Cybersecurity in the OT systems for the energy sector
Κυβερνοασφάλεια στα συστήματα λειτουργικής τεχνολογίας (ΟΤ) για τον ενεργειακό τομέα
View/
Keywords
Cybersecurity ; OT systems ; Energy sectorAbstract
This MSc thesis investigates cybersecurity challenges affecting Operational Technology (OT) systems in the energy sector, with a particular focus on Renewable Energy Sources (RES). The rapid digitalization of energy infrastructures, the decentralization of power generation, and the convergence of IT and OT environments have significantly expanded the attack surface, making energy systems attractive targets for cyberattacks with potentially severe operational, safety, and societal impacts.
The thesis provides an overview of OT architectures and key components used in the energy sector, analyzes major threats and vulnerabilities, and reviews the applicable regulatory and standards framework, including NIS2, IEC 62443, NERC CIP, and the NIST Cybersecurity Framework. A semi-quantitative cybersecurity risk assessment methodology is proposed, combining established risk management guidelines with industrial threat modeling frameworks to support risk prioritization and the selection of appropriate security controls.
The proposed methodology is applied through a case study of a renewable energy producer, examining realistic attack scenarios such as compromise of vendor remote access, Man-in-the-Middle attacks on communications with Distribution System Operators, protocol injection within internal OT networks, and malware propagation through internet-facing gateways. The results indicate that third-party access and external communication interfaces represent the most critical risk vectors for energy producers. The thesis concludes with recommendations for a defense-in-depth approach, emphasizing strong vendor access control, strict IT/OT segmentation, continuous monitoring, and regulatory compliance, contributing to the enhancement of cybersecurity resilience in modern energy infrastructures.
Postgraduate Studies Programme
Κυβερνοασφάλεια και Επιστήμη ΔεδομένωνDepartment
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα ΠληροφορικήςNumber of pages
46Language
EnglishCollections
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα