A Comprehensive Threat Modelling Analysis for Distributed Energy Resources

The exponential rise in popularity of Distributed Energy Resources (DERs) is attributed to their numerous benefits within the power sector. However, the risks that new DERs pose to the power grid have not yet been closely assessed, exposing a gap in the literature. This paper addresses this gap by presenting a comprehensive threat model of the DER architecture, combining the MITRE ATT&CK catalogue for Industrial Control Systems (ICS), and the IDDIL/ATC threat model, to create a hybrid approach. Our first contribution is to propose criteria derived from seven metrics to evaluate and compare the efficacy and usability of threat modelling frameworks for DER systems, allowing more informed framework selection. Our second contribution is to develop a comprehensive hybrid threat modelling approach based on IDDIL/ATC and MITRE ATT&CK and organise attack paths chronologically using the Cyber Kill Chain methodology to categorise attacker techniques. Our third contribution is to perform a comprehensive DER architecture system decomposition, elaborating assets, trust levels, entry points, data, protocols, and entity relations to identify the threat landscape. Our final contribution is to apply the proposed approach to the Distribution System Operator (DSO), mapping potential attacker techniques and illustrating a ransomware attack chain on the DSO’s Energy Management System, with proposed mitigations.