Risk Analysis of DNP3 Attacks

The integration of intelligent devices in the industry allows the automation and control of industrial processes, in an efficient and effective manner. Such systems have contributed to the rapid evolution of production infrastructures, increasing the reliability, reducing production costs, and automating the entire manufacturing operations. However, the utilization of intelligent devices has led to an increased attack surface in critical infrastructures, threatening to compromise regular operations. Attacks against such environments can have disastrous consequences in case their goal is achieved, due to the critical nature of such infrastructures. Thus, the timely identification of vulnerable spots through high-quality risk assessment, is considered highly important for avoiding or mitigating potential risks. In this paper, we focus on Distributed Network Protocol 3 (DNP3), a protocol with high utility in smart grids. Specifically, we investigate, identify and describe the vulnerabilities-by-design of DNP3 through 8 DNP3-centered cyberattacks. In addition, we present a novel method for conducting risk assessment, stemming from the combination of two techniques, namely, Attack Defence Trees (ADTs) and Common Vulnerability Scoring System v3.1 (CVSS). Through our proposed technique, the risk of a cyberattack occurring is calculated, thus contributing in securing the critical infrastructure.