Mitigating Cyber Threats in Smart Energy Subsystems Using Safety Critical Analysis Techniques

Smart Energy Systems are highly dependent on the availability of information communication technologies to provide reliable service to consumers. Cyber threats are among the most highly rated risks that could jeopardise the operation of modern energy systems. In this paper In this paper, we analyse the security of the Smart Energy subsystem, namely Great Britain Advanced Metering Infrastructure (AMI), using safety analytical techniques. The security of AMI has high importance, as it reaches into a large majority of residential, commercial and industrial customers. Thus, any cyber-attack on the AMI system can cause damages to the energy grid of varying severity. The Current practice in the security of smart energy system is based on single problems where each security issue is studied or investigated in isolations. However, in this paper, we study the AMI system as a whole system and not a single component or function. We provide a novel approach by using safety analytical techniques for AMI systems, which enables us to mitigate the threats and provide probability analysis of any given scenario. To achieve that we use event tree analysis, fault tree analysis, and binary decision diagrams to foresee the threats and possible implications. To analyse the security of the smart energy sub-systems we use attack trees and combine the results with binary decision diagrams to mitigate the threats in the system by providing protection measures against identified cyber threats. We also provide a novel approach to quantify the probability of causes based on the combined results of attack trees and binary decision diagrams.