{"title":"Fostering security research in the energy sector: A validation of open source intelligence for power grid model data","authors":"","doi":"10.1016/j.cose.2024.104042","DOIUrl":null,"url":null,"abstract":"<div><p>Cyber attacks against power grids, interrupting utility service and causing blackouts are on the rise, and increasingly motivate researchers to investigate this topic. Thereby, models of real-world power grids are an indispensable prerequisite, but operators do not make them available, allegedly for reasons of protection. This security-by-obscurity strategy appears futile as grid artifacts (lines, plants, substations) are large and cannot be easily hidden. It seems promising to infer real-world model data from publicly available data, and indeed, multiple models were generated through Open Source Intelligence (OSINT). Questions on the models’ quality remain, however, open but are of utter importance for research building on these models, especially as the results might have considerable impact on society and national security. This paper approaches this particular point and investigates whether OSINT leads to data on real-world power grids of sufficient quality; by the example of the European country of Austria, we investigate whether all parameters that are relevant for power flow analysis, a standard approach in power engineering, can be inferred from publicly available data (OpenStreetMap, national statistics, etc.), and validate this data against ground truths, including governmental land use plans, Google Street View and the power sector’s information material. Our validation shows that the inferred data meets reality well — among others, the extra-high voltage level is 100% (lines) rsp. 98% (substations) complete. Beyond, the inferred data is up-to-date as the construction of lines or substations is always documented in OSM, in 76% of the cases even before finalization of the construction works. An analysis of 24 other European countries revealed that electric systems, substations, and power plants are documented in OSM to a similar extent as in Austria, motivating the application of our approach also to these countries. The contribution of our OSINT-based approach is twofold: First, it facilitates the development of models of real-world power grids, fostering research and discussion that is independent of the power grid operators, in the security domain and beyond. Second, our method represents an attack itself, challenging the energy sector’s security-by-obscurity approach.</p></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":null,"pages":null},"PeriodicalIF":4.8000,"publicationDate":"2024-08-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S016740482400347X/pdfft?md5=522880a5fc919ec2227cfbfbeb5e4de3&pid=1-s2.0-S016740482400347X-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S016740482400347X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Cyber attacks against power grids, interrupting utility service and causing blackouts are on the rise, and increasingly motivate researchers to investigate this topic. Thereby, models of real-world power grids are an indispensable prerequisite, but operators do not make them available, allegedly for reasons of protection. This security-by-obscurity strategy appears futile as grid artifacts (lines, plants, substations) are large and cannot be easily hidden. It seems promising to infer real-world model data from publicly available data, and indeed, multiple models were generated through Open Source Intelligence (OSINT). Questions on the models’ quality remain, however, open but are of utter importance for research building on these models, especially as the results might have considerable impact on society and national security. This paper approaches this particular point and investigates whether OSINT leads to data on real-world power grids of sufficient quality; by the example of the European country of Austria, we investigate whether all parameters that are relevant for power flow analysis, a standard approach in power engineering, can be inferred from publicly available data (OpenStreetMap, national statistics, etc.), and validate this data against ground truths, including governmental land use plans, Google Street View and the power sector’s information material. Our validation shows that the inferred data meets reality well — among others, the extra-high voltage level is 100% (lines) rsp. 98% (substations) complete. Beyond, the inferred data is up-to-date as the construction of lines or substations is always documented in OSM, in 76% of the cases even before finalization of the construction works. An analysis of 24 other European countries revealed that electric systems, substations, and power plants are documented in OSM to a similar extent as in Austria, motivating the application of our approach also to these countries. The contribution of our OSINT-based approach is twofold: First, it facilitates the development of models of real-world power grids, fostering research and discussion that is independent of the power grid operators, in the security domain and beyond. Second, our method represents an attack itself, challenging the energy sector’s security-by-obscurity approach.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.