Substation Attack Surface Analysis

Technical Report (co-author)

As utilities modernize the grid, they will need to assess the security architecture, identify potential vulnerabilities that may be exploited by an attacker, and determine appropriate mitigation strategies. This can be a difficult task without the use of a security architecture methodology.

The purpose of this document is to define a security architecture methodology that may be implemented throughout the electric sector by utilities of all sizes – large Investor Owned Utilities (IOUs), municipalities, and cooperatives. There are several architecture frameworks that are currently available, and each includes unique terms and definitions. In general, these frameworks are intended to be used to develop the enterprise architecture, and not specifically a security architecture. The frameworks that focus on security architectures typically do not include an approach for analyzing the attack surface and identifying attack vectors and potential vulnerabilities that may be exploited. The focus of this document is to present a standardized security architecture methodology that has been applied to transmission and distribution substations that includes an approach for analyzing the attack surface and reference architecture diagrams. This is the second version of this methodology. This document is a companion document to EPRI’s Substation Security Architecture Reference Diagrams, Version 1.0 (3002009519, December 2016).