Is a Smarter Grid Also Riskier?

  • Karin Bernsmed
  • Martin Gilje JaatunEmail author
  • Christian Frøystad
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11738)


The smart grid evolution digitalizes the traditional power distribution grid, by integrating information communication technology into its operation and control. A particularly interesting challenge is the integration of grid topology monitoring and decision support systems with the remote control of breakers in the grid and at the subscribers’ premises. In this paper we outline and discuss the results from a recent information security risk assessment of such an integrated system.


Smartgrid Cyber security Risk assessment 



This paper is based on a risk assessment assignment performed for NVE, and further developed as part of the RCN FME Cineldi research centre, project no. 257626 (


  1. 1.
    Cherepanov, A., Lipovsky, R.: Industroyer: Biggest threat to industrial control systems since stuxnet. WeLiveSecurity by eset (2017).
  2. 2.
    Cleveland, F.: Cyber security issues for advanced metering infrastructure (AMI), pp. 1–5 (2008)Google Scholar
  3. 3.
  4. 4.
    Frøystad, C., Jaatun, M.G., Bernsmed, K., Moe, M.: ROS-analyse AMS-DMS-SCADA - risikoanalyse av økt integrasjon mellom AMS, DMS og SCADA. Technical report, 2018:01083, SINTEF Digital (2018).
  5. 5.
    Goel, S., Hong, Y.: Security challenges in smart grid implementation. Smart Grid Security. SC, pp. 1–39. Springer, London (2015). Scholar
  6. 6.
    Hawk, C., Kaushiva, A.: Cybersecurity and the smarter grid. Electricity J. 27(8), 84–95 (2014). Scholar
  7. 7.
    ISO: Information technology - security techniques - information security risk management. ISO/IEC Standard 27005:2018 (2018).
  8. 8.
    Lee, R.M., Assante, M.J., Conway, T.: Analysis of the cyber attack on the Ukrainian power grid, defense use case. SANS ICS and E-ISAC white paper (2016).
  9. 9.
    Norges vassdrags- og energidirektorat: Veiledning i risiko- og sårbarhetsanalyser for kraftforsyningen. Technical report, Norges vassdrags- og energidirektorat (2010).
  10. 10.
    Otuoze, A.O., Mustafa, M.W., Larik, R.M.: Smart grids security challenges: classification by sources of threats. J. Electrical Syst. Inf. Technol. 5(3), 468–483 (2018). Scholar
  11. 11.
    Pietre-Cambacedes, L., Tritschler, M., Ericsson, G.N.: Cybersecurity myths on power control systems: 21 misconceptions and false beliefs. IEEE Trans. Power Deliv. 26(1), 161–172 (2011)CrossRefGoogle Scholar
  12. 12.
    Sanjab, A., Saad, W., Güvenç, I., Sarwat, A.I., Biswas, S.: Smart grid security: threats, challenges, and solutions. CoRR abs/1606.06992 (2016).
  13. 13.
    Shostack, A.: Experiences threat modeling at Microsoft. In: Proceedings of the Workshop on Modeling Security (MODSEC08). CEUR Workshop Proceedings (2008).
  14. 14.
    Skapalen, F., Jonassen, B.: Veileder til sikkerhet i avanserte måle- og styringssystem. Technical report, Norges vassdrags- og energidirektorat (2012).
  15. 15.
    Symantec Security Response: Dragonfly: Cyberespionage attacks against energy suppliers (2014).

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Karin Bernsmed
    • 1
  • Martin Gilje Jaatun
    • 1
    Email author
  • Christian Frøystad
    • 2
  1. 1.SINTEF DigitalTrondheimNorway
  2. 2.Secure PracticeTrondheimNorway

Personalised recommendations