An approach to constructing an adversary model as part
of the study of vulnerabilities in smart grid systems for water supply facilities

Summary

Smart Grid Water introduces a number of new, effective capabilities for the data collection, analysis, and information exchange to the water supply and wastewater disposal systems. However, it also adds vulnerability to the information security and, as a result, creates new threats and cyberattack vectors. The study focuses on modeling an attack scenario on a smart water supply system that exploits the vulnerabilities in the Modbus TCP industrial protocol. The results can be used for training professionals, for example, in a cyber range, for developing, implementing, and formally describing attack scenarios, for analyzing Modbus TCP vulnerabilities, and for testing the information security software. Practical recommendations for arranging the protection against cyberattacks are also offered.

Key words

Smart Grid Water , cyber attack , Modbus , Test-bed , Man-in-the-middle , Intrusion Detection System , Industrial Control System