kth.sePublications KTH
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Application and Evaluation of a Substation Threat Modeling Language for Automatic Attack Graph Generation
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.ORCID iD: 0000-0002-9546-9463
KTH, School of Electrical Engineering and Computer Science (EECS), Computer Science, Network and Systems Engineering.ORCID iD: 0000-0003-3922-9606
2025 (English)In: Proceedings 2025 IEEE International Conference on Cyber Security and Resilience (CSR), Institute of Electrical and Electronics Engineers (IEEE) , 2025, p. 578-585Conference paper, Published paper (Refereed)
Abstract [en]

The substation plays an important role in the electric grid and can transform voltage when distributing electricity, as well as serve other functions. The modern substation is a Cyber-Physical System, which inherently makes it complex and vulnerable to cybersecurity threats. Two methods for assessing cybersecurity are the use of threat models that give an overview of the potential threats of a system and attack graphs that can give details of potential paths of an attack. In this paper, we describe a parser for automatically creating threat models and attack graphs of a substation by using a threat modeling language for Substation Automation Systems and the configuration files of substations according to IEC 61850. By modeling attack scenarios and discussing the automatically generated attack graphs with experts in the industry, we were able to evaluate the threat modeling language and show how it can be used to generate accurate attack scenarios.
Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE) , 2025. p. 578-585
Keywords [en]
threat modeling, attack graph, cybersecurity, cyber physical system, energy system, substation automation system
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:kth:diva-369672DOI: 10.1109/csr64739.2025.11130119ISI: 001575967100086Scopus ID: 2-s2.0-105016258994OAI: oai:DiVA.org:kth-369672DiVA, id: diva2:1997492
Conference
2025 IEEE International Conference on Cyber Security and Resilience (CSR), Chania, Crete, Greece, 04-06 August 2025
Note

QC 20250912

Available from: 2025-09-12 Created: 2025-09-12 Last updated: 2026-05-29Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Rencelj Ling, EnglaEkstedt, Mathias

Search in DiVA

By author/editor
Rencelj Ling, EnglaEkstedt, Mathias
By organisation
Network and Systems Engineering
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 103 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.47.0
|
WCAG
|
KTH Library
|
DiVA support
|
Register in DiVA
|
Posting your thesis
|
SwePub
|
About Open Access