Combined Safety and Cybersecurity Risk Assessment for Intelligent Distributed Grids
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 32845
Combined Safety and Cybersecurity Risk Assessment for Intelligent Distributed Grids

Authors: Anders Thorsèn, Behrooz Sangchoolie, Peter Folkesson, Ted Strandberg


As more parts of the power grid become connected to the internet, the risk of cyberattacks increases. To identify the cybersecurity threats and subsequently reduce vulnerabilities, the common practice is to carry out a cybersecurity risk assessment. For safety classified systems and products, there is also a need for safety risk assessments in addition to the cybersecurity risk assessment to identify and reduce safety risks. These two risk assessments are usually done separately, but since cybersecurity and functional safety are often related, a more comprehensive method covering both aspects is needed. Some work addressing this has been done for specific domains like the automotive domain, but more general methods suitable for, e.g., Intelligent Distributed Grids, are still missing. One such method from the automotive domain is the Security-Aware Hazard Analysis and Risk Assessment (SAHARA) method that combines safety and cybersecurity risk assessments. This paper presents an approach where the SAHARA method has been modified to be more suitable for larger distributed systems. The adapted SAHARA method has a more general risk assessment approach than the original SAHARA. The proposed method has been successfully applied on two use cases of an intelligent distributed grid.

Keywords: Intelligent distribution grids, threat analysis, risk assessment, safety, cybersecurity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 684


[1] ScienceTech. A Green Future for Electrical Networks. Think Magazine. (Online). Available:
[2] Y. Mo, T. H.-J. Kim, K. Brancik, D. Dickinson, H. Lee, A. Perrig, and B. Sinopoli, “Cyber–Physical Security of a Smart Grid Infrastructure,” in Proceedings of the IEEE, vol. 100, no. 1, pp. 195–209.
[3] G. Macher, E. Armengaud, E. Brenner, and C. Kreiner, “Threat and Risk Assessment Methodologies in the Automotive Domain,” Procedia Computer Science, vol. 83, pp. 1288–1294.
[4] G. Macher, H. Sporer, R. Berlach, E. Armengaud, and C. Kreiner, “SAHARA: A security-aware hazard and risk analysis method,” in 2015 Design, Automation Test in Europe Conference Exhibition (DATE), pp. 621–624.
[5] G. Macher, A. H¨oller, H. Sporer, E. Armengaud, and C. Kreiner, “A Combined Safety-Hazards and Security-Threat Analysis Method for Automotive Systems,” in Computer Safety, Reliability, and Security, ser. Lecture Notes in Computer Science, F. Koornneef and C. van Gulijk, Eds. Springer International Publishing, vol. 9338, pp. 237–250.
[6] Solutions for intelligent distribution grids. UNITED-GRID. (Online). Available:
[7] K. Antoniadou-Plytaria, A. Srivastava, M. A. F. Ghazvini, D. Steen, L. A. Tuan, and O. Carlson, “Chalmers Campus as a Testbed for Intelligent Grids and Local Energy Systems,” in 2019 International Conference on Smart Energy Systems and Technologies (SEST), pp. 1–6.
[8] R. Fonteijn, M. Roos, P. Nguyen, J. Morren, and J. Slootweg, “The Strijp-S living-lab: Testing innovative solutions for fault protection, self-healing, congestion management, and voltage control,” in 2018 53rd International Universities Power Engineering Conference (UPEC), pp. 1–6.
[9] M. Roos, R. Fonteijn, P. Nguyen, J. Morren, and H. Slootweg, “The Strijp-S living lab for embedded microgrid studies,” in 2018 CIRED Workshop.
[10] Generation. (Online). Available: grid/generation
[11] Breaking Down Cybersecurity and Functional Safety Requirements for Industrial Control Systems. Totally Integrated Automation. (Online). Available: and-functional-safety-requirements-for-industrial-controlsystems/
[12] J. K. von Wedel and P. Arndt, “Safe and Secure Development: Challenges and Opportunities,” in SAE Technical Paper, vol. 2018-01-0020. SAE.
[13] L. Pi`etre-Cambac´ed`es and C. Chaudet, “The SEMA referential framework: Avoiding ambiguities in the terms “security” and “safety”,” International Journal of Critical Infrastructure Protection, vol. 3, no. 2, pp. 11–33.
[14] A. Avizienis, J.-C. Laprie, B. Randell, and C. Landwehr, “Basic concepts and taxonomy of dependable and secure computing,” IEEE Transactions on Dependable and Secure Computing, vol. 1, no. 1, pp. 11–33.
[15] Y. Cherdantseva and J. Hilton, “A Reference Model of Information Assurance Security,” in 2013 International Conference on Availability, Reliability and Security, pp. 546–555.
[16] Aljoscha Lautenbach and Mafijul Islam, “Deliverable D2.0, Security models, HEAVENS (HEAling Vulnerabilities to ENhance Software Security and Safety), Project deliverable.” (Online). Available:
[17] IEC 60050 - International Electrotechnical Vocabulary - Details for IEV number 741-01-04: ”Asset”. (Online). Available:
[18] ISO/IEC, ISO/IEC Guide 51:2014 Safety Aspects-Guidelines for their Inclusion in Standards.
[19] R. Shirey, “Internet Security Glossary, Version 2,” vol. RFC4949.
[20] ISO/IEC, ISO/IEC 27000:2018 Information technology-Security techniques - Information security management systems—Overview and vocabulary.
[21] SAE Vehicle Cybersecurity Systems Engineering Committee, Cybersecurity Guidebook for Cyber-Physical Vehicle Systems, no. J3061.
[22] ISO, ISO 26262:2018 Road Vehicles : Functional Safety.
[23] F. Swiderski and W. Snyder, Threat Modeling. Microsoft Press.
[24] L. Kohnfelder and P. Garg, “The threats to our products,” Microsoft Interface. (Online). Available:
[25] A. Shostack. ”Experiences Threat Modeling at Microsoft”. (Online). Available: Threat-Modeling-At-Microsoft.pdf
[26] IEC, IEC 61508:2010 Functional safety of electrical/electronic/programmable electronic safety-related systems.
[27] IEC, IEC 61511:2010 Functional safety - Safety instrumented systems for the process industry sector.
[28] ISO, ISO - ISO/IEC 27001:2013 — Information Security Management.
[29] ISO, ISO 13849-1:2015 Safety of machinery — Safety-related parts of control systems — Part 1: General principles for design.
[30] ISO, ISO/TR 14121-2: 2007 Safety of Machinery-Risk Assessment-Part 2: Practical Guidance and Examples of Methods.
[31] ISO, ISO 12100:2010 Safety of Machinery–General Principles for Design–Risk Assessment and Risk Reduction. CEN.
[32] Smart State Technology. (Online). Available:
[33] G. Hoogsteen, M. E. Gerards, J. L. Hurink, G. J. Smit, O. Mansour, and D. Bijwaard, “Combining distributed synchronized high frequency measurements with a control system for smart low voltage grids,” in Proceedings of the 25th International Conference on Electricity Distribution (CIRED 2019). CIRED.
[34] R. Fan, A. P. S. Meliopoulos, L. Sun, Z. Tan, and Y. Liu, “Transformer inter-turn faults detection by dynamic state estimation method,” in 2016 North American Power Symposium (NAPS).
[35] A. P. S. Meliopoulos, G. J. Cokkinides, Z. Tan, S. Choi, Y. Lee, and P. Myrda, “Setting-Less Protection: Feasibility Study,” in 2013 46th Hawaii International Conference on System Sciences, pp. 2345–2353.