Modelling SCADA and corporate network of a medium voltage power grid under cyber attacks

There is an increasing concern over the cyber security of Critical Infrastructures (CI) due to the increasing ability of cyber attackers to cause even catastrophic failures. It is mainly due to the pervasiveness of ICT (Information and Communication Technologies) and to the consequent de isolation of SCADA (Supervision, Control and Data Acquisition) system, which represents the nervous system of most CIs. Cyber attacks could block the connection between SCADA Control Centre and its remote devices or insert fake commands/measurements in the equipment communications. With reference to an actual case study, constituted by a SCADA system controlling a portion of a medium voltage power grid and a corporate network, we discuss how cyber threats, vulnerabilities and attacks might degrade the functionalities of SCADA and corporate network, which, in turn, might lead to outages of the electrical grid. We represent SCADA and corporate network under malware propagation, Denial of Service and Man In The Middle attacks and predict their consequent performance degradation. Particularly, we use NetLogo to identify possible malware propagation in relation to SCADA & corporate security policies adopted from the utility and NS2 simulator to compute the consequences of the attacks on SCADA and in turn on power grid.