Skip to content

jainanushkarathod/OT_powergrid_analysis

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
.idea
.idea
 
 
cyber_analysis
cyber_analysis
 
 
data_analysis
data_analysis
 
 
grid_analysis
grid_analysis
 
 
integration
integration
 
 
output
output
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

OT Power Grid Analysis - Master's Thesis Project

This repository contains my master's thesis project that connects cybersecurity risk in Operational Technology (OT) environments to measurable physical impact in an electric power grid. It combines a power-system digital twin with a vulnerability risk pipeline, then models likely compromise paths across a Purdue-style OT architecture.

Main Purpose

The goal is to show an end-to-end, reproducible workflow that answers three practical questions:

  1. What OT vulnerabilities exist in the modeled environment?
  2. How could an attacker exploit vulnerability and realistically move through the OT architecture?
  3. What is the potential physical impact on grid operations if the key components are affected?

What does this project do

  • Run physical impact analysis on a benchmark power grid IEEE Case-9 using Pandapower
  • Parses SBOMs and vulnerability scan outputs into analysis-ready tables
  • Enrich CVEs using CVSS (technical severity) and EPSS (likelihood of exploitation)
  • Compute risk scores and estimates likely attack paths in a Purdue-style OT graph
  • Generates visualization for identified vulnerabilities and most likely attack paths

How to use this

Step-1 : Setup the environment

  • Install Python, Pandapower, Trivy

    Refer to requirements.txt for other dependencies

Step-2 : Prepare inputs

  • Place SBOM / Vulnerability scan outputs in the output/sbom folder used by scripts
  • If either not available then refer to additional steps at the end to obtain those (to-do-edit-write this)

Step-3 : Generate impact analysis risk tables and graphs

  • Physical analysis: Run the gird_analysis/main.py to generate results from the physical analysis
  • Cyber analysis: Run the cyber_analysis/main.py to generate results from the cyber analysis
  • Integration: Run the integration/main.py to generate the integrated results from physical and cyber analysis to understand the system wide impact

Note: most scripts output tables, graphs, or both depend on parsed arguments.

Limitations:

  1. Risk values are estimates; EPSS is probabilistic and not a gurantee
  2. Vulnerability-to-node mapping depends on architecture assumptions (simpified for research)
  3. IEEE Case 9 is a benchmark model, not a real grid.

How to generate SBOMs (if you don't have results)

This project uses Trivy to generate a CycloneDX SBOM from docker image created or existing in the system. The below steps can be followed to generate the required outputs with the commands below.

  1. Generate an SBOM in CycloneDX Json format :
    sudo trivy image --format cyclonedx --output <sbom-filename>.json <docker-image-id>
  2. Generate vulnerability scan results :
    sudo trivy sbom --format json --output <vuln-report-name>.json <sbom-filename>.json

For more information:

A deeper explanation of the project, methodology, assumptions, and results will be published in a medium write up. This README stays focused on what the project is and how to run it.

Research/Education use only

Do not use this work to target real systems

About

This is the github repo for the Master's thesis of Anushka

Topics

python docker risk-analysis cve power-systems ics-security cvss cyber-physical-systems masters-thesis pandapower digital-twin attack-graph sbom cyclonedx trivy epss ot-security

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages