Smart grid cybersecurity risk assessment

As much as possible, it is important that the smart grid is secure from cyber-attacks. A vital part of ensuring the security of smart grids is to perform a cybersecurity risk assessment that methodically examines the impact and likelihood of cyber-attacks. Based on the outcomes of a risk assessment, security requirements and controls can be determined that inform architectural choices and address the identified risks. Numerous high-level risk assessment methods and frameworks are applicable in this context. A method that was developed specifically for smart grids is the Smart Grid Information Security (SGIS) toolbox, which we applied to a voltage control and power flow optimization smart grid use case. The outcomes of the assessment indicate that physical consequences could occur because of cyber-attacks to information assets. Additionally, we provide reflections on our experiences with the SGIS toolbox, in order to support others in the community when implementing their own risk assessment for the smart grid.