Electric Sector Failure Scenarios and Impact Analyses – Version 3.0 (technical lead and co-author)
The National Electric Sector Cybersecurity Organization Resource (NESCOR) Technical Working Group 1 (TWG1) developed previous versions of this document on the topic of cyber security failure scenarios and impact analyses for the electric sector. This version includes the addition of generation failure scenarios and updates to the common mitigations and vulnerabilities analyses. The information about potential cyber security failure scenarios is intended to be useful to utilities for risk assessment, planning, procurement, training, tabletop exercises and security testing. A cyber security failure scenario is a realistic event in which the failure to maintain confidentiality, integrity, and/or availability of sector cyber assets creates a negative impact on the generation, transmission, and/or delivery of power. Some of the scenario descriptions include activities that typically are not allowed by policies, procedures, or technical controls. These scenarios may be used to ensure that the applicable mitigation strategies are specified and implemented.
Research conducted by EPRI for: NESCOR – a DOE funded public-private partnership | © 2015 Electric Power Research Institute, Inc. All rights reserved.