intelligence of these systems. These virtual counterparts of
the physical grids play a crucial role in mirroring and managing the complexities of energy networks.
However, this advancement increases cybersecurity risks, as interconnected digital infrastructures
become more prevalent and critical in smart grids, making them targets for sophisticated cyber-attacks
with potentially wide-reaching implications [1].
Cyber-attacks on smart energy grids are a serious worldwide issue, as these grids are vital for
powering our homes, businesses, and critical services. These advanced and connected grids are at risk
of cyber threats, which could lead to large-scale power cuts, financial damage, and threats to national
safety. For instance, the cyber-attacks in Ukraine during 2015 and 2016 [2], [3], [4]. These attacks
caused extensive blackouts, affecting hundreds of thousands of people and exposing the fragility of
national power systems [5]. These attacks disrupt the power supply, pose risks to data privacy, and
undermine public trust in safeguarding essential services. Moreover, they threaten personal and national
security by exposing sensitive information, diminishing confidence in energy providers [6]. The use
of DTs in smart grids is widespread because it allows the application and testing of new experiments
without affecting mission-critical physical systems with the aid of Industry 4.0 and IoT. Simulation and
emulation of physical system components play a vital role in DT of smart grid [7]. However, it also
adds additional cyber risk to the smart grids.
In response to cyber risk, a detailed cybersecurity risk analysis of the DT of the smart grid needs to
be performed[8]. In the absence of such safeguards, cyber-criminals may compromise the integrity,
confidentiality, and availability of this system. It motivates the introduction of a comprehensive risk
assessment method specific to DT in smart grid using PILAR [9], a distinguished commercial tool
known for its adeptness in modeling complex grid infrastructures and evaluating various security risk
ITASEC 2024: The Italian Conference on CyberSecurity
$ mulualem.anley@unimi.it ( Mulualem Bitew Anley); otuekong.ekpo@imtlucca.it ( Otuekong Ekpo);
thewadaundagedara@unisa.it (T. M. H. Gedara)
© 2022 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0).
CEUR
ceur-ws.org
Workshop ISSN 1613-0073
Proceedings
�scenarios [10]. By enabling a proactive approach, PILAR allows grid operators to anticipate, prepare for,
and mitigate potential cyber threats effectively, thus reinforcing the security posture of smart grids.
The tool’s advanced algorithms are instrumental in assessing the likelihood and impact of different
cyber-attack types, aiding in prioritizing and implementing critical security measures. The analysis
highlights the vulnerabilities and potential threats looming over these sophisticated energy networks.
By leveraging the capabilities of DT in testing, monitoring, and standardizing security protocols within
smart grid environments, the study seeks to highlight the practical implications and challenges, thereby
emphasizing the imperative of fortifying the security framework of smart grids against the ever-evolving
landscape of cyber risks.
This paper’s primary focus is to thoroughly examine the smart grid infrastructure digital twin, with
particular emphasis on identifying potential threats and vulnerabilities. Subsequently, the study aims
to provide a comprehensive set of recommendations aimed at strengthening the security posture of the
smart grid digital twin systems. This is achieved through a critical assessment of the assets, identifying
the potential cyber threats, vulnerabilities, and security controls actioned to safeguard these critical
infrastructures. The remainder of the paper is structured as follows: section 2 provides related studies on
risk assessment in the implementation of the smart grid digital twin; section 3 presents our methodology
for risk assessment using PILAR. Section 4 presents the results of our findings from the risk assessment
and strategic recommendations for strengthening the cyber resilience of the smart grids in the face of
sophisticated cyber threats. Finally, section 5 concludes the paper and outlines the possible directions
for future research.
2. Related Works
The current body of research on cybersecurity risk assessment in smart grids is presented in this
section. A range of approaches and tools have been proposed to investigate the threats in smart grid
infrastructure.
In [11], the authors investigate the cyber-physical security aspects of a microgrid (the building block
of the smart grid) concerning their vulnerabilities and threat landscape. This is achieved through
a risk assessment exercise to evaluate the impact of risk on microgrid operations. In their findings,
they identify possible threats to the microgrid, which include physical attacks, eavesdropping and
interception attacks, and nefarious activities. Organizations, cyber criminals, insider threats, hacktivists,
nation-state actors, terrorists, and cyber-fighters were also identified as possible threat agents. However,
their study only offers theoretical insights into the threat landscape of the microgrid.
The authors in [12] address the challenges associated with the integration of ICT and its standards in
a smart grid. They offer a risk management framework based on the CAN/CSA Q-634-91 standard to
address both security and health risks associated with smart meters in a smart grid. The framework
follows a nine-step process that includes: risk identification, risk analysis, risk planning, risk prior-
itization, risk treatment, risk monitoring, risk evaluation, risk communication, and documentation.
They suggest that further studies are still required to efficiently guide resource allocations and optimize
practices at all levels of the smart grid platform to identify, measure, and minimize associated risks.
In another study, [13]carried out a cybersecurity risk assessment to methodically examine the impact
and likelihood of cyberattacks. They leverage the smart grid Information Security (SGIS) toolbox and
apply it to a voltage control and power flow optimization smart grid use case. To determine the security
level of an information asset, the toolbox uses a six-step procedure to arrive at its findings. In their
results, they assert that a smart grid’s operational behavior and related infrastructure may be affected by
compromising the integrity of information assets that are essential for voltage control. Also, they assert
that the impact of the availability of information assets is limited because grid protection measures
account for possible sensor failures. Importantly, they find that compromising the confidentiality of
essential assets, such as metering data, could have a significant impact on the Distribution System
Operator (DSO) under consideration, thereby impacting the population as a whole and resulting in
reputational damage for the operator. In [14], they investigate the applicability of tool-assisted threat
�Figure 1: Proposed methodology
modeling to the smart grid. In their study, they employ the Microsoft Threat Modeling Tool (MTMT) to
present a template that enables tool support for threat modeling of cyber security in the smart grid.
This template is characterized by four threat properties which include priority, loss of power, difficulties
in implementing mitigation, and affected systems. The strength of their study lies in the possibility of
using the template to reduce the problem of threat explosion that is often encountered during threat
modeling.
Similarly, [15] describes a framework for scenario-based risk assessment methodologies that employs a
multi-directed graph model to depict the asset-dependency model of smart grids. They achieve this by
first categorizing the assets and then developing a web-based tool for visualizing a graph-based model
of the assets and their dependencies.
A smart grid ontology with adversarial models and vulnerabilities is presented in [16]. They offer an
automated method for integrating the ontology with relevant entries from the Common Vulnerabilities
and Exposures (CVE) database, which is the industry-standard vulnerability knowledge base. This
leads to a deeper understanding that informs the establishment of security policies and vulnerability
assessments for smart grid systems.
Our work distinctively uses the PILAR risk assessment tool to assess the risk in a smart grid, leverag-
ing digital twins for improved data management and system performance. We follow a well-laid-out
methodology to examine risks across multiple dimensions, including confidentiality, integrity, availabil-
ity, authenticity, and traceability (accountability). Our approach is highly parameterizable, allowing
customization based on assets, asset dependencies, threat profiles, and security controls. It also sup-
ports quantitative and qualitative analysis, impact analysis, and business continuity. This approach,
leveraging PILAR with specific capabilities, provides a general yet practical and domain-dependent
methodology, distinguishing our work from the existing literature in the field.
3. Proposed Methodology
In this section, the step-by-step methodology followed in assessing the cyber risk of the smart grid using
PILAR software as a tool is presented. In state-of-the-art, the DT smart grid risk assessment is identified
as an interesting research area. As a use case scenario, the DT of Smart Microgrid Polygeneration (SPM)
in Savona Campus, Genoa [7, 17], has been selected to perform the risk assessment. However, the
study is conducted in a more general method covering the basic components of DT of the smart grid.
The proposed methodology consists of five steps, as shown in Fig 1 followed by the PILAR software.
Evaluation and identify critical areas of risk mitigation action needed. The following paragraph details
describe each step in the evaluation process.
�3.1. Identification of Assets and its Dependencies
In this phase of the risk assessment, forty-four (44) key assets were identified of SMP in Savona
Campus [7]. These assets comprise physical components (solar panels, batteries, turbines, etc.), software
components (SCADA data systems and energy management applications, etc.), as well as people
(operators, administrators, and technical staff). We also categorized and identified the roles that these
assets play, especially those that are mission-critical. For example, the data generated from the SCADA
is considered critical for real-time monitoring and control, whereas storage equipment for energy
is considered pivotal in maintaining an energy balance. Other critical assets identified were remote
access control devices, the main controlling system, and various internal services and communication
protocols. Additionally, the interdependence of the assets was also identified. For instance, the SCADA
system functions through a reliance on various interconnected components like servers, firewalls,
and communication lines. This holistic approach puts forward the complex nature of the network of
dependencies that characterize a typical smart grid. This can range from advanced control systems to
human resources to software, each contributing to the overall efficiency of this critical infrastructure.
3.2. Risk Evaluation of the Assets
In this phase, the dependencies of the assets were evaluated and earlier identified to evaluate them.
This valuation is necessary in providing an understanding of risk factors for each asset as well as that
of the entire system. Each asset is assessed based on five criteria: availability, integrity, confidentiality,
authenticity, and accountability as provided by the tool.
Due to their interconnected nature, we observe that the evaluation of one asset can have an impact
on other assets that depend on it. We consider this a butterfly effect as a threat to one asset can have an
impact on others dependent on it or otherwise, it depends. Similarly, this evaluation also takes into
cognizance factors such as recovery time, compliance with legal and regulatory obligations, security
measures, protection of commercial interests, potential activity disruption, maintenance of public
order, alignment with operational missions, management considerations, preservation of goodwill,
and support in crime prosecution efforts. The severity of the risk impact on the assets is categorized
using a numerical range of one (1) to ten (10). A rating of 10 indicates the highest potential impact,
while a rating of 1 suggests a negligible impact. This allows for a structured approach to assessing risk,
minimizing bias, and achieving consistent evaluation across asset categories. The tool also provides
for automated categories of assets such as essential assets, internal services, equipment, subcontracted
services, facilities, and personnel which is useful in this phase.
3.3. Threats Identification
After identifying potential risks, the threats posed to the system were evaluated by using the PILAR
tool to identify security threats with a particular focus on privacy, errors, unintentional failures, and
industrial risks which are typical of such systems. The threats identified are rated on a scale of zero (0)
to ten (10) as performed during the risk evaluation phase. Here, a rating of 10 represents a catastrophic
system failure, while 0 indicates the absence of a threat. This rating is however adjustable, allowing for
modification based on the evaluator’s insights.
In the study, the focus is on cybersecurity risk which results in the exclusion of potential threats
due to natural phenomena (such as earthquakes and volcanoes, etc.) The PILAR tool is invaluable in
providing insights into the likelihood (frequency) of each threat and its impact on the security objectives
of each asset. The security objectives include availability, integrity, confidentiality, privacy, user and
information authenticity, and accountability of service and data.
In this phase, threats have been identified which include, for instance, threats to the SCADA Data,
Such as software failure, hardware failure, malware diffusion, data misuse, and external attacks, each
with its frequency of occurrence. These threats significantly affect aspects like asset accessibility and
accountability. From the digital twin point of view, we identified threats related to remote access control.
�These threats include unauthorized access, identity masquerading, and abuse of access privileges, each
affecting integrity and availability to varying degrees.
Other risks, like system failures due to resource exhaustion or administrative errors, and the de-
liberate or accidental alteration of information, are also noted for their high frequency and impact.
By systematically evaluating these threats and their potential impacts, the PILAR tool facilitates an
extensive understanding of the risks associated with different assets. This understanding is crucial for
making informed decisions and developing effective mitigation strategies.
3.4. Risk Assessment
In this phase, the risk was assessed by using the PILAR tool to again categorize the risk into ten distinct
levels (0 - 9). It is also used to automatically generate other potential risks to the system, which can
be manually refined and adjusted based on the accumulated knowledge and prior evaluations. This
target level is informed by the ISO/IEC 27002:2022 Information Security Controls and Cybersecurity
framework/ The security risk of the system, an essential step following the comprehensive threat
analysis. Pilar plays a pivotal role in this phase by categorizing risks into ten distinct levels. These levels
range from 0, indicating negligible risk, to 9, denoting catastrophic failure. PILAR’s role extends beyond
mere risk categorization; it automatically generates potential risks, which can be manually refined and
adjusted based on accumulated knowledge and prior evaluations. This target level is informed by the
ISO/IEC 27002:2022 Information Security Controls and cybersecurity framework.
3.5. Risk Mitigation
Following the evaluation of risks associated with the digital twin, it is evident that most critical points
require targeted mitigation actions. To effectively address these, we adhere to the guidelines set forth by
ISO/IEC 27002:2022, the Cybersecurity Framework, and GDPR. These standards are crucial in guiding
our approach to cyber risk mitigation and mainly focus on a proactive approach to cybersecurity
risk management and protecting critical information from unauthorized access and loss instead of a
common standard for process control systems ISO/IEC 27019:2017. In this process, the PILAR tool plays
a significant role, providing essential recommendations for establishing a robust and resilient security
framework. These measures, as advised by PILAR, are not just suggestions but form the backbone of
our strategy to reinforce the security of the digital twin’s critical components.
4. Findings from the Risk Assessment
In this section, we present the results of the risk assessment methodology followed in using the PILAR
tool. We acknowledge the subjectivity of most risk assessment efforts which we recognize is mostly
dependent on the experience and knowledge of the analyst. However, in our experience, we are a group
of five (5) security specialists (evaluators) actively involved in this kind of exercise, therefore, biases are
reduced to the barest minimum.
4.1. Evaluating our Approach
All evaluators concur on the identification of 44 essential assets that constitute a comprehensive
representation of the smart grid’s digital twin. These assets span from physical components such
as solar panels, sensors, and turbines—represented in the digital environment through simulations.
Software elements like SCADA data systems and energy management applications, are emulated within
the digital twin framework. Additionally, ’pass-through’ assets that encompass the human element,
including operators, administrators, and technical staff, were considered crucial to the operation. A
pivotal part of this analysis was the categorization and assessment of each asset’s significance and role
within the system. For instance, SCADA data is critical for real-time monitoring and control, while
storage energy plays a pivotal role in energy balance. Other significant assets included remote access
�control and the main controlling system, along with various internal services and communication
protocols. The analysis also highlighted 62 interdependencies among these assets, with the SCADA
system’s functionality being particularly dependent on interconnected components such as servers,
firewalls, and communication lines.
Given the subjective nature of risk evaluation, especially concerning human factors, the assessments
were quantified based on each evaluator’s viewpoint. The consensus was that the SCADA system data
is critically vital, warranting the highest criticality rating and priority in the evaluation. Conversely,
the data associated with the turbine on and off functions were assigned the lowest values, as depicted
in Table 1. This critical asset evaluation is an essential part of the overall risk assessment, spotlighting
the data as highly vulnerable to attacks and instrumental in the operation of the digital twin of the
smart grid. This structured and professional approach to risk assessment ensures a balanced and
comprehensive evaluation, crucial for the strategic management and protection of the digital twin’s
key assets.
Asset [C] [I] [A] [Auth]
SCADA data 5 9 9 9
Storage energy 3 5 7 4
Remote access control 6 5 7 6
Main controlling system 9 7 9 7
Data about power Usage 6 5 7 5
Storage discharge 3 5 7 7
Turbine start 4 7 7 3
Turbine stop 4 7 7 3
Table 1
Risk assessment of assets based on different security categories.
After evaluating potential risks, threats to each asset are evaluated in the next stage. However,
here, we only consider cyber security threats and their frequency of occurrence. Table 2 shows the
most critical threat identified and the probable frequent attacks or threats that can occur. Table
2 presents the most significant threats, with masquerading of identity (52%), unauthorized access
(51%), and deliberate alteration of information (52%) ranking as the most frequently occurring. Other
considerable threats include abuse of access privileges (40%), manipulation of configuration files (31%),
and denial of service attacks (20%). Conversely, malware diffusion, software manipulation, defects in
software maintenance/updating, resource exhaustion-induced system failure, equipment loss or damage,
hardware failure, and third-party software information leaks are deemed to pose a less significant risk,
each with less than 15% likelihood of occurrence.
Threat Frequency of happen (%)
Unauthorized access 51
Masquerading of identity 42
Abuse of access privileges 40
Denial of service 20
Deliberate alteration of information 52
Manipulation of the configuration files 31
Defects in software maintenance/updating 17
Malware diffusion 15
Table 2
Critical threats and frequency of occurrence .
Based on the potential threat to each asset, the risk estimation is calculated as described in the
methodology. The systematic risk evaluation is done on each asset, as shown in Fig 2: the radar
chart. The outer layer represents each asset, which is a total of 53, and each level of the inner layer
represents the critical levels, indicating each asset’s risk level. The critical level description is shown in
�Fig2(a), which varies from catastrophic level(9) to negligible level(0). Moreover, the chart delineates
four distinct levels: the potential risk inherent to each asset, the current actual risk level, the target risk
level as determined by evaluators, and the recommended risk level as suggested by the PILAR tool. Our
assessment’s alignment with PILAR’s guidelines underscores the accuracy of our evaluation, aligning
closely with the standardized levels established by the tool’s framework.
Figure 2: Overall asset risk analysis: (a) Level of criticality defined by PILAR; (b) based on input, final
risk analysis of assets, current risk, potential risk target, and suggestion level from PILAR.
4.2. Security Controls for Risk Mitigation
In the experimental findings of the study on the PILAR tool’s capabilities in mitigating information
security risks, several critical areas of focus are identified, aligning with established standards such as
ISO/IEC 27002:2022, the Cybersecurity Framework, and the General Data Protection Regulation (GDPR)
2016.
1. Access control: The first critical area identified is access control. The experiments show that
effective risk mitigation involves comprehensive management of identities and credentials for all
authorized entities, including devices, users, and processes. Implementing principles such as least
privilege and separation of duties in access permissions management is emphasized. Additionally,
the authentication processes for users, devices, and assets are tailored to match the associated
risk levels.
2. Data and information security: The study highlights the importance of implementing robust
protections against data leaks in the realm of data security. This finding underscores the necessity
of safeguarding sensitive data from unauthorized access and potential breaches. The study also
points out the significance of information security, suggesting that organizations should formulate
and regularly review comprehensive information security policies. Effective management of
information security roles and responsibilities in the internal organization is deemed essential.
Moreover, segregating duties and properly handling information security incidents are crucial
elements.
3. Remote access and online services: For security control measures in remote access and
online services, the findings stressed adherence to business requirements for access control and
provisioning. The management of privileged access rights and the secure handling of secret
� authentication information are highlighted. Secure log-on procedures and controlled access to
program source code are also recommended.
4. Cryptography: In the field of cryptography, the implementation of cryptographic controls and
effective key management emerged as a key finding. This approach is essential for ensuring the
confidentiality and integrity of sensitive data.
5. Operational security: The Operations Security section of the study reveals the necessity
for well-documented operational procedures, encompassing change management and capacity
management. Additionally, protection against malware, backup strategies, and information
logging and monitoring are pivotal elements.
6. Communication security: Communications security is another crucial area, with the study
emphasizing network security management and ensuring network services’ security. Policies
and procedures for information transfer and electronic messaging are also considered essential.
The communication protocol needs to always be encrypted.
7. System acquisition, development and maintenance of digital twins: Lastly, in system
acquisition, development, and maintenance, ensuring security requirements in information
systems and secure development policies are vital. Policies include adhering to secure system
engineering principles and conducting thorough system security testing. By integrating these
comprehensive security control measures and adhering to the guidelines provided, organizations
can significantly enhance their information security posture. This approach effectively mitigates
risks and ensures a robust security framework in compliance with recognized industry standards
and regulations.
4.3. Comparison with the State of the Art
Proposed Method Rekik et.al [11] Lars et. al [14] Tefek et.al [16]
Malicious command in-
Access Control Physical threats Spoofing
jection
Unintentional data Malicious firmware or
Data Security Tampering
damage configuration
Unintentional data
Information Security Repudiation False data injection
damage
Remote Access and Online Ser- Interception, Hi- Information Disclo-
Remote Attack via VPN
vices jacking sure
Attacks via User Inter-
Cryptography Nefarious Activities Denial of Service
face
Elevation of Privi-
Operations Security - -
lege
Communications Security - - -
System Acquisition, Develop-
- - -
ment, and Maintenance
Table 3
Identified risks in digital twin smart grid.
Our findings not only show an intersection with some findings in the existing literature but also
expand upon it as given in Table 3. To the best of our knowledge, while studies into the cyber risk
assessment of the smart grid, leveraging digital twins for improved data management and system
performance was lacking in the literature, our work has now filled this gap by eliciting more domain-
dependent threats as well security controls to mitigate them. We provide a detailed comparative analysis
below.
Access control is universally acknowledged, with the literature citing physical threats, spoofing, and
malicious command injection as risks. The proposed approach more clearly details identified vulnera-
bilities and intensely emphasizes managing identities and credentials, along with robust authentication
procedures, which directly mitigates these threats by preventing unauthorized physical and digital
access.
� Data and information security are also covered and identified by other studies as a concern due
to unintentional data damage, tampering, and the potential for malicious firmware or configuration
changes. The study’s recommendation for robust data leak protections corresponds with the need for
preventative measures against such tampering and unauthorized modifications.
Remote access and online services risks, such as interception, hijacking, and remote attacks via VPN,
are met with the study’s control measures that include adherence to strict access control standards
and management of authentication information, thereby safeguarding against such interceptions and
unauthorized access. Communications security partially addresses issues such as eavesdropping in the
literature.
Even though other studies did not identify cryptography, our studies have now proposed this as
a direct response to nefarious activities, with the implementation of cryptographic controls and key
management providing a robust defense against threats to confidentiality and integrity. Also, our
findings on operations security offer an in-depth approach to mitigating the risk posed by malicious
actors. Documented procedures and malware protection are essential to safeguarding the integrity of
operational systems.
Finally, our findings on system acquisition, development, and maintenance provide a thorough
defense against the information disclosure, denial of service, and elevation of privilege risks identified
in the literature. Secure development policies and system security testing are crucial to prevent such
vulnerabilities. In summary, the study supports and extends the existing literature by offering specific
control measures to address the identified risks in smart grid systems. By implementing these control
measures, organizations can effectively mitigate the risks highlighted in this study.
5. Conclusion and Future Work
In this paper, we have systematically analyzed the security risk mitigation strategies proposed by the
PILAR tool within the context of digital twin smart grids, comparing our findings against existing
findings in the literature. Our findings reveal a significant correlation between the proposed methods and
the literature, with additional depth provided by PILAR’s adherence to updated international standards.
Moving forward, the focus for future work lies in addressing the emerging security risks associated
with digital twins, including the incorporation of predictive analytics and artificial intelligence to
anticipate and counteract potential cyber threats. This proactive stance is imperative as the complexity
and sophistication of digital twin systems evolve, demanding equally dynamic and resilient security
measures.
Acknowledgments
We extend our heartfelt gratitude to Prof. Paolo Prinetto, Prof. Stefania Tomasiello, and Prof. Pierangela
Samarati for their expert guidance and unwavering support throughout this study. We are also grateful
to the CINI Cybersecurity National Lab of Italy for providing essential information, and to the National
Ph.D. program in Cybersecurity at the IMT School for Advanced Studies Lucca for the opportunity to
undertake this research. Their collective expertise and encouragement have been instrumental to our
work.
References
[1] N. Tzanis, N. Andriopoulos, A. Magklaras, E. Mylonas, M. Birbas, A. Birbas, A hybrid cyber
physical digital twin approach for smart grid fault prediction, in: 2020 IEEE conference on
industrial cyberphysical systems (ICPS), volume 1, IEEE, 2020, pp. 393–397.
[2] J. E. Sullivan, D. Kamensky, How cyber-attacks in Ukraine show the vulnerability of the U.S. power
grid, The Electricity Journal 30 (2017) 30–35.
� [3] A. Bindra, Securing the Power Grid: Protecting Smart Grids and Connected Power Systems from
Cyberattacks, IEEE Power Electronics Magazine 4 (2017) 20–27.
[4] D. E. Whitehead, K. Owens, D. Gammel, J. Smith, Ukraine cyber-induced power outage: Analysis
and practical mitigation strategies, in: 2017 70th Annual Conference for Protective Relay Engineers
(CPRE), IEEE, 2017.
[5] M. Lehto, Cyber-attacks against critical infrastructure, in: Cyber Security: Critical Infrastructure
Protection, Springer, 2022, pp. 3–42.
[6] L. S. Gajanan, M. Kirar, M. Raju, Cyber-Attacks on Smart Grid System: A Review, in: 2022 IEEE
10th Power India International Conference (PIICON), IEEE, 2022.
[7] E. Russo, G. Costa, G. Longo, A. Armando, A. Merlo, Lidite: a full-fledged and featherweight
digital twin framework, IEEE Transactions on Dependable and Secure Computing (2023) 1–14.
doi:10.1109/TDSC.2023.3236798.
[8] T. Krause, R. Ernst, B. Klaer, I. Hacker, M. Henze, Cybersecurity in power grids: Challenges and
opportunities, Sensors 21 (2021) 6225.
[9] S. N. S. Agency, Ear/pilar- environment for the analysis of risk, 2004. URL: https://www.pilar-tools.
com/en/.
[10] H. Mokalled, C. Pragliola, D. Debertol, E. Meda, R. Zunino, A Comprehensive Framework
for the Security Risk Management of Cyber-Physical Systems, Springer International Publish-
ing, Cham, 2019, pp. 49–68. URL: https://doi.org/10.1007/978-3-319-95597-1_3. doi:10.1007/
978-3-319-95597-1_3.
[11] M. Rekik, Z. Chtourou, C. Gransart, A. Atieh, A cyber-physical threat analysis for microgrids, in:
2018 15th International Multi-Conference on Systems, Signals & Devices (SSD), IEEE, 2018, pp.
731–737.
[12] R. W. Habash, V. Groza, D. Krewski, G. Paoli, A risk assessment framework for the smart grid, in:
2013 IEEE Electrical Power & Energy Conference, IEEE, 2013, pp. 1–6.
[13] L. Langer, P. Smith, M. Hutle, Smart grid cybersecurity risk assessment, in: 2015 International
Symposium on Smart Electric Distribution Systems and Technologies (EDST), IEEE, 2015, pp.
475–482.
[14] L. H. Flå, R. Borgaonkar, I. A. Tøndel, M. G. Jaatun, Tool-assisted threat modeling for smart grid
cyber security, in: 2021 International Conference on Cyber Situational Awareness, Data Analytics
and Assessment (CyberSA), IEEE, 2021, pp. 1–8.
[15] A. Priyanka, A. Monti, Towards risk assessment of smart grids with heterogeneous assets, in:
2022 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe), IEEE, 2022,
pp. 1–6.
[16] U. Tefek, E. Esiner, C. Cheh, D. Mashima, A smart grid ontology: Vulnerabilities, attacks, and
security policies, in: 2023 IEEE Conference on Communications and Network Security (CNS),
IEEE, 2023, pp. 1–6.
[17] S. Bracco, M. Brignone, F. Delfino, R. Procopio, An energy management system for the savona
campus smart polygeneration microgrid, IEEE Systems Journal 11 (2017) 1799–1809. doi:10.1109/
JSYST.2015.2419273.
�