Cybersecurity Risk Assessment for Beninese Power Grid SCADA systems.

Abstract

Supervisory Control and Data Acquisition (SCADA) systems monitor and manage critical industrial processes such as electricity supply. In this regard, the Republic of Benin, a West African country, recently equipped its power grid with a SCADA system to enable real-time monitoring and control of various components and operations. However, given the vulnerability of SCADA systems exposed to cybersecurity threats, protection mechanisms are needed to prevent any failures that could affect national safety. As a starting point, a cybersecurity risk assessment examines the impact of cyber threats on SCADA systems and, more broadly, the power grid. In this paper, we conduct a comprehensive risk assessment on the SCADA system deployed in Benin, based on the CORAS framework. Regarding the results of our risk analysis, security specifications, and controls are recommended to address identified risks and guide future design choices. The risk assessment results show that the loss of system status information is more critical because it could not only interrupt service to users but also put operators at risk. The leading solutions are to implement redundancy mechanisms, virtualization techniques, and automatic reconfiguration of the underlying network in case of an attack