Abstract
We have in an earlier study proposed a set of requirements and an approach to identification and modelling of cybersecurity risks and their impacts on safety, within the context of smart power grids. The approach, which consisted of a process and a modelling language, was a partially customized version of the existing “CORAS” risk-analysis approach. As a part of the study, feasibility of the approach was evaluated by applying it on an industrial pilot for so-called self-healing functionality of a smart power grid. The results obtained were promising, but further empirical evaluation was strongly needed in order to further assess usefulness and applicability of the approach in the context of smart power grids. This paper provides a detailed account of results of applying the same approach to cybersecurity risk identification and modelling in the context of another smart grid pilot, namely digital secondary substations. The trial was conducted in a real setting, in the form of an industrial case study, in close collaboration with the major Norwegian distribution system operator that has been running the pilot for about two years. The evaluation indicates that the approach can be applied in a real setting to identify and model cybersecurity risks. The experiences from the case study moreover show that the presented approach is, to a large degree, well suited for its intended purpose, but it also points to areas in need for improvement and further evaluation.