{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,27]],"date-time":"2025-03-27T19:43:54Z","timestamp":1743104634673,"version":"3.40.3"},"publisher-location":"Cham","reference-count":28,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030954833"},{"type":"electronic","value":"9783030954840"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,2,8]],"date-time":"2022-02-08T00:00:00Z","timestamp":1644278400000},"content-version":"vor","delay-in-days":38,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>The energy system is going through huge transformation to integrate distributed renewable generation and to achieve the goals of net-zero carbon emissions. This involves a significant adjustment to how the system is controlled and managed, with increasing digitalisation of technology and growing complexities across interconnected systems. Traditionally electricity networks adjusted their supply of energy in response to changes in demand. The future energy system will require more flexible demand to be able to use or store energy when renewables are generating. This change is exacerbated by additional demand for electricity for heat and transport uses.<\/jats:p><jats:p>Utility organisations hold responsibility for securing their networks and assuring the supply of electricity. This paper describes a full investigation of cybersecurity issues and concerns for utilities. This industry review was carried out to create a clear organisational context for the ongoing design of cybersecurity improvements. The assessment of potential impact and consequences of cyber-attack is recommended to direct necessary preparations towards protecting essential functions and processes. Improving resilience across interdependent actors is discussed and resilience measures suggested to guide the contributions of different actors towards whole system resilience.<\/jats:p>","DOI":"10.1007\/978-3-030-95484-0_22","type":"book-chapter","created":{"date-parts":[[2022,2,7]],"date-time":"2022-02-07T10:05:46Z","timestamp":1644228346000},"page":"384-402","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Organisational\u00a0Contexts\u00a0of Energy Cybersecurity"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6252-6783","authenticated-orcid":false,"given":"Tania","family":"Wallis","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6070-3192","authenticated-orcid":false,"given":"Greig","family":"Paul","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2078-6517","authenticated-orcid":false,"given":"James","family":"Irvine","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,2,8]]},"reference":[{"key":"22_CR1","unstructured":"Hurst, W., Merabti, M., Fergus, P.: A survey of critical infrastructure security. In: Butts, J., Shenoi, S. (eds) Critical Infrastructure Protection VIII. ICCIP 2014. IFIP Advances in Information and Communication Technology, vol. 441. Springer, Berlin (2014)"},{"key":"22_CR2","unstructured":"Glaser, B.G.: Theoretical sensitivity (1978)"},{"key":"22_CR3","doi-asserted-by":"publisher","first-page":"85","DOI":"10.1007\/s12198-018-0193-1","volume":"11","author":"M Burns","year":"2018","unstructured":"Burns, M.: Participatory operational and security assessment on homeland security risks: an empirical research method for improving security beyond the borders through public\/private partnerships. J. Transp. Secur. 11, 85\u2013100 (2018). https:\/\/doi.org\/10.1007\/s12198-018-0193-1","journal-title":"J. Transp. Secur."},{"issue":"11","key":"22_CR4","doi-asserted-by":"publisher","first-page":"1161","DOI":"10.1016\/0277-9536(90)90256-R","volume":"30","author":"K Charmaz","year":"1990","unstructured":"Charmaz, K.: Discovering chronic illness: using grounded theory. Soc. Sci. Med. 30(11), 1161\u20131172 (1990)","journal-title":"Soc. Sci. Med."},{"issue":"38","key":"22_CR5","doi-asserted-by":"publisher","first-page":"835","DOI":"10.1017\/S0260210511000751","volume":"2012","author":"GH Gj\u00f8rv","year":"2012","unstructured":"Gj\u00f8rv, G.H.: Security by any other name: negative security, positive security, and a multi-actor security approach. Rev. Int. Stud. 2012(38), 835\u2013859 (2012). https:\/\/doi.org\/10.1017\/S0260210511000751","journal-title":"Rev. Int. Stud."},{"key":"22_CR6","doi-asserted-by":"publisher","first-page":"56","DOI":"10.1016\/j.futures.2016.02.002","volume":"77","author":"R Bradfield","year":"2016","unstructured":"Bradfield, R., Derbyshire, J., Wright, G.: The critical role of history in scenario thinking: Augmenting causal analysis within the intuitive logics scenario development methodology. Futures 77, 56\u201366 (2016). https:\/\/doi.org\/10.1016\/j.futures.2016.02.002","journal-title":"Futures"},{"key":"22_CR7","volume-title":"Cyber Security Engineering","author":"NR Mead","year":"2017","unstructured":"Mead, N.R., Woody, C.C.: Cyber Security Engineering. Addison-Wesley, A Practical Approach for Systems and Software Assurance (2017)"},{"key":"22_CR8","unstructured":"Van der Heijden, K., Bradfield, R., Burt, G., Cairns, G. and Wright, G.: The sixth sense: Accelerating organizational learning with scenarios, John Wiley & Sons (2009)"},{"key":"22_CR9","unstructured":"National Grid ESO. Future Energy Scenarios (2021). https:\/\/www.nationalgrideso.com\/future-energy\/future-energy-scenarios\/fes-2021"},{"key":"22_CR10","unstructured":"Dos Santos, D., Dashevskyi, S., Wetzel, J.: Amnesia: 33 How TCP\/IP Stacks Breed Critical Vulnerabilities in IoT, OT and IT Devices. Forescout Research Labs (2021). https:\/\/www.forescout.com\/research-labs\/amnesia33\/"},{"key":"22_CR11","unstructured":"Piccalo, M.: How to Use Asset Management as the Foundation for OT Network Segmentation, Forescout, 21 10 2019. https:\/\/www.forescout.com\/company\/blog\/how-to-use-asset-management-as-the-foundation-for-ot-network-segmentation\/. Accessed 26 July 2021"},{"key":"22_CR12","unstructured":"Forum of Incident Response and Security Teams. Common Vulnerability Scoring System version 3.1: Specification Document, June 2019. https:\/\/www.first.org\/cvss\/specification-document#Environmental-Metrics. Accessed 26 July 2021"},{"key":"22_CR13","unstructured":"OfGem. Investigation into 9 August 2019 power outage (2019). https:\/\/www.ofgem.gov.uk\/publications-and-updates\/investigation-9-august-2019-power-outage"},{"key":"22_CR14","unstructured":"Department for Business Energy and Industrial Strategy, \u201cDistributed Energy Resources - Cyber Security Connection Guidance,\u201d Energy Networks Association (2020). https:\/\/www.energynetworks.org\/industry-hub\/resource-library\/distributed-energy-resources-(der)-cyber-security-connection-guidance.pdf"},{"key":"22_CR15","doi-asserted-by":"publisher","DOI":"10.4324\/9780367491161","volume-title":"Countering Cyber Sabotage","author":"AA Bochman","year":"2021","unstructured":"Bochman, A.A., Freeman, S.: Countering Cyber Sabotage. CRC Press, Boca Raton (2021)"},{"key":"22_CR16","unstructured":"Bochman, A.: The End of Cybersecurity, Harvard Business Review https:\/\/store.hbr.org\/product\/the-end-of-cybersecurity\/BG1803"},{"key":"22_CR17","unstructured":"National Grid ESO. Bridging the Gap to Net Zero March 2021. https:\/\/www.nationalgrideso.com\/future-energy\/future-energy-scenarios\/bridging-the-gap-to-net-zero. Accessed 27 July 2021"},{"key":"22_CR18","unstructured":"European Commission. Data protection impact assessment for smart grid and smart metering environment 27 September 2018. https:\/\/ec.europa.eu\/energy\/topics\/markets-and-consumers\/smart-grids-and-meters\/smart-grids-task-force\/data-protection-impact-assessment-smart-grid-and-smart-metering-environment_en#dpia-template-and-users. Accessed 27 July 2021"},{"key":"22_CR19","unstructured":"Congr\u00e8s International des R\u00e9seaux Electriques de Distribution, RESILIENCE OF DISTRIBUTION GRIDS WORKING GROUP, in International Conference on Electricity Distribution 31.05.2018. http:\/\/cired.net\/cired-working-groups\/resilience-of-distribution-grids"},{"issue":"5","key":"22_CR20","doi-asserted-by":"publisher","first-page":"2444","DOI":"10.1109\/TSG.2015.2432013","volume":"6","author":"R Liu","year":"2015","unstructured":"Liu, R., Vellaithurai, C., Biswas, S.S., Gamage, T.T., Srivastava, A.K.: Analyzing the Cyber-Physical Impact of Cyber Events on the Power Grid. IEEE Trans. Smart Grid 6(5), 2444\u20132453 (2015). https:\/\/doi.org\/10.1109\/TSG.2015.2432013","journal-title":"IEEE Trans. Smart Grid"},{"key":"22_CR21","doi-asserted-by":"publisher","unstructured":"Yang, Y., Littler, T., Sezer, S., McLaughlin, K. and Wang, H.F.: Impact of cyber-security issues on Smart Grid. In: 2nd IEEE PES International Conference and Exhibition on Innovative Smart Grid Technologies, pp. 1\u20137 (2011). https:\/\/doi.org\/10.1109\/ISGTEurope.2011.6162","DOI":"10.1109\/ISGTEurope.2011.6162"},{"key":"22_CR22","unstructured":"Energy Networks Association. Open Networks Future Worlds. Developing change options to facilitate energy decarbonisation, digitisation and decentralisation, 31 July 2018 https:\/\/www.energynetworks.org\/assets\/images\/Resource%20library\/ON18-WS3-14969_ENA_FutureWorlds_AW06_INT%20(PUBLISHED).pdf. Accessed 27 July 2021"},{"key":"22_CR23","unstructured":"US Department of Energy. Office of Electricity, Electricity Subsector Cybersecurity Capability Maturity Model v. 1.1., February 2014. https:\/\/www.energy.gov\/oe\/downloads\/electricity-subsector-cybersecurity-capability-maturity-model-v-11-february-2014. Accessed 27 July 2021"},{"key":"22_CR24","unstructured":"Cisco. Cisco 2018 Annual Cybersecurity Report. https:\/\/www.cisco.com\/c\/en_uk\/products\/security\/security-reports.html#~more-reports"},{"key":"22_CR25","doi-asserted-by":"crossref","unstructured":"Allen, J.H., Curtis, P.D., Gates, L.P.: Using Defined Processes as a Context for Resilience Measures. Software Engineering Institute. Carnegie Mellon University, December 2011. https:\/\/apps.dtic.mil\/sti\/pdfs\/ADA610464.pdf","DOI":"10.21236\/ADA610464"},{"issue":"6","key":"22_CR26","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1080\/07366981.2011.643192","volume":"44","author":"J Allen","year":"2011","unstructured":"Allen, J.: Measures for managing operational resilience. EDP Audit, Control, Secur. 44(6), 1\u20136 (2011). https:\/\/doi.org\/10.1080\/07366981.2011.643192","journal-title":"EDP Audit, Control, Secur."},{"key":"22_CR27","unstructured":"Whyte, W.F.: Learning from the Field. A guide from experience, Sage Publications (1984)"},{"key":"22_CR28","doi-asserted-by":"publisher","unstructured":"Beech, N., Arber, A., Faithfull, S.: Restoring a sense of wellness following colorectal cancer: a grounded theory. J. Adv. Nurs. 68(5), 1134\u20131144 (2012). https:\/\/doi.org\/10.1111\/j.1365-2648.2011.05820.x","DOI":"10.1111\/j.1365-2648.2011.05820.x"}],"container-title":["Lecture Notes in Computer Science","Computer Security. ESORICS 2021 International Workshops"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-95484-0_22","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,2,7]],"date-time":"2022-02-07T10:10:26Z","timestamp":1644228626000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-95484-0_22"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783030954833","9783030954840"],"references-count":28,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-95484-0_22","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"8 February 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"ESORICS","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"European Symposium on Research in Computer Security","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Darmstadt","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Germany","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"4 October 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"8 October 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"26","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"esorics2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/esorics2021.athene-center.de\/index.php","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"351","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"71","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"20% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3.07","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"6.06","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to the COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}