UDC 004.056:628.1
DOI 10.35776/VST.2025.12.08

Kiselev Aleksei, KINEBAS A. K., Sabirov Timur

An approach to constructing an adversary model as part
of the study of vulnerabilities in smart grid systems for water supply facilities

Summary

Smart Grid Water introduces a number of new, effective capabilities for the data collection, analysis, and information exchange to the water supply and wastewater disposal systems. However, it also adds vulnerability to the information security and, as a result, creates new threats and cyberattack vectors. The study focuses on modeling an attack scenario on a smart water supply system that exploits the vulnerabilities in the Modbus TCP industrial protocol. The results can be used for training professionals, for example, in a cyber range, for developing, implementing, and formally describing attack scenarios, for analyzing Modbus TCP vulnerabilities, and for testing the information security software. Practical recommendations for arranging the protection against cyberattacks are also offered.

Key words

Smart Grid Water , cyber attack , Modbus , Test-bed , Man-in-the-middle , Intrusion Detection System , Industrial Control System

For citation: Kiselev A. N., Kinebas A. K., Sabirov T. S. An approach to constructing an adversary model as part of the study of vulnerabilities in smart grid systems for water supply facilities. Vodosnabzhenie i Sanitarnaia Tekhnika, 2025, no. 12, pp. 59–65. DOI: 10.35776/VST.2025.12.08. (In Russian).

The further text is accessible on a paid subscription.
For authorisation enter the login/password.
Or subscribe

REFERENCES

1. Moghaddass R., Wang J. A hierarchical framework for smart grid anomaly detection using large-scale smart meter data. IEEE Transactions on Smart Grid, 2018, v. 9 (6), pp. 5820–5830.
2. Fedotov A. A. A research into the vulnerabilities of the Modbus protocol: материалы Международной научно-практической конференции «Современные направления в истории, культуре, науке и технике». Саратов, 3–4 июня 2021 г. – Саратов: Издательство «КУБиК», 2021. С. 95–97.
   Fedotov A. A. [A research into the vulnerabilities of the Modbus protocol]. Proceedings of the International Scientific and Practical Conference «Modern Trends in History, Culture, Science and Technology». Saratov, 3–4 June 2021. Saratov, KUBiK Publ., 2021, pp. 95–97.
3. Машкина И. В., Гарипов И. Р. Разработка ЕРС-моделей угроз нарушения информационной безопасности автоматизированной системы управления технологическими процессами // Безопасность информационных технологий. 2019. Т. 26. № 4. С. 6–20. DOI: 10.26583/bit.2019.4.01.
   Mashkina I. V., Garipov I. R. [Development of EPC models of threats to information security of an automated process control system]. Bezopasnost’ Informatsionnykh Tekhnologii, 2019, v. 26, no. 4, pp. 6–20. DOI: 10.26583/bit.2019.4.01. (In Russian).
4. Цимбалов К. И., Брагин Д. С. Анализ способов нарушения информационной безопасности автоматизированной системы управления технологическими процессами: материалы докладов XIX Международной научно-практической конференции «Электронные средства и системы управления». Томск, 15–17 ноября 2023 г. – Томск:
   В-Спектр, 2021. № 1–2. С. 137–139.
   Tsimbalov K. I., Bragin D. S. [Analysis of information security incidents of an automated process control system]. Proceedings of the XIX International Scientific and Practical Conference «Electronic Control Systems and Tools». Tomsk, 15–17 November 2023. Tomsk, B-Spectr Publ., 2023, no. 1–2, pp. 137–139. (In Russian).
5. Грачков И. А. Информационная безопасность АСУ ТП: возможные вектора атаки и методы защиты // Безопасность информационных технологий. 2018. Т. 25. № 1. С. 90–98. DOI: 10.26583/bit.2018.1.09.
   Grachkov I. A. [Information security of automated process control systems: possible attack vectors and methods of protection]. Bezopasnost’ Informatsionnykh Tekhnologii, 2018, v. 25, no. 1, pp. 90–98. DOI: 10.26583/bit.2018.1.09. (In Russian).
6. Huitsing P., Chandia R., Papa M., Shenoi S. Attack taxonomies for the Modbus protocols. International Journal of Critical Infrastructure Protection, 2008, v. 1, pp. 37–44. DOI: 10.1016/j.ijcip.2008.08.003.
7. Ayesha Rahman, Ghulam Mustafa, Abdul Qayyum Khan, Muhammad Abid, Muhammad Hanif Durad. Launch of denial of service attacks on the Modbus/TCP protocol and development of its protection mechanisms. International Journal of Critical Infrastructure Protection, 2022, 39(1):100568. DOI: 10.1016/j.ijcip.2022.100568.
8. Morris T. H., Thomas H., Wei Gao. Industrial control system cyber attacks. In: 1st International Symposium for ICS & SCADA Cyber Security Research 2013 (ICS-CSR 2013).
9. Bhatia S., Kush N., Djamaludin C., Akande A., Foo E. Practical Modbus flooding attack and detection. In: Proceedings of the Twelfth Australasian Information Security Conference (AISC 2014).
10. Morris T. H., Jones B. A., Vaughn R. B., Dandass Y. S. Deterministic intrusion detection rules for Modbus protocols. In: 46th Hawaii International Conference on System Sciences (IEEE 2013).