{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,2]],"date-time":"2026-01-02T07:29:56Z","timestamp":1767338996624,"version":"3.41.0"},"reference-count":45,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2024,10,31]],"date-time":"2024-10-31T00:00:00Z","timestamp":1730332800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Cyber-Phys. Syst."],"published-print":{"date-parts":[[2024,10,31]]},"abstract":"The exponential rise in popularity of distributed energy resources (DERs) is attributed to their numerous benefits within the power sector. However, the risks that new DERs pose to the power grid have not yet been closely assessed, exposing a gap in the literature. This article addresses this gap by presenting a comprehensive threat model of the DER architecture, combining the MITRE ATT&CK catalogue for industrial control systems (ICS), and the IDDIL\/ATC threat model, to create a hybrid approach. Our first contribution is to propose criteria derived from seven metrics to evaluate and compare the efficacy and usability of threat modelling frameworks for DER systems, allowing more informed framework selection. Our second contribution is to develop a comprehensive hybrid threat modelling approach based on IDDIL\/ATC and MITRE ATT&CK and organise attack paths chronologically using the cyber kill chain methodology to categorise attacker techniques. Our third contribution is to perform a comprehensive DER architecture system decomposition, elaborating assets, trust levels, entry points, data, protocols, and entity relations to identify the threat landscape. Our final contribution is to apply the proposed approach to the distribution system operator (DSO), mapping potential attacker techniques and illustrating a ransomware attack chain on the DSO's Energy Management System, with proposed mitigations.<\/jats:p>","DOI":"10.1145\/3678260","type":"journal-article","created":{"date-parts":[[2024,7,17]],"date-time":"2024-07-17T16:19:56Z","timestamp":1721233196000},"page":"1-32","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":3,"title":["A Comprehensive Threat Modelling Analysis for Distributed Energy Resources"],"prefix":"10.1145","volume":"8","author":[{"ORCID":"https:\/\/orcid.org\/0009-0004-1313-9842","authenticated-orcid":false,"given":"Neel","family":"Bhaskar","sequence":"first","affiliation":[{"name":"University of New South Wales, Sydney, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4886-3510","authenticated-orcid":false,"given":"Jawad","family":"Ahmed","sequence":"additional","affiliation":[{"name":"University of New South Wales, Australia and Cyber Security Cooperative Research Centre (CSCRC), Perth, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5935-0062","authenticated-orcid":false,"given":"Rahat","family":"Masood","sequence":"additional","affiliation":[{"name":"University of New South Wales, Sydney, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-8169-040X","authenticated-orcid":false,"given":"Nadeem","family":"Ahmed","sequence":"additional","affiliation":[{"name":"University of New South Wales, Sydney, Australia and Cyber Security Cooperative Research Centre (CSCRC), Perth, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0009-0001-4262-8969","authenticated-orcid":false,"given":"Stephen","family":"Kerr","sequence":"additional","affiliation":[{"name":"Jemena, Melbourne, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1844-1520","authenticated-orcid":false,"given":"Sanjay K.","family":"Jha","sequence":"additional","affiliation":[{"name":"University of New South Wales, Australia and Cyber Security Cooperative Research Centre (CSCRC), Perth, Australia"}]}],"member":"320","published-online":{"date-parts":[[2024,11,11]]},"reference":[{"key":"e_1_3_3_2_2","doi-asserted-by":"publisher","DOI":"10.1109\/IEEESTD.2018.8608044"},{"key":"e_1_3_3_3_2","unstructured":"2023. Australian Energy Update 2023. 51. Retrieved from https:\/\/www.energy.gov.au\/sites\/default\/files\/Australian"},{"issue":"1","key":"e_1_3_3_4_2","first-page":"82","article-title":"A stride-based threat model for telehealth systems","volume":"8","author":"Abomhara Mohamed","year":"2015","unstructured":"Mohamed Abomhara, Martin Gerdes, and Geir M. K\u00f8ien. 2015. A stride-based threat model for telehealth systems. Norsk informasjonssikkerhetskonferanse (NISK) 8, 1 (2015), 82\u201396.","journal-title":"Norsk informasjonssikkerhetskonferanse (NISK)"},{"key":"e_1_3_3_5_2","doi-asserted-by":"publisher","DOI":"10.21236\/ADA367718"},{"key":"e_1_3_3_6_2","volume-title":"Managing Information Security Risks: The OCTAVE Approach","author":"Alberts Christopher J.","year":"2003","unstructured":"Christopher J. Alberts and Audrey J. Dorofee. 2003. Managing Information Security Risks: The OCTAVE Approach. Addison-Wesley Professional."},{"key":"e_1_3_3_7_2","doi-asserted-by":"publisher","DOI":"10.21236\/ADA389355"},{"key":"e_1_3_3_8_2","volume-title":"MITRE ATT&CK for Industrial Control Systems: Design and Philosophy","author":"Alexander Otis","year":"2020","unstructured":"Otis Alexander, Misha Belisle, and Jacob Steele. 2020. MITRE ATT&CK for Industrial Control Systems: Design and Philosophy. The MITRE Corporation."},{"issue":"1","key":"e_1_3_3_9_2","first-page":"2","article-title":"The industrial control system cyber kill chain","volume":"1","author":"Assante Michael J.","year":"2015","unstructured":"Michael J. Assante and Robert M. Lee. 2015. The industrial control system cyber kill chain. SANS Institute InfoSec Reading Room 1, 1 (2015), 2.","journal-title":"SANS Institute InfoSec Reading Room"},{"key":"e_1_3_3_10_2","doi-asserted-by":"publisher","DOI":"10.1109\/PESGM.2018.8585866"},{"key":"e_1_3_3_11_2","first-page":"119","author":"Bodeau Deb","unstructured":"Deb Bodeau, David B. Fox, and Catherine D. McCollum. [n. d.]. Cyber Threat Modeling: Survey, Assessment, and Representative Framework. Mitre Corp, 119.","journal-title":"Cyber Threat Modeling: Survey, Assessment, and Representative Framework"},{"key":"e_1_3_3_12_2","volume-title":"Cyber Prep 2.0: Motivating Organizational Cyber Strategies in Terms of Preparedness","author":"Bodeau Deborah","year":"2017","unstructured":"Deborah Bodeau and Richard Graubart. 2017. Cyber Prep 2.0: Motivating Organizational Cyber Strategies in Terms of Preparedness. Technical Report. MITRE CORP BEDFORD MA."},{"key":"e_1_3_3_13_2","unstructured":"Zoe Braiterman Adam Shostack Jonathan Marcil Stephen de Vries Irene Michlin Kim Wuyts Robert Hurlbut Brook S.E. Schoenfield Fraser Scott Matthew Coles Chris Romeo Alyssa Miller Izar Tarandach Avi Douglen and Marc French. 2023. Threat Modeling Manifesto. Retrieved from https:\/\/www.threatmodelingmanifesto.org\/"},{"key":"e_1_3_3_14_2","doi-asserted-by":"publisher","DOI":"10.2308\/isys-50422"},{"key":"e_1_3_3_15_2","doi-asserted-by":"crossref","unstructured":"Department of Defense (DoD) Defense Science Board Task Force. 2013. Resilient Military Systems and the Advanced Cyber Threat. Technical Report ADA569975. Retrieved from https:\/\/dsb.cto.mil\/reports\/2010s\/ResilientMilitarySystemsCyberThreat.pdf","DOI":"10.21236\/ADA569975"},{"key":"e_1_3_3_16_2","unstructured":"EPRI 2015. NESCOR Mitigation Techniques. Retrieved from https:\/\/smartgrid.epri.com\/doc\/NESCOR"},{"key":"e_1_3_3_17_2","unstructured":"Amanda Farmer. 2015. Dell Security Annual Threat Report. Retrieved from https:\/\/www.silicon.es\/wp-content\/uploads\/2015\/12\/2015-dell-security-annual-threat-report-white-paper-15657.pdf"},{"key":"e_1_3_3_18_2","volume-title":"The Security Development Lifecycle: SDL, a Process for Developing Demonstrably More Secure Software","author":"Howard Michael","year":"2006","unstructured":"Michael Howard and Steve Lipner. 2006. The Security Development Lifecycle: SDL, a Process for Developing Demonstrably More Secure Software. Microsoft Press, Redmond, WA. OCLC: ocm70211570."},{"issue":"1","key":"e_1_3_3_19_2","first-page":"80","article-title":"Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains","volume":"1","author":"Hutchins Eric M.","year":"2011","unstructured":"Eric M. Hutchins, Michael J. Cloppert, and Rohan M. Amin. 2011. Intelligence-driven computer network defense informed by analysis of adversary campaigns and intrusion kill chains. Leading Issues in Information Warfare & Security Research 1, 1 (2011), 80.","journal-title":"Leading Issues in Information Warfare & Security Research"},{"key":"e_1_3_3_20_2","unstructured":"IEA. 2023. Solar PV. Retrieved May 16 2023 from https:\/\/www.iea.org\/reports\/solar-pv"},{"key":"e_1_3_3_21_2","doi-asserted-by":"publisher","DOI":"10.1109\/IEEESTD.2010.5518537"},{"key":"e_1_3_3_22_2","first-page":"138","article-title":"Regulatory challenges and opportunities for collective renewable energy prosumers in the EU","author":"In\u00eas Campos","year":"2020","unstructured":"Campos In\u00eas, Pontes Luz Guilherme, Mar\u00edn-Gonz\u00e1lez Esther, G\u00e4hrs Swantje, Hall Stephen, and Holstenkamp Lars. 2020. Regulatory challenges and opportunities for collective renewable energy prosumers in the EU. Energy Policy 138 (2020), Article 111212.","journal-title":"Energy Policy"},{"key":"e_1_3_3_23_2","volume-title":"SP 800-39. Managing Information Security Risk: Organization, Mission, and Information System View","author":"Joint Task Force Transformation Initiative","year":"2011","unstructured":"Joint Task Force Transformation Initiative. 2011. SP 800-39. Managing Information Security Risk: Organization, Mission, and Information System View. National Institute of Standards & Technology."},{"key":"e_1_3_3_24_2","doi-asserted-by":"publisher","DOI":"10.5555\/1823048"},{"key":"e_1_3_3_25_2","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-30r1"},{"key":"e_1_3_3_26_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-72120-6_1"},{"key":"e_1_3_3_27_2","unstructured":"Kaspersky. 2023. WannaCryptor Ransomware. Retrieved from https:\/\/www.kaspersky.com\/resource-center\/threats\/ransomware-wannacry"},{"key":"e_1_3_3_28_2","unstructured":"Kespersky ICS CERT. 2023. Threat Landscape for Industrial Automation Systems. Statistics for H2. Retrieved May 25 2023 from https:\/\/ics-cert.kaspersky.com\/publications\/reports\/2021\/03\/25\/threat-landscape-for-industrial-automation-systems-statistics-for-h2-2020\/"},{"key":"e_1_3_3_29_2","doi-asserted-by":"publisher","DOI":"10.1109\/ISGTEurope.2017.8260283"},{"key":"e_1_3_3_30_2","unstructured":"MITRE. 2023. MITRE ATT&CK\u00ae. Retrieved March 26 2023 from https:\/\/attack.mitre.org\/"},{"key":"e_1_3_3_31_2","unstructured":"MITRE. 2023. Tactics - ICS \u2014 MITRE ATT&CK\u00ae. Retrieved March 26 2023 from https:\/\/attack.mitre.org\/tactics\/ics\/"},{"key":"e_1_3_3_32_2","author":"Muckin Michael","year":"2014","unstructured":"Michael Muckin and Scott C. Fitch. 2014. A Threat-Driven Approach to Cyber Security. Lockheed Martin Corporation.","journal-title":"A Threat-Driven Approach to Cyber Security"},{"key":"e_1_3_3_33_2","author":"Muckin Michael","year":"2015","unstructured":"Michael Muckin and Scott C. Fitch. 2015. A Threat-Driven Approach to Cyber Security: Methodologies, Practices and Tools to Enable a Functionally Integrated Cyber Security Organization. Lockheed Martin.","journal-title":"A Threat-Driven Approach to Cyber Security: Methodologies, Practices and Tools to Enable a Functionally Integrated Cyber Security Organization"},{"key":"e_1_3_3_34_2","unstructured":"NIST. 2018. Framework for Improving Critical Infrastructure Cybersecurity. Retrieved from https:\/\/nvlpubs.nist.gov\/nistpubs\/CSWP\/NIST.CSWP"},{"key":"e_1_3_3_35_2","doi-asserted-by":"publisher","DOI":"10.2172\/1761841"},{"key":"e_1_3_3_36_2","unstructured":"Bank of England. 2021. Implementation Guide CBEST Threat Intelligence-Led Assessments. Retrieved from https:\/\/www.bankofengland.co.uk\/-\/media\/boe\/files\/financial-stability\/financial-sector-continuity\/cbest-implementation-guide.pdf"},{"key":"e_1_3_3_37_2","unstructured":"OWASP Foundation. 2023. Threat Modeling Process. Retrieved Apr 27 2023 from https:\/\/owasp.org\/www-community\/Threat_Modeling_Process"},{"key":"e_1_3_3_38_2","unstructured":"Bruce Perlstein Lindsay Battenberg Erik Gilbert Robin Maslowski Frank Stern Stuart Schare Karin Corfee and Ryan Firestone. 2012. Potential role of demand response resources in maintaining grid stability and integrating variable renewable energy under California's 33 percent renewable portfolio standard. Prepared for California's Demand Response Measurement & Evaluation Committee."},{"key":"e_1_3_3_39_2","doi-asserted-by":"publisher","DOI":"10.1049\/iet-cps.2016.0018"},{"key":"e_1_3_3_40_2","volume-title":"Threat Modeling: A Summary of Available Methods","author":"Shevchenko Nataliya","year":"2018","unstructured":"Nataliya Shevchenko, Timothy A Chick, Paige O\u2019Riordan, Thomas P Scanlon, and Carol Woody. 2018. Threat Modeling: A Summary of Available Methods. Technical Report. Carnegie Mellon University Software Engineering Institute Pittsburgh, PA."},{"key":"e_1_3_3_41_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.tej.2020.106901"},{"key":"e_1_3_3_42_2","volume-title":"Guide to Data-Centric System Threat Modeling","author":"Souppaya Murugiah","year":"2016","unstructured":"Murugiah Souppaya and Karen Scarfone. 2016. Guide to Data-Centric System Threat Modeling. Technical Report. National Institute of Standards and Technology."},{"key":"e_1_3_3_43_2","author":"Strom Blake E","year":"2018","unstructured":"Blake E Strom, Andy Applebaum, Doug P. Miller, Kathryn C. Nickels, Adam G. Pennington, and Cody B. Thomas. 2018. Mitre ATT&CK: Design and Philosophy. Technical Report. The MITRE Corporation.","journal-title":"Mitre ATT&CK: Design and Philosophy"},{"key":"e_1_3_3_44_2","doi-asserted-by":"publisher","DOI":"10.3390\/en11092360"},{"key":"e_1_3_3_45_2","doi-asserted-by":"publisher","DOI":"10.14257\/ijsia.2014.8.2.28"},{"key":"e_1_3_3_46_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10270-021-00898-7"}],"container-title":["ACM Transactions on Cyber-Physical Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3678260","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3678260","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:54:09Z","timestamp":1750287249000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3678260"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10,31]]},"references-count":45,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2024,10,31]]}},"alternative-id":["10.1145\/3678260"],"URL":"https:\/\/doi.org\/10.1145\/3678260","relation":{},"ISSN":["2378-962X","2378-9638"],"issn-type":[{"type":"print","value":"2378-962X"},{"type":"electronic","value":"2378-9638"}],"subject":[],"published":{"date-parts":[[2024,10,31]]},"assertion":[{"value":"2023-11-27","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-07-05","order":2,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2024-11-11","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}