Practical Risk Assessment Using a Cumulative Smart Grid Model

Due to the massive increase of green energy, today’s power grids are in an ongoing transformation to smart grids. While traditionally ICT technologies were utilized to control and monitor only a limited amount of grid systems down to the station level, they will reach billions of customers in near future. One of the downsides of this development is the exposure of previously locked down communication networks to a wide range of potential attackers. To mitigate the risks involved, proper risk management needs to be in place. Together with leading manufacturers and utilities, we focused on European smart grids and analyzed existing security standards in the Smart Grid Security Guidance (SG)2 project. As our study showed that these standards are of limited practical use to utilities, we developed a cumulative smart grid architecture model in a joint approach with manufacturers and utilities to represent both current and future European smart grids. Based on that model, we developed a practical, light-weight risk assessment methodology covering a wide range of potential threats that have been evaluated and refined in course of expert interviews with utility providers and