The current Electric Power and Energy Systems sector has been profoundly changed by the introduction of smart grid tech- nologies, which have completely reshaped the security measures for protecting energy infrastructure. While conventional power systems were characterized by centralized generation and uni- directional power flows, the emergence of distributed energy re- sources, renewable energy integration, and prosumer-based archi- tectures has introduced unprecedented complexities in the threat landscape. These evolutionary changes have not only expanded the attack surface of energy systems but have also introduced novel vulnerabilities that stem from the bidirectional nature of modern energy flows, the proliferation of Internet-of-Things de- vices at the grid edge, and the increasing reliance on information and communication technologies for operational control. The traditional security frameworks that were developed for legacy power systems prove inadequate when confronted with the multi- faceted threats inherent in these distributed, interconnected, and digitally-enabled energy ecosystems. Prosumer integration, in particular, has created numerous weak points throughout the in- frastructure, as residential and commercial entities equipped with distributed generation, storage systems, and smart devices be- come integral components of the broader energy network. These edge nodes, often characterized by limited security measures and inconsistent monitoring capabilities, represent critical vulnera- bilities that can be exploited to compromise the stability and integrity of the entire energy system. This research addresses these issues by first revealing a profound lack of governance and defined liability for security incidents originating from prosumer assets. It demonstrates that the cumulative threat from aggre- gated edge devices constitutes an overlooked systemic risk. In response, this thesis presents two key contributions. First, a specialized threat model and a reference APT scenario to guide future research. Second, a novel monitoring framework that use digital twin technology and data sovereignty principles. Results show that this approach effectively detects prosumer-based ma- licious activity, thereby securing the continuity of grid operations without compromising citizen privacy, offering a resilient founda- tion for securing the distributed energy perimeter.
Towards Resilient Energy Systems: Protecting the Energy Supply Chain Against APTs / Petruolo, Alfredo. - (2026 Apr 16).
Towards Resilient Energy Systems: Protecting the Energy Supply Chain Against APTs
Alfredo Petruolo
2026-04-16
Abstract
The current Electric Power and Energy Systems sector has been profoundly changed by the introduction of smart grid tech- nologies, which have completely reshaped the security measures for protecting energy infrastructure. While conventional power systems were characterized by centralized generation and uni- directional power flows, the emergence of distributed energy re- sources, renewable energy integration, and prosumer-based archi- tectures has introduced unprecedented complexities in the threat landscape. These evolutionary changes have not only expanded the attack surface of energy systems but have also introduced novel vulnerabilities that stem from the bidirectional nature of modern energy flows, the proliferation of Internet-of-Things de- vices at the grid edge, and the increasing reliance on information and communication technologies for operational control. The traditional security frameworks that were developed for legacy power systems prove inadequate when confronted with the multi- faceted threats inherent in these distributed, interconnected, and digitally-enabled energy ecosystems. Prosumer integration, in particular, has created numerous weak points throughout the in- frastructure, as residential and commercial entities equipped with distributed generation, storage systems, and smart devices be- come integral components of the broader energy network. These edge nodes, often characterized by limited security measures and inconsistent monitoring capabilities, represent critical vulnera- bilities that can be exploited to compromise the stability and integrity of the entire energy system. This research addresses these issues by first revealing a profound lack of governance and defined liability for security incidents originating from prosumer assets. It demonstrates that the cumulative threat from aggre- gated edge devices constitutes an overlooked systemic risk. In response, this thesis presents two key contributions. First, a specialized threat model and a reference APT scenario to guide future research. Second, a novel monitoring framework that use digital twin technology and data sovereignty principles. Results show that this approach effectively detects prosumer-based ma- licious activity, thereby securing the continuity of grid operations without compromising citizen privacy, offering a resilient founda- tion for securing the distributed energy perimeter.| File | Dimensione | Formato | |
|---|---|---|---|
|
PhD_Thesis_Alfredo_Petruolo_XXXVIII_Cycle_f.pdf
accesso aperto
Tipologia:
Versione Editoriale (PDF)
Licenza:
Creative commons
Dimensione
4.92 MB
Formato
Adobe PDF
|
4.92 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
