RISKS AND CONSEQUENCES OF CYBER- ATTACKS AFFECTING DSO'S AND ELECTRICAL SUPPLIER’S BUSINESS PROCESSES IN THE SUPPLIER CENTRIC MODEL

Abstract: There has been a motivated desire from different power system operators to have more systems embedded in computing and networking due to the great advantages of adding new capabilities that wasn't before possible. These advantages increased the power system’s up-time, performance and reduced its maintenance but opened a world of possible cyber-attacks. In January 2016, the Ukrainian electricity infrastructure suffered the first power outage caused by destructive malware that left hundreds and thousands of end-users without electricity during the Christmas holidays. Malicious malware are starting to cover cyber-physical systems that connect the physical technical equipment with the networked computational resources. One of these resources, which are currently being further developed, involves futuristic procedures for the electrical billing process. This means that data corruption could lead to both economical and physical consequences, leading to a decrease of the public's trust on metering equipments, the overall smart grid concept and the electricity market actors. The Nordic and Swedish electricity market is under transition to the Supplier Centric Model (SCM), a new market model, which facilitates the billing and payment towards the end-users and the interactions between electrical suppliers and Distribution System Operators (DSO). This model uses a centralized data service hub for information exchange that is owned and operated by the Swedish Transmission System Operator (TSO). Vattenfall IT has thus jointly with the department of Electric Power and Energy systems (EPE) at KTH launched this master thesis that focuses on the risks and consequences caused by cyber-attacks in the SCM. An adversary may cause unwanted actions by business process hacking or knowledge-based hacking by analyzing the business processes maps within the SCM One of the aims of the thesis was to identify the business process vulnerabilities and events of the DSO's and supplier’s business processes in the SCM if the system was under attack and when the power system operator was unaware that the presented data was corrupted. The outcome of the thesis will help improve the business process resilience against cyber-attacks thus leading to an increased trust in the SCM from the general public. Different related attack-scenarios (AS) were investigated to provide a generic solution for improvements to all relevant business service actors. The risks and consequences were found, analyzed and used for developing suggestive improvements for the Billing Business Process (BBP).