PNNL

Abstract

In recent times, Distributed Ledger Technology (DLT) has gained significant attention for its potential application in the energy sector. Utilizing blockchain and DLT has demonstrated the ability to enhance the resilience of the electric infrastructure, which will support a more flexible infrastructure and advance grid modernization. However, the deployment of these technologies increases the overall attack surface. The MITRE ATT&CK® matrices have been developed to document an adversary’s tactics and techniques based on real-world observations. The MITRE ATT&CK® matrices provide a common taxonomy for offense and defense and have become a valuable conceptual tool across multiple cybersecurity disciplines for conveying threat intelligence, performing testing through red teaming or adversary emulation, and enhancing network and system defenses against intrusions. The MITRE ATT&CK® for Industrial Control Systems (ICS) matrix was created to provide knowledge about adversary behavior in the ICS technology domain. This study analyzes the relevance of various tactics and techniques across a seven-layer DLT engineering and cybersecurity stack, known as the DLT stack, designed by the Cybersecurity Taskforce under IEEE P2418.5 - Standard for Blockchain in Energy working group sponsored by Power and Energy Systems - Smart Buildings, Loads and Customer Systems (PES/SBLC) Technical Committee. Additionally, this paper identifies specific mitigation strategies tailored to the energy ICS environment