Assessment of the Distributed Ledger Technology for Energy Sector Industrial and Operational Applications Using the MITRE ATT&CK® ICS Matrix
In recent times, Distributed Ledger Technology (DLT) has gained significant attention for its potential application in the energy sector. Utilizing blockchain and DLT has demonstrated the ability to enhance the resilience of the electric infrastructure, which will support a more flexible infrastruct...
| Main Authors: | , , , , , , , , , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2023-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10159478/ |
| _version_ | 1826851462319177728 |
|---|---|
| author | Annabelle Lee Sri Nikhil Gupta Gourisetti David Jonathan Sebastian-Cardenas Kent Lambert Vicente Navarro Marco Pasetti Umit Cali Kateryna Isirova Ramesh Reddi Puica Nitu Md. Touhiduzzaman Michael Mylrea Philip Huff Farrokh Rahimi Shammya Shananda Saha |
| author_facet | Annabelle Lee Sri Nikhil Gupta Gourisetti David Jonathan Sebastian-Cardenas Kent Lambert Vicente Navarro Marco Pasetti Umit Cali Kateryna Isirova Ramesh Reddi Puica Nitu Md. Touhiduzzaman Michael Mylrea Philip Huff Farrokh Rahimi Shammya Shananda Saha |
| author_sort | Annabelle Lee |
| collection | DOAJ |
| description | In recent times, Distributed Ledger Technology (DLT) has gained significant attention for its potential application in the energy sector. Utilizing blockchain and DLT has demonstrated the ability to enhance the resilience of the electric infrastructure, which will support a more flexible infrastructure and advance grid modernization. However, the deployment of these technologies increases the overall attack surface. The MITRE ATT&CK® matrices have been developed to document an adversary’s tactics and techniques based on real-world observations. The MITRE ATT&CK® matrices provide a common taxonomy for offense and defense and have become a valuable conceptual tool across multiple cybersecurity disciplines for conveying threat intelligence, performing testing through red teaming or adversary emulation, and enhancing network and system defenses against intrusions. The MITRE ATT&CK® for Industrial Control Systems (ICS) matrix was created to provide knowledge about adversary behavior in the ICS technology domain. This study analyzes the relevance of various tactics and techniques across a seven-layer DLT engineering and cybersecurity stack, known as the DLT stack, designed by the Cybersecurity Taskforce under IEEE P2418.5 - Standard for Blockchain in Energy working group sponsored by Power and Energy Systems - Smart Buildings, Loads and Customer Systems (PES/SBLC) Technical Committee. Additionally, this paper identifies specific mitigation strategies tailored to the energy ICS environment. |
| first_indexed | 2024-03-12T23:39:48Z |
| format | Article |
| id | doaj.art-8508bea9904d4646b33d0e9a8402e3ec |
| institution | Directory Open Access Journal |
| issn | 2169-3536 |
| language | English |
| last_indexed | 2025-02-16T16:40:59Z |
| publishDate | 2023-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj.art-8508bea9904d4646b33d0e9a8402e3ec2025-01-30T00:00:26ZengIEEEIEEE Access2169-35362023-01-0111698546988310.1109/ACCESS.2023.328842810159478Assessment of the Distributed Ledger Technology for Energy Sector Industrial and Operational Applications Using the MITRE ATT&CK® ICS MatrixAnnabelle Lee0https://orcid.org/0000-0002-9208-076XSri Nikhil Gupta Gourisetti1David Jonathan Sebastian-Cardenas2https://orcid.org/0000-0002-5238-8022Kent Lambert3https://orcid.org/0009-0007-0723-5020Vicente Navarro4https://orcid.org/0000-0003-4901-2806Marco Pasetti5https://orcid.org/0000-0001-8093-7925Umit Cali6https://orcid.org/0000-0002-6402-0479Kateryna Isirova7Ramesh Reddi8Puica Nitu9Md. Touhiduzzaman10Michael Mylrea11Philip Huff12https://orcid.org/0000-0003-0869-2147Farrokh Rahimi13https://orcid.org/0000-0002-5995-6061Shammya Shananda Saha14https://orcid.org/0000-0002-4861-6993Nevermore Security, Evergreen, CO, USANational Resilience Inc., San Diego, CA, USAPacific Northwest National Laboratory, Richland, WA, USABlockFrame Inc., Colorado Springs, CO, USAFaculty of Electrical Engineering, Technological University of Panama, Panama City, PanamaDepartment of Information Engineering, University of Brescia, Brescia, ItalyDepartment of Electric Energy, Norwegian University of Science and Technology, Trondheim, NorwayKPMG, Zürich, SwitzerlandCybSecBCML Inc., Raleigh, NC, USACanadian Institute World Energy System, Toronto, CanadaPacific Northwest National Laboratory, Portland, OR, USAInstitute for Data Science and Computing, University of Miami, Miami, FL, USADepartment of Computer Science, University of Arkansas at Little Rock, Little Rock, AR, USAOpen Access Technology International Inc., Minneapolis, MN, USAElectric Power Research Institute, Knoxville, TN, USAIn recent times, Distributed Ledger Technology (DLT) has gained significant attention for its potential application in the energy sector. Utilizing blockchain and DLT has demonstrated the ability to enhance the resilience of the electric infrastructure, which will support a more flexible infrastructure and advance grid modernization. However, the deployment of these technologies increases the overall attack surface. The MITRE ATT&CK® matrices have been developed to document an adversary’s tactics and techniques based on real-world observations. The MITRE ATT&CK® matrices provide a common taxonomy for offense and defense and have become a valuable conceptual tool across multiple cybersecurity disciplines for conveying threat intelligence, performing testing through red teaming or adversary emulation, and enhancing network and system defenses against intrusions. The MITRE ATT&CK® for Industrial Control Systems (ICS) matrix was created to provide knowledge about adversary behavior in the ICS technology domain. This study analyzes the relevance of various tactics and techniques across a seven-layer DLT engineering and cybersecurity stack, known as the DLT stack, designed by the Cybersecurity Taskforce under IEEE P2418.5 - Standard for Blockchain in Energy working group sponsored by Power and Energy Systems - Smart Buildings, Loads and Customer Systems (PES/SBLC) Technical Committee. Additionally, this paper identifies specific mitigation strategies tailored to the energy ICS environment.https://ieeexplore.ieee.org/document/10159478/Cybersecuritydistributed ledger technologyMITRE ICS ATT&CK®power systemsresiliency |
| spellingShingle | Annabelle Lee Sri Nikhil Gupta Gourisetti David Jonathan Sebastian-Cardenas Kent Lambert Vicente Navarro Marco Pasetti Umit Cali Kateryna Isirova Ramesh Reddi Puica Nitu Md. Touhiduzzaman Michael Mylrea Philip Huff Farrokh Rahimi Shammya Shananda Saha Assessment of the Distributed Ledger Technology for Energy Sector Industrial and Operational Applications Using the MITRE ATT&CK® ICS Matrix IEEE Access Cybersecurity distributed ledger technology MITRE ICS ATT&CK® power systems resiliency |
| title | Assessment of the Distributed Ledger Technology for Energy Sector Industrial and Operational Applications Using the MITRE ATT&CK® ICS Matrix |
| title_full | Assessment of the Distributed Ledger Technology for Energy Sector Industrial and Operational Applications Using the MITRE ATT&CK® ICS Matrix |
| title_fullStr | Assessment of the Distributed Ledger Technology for Energy Sector Industrial and Operational Applications Using the MITRE ATT&CK® ICS Matrix |
| title_full_unstemmed | Assessment of the Distributed Ledger Technology for Energy Sector Industrial and Operational Applications Using the MITRE ATT&CK® ICS Matrix |
| title_short | Assessment of the Distributed Ledger Technology for Energy Sector Industrial and Operational Applications Using the MITRE ATT&CK® ICS Matrix |
| title_sort | assessment of the distributed ledger technology for energy sector industrial and operational applications using the mitre att x0026 ck x00ae ics matrix |
| topic | Cybersecurity distributed ledger technology MITRE ICS ATT&CK® power systems resiliency |
| url | https://ieeexplore.ieee.org/document/10159478/ |
| work_keys_str_mv | AT annabellelee assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT srinikhilguptagourisetti assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT davidjonathansebastiancardenas assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT kentlambert assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT vicentenavarro assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT marcopasetti assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT umitcali assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT katerynaisirova assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT rameshreddi assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT puicanitu assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT mdtouhiduzzaman assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT michaelmylrea assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT philiphuff assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT farrokhrahimi assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix AT shammyashanandasaha assessmentofthedistributedledgertechnologyforenergysectorindustrialandoperationalapplicationsusingthemitreattx0026ckx00aeicsmatrix |