Next Article in Journal
CGFTNet: Content-Guided Frequency Domain Transform Network for Face Super-Resolution
Next Article in Special Issue
A Comparative Study of Privacy-Preserving Techniques in Federated Learning: A Performance and Security Analysis
Previous Article in Journal
In-Bed Posture Classification Using Pressure Data from a Sensor Sheet Under the Mattress
Previous Article in Special Issue
Protecting Infinite Data Streams from Wearable Devices with Local Differential Privacy Techniques
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Information
Volume 15
Issue 12
10.3390/info15120764
information-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Review

Digital Transformation in Energy Sector: Cybersecurity Challenges and Implications

by
Saqib Saeed
1,*,
Hina Gull
1,
Muneera Mohammad Aldossary
1,*,
Amal Furaih Altamimi
1,
Mashael Saeed Alshahrani
1,
Madeeha Saqib
1,
Sardar Zafar Iqbal
1 and
Abdullah M. Almuhaideb
2
1
Saudi Aramco Cybersecurity Chair, Department of Computer Information Systems, College of Computer Science and Information Technology, Imam Abdulrahman Bin Faisal University, P.O. Box 1982, Dammam 31441, Saudi Arabia
2
Saudi Aramco Cybersecurity Chair, Department of Networks and Communications, College of Computer Science and Information Technology, Imam Abdulrahman Bin Faisal University, P.O. Box 1982, Dammam 31441, Saudi Arabia
*
Authors to whom correspondence should be addressed.
Information 2024, 15(12), 764; https://doi.org/10.3390/info15120764
Submission received: 23 October 2024 / Revised: 25 November 2024 / Accepted: 27 November 2024 / Published: 2 December 2024
(This article belongs to the Special Issue Digital Privacy and Security, 2nd Edition)
Browse Figures
Versions Notes

Abstract

:
Digital transformation in energy sector organizations has huge benefits but also exposes them to cybersecurity challenges. In this paper, we carried out a systematic literature review on cybersecurity challenges and issues in the energy domain. Energy-associated assets are very critical for any nation and cyber-attacks on these critical infrastructures can result in strategic, financial, and human losses. We investigated research papers published between 2019 and 2024 and categorized our work into three domains: oil and gas sector, the electricity sector, and the nuclear energy sector. Our study highlights that there is a need for more research in this important area to improve the security of critical infrastructures in the energy sector. We have outlined research directions for the scientific community to further strengthen the body of knowledge. This work is important for researchers to identify key areas to explore as well as for policymakers in energy sector organizations to improve their security operations by understanding the associated implications of cybersecurity.

1. Introduction

The energy sector is not only an important sector of any economy but is also an essential component of modern human life. It is difficult to imagine life without electricity and fuel as modern-day work infrastructures are heavily dependent on energy. According to the International Energy Agency (IEA), global demand has seen a growth of 2.2% in 2023; however, a 3.4% annual growth is expected by 2026. Although there is a slight decrease in electricity consumption in the US and EU, emerging economies like China and India have seen a growth in electricity consumption. Technological advancements such as artificial intelligence, data centers, and cryptocurrency are estimated to double their energy consumption by 2026 [1]. These statistics highlight the need for more energy production sources and efficient management of energy production, distribution, and use.
Digital transformation has advocated for fostering digital technologies to improve business processes and customer satisfaction and many sectors have benefited from digital transformation initiatives. Similarly, digital transformation in the energy sector has been explored and it has been highlighted that digitalization can help reduce energy consumption and optimize energy sector operations [2,3,4]. Nazari and Musilek [5] also highlighted that digital transformation in the energy sector results in cost reduction, efficiency, and enhanced customer experience. In another study, Oudina et al. [6] highlighted that petroleum and natural gas are important forms of energy that support the expansion of numerous other businesses, as well as many aspects of contemporary living and the world economy. The ecological impact of the oil and gas industry is changing due to the Petroleum Cyber-Physical System (CPS). Petroleum CPS efficiency approaches aid in an international assessment of the oil field by taking into account the amount of information on output generated by a drilling site. The energy sector is exposed to a number of dangers that have the potential to damage the natural world, interrupt vital power lines, and trigger an economic calamity. These dangers include human errors, environmental hazards, cyberattacks, and disruptions in connectivity. The focus of the scientific community is on the development of a self-aware and contemporary CPS. The research on petroleum and natural gas lacks the definition of threats, the reasons behind reservations of all kinds, and a workable defense strategy. Moreover, a thorough investigation of cyber security for oil and gas industries is still lacking. In a reported study, authors discussed the basic trust issues with CPS, along with how they apply to the oil and gas sector. They divided trust-related issues into functional, human, business, and trust categories. The issues were outlined as a group of characteristics and showed how they are related. This study found that recognizing and resolving issues in the oil and gas sector is a critical first step in implementing risk prevention, protection, and mitigation strategies, and is a vital tool for enhancing CPS reliability and quality in this important economic domain. In order to measure the readiness level for digital transformation in the energy sector, different assessment methodologies have been developed that can help in measuring the readiness of the energy sector in different countries [7]. Such assessment frameworks can help in prioritizing the need of improvement in the energy sector infrastructure for policymakers and higher management.
COVID-19 has accelerated the digital transformation rate in industries to achieve business continuity by adopting modern technologies such as big data analytics, cloud computing, internet of things, artificial intelligence, etc. However, associated cybersecurity implications of digital transformation have also increased, posing a security threat for organizations [8,9,10]. Recent cybersecurity attacks such as Stuxnet [11], colonial pipeline hack [12], Dragonfly attacks [13], cyberattacks on Saudi Aramco [14], and cyberattacks on smart meters in Puerto Rico [15] further strengthen the importance of cybersecurity in energy sector [16].
In this paper, we have conducted a systematic literature review, which mainly focuses on cybersecurity implications in oil and gas and the electricity and nuclear energy sectors. This paper presents recommendations for further research in this domain. The findings will help in formulating appropriate security policies to enable the benefits of digital transformation in the energy sector. This paper is structured as follows: Section 2 explains the procedures for selecting primary studies for systematic analysis and Section 3 explains the summaries of selected papers. Section 4 highlights the findings of the study and Section 5 concludes the analysis and makes some recommendations for further studies.

2. Materials and Methods

In this section, we explain the methodology adopted to extract the research papers for our study. We performed a systematic literature review using the PRISMA guidelines [17], we used the Google Scholar [18] database as our main repository for scientific papers. We queried the repository by different keywords which were chosen to facilitate the extraction of research articles related to our topic. The search terms used were (digital transformation in energy sector) AND (cyber security), (digital transformation in oil and gas) AND (cybersecurity), (Cybersecurity in Electricity), (Digital Transformation in Nuclear energy) AND (cyber security), (energy sector) AND (cybersecurity). For each search result, first, we applied the duration filter from 2019 to 2024 and then we shortlisted the first 30 hits for each search results, resulting in a total of 150 papers. Based on this we carried out title filtering, then we filtered based on the abstract, and finally we performed filtering based on the contents of the paper. Our qualification criteria for research papers included the following:
  • The paper is published in the time period of 2019–2024;
  • The paper is focusing on both digital transformation and cybersecurity implications in energy sector;
  • The paper is available in the English language;
  • The paper is a not a review paper, book, or thesis.
As shown in Figure 1, after the final content filtering, we were left with 26 papers which are included in this study. The distribution of papers based on the publication year is shown in Figure 2, where we had 1 paper from 2019, 4 papers published in 2020, 3 papers published in 2021 and 2022 each, 11 papers from 2023, and 4 papers were published in 2024.

3. Results

In this section, we present the findings of our study grounded in the literature focusing on cybersecurity implications in Energy sector. There is a sparse body of knowledge focusing on recommendations to secure the industry [19].

3.1. Cybersecurity Implications in Oil and Gas Industry

Nowadays, cyberattacks directed at oil and gas firms have increased in onshore and offshore installations. Many cybercriminals and hackers target their cyberattacks on the oil and gas sector. Nowadays, the oil and gas sector has become more and more advanced in terms of technology. Activities are being digitalized at an increasing rate; sensors are being used. Although this increases productivity, it also increases the susceptibility of networks to cyberattacks [20]. Since offshore oil production typically takes place in isolated areas, remote access and control are necessary. Industrial Cyber-Physical Systems (ICPS), Supervisory, Control, and Data Acquisition (SCADA) systems, and Industrial Internet of Things (IIoT) technologies are integrated to achieve this system. The ecosystem, marine life, and worker safety could all be severely impacted by a successful cyberattack against an offshore oil and gas asset [21]. Frederick et al. [22] highlighted the investigation of cybersecurity scrutinization and management opportunities in the IIOT systems. Cybersecurity monitoring and controls are essential because of the continuous cyberattacks on these integrated IIoT systems. They outlined five strategies that support cybersecurity monitoring and control in the context of the industrialized Internet of Things and adjacent sectors. They looked at past and present incidents involving cyber threats and cyberattacks in industrial IoT systems to acquire data for their study. They also discussed novel ideas, applications, best practices, and systems for monitoring and control that, when put into effect, will benefit other sectors of the economy.
Villarreal et al. [23] have emphasized that international cyberattacks increased by 50% in 2021 as a result of COVID-19. The conflict in Ukraine has also made matters worse since 2022, especially for the oil and gas sector. They described that the industry must take a proactive approach to cybersecurity concerns by integrating behavioral and technology safeguards. To safeguard a natural gas company’s technical structure, they suggested a model for cybersecurity based on the NIST CSF (National Institute of Standards and Technology Cybersecurity Framework) and CIS CSC (Center for Internet Security Critical Security Controls). The four steps of this paradigm are environmental analysis, scope and risk appetite, control design, and development. Through the evaluation of the applied techniques and employee surveys, this framework proved to be effective, producing a 92.69% efficacy and an 81.55% acceptance rate, meeting level two of the NIST CSF, and producing the desired result.
Houmb et al. [24] argued that higher levels of system integration and connectivity are necessary for intelligent automated industrial process control. An increasing danger of cyberattacks for Industrial Control Systems (ICS) and other Operational Technology (OT) systems coincides with this development. They described that models and techniques that take into account the functionality of the entire Cyber-Physical System are needed. To do this, a process-sensitive threat assessment for an attack response is combined with a context-based detection approach. Moreover, the adopted strategy must be flexible to consider the unpredictable nature of the method and the changing risks of cyberattacks. The results showed that cyber-attacks against cyber-physical systems (CPS) can be identified and differentiated using the technologies already in use. This suggested that monitoring the IT and OT components of the system is feasible to developing risk-based cybersecurity solutions. Tariq et al. [25] explained that for early recognition and preventing hostile activity and illegal access, intrusion detection systems (IDS) are essential to maintaining network security. Their study explained the design and evaluation of an IDS utilizing machine learning methods, with an emphasis on the oil and energy sector. Long short-term memory (LSTM), multilayer perception (MLP), random forest, and one-dimensional convolutional neural network (1DCNN) were among the models that were trained and tested using both artificial and real-world datasets. With an area under the curve (AUC) of 96%, the 1DCNN model demonstrated the best performance among the models, demonstrating its efficacy in identifying network intrusions. Their study emphasized the importance of selecting the best machine learning algorithms for intrusion detection systems (IDS) and recommended further research into combination models and sophisticated architectures for advancements.
In another study, Pettersen and Grøtan [26] examined the oil and gas sector as an example of a field facing challenging circumstances and the immediate possibility of a major failure. The sector is going through major modifications due to advancements in digital technologies and is subjected to increasingly dangerous threats as a result of political shifts. It also involves cyber-physical systems, which have close connections between technological developments that can be triggered from almost anywhere. Using interviews, the study determined the degree to which the industry’s current cybersecurity procedures could be improved by implementing resilience principles. The study highlighted the value of examining the empirical findings using a theoretical framework for assessing cyber resilience. Furthermore, they discovered that reducing the gap between strategic flexibility and cyber security resilience calls for a hybrid approach that combines robustness and adaptive capacity. Additionally, they found that a fundamental shift away from viewing resilience as a result and only an effect of current practice is necessary to prioritize adaptive capacity gradually. On the other hand, they viewed the adaptive capacity as resilience-as-process, a phenomenon that merits independent investigation. This suggests that managing cyber resilience needs to go beyond just integrating it with risk management.
Obonna et al. [27] highlighted that several amorphous cyberattacks have been launched on the oil and gas installation’s process control network (PCN). Denial-of-service (DoS), distributed denial-of-service (DDoS), and man-in-the-middle (MitM) attacks are a few examples. One important influencing reason might have been the relatively inexpensive network development that led to the acceptance of public networks in operation technology (OT). The OT industry’s connection to the internet for firmware updates, outside assistance, or supplier participation has made cyberattacks conceivable. These sporadic intrusions disclose the PCN when they go unnoticed, and an effective assault can have catastrophic results. In order to identify disparities, a study examined how machine learning techniques are used to monitor data exchanges among various network elements. It also reviewed the various forms of cyber-attacks in PCN of oil and gas installations. The experimental results demonstrated the accuracy and usefulness of various machine learning algorithms in identifying these anomalies, with notable precise attack detections identified using tree algorithms for man-in-the-middle (MitM) attacks accounting for trade-offs between precision and estimation complexity.
Shohoud [28] described that during the last ten years, Egypt’s oil and gas sector’s information technology usage has risen exponentially, along with the number of hacking attempts targeting these systems. The functioning and credibility of these businesses might be impacted greatly as a result of these threats to cyber security. Such attacks must be avoided at all costs. Particularly considering the importance of Egypt’s oil and gas industry to the regional economy and the fact that a large number of these interconnected systems are occasionally controlled remotely. This study aimed to educate decision-makers on the significance of taking proactive steps to fortify the company’s digital security and safeguard information-critical resources. It also analyzed the usefulness of the ISO 27001 standard [29] in reducing the impact of cyber threats. To achieve a high return on investment in understanding cybersecurity, the study highlighted the significance of enhancing the local educational system and applying an organized strategy that prioritizes behavioral change to close the gap between the supply and demand for cybersecurity specialists.
Progoulakis et al. [30] focused on enhancing the knowledge of dangers associated with cyber security and the administrative and technical protections that the oil and gas business must implement. The findings of the study discussed about cyber security for offshore oil and gas assets; providing insightful information about the mindset of the sector today and how cyber security ideas are seen. The significance of business participation and support, employee involvement, training, organizational culture, and corporate support in the area of cyber security are emphasized. The study highlighted that the human aspects and the business structure must be used as two distinct perspectives to observe and comprehend the topic of cyber security. For the human elements, their survey’s findings showed that threats from insiders and a lack of awareness of technology and culture are prioritized over most other cyber threats. Specifically, 73% of participants said it is likely that an insider will pose a threat to cyber security. Another real risk to cyber security breach situations is a lack of awareness of cyber-safety concepts and how they affect processes or a business in the event of an attack. Moreover, the results of the survey showed that, in addition to having disaster recovery strategies, oil and gas businesses either hire or receive assistance from outside cyber security specialists. Understandably, employees of oil and gas organizations had differing perspectives on the topic of cyber security when it comes to adaptability and comprehension.
Avanzini and Spessa [31] explained that combining old and modern technologies gives firms new perspectives and alternatives, but it also raises cybersecurity issues. Furthermore, due to their extreme visibility, critical sectors like oil and gas are increasingly vulnerable to cyberattacks. Their study offered a comprehensive cybersecurity strategy designed for the Oil and Gas (O&G) sector. The study addressed the three aspects of cybersecurity: people, processes, and technologies. For the asset owners, the process started with risk profile generation. High-risk items were ranked in order using a bowties and barrier management strategy. To identify the required mitigation actions security zones were established, Security Level Targets were created, and a gap analysis was carried out. In the next step of testing, phishing efforts and penetration tests were conducted. For manufacturers, the focus on the certification of the system and its components contributes to security. To ensure that cybersecurity resilience for O&G assets is accomplished, a comprehensive, methodology is intended to address all relevant factors from both an operational and organizational standpoint.
Mohammad et al. [32] stated that Supervisory Control and Data Acquisition (SCADA) is a critical component of ICPS as it provides process management and surveillance. These SCADA systems are known to interact using several insecure protocols that are open to different types of attacks. As a result, vital infrastructures, particularly those in the oil and gas industry, face higher cyber dangers. This study offered a method for attacking ICS to deny legal service using the Modbus TCP, in light of an increase in cyberattacks against these systems and the regularity with which these assaults result in DoS situations. This study presented a unique field flooding attack that can penetrate these defenses. The effects of the field flooding attack were assessed using three real industrial testbeds with various setups. The findings indicate that the programmable logic controller (PLC) often used in the oil and gas field is particularly susceptible to the assault, since a single erroneous packet caused a 59 min denial of service. In another study, Gueye et al. [33] highlighted the lack of real-world data needed to create neural network models efficiently, exploring the vital area of cybersecurity for industrial control and automation systems (ICS). This study aimed to fill the literature gap by assessing the effectiveness of a unique approach to ICS cybersecurity using data from real industrial settings. The study created a dataset using actual data from several commercial industries. These sectors include freshwater tanks, power networks, and gas pipelines. Authors claimed that the power system models obtain an astounding 71% accuracy rate, and the network performance is consistently increased by adding data produced. In several trials, the machine learning system achieved an astounding 99% accuracy using generated data. Furthermore, when the technique was used to set gas pipelines, most studies demonstrated that it was approximately 90% accurate. However, the study had some limitations, for example, because the study’s restricted focus is on infrastructure, its findings cannot be easily applicable to other industries. The implementation of specific security methods against cyberattacks is a topic that the present investigation did not include, indicating the necessity for additional studies on this important topic.

3.2. Cybersecurity Implications in Electricity

Electricity systems are a complex network spanning from energy generation plants, power grids, and distribution and transmission mechanisms, and recent cyberattacks advocate for a more serious focus on cybersecurity in the electricity domain [34]. There is a critical need for advanced cybersecurity measures to safeguard smart grids against vulnerabilities introduced by the integration of information and communication technologies (ICTs) [35,36]. Therefore, there is a need for collective efforts to strengthen global cybersecurity measures in the electricity sector by the development of strategic policies to safeguard energy infrastructure [37]. Similarly, Ratnam et al. [38] advocated for the resilience of the electricity systems as the complexity of modern-day electricity systems increased referred to as “Internet of Energy”, so there is a need for improving the robustness of the electricity grids.
Sun et al. [39] applied intrusion detection mechanisms to improve the cybersecurity of the smart meters. The authors analyzed the vulnerabilities in the smart grids and proposed mechanisms to identify and avoid cyber intrusions. In another study, Shaaban et al. [40] adopted data-driven mechanisms for indicating electricity theft in photovoltaic generation systems. The study emphasized the importance of cybersecurity in making sure the integrity of photovoltaic (PV) generation, as electricity theft may compromise grid stability. Ibrahem et al. [41] highlighted how the variation and the transmit technique is performed to detect electricity theft at the Advanced Metering Infrastructure (AMI) systems. This study showed the elevating significance of securing AMI systems from cyber threats. In another study, Tolba and Al-Makhadmeh [42] proposed the utilization of an authentication approach with the goal of securing the communications in the smart grid environments. The results highlighted that this approach improved the cybersecurity of the grid communication systems by mitigating the main threats. A study by Johnson et al. [43] showed the cybersecurity obstacles for electric vehicles that were charged by this infrastructure. It showed the main threats and indicated the potential countermeasures to protect the charging networks from cyberattacks.
Furthermore, Bai et al. [44] introduced a model that aims to enhance the precision of power theft detection, by incorporating a transformer network with a Gaussian-weighted self-attention mechanism to capture global dependencies and temporal dependencies in the electricity consumption data. The framework addressed the impact of cyberattacks on critical infrastructure and discussed data preprocessing, normalization, and missing value processing. It also presented a neural network model and a subsystem for monitoring the network traffic. The proposed model was evaluated using two datasets, including the State Grid Corporation of China (SGCC) dataset, which was collected during the 2014–2016 period and is structured as time–series data, and another dataset obtained from the Canadian Institute for Cybersecurity. Musleh et al. [45] outlined that digital technologies improved the management and control of solar distributed generation systems; however, additional cybersecurity threats have emerged. The authors highlighted cybersecurity vulnerabilities of the distributed commercial solar inverters focusing on the Australian electricity grid. The authors experimentally showed the potential risks which affect grid stability; therefore, resilient cybersecurity measures are required. In another study, Erkek and Irmak [46] adopted the digital twin technology to improve the cybersecurity of the plant hydroelectric power. The authors highlighted how digital twin technologies may predict and model cyber threats, enhancing the plant’s resilience against potential attacks. They applied the digital twin model to a power plant in Turkey to foster a proactive approach to cybersecurity.
Ismail et al. [47] adopted deep learning approaches to control electricity theft in the distributed generation (DG) domain. The main contribution of their work lies in addressing the manipulation of smart meters by malicious customers in renewable-based DG units to overcharge utility companies. To reach this, the authors employed deep machine learning techniques, including deep feedforward, deep recurrent, and deep convolutional recurrent neural networks. The authors highlighted that smart meter data combined with meteorological data, and SCADA metering data can enhance the detection rate to 99.3% and false alarm to 0.22%. Similarly, Takiddin et al. [48] proposed the utilization of the variational auto-encoders for indicating stealth cyber-attacks at the advanced metering infrastructure networks. The approach implemented fully connected variational auto encoders and long and short-term memory variational auto encoders and was able to improve the detection rate in the range of 11–15%, 9–22% improvement in the false alarm rate, and 27% to 37% improvement was the highest difference compared to existing approaches. In another study, Takiddin et al. [49] developed a machine learning-based approach using vector embedding to detect electricity theft cyber-attacks at the AMI networks. This approach enhanced the detection effectivity and accuracy in indicating cyber threats in the systems of electricity distribution. The model was tested on two real datasets and achieved a 95.8% detection rate, 93.7% highest difference, and 2.1% false alarm. Tang et al. [50] provided an in-depth analysis of vulnerabilities in the demand-response systems integrating customer demand and smart grid response. In their experiment, a false demand is added to the system and an online detector using a convolutional neural network is made to control such demand requests. The system was trialed on an IEEE 34 bus feeder and the results highlighted that the developed system achieved higher accuracy and responded to cyber-attacks with fixed change rates. In another study, Heymann et al. [51] investigated the cybersecurity resilience in the Swiss electricity sector by researching 124 Swiss energy market representatives. The research study highlighted policy recommendations to improve the energy sector’s protection against cyber threats and improved the system’s stability. The study advocated for stringent regulatory measures and monitoring strategies to improve the Swiss energy sector’s cybersecurity resilience. Another study [52] pointed out the frequency of the synchronization consensus issue in networked microgrids vulnerable to multi-layer denial of service (DoS) attacks, which may concurrently impact measurements, control activation, and communication pathways. A unified concept called Persistency-of-Data-Flow (PoDF) was put forth to quantify the multi-layer DoS effects on the hierarchical system and characterize the data unavailability in various information network linkages. They provided a condition of DoS attacks with PoDF that enabled consensus maintenance of the proposed edge-based self-triggered distributed control system. To mitigate the conservativeness of offline design against the worst-case assault across every device, an online self-adaptive strategy of the control parameters was also built to fully exploit the most recent information of all data transmission channels. Lastly, illustrative case studies were used to confirm the efficacy of the suggested cyber-resilient self-triggered distributed control.
In the literature, some studies carried out detailed reviews on the cybersecurity implications specifically in the electricity domain. For instance, Liu et al. [53] highlighted the use of digitally controlled and software-driven distributed energy resources (DERs) to enhance grid operations. However, this development also makes geographically scattered DERs vulnerable to digital threats, such as staff mistakes, communication problems, and hardware and software flaws which enforces the importance of cybersecurity in this area. In this regard, they have given a detailed overview of the advancements in cyber-resiliency enhancement (CRE) of the DER-based smart grid. Firstly, a holistic threat modeling approach with a focus on effect analysis and identifying vulnerabilities was specifically designed for the hierarchical DER-based smart grid. The defense-in-depth tactics that include detection, avoidance, mitigation, and restoration are then thoroughly examined, categorized, and meticulously compiled. The five main resiliency enablers were then incorporated into a comprehensive CRE framework. Lastly, a thorough discussion of the difficulties and potential paths forward was provided. Similarly, Nafees et al. [54] emphasized that opponents can launch sophisticated cyberattacks, including advanced persistent threats and coordinated attacks, resulting in operational issues and, in the worst cases, blackouts of electricity as a result of the substantial rewards that grid dangers can understand. The Ukrainian power grid attack exemplified the latter. In their study, they examined the nature of cyber-physical threats to comprehend their features and provided a threat modeling methodology. In particular, they explored the nature of cyber-physical threats and provided a threat modeling framework to comprehend their traits and effects on the physical and control systems of the smart grid. They also looked at current threat detection and defense capabilities. Moreover, they explained how electricity system managers should include human factors while assessing the effects of intrusions. Zhang et al. [55] highlighted the application of machine learning (ML) on Internet of Things (IoT)-based smart grids. They emphasized that the usual management and operation of the equipment will be significantly impacted by the hostile disturbance introduced into the power stream. As a result, security evaluation in safety-critical power systems is essential. They thoroughly analyzed the latest developments in attack and defense strategy design for ML-based smart grids. The study drew attention to the details involved in creating hostile attacks against these ML-based smart grids. They carried out a thorough investigation to examine and contrast previous research on adversarial assaults on Machine Learning-based smart grids in situations including initiation, broadcast, supply, and utilization. The countermeasures were then evaluated based on the attacks they were designed to fend off. Lastly, the attacker’s and defender’s respective future research directions were examined. In another study, Inayat et al. [56] highlighted that the smart grid needs to be protected from growing security risks and intrusions. In their study, they presented a thorough analysis of protection strategies that can be applied to identify these kinds of assaults and lessen the risks they pose. They emphasized that to reduce the frequency of cyberattacks, the targeted equipment’s security needs to be improved by mentioning different methods and models such as the Gaussian process model, pattern detection method, honeypots, parametric feedback linearization controller, etc.

3.3. Cybersecurity Implications in Nuclear Energy

Due to the digitalization of control systems, cybersecurity in digital control systems is very important specifically focusing on vulnerabilities in the network infrastructure and control systems as well as human aspects [57]. There is a need to adopt a three-pronged policy focusing on enhancing cybersecurity resilience, foster public–private partnerships for cyber-attack preparation, and improving the security of nuclear systems [58]. Similar concerns were highlighted by Falowo et al. [59] that the need for clean energy sources has triggered increasing demand for nuclear fusion plants, so there is a critical need for cybersecurity management of such infrastructures. They highlighted that startup companies due to their increased innovation might help in bringing cybersecurity agility in protecting nuclear fusion plants, where threats may be classified based on the importance of the infrastructure and the nature of the threat for continuous threat assessment.
Jung et al. [60] developed a technical assessment methodology to evaluate potential attacks on an asset and applicable controls. They compared their assessment result by jointly implementing their assessment along with NEI 13-10 (cybersecurity control assessments) against the application of on NEI 13-10 on plant protection of a nuclear power reactor APR 1400. The study provided insights on further improving the assessment mechanisms.
Yockey et al. [61] highlighted it is critical that system designers, reactor operators, and regulators must focus on the cybersecurity implications during the design of autonomous control systems (ACS) in advanced nuclear reactors. The study developed a cyber-physical testbed using digital twin technologies. The testbed included two plant-level digital twins and two component-level digital twins for reactor malfunction/control action and component states/forecasting component input/output, respectively. Furthermore, two duplicate ACS designs were formulated one based on traditional machine learning and second, an automated machine learning approach, and the results highlighted that neither of them is optimal. Hence, the authors laid out a set of recommendations to all stakeholders to foster a shared responsibility for securing machine learning-based systems.
Table 1 provides a summarized contribution of all papers included in this review.

4. Discussion

Cybersecurity implications of the digital transformation in the energy sector are very critical due to the enhanced importance of energy assets [3,4]. A taxonomy of cybersecurity in energy sector organizations is developed and is shown in Figure 3. The energy sector can be categorized into three sub-sectors: the oil and gas sector, the electricity and renewable energy sector, and the nuclear energy sector. Power plants, oil and gas pipelines, smart distribution grids, energy storage systems and offshore platforms are key infrastructure components of energy sector organizations that need to be secured. The sub-components in these organizations can be categorized into control systems, operational technologies, information technology tools and integrated information, and operational technology systems. Control systems may include supervisory control and data acquisition (SCADA) [21,32,47], distributed control systems (DCS) [62], or programmable logic controllers (PLCs) [32]. The security of these control systems is important as attacks on these control systems will result in the loss of control of these critical infrastructures. Cybersecurity attacks on operational technologies like real-time systems such as power generation controls [63], grid monitoring controls, turbine controls [64], and battery optimization systems can result in outages and malfunction of energy sources. Information technology infrastructure components such as networks, data centers, and cloud systems are another key target of cybersecurity attackers to sabotage the critical infrastructures. The last sub-component integrates the information technology components with operational technologies to enhance the performance of energy sector organizations. It may include simulation and modeling tools of OT data [65], grid analytics [66], smart meters, and battery analytics [67]. Cybersecurity attacks on these components may result in significant performance degradation and service delays.
The Institute of Electrical and Electronics Engineers [68] and Association of Computing Machinery have [69] classified the security in eight domains and all these domains are relevant to cybersecurity in energy sector organizations. The first domain is human security which refers to securing individuals, and data, and analyzing human behavior for cybersecurity. Energy sector organizations can develop cybersecurity measures in place which can enhance social engineering cybersecurity, by focusing on human factors, identity management, and increasing cybersecurity awareness and usable privacy and security among all stakeholders [9]. The data security aspect investigates securing the data in the organization and energy sector organizations can foster cybersecurity controls such as quantum cryptography, digital forensics, access control, data integrity, data storage security, and secure communication protocols. Software security refers to the adaptation of cybersecurity principles during the software development and usage stage. Secure software design, usability, and rigorous testing are key aspects in this domain and it can be specifically challenging when software development is carried out by supply chain partners of energy sector organizations. Approaches like zero trust architecture [70] and DevSecOps [71] can improve software security. Component security refers to cybersecurity during the design, acquisition, testing, and deployment phases of components in larger systems. Component reverse engineering [72], design, testing, and procurement processes in energy sector organizations need to be analyzed to enhance component security. Furthermore, connection security refers to cybersecurity challenges related to the establishment of connections between different organization infrastructure components. In this domain cybersecurity challenges pertaining to network architecture, hardware architecture, distributed systems architecture, network services, and defense are key challenges. The system security domain looks at the security challenges from a holistic view of systems integration and challenges like system management, system access, and control and system retirement are taken into consideration. The organizational security domain focuses on protecting the organization from cybersecurity attacks and challenges like risk management [26], security governance, cybersecurity planning, security analytics, and security operations that fall under this domain. Lastly, the societal security domain refers to cybersecurity issues that impact society, and areas like cybercrimes, cyber laws, and ethics are key issues in this domain. Energy sector organizations can focus on satisfying regulatory and legal requirements [51] pertaining to the cybersecurity of their organizational infrastructure.
As shown in Figure 3, threats can be classified as malware [73], phishing attacks [74], social engineering attacks [75], advanced persistent threats (APTs) [76], DDoS attacks [27], zero-day vulnerabilities [77], and insider threats [78]. An extensive security policy capable of resilience against these diverse cybersecurity attacks can improve the security resilience of energy sector organizations. A balanced combination of preventive, detective, corrective, and physical controls in energy sector organizations can help in achieving cybersecurity goals. Additionally, organizations need to implement international standards (such as NIST 800-53 [79], ISO/IEC 27001 [80], IEC 62443 [81]), regulations (such as General Data Protection Regulation (GDPR) [82]), frameworks (such as Network and Information Systems directive), and industry-specific standards (NIS 2 [83], Presidential Policy Directive (PPD) [84]) to make their cybersecurity controls more effective. Cybersecurity processes in energy sector organizations can be categorized into risk management, incident response, vulnerability management, and security operations where advanced technologies such as Artificial intelligence, machine learning [25,27,33], blockchain [85], quantum computing [86], zero trust architecture [70], cloud computing [87], digital twins [46], and internet of things [22,55] can support in establishing a robust cybersecurity framework.
As shown in Figure 4, we present a list of typical challenges faced by energy sector organizations to protect the energy infrastructure from cybersecurity attacks. Based on this we present a set of key research directions which can help other researchers to work on improving the cybersecurity of energy sector infrastructures.
Cybersecurity strategic planning ensures that organizations adopt a systematic approach to protect their organization from cybersecurity threats. Energy sector organizations being the critical infrastructure need to have a robust business continuity plan. Business continuity planning ensures that organizations can recover from cybersecurity attacks and resume operations quickly. A robust risk management process needs to be established to identify critical assets, identify threats and their impact. After this, the recovery time objectives and resources need to be allocated which can develop appropriate controls to enhance the business resilience. Additionally, an incident response plan needs to be developed which outlines the roles and responsibilities of response teams, protocols of response reporting, and a communication plan. The communication plan should include the strategy of communication with all stakeholders and regulatory authorities during the cybersecurity attacks. The plan should also define the schedule of data backup, regular recovery testing trials, and backup infrastructure. Successful and failed case studies of business continuity cybersecurity planning in energy organizations can facilitate other organizations in designing their cybersecurity policies. Typical research in diverse organizational and cultural contexts focuses on questions like—How warfare, international politics, and business competition can contribute in cybersecurity risks? How cybersecurity resilience can be enhanced in energy sector by optimizing business continuity planning? What are effective communication protocols in cybersecurity response? What are best practices in cybersecurity recovery? —can strengthen this body of knowledge.
Human resources are key in improving cybersecurity practices and energy sector organizations can develop a systematic approach to human resource development. Such an approach should include hiring key talent and designing skill development programs to foster a cybersecurity culture within the organizations. Additionally, comprehensive cybersecurity awareness plans need to be designed. The plan may include simulated social engineering and cyber-attack scenarios for employees to become acquainted with cybersecurity threats. Gamification and storytelling approaches can be integrated to enhance the user experience [88]. Here, research questions like—How do cultural and organizational challenges affect the stakeholder’s cybersecurity readiness? How stakeholders’ cybersecurity awareness can be enhanced? How does gamification help in improving employee cybersecurity readiness? Empirical studies answering such questions can contribute to fostering cybersecurity resilience in energy sector organizations? —can contribute to literature. It is also critical to educate users about security implications to improve external and internal threat management within the energy sector organizations [89,90]. There have been some studies showing that employees have limited information security readiness [91], so cybersecurity training [92,93] can better prepare them to cope with the cybersecurity challenges and optimally respond to threat situations. Such a rich research agenda can help the energy sector organizations to secure their digital transformation drive by adopting effective controls and risk management methodologies [94,95,96,97].
Organizations need to align their cybersecurity practices with government cybersecurity laws and standards to proactively respond to cybersecurity challenges and enhance stakeholders’ trust, therefore energy organizations need to do comprehensive planning. Empirical research can enhance this body of knowledge by documenting best practices and challenges for energy organizations in adhering to standards and improving the planning process. Additionally, researchers can investigate on developing new standards and frameworks to enhance cybersecurity in energy sector organizations. Furthermore, cyber laws and policies can be investigated for cybersecurity enhancements in the energy sector supply chain. Financial implications of cybersecurity attacks are also very critical and organizations need to plan the budget allocation for cybersecurity compliance, emergency risks, as well as insurance. Researchers can explore questions like—How can cybersecurity financial forecasting be enhanced? How can critical infrastructure cybersecurity operational cost be minimized? How can models be optimized to predict the financial value of critical assets for insurance?
Cybersecurity leaders need to drive the cybersecurity processes, so they need to hold the appropriate skills to excel. Additionally, cybersecurity is a knowledge-intensive activity so cyber leadership in organizations needs to plan the fostering of effective knowledge management processes and tools to continuously learn and improve cybersecurity resilience. In this context, typical research questions such as—How can the cyber leadership process be sustained in energy sector organizations? How can skills be enhanced of cybersecurity leaders? How can culture influence the cybersecurity behavior of leadership? How can organizational learning be fostered in cybersecurity activities of energy sector organizations? How can appropriate tools be designed to support knowledge management in cybersecurity operations of energy sector organizations?—maybe considered. It is also very interesting to document in-depth case studies about leadership roles during the cybersecurity response to document best practices [98,99].
Technological infrastructure is another critical factor that focuses on aligning appropriate advanced technologies with organizational processes to gain optimal advantages. Cybersecurity activities are heavily reliant on technologies and energy sector organizations need to enhance the technology management processes. Firstly, as we have seen some studies have used machine learning [27,33,61], and digital twin [46,61] technologies to improve their critical infrastructures from cybersecurity threats so we highlight that there is a need for more studies to design secure technologies using advanced technologies [73]. Furthermore, the adoption of user-centric design [100] approach while designing security control systems can help to foster better adoption of security controls. The research community can develop advanced technologies to improve cybersecurity processes. The following research questions may be answered: How can quantum cryptography enhance the resilience of cryptographic algorithms? How can digital twin technologies and zero trust architecture be used to protect digital assets in energy sector organizations? What are challenges in fostering such technologies in energy sector organizations? How machine learning and deep learning models can be enhanced for intelligent anomaly detection? What are the key operational issues in adopting blockchain security, homomorphic security, cloud, and internet of things security? How DevSecOps approach can be fostered in the software development process of energy sector applications? What kind of deception technologies can help in minimizing the cybersecurity risks for energy sector organizations? How security of legacy systems and third-party components can be enhanced? Additionally, case studies of best practices in technology adoption in cybersecurity can be documented by conducting empirical research.
Cybersecurity operations is the process that scans the threats in the organizational environment and responds. Threat identification and response are the key activities in this stage. Adoption of intelligent tools and crowdsourcing for threat hunting enhances the effectiveness and efficiency of cyber operations. Furthermore, effective incident response mechanisms can help in minimizing downtime of critical infrastructures. A consistent challenge operation teams need to face is to find a balance between cybersecurity and the efficiency of infrastructure. How can researchers investigate how energy sector organizations can benefit from advanced cyber threat intelligence tools and techniques? How can incident response mechanisms in critical infrastructure be enhanced? In depth case studies of incident response and cyber threat intelligence can help cybersecurity teams in improving their security operations in energy sector organizations. Furthermore, there is a need for in-depth empirical studies of cyber threat intelligence of operations in energy companies, oil and gas companies, as well as nuclear plants can further enhance the understanding of threat identification, threat management, and threat mitigation challenges faced by the organizations.

5. Conclusions

The energy sector is a critical infrastructure for any nation and the digital transformation drive in this sector is critical for achieving efficiency. However, such a digital transformation drive has resulted in massive cybersecurity challenges. In this paper, we have carried out a systematic literature review on cybersecurity implications in the energy sector and based on our review we highlight that there is a need to enrich this body of knowledge by improving security controls and technologies, a rich set of empirical studies documenting in-depth analysis of operational cybersecurity responses and user cybersecurity training. Our findings will help research teams to explore the research agenda to explore and improve cybersecurity in this important sector.

Author Contributions

Conceptualization, S.S.; methodology, S.S. and H.G.; data curation, A.F.A., M.S.A. and M.M.A.; writing—original S.S., M.S.A., A.F.A., M.M.A., H.G., M.S. and S.Z.I.; draft preparation, M.S.; writing—review and editing, S.S.; funding acquisition, A.M.A. All authors have read and agreed to the published version of the manuscript.

Funding

The authors would like to thank Saudi Aramco Cybersecurity Chair for supporting this research.

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

Not applicable.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. IEA. 2024. Available online: https://www.iea.org/reports/electricity-2024/executive-summary (accessed on 25 September 2024).
  2. Xu, Q.; Zhong, M.; Li, X. How does digitalization affect energy? International evidence. Energy Econ. 2022, 107, 105879. [Google Scholar] [CrossRef]
  3. Maroufkhani, P.; Desouza, K.C.; Perrons, R.K.; Iranmanesh, M. Digital transformation in the resource and energy sectors: A systematic review. Resour. Policy 2022, 76, 102622. [Google Scholar] [CrossRef]
  4. Akberdina, V.; Osmonova, A. Digital transformation of energy sector companies. E3S Web Conf. 2021, 250, 06001. [Google Scholar] [CrossRef]
  5. Nazari, Z.; Musilek, P. Impact of digital transformation on the energy sector: A review. Algorithms 2023, 16, 211. [Google Scholar] [CrossRef]
  6. Oudina, Z.; Derdour, M.; Dib, A.; Yaakoubi, M.A. Identifying and Addressing Trust Concerns in Cyber-Physical Systems for the Oil and Gas Industry. Ing. Syst. D’inform. 2024, 29, 469–478. [Google Scholar] [CrossRef]
  7. Gutman, S.; Brazovskaia, V. Tool Development for Assessing the Strategic Development of Territorial Socio-Economic Systems for the Purposes of Energy Sector Digital Transformation. Energies 2023, 16, 5269. [Google Scholar] [CrossRef]
  8. Saeed, S.; Altamimi, S.A.; Alkayyal, N.A.; Alshehri, E.; Alabbad, D.A. Digital transformation and cybersecurity challenges for businesses resilience: Issues and recommendations. Sensors 2023, 23, 6666. [Google Scholar] [CrossRef]
  9. Saeed, S. Usable Privacy and Security in Mobile Applications: Perception of Mobile End Users in Saudi Arabia. Big Data Cogn. Comput. 2024, 8, 162. [Google Scholar] [CrossRef]
  10. Gull, H.; Saeed, S.; Alaied, H.A.; Alajmi, A.N.; Saqib, M.; Iqbal, S.Z.; Almuhaideb, A.M. Digital Transformation of Marketing Processes, Customer Privacy, Data Security, and Emerging Challenges in Fostering Sustainable Digital Marketing. In Ethical AI and Data Management Strategies in Marketing; Saluja, S., Nayyar, V., Rojhe, K., Sharma, S., Eds.; IGI Global Scientific Publishing: Hershey, PA, USA, 2024; pp. 71–88. [Google Scholar] [CrossRef]
  11. Langner, R. Stuxnet: Dissecting a cyberwarfare weapon. IEEE Secur. Priv. 2011, 9, 49–51. [Google Scholar] [CrossRef]
  12. Hobbs, A. The Colonial Pipeline Hack: Exposing Vulnerabilities in US Cybersecurity; SAGE Publications: SAGE Business Cases Originals: London, UK, 2021. [Google Scholar]
  13. Cunningham, C. A Russian Federation Information Warfare Primer; The Henry M. Jackson School of International Studies, Washington University: Seattle, WA, USA, 2020. [Google Scholar]
  14. Alqurashi, R.K.; AlZain, M.A.; Soh, B.; Masud, M.; Al-Amri, J. Cyber attacks and impacts: A case study in Saudi Arabia. Int. J. Adv. Trends Comput. Sci. Eng. 2020, 9, 217–224. [Google Scholar] [CrossRef]
  15. Bhattacharjee, S.; Das, S.K. Detection and forensics against stealthy data falsification in smart metering infrastructure. IEEE Trans. Dependable Secur. Comput. 2018, 18, 356–371. [Google Scholar] [CrossRef]
  16. Oudina, Z.; Dib, A.; Yakoubi, M.A.; Derdour, M. Comprehensive Risk Classification and Mitigation in the Petroleum Cyber-Physical Systems of the Oil and Gas Industry. Int. J. Saf. Secur. Eng. 2024, 14, 99–113. [Google Scholar] [CrossRef]
  17. Page, M.J.; McKenzie, J.E.; Bossuyt, P.M.; Boutron, I.; Hoffmann, T.C.; Mulrow, C.D.; Shamseer, L.; Tetzlaff, J.M.; Akl, E.A.; Brennan, S.E.; et al. The PRISMA 2020 statement: An updated guideline for reporting systematic reviews. BMJ 2021, 372, n71. [Google Scholar] [CrossRef] [PubMed]
  18. Google Scholar. Available online: https://scholar.google.com/schhp?hl=en (accessed on 26 September 2024).
  19. Aubuchon, T.; Susanto, I.; Peterson, B.T. Oil and Gas Industry Partnership with Government to Improve Cybersecurity. In Proceedings of the SPE International Oil and Gas Conference and Exhibition in China, Beijing, China, 5–7 December 2006; p. SPE-104284. [Google Scholar]
  20. Goel, A. Cybersecurity in O&G Industry. In Proceedings of the Offshore Technology Conference, Houston, TX, USA, 1–4 May 2017; pp. 6–9. [Google Scholar]
  21. Mohammed, A.S.; Reinecke, P.; Burnap, P.; Rana, O.; Anthi, E. Cybersecurity challenges in the offshore oil and gas industry: An industrial cyber-physical systems (ICPS) perspective. ACM Trans. Cyber-Phys. Syst. (TCPS) 2022, 6, 28. [Google Scholar] [CrossRef]
  22. Frederick, B.A.; Taylor, O.E. Analysis on Cybersecurity Control and Monitoring Techniques in Industrial IoT: Industrial Control Systems. Internet Things and Cloud Comput. 2023, 11, 1–17. [Google Scholar]
  23. Villarreal, R.; Alarcón, F.; Torrejón, L. Implementing NIST CSF and CIS CSC in Gas Industry: A Model’s Effectiveness and Acceptance Analysis. In Proceedings of the 2023 International Conference on Electrical, Computer and Energy Technologies (ICECET), Cape Town, South Africa, 16–17 November 2023; pp. 1–6. [Google Scholar]
  24. Houmb, S.H.; Iversen, F.; Ewald, R.; Færaas, E. Intelligent risk based cybersecurity protection for industrial systems control—A feasibility study. In Proceedings of the International Petroleum Technology Conference, Bangkok, Thailand, 1–3 March 2023; p. D021S014R001. [Google Scholar]
  25. Tariq, A.; Elhadef, M.; Ghani Khan, M.U. Optimizing Cybersecurity in the Oil and Gas Industry with Machine Learning-Based Ids. Available online: https://ssrn.com/abstract=4630706 (accessed on 26 September 2024).
  26. Pettersen, S.; Grøtan, T.O. Exploring the grounds for cyber resilience in the hyper-connected oil and gas industry. Saf. Sci. 2024, 171, 106384. [Google Scholar] [CrossRef]
  27. Obonna, U.O.; Opara, F.K.; Mbaocha, C.C.; Obichere, J.K.C.; Akwukwaegbu, I.O.; Amaefule, M.M.; Nwakanma, C.I. Detection of Man-in-the-Middle (MitM) Cyber-Attacks in Oil and Gas Process Control Networks Using Machine Learning Algorithms. Future Internet 2023, 15, 280. [Google Scholar] [CrossRef]
  28. Shohoud, M. Study the Effectiveness of ISO 27001 to Mitigate the Cyber Security Threats in the Egyptian Downstream Oil and Gas Industry. J. Inf. Secur. 2023, 14, 152–180. [Google Scholar] [CrossRef]
  29. ISO 27001 Standard. Available online: https://www.iso.org/standard/27001 (accessed on 26 September 2024).
  30. Progoulakis, I.; Nikitakos, N.; Rohmeyer, P.; Bunin, B.; Dalaklis, D.; Karamperidis, S. Perspectives on cyber security for offshore oil and gas assets. J. Mar. Sci. Eng. 2021, 9, 112. [Google Scholar] [CrossRef]
  31. Avanzini, G.B.; Spessa, A. Cybersecurity verification approach for the oil & gas industry. In Proceedings of the Offshore Mediterranean Conference and Exhibition, Ravenna, Italy, 27–29 March 2019. Paper number OMC-2019. [Google Scholar]
  32. Mohammed, A.S.; Anthi, E.; Rana, O.; Saxena, N.; Burnap, P. Detection and mitigation of field flooding attacks on oil and gas critical infrastructure communication. Comput. Secur. 2023, 124, 103007. [Google Scholar] [CrossRef]
  33. Gueye, T.; Iqbal, A.; Wang, Y.; Mushtaq, R.T.; Petra, M.I. Bridging the Cybersecurity Gap: A Comprehensive Analysis of Threats to Power Systems, Water Storage, and Gas Network Industrial Control and Automation Systems. Electronics 2024, 13, 837. [Google Scholar] [CrossRef]
  34. Patel, S. Cybersecurity in Electric Distribution: The One Weak Link in an Interconnected Power Grid and the Threat It Poses. Georg. Wash. J. Energy Environ. Law 2023, 14, 138. [Google Scholar]
  35. Naiho HN, N.; Layode, O.; Adeleke, G.S.; Udeh, E.O.; Labake, T.T. Addressing cybersecurity challenges in smart grid technologies: Implications for sustainable energy infrastructure. Eng. Sci. Technol. J. 2024, 5, 1995–2015. [Google Scholar] [CrossRef]
  36. Jiang, Y.; Jeusfeld, M.A.; Ding, J.; Sandahl, E. Model-Based Cybersecurity Analysis: Extending Enterprise Modeling to Critical Infrastructure Cybersecurity. Bus. Inf. Syst. Eng. 2023, 65, 643–676. [Google Scholar] [CrossRef]
  37. Kazancı, B.A. The Strategic Importance of Cyber Security in Electric Energy Policies. Int. J. Energy Econ. Policy 2024, 14, 599–605. [Google Scholar] [CrossRef]
  38. Ratnam, E.L.; Baldwin, K.G.; Mancarella, P.; Howden, M.; Seebeck, L. Electricity system resilience in a world of increased climate change and cybersecurity risk. Electr. J. 2020, 33, 106833. [Google Scholar] [CrossRef]
  39. Sun, C.C.; Cardenas DJ, S.; Hahn, A.; Liu, C.C. Intrusion detection for cybersecurity of smart meters. IEEE Trans. Smart Grid 2020, 12, 612–622. [Google Scholar] [CrossRef]
  40. Shaaban, M.; Tariq, U.; Ismail, M.; Almadani, N.A.; Mokhtar, M. Data-driven detection of electricity theft cyberattacks in PV generation. IEEE Syst. J. 2021, 16, 3349–3359. [Google Scholar] [CrossRef]
  41. Ibrahem, M.I.; Mahmoud, M.M.; Alsolami, F.; Alasmary, W.; Al-Ghamdi AS, A.M.; Shen, X. Electricity-theft detection for change-and-transmit advanced metering infrastructure. IEEE Internet Things J. 2022, 9, 25565–25580. [Google Scholar] [CrossRef]
  42. Tolba, A.; Al-Makhadmeh, Z. A cybersecurity user authentication approach for securing smart grid communications. Sustain. Energy Technol. Assess. 2021, 46, 101284. [Google Scholar] [CrossRef]
  43. Johnson, J.; Anderson, B.; Wright, B.; Quiroz, J.; Berg, T.; Graves, R.; Daley, J.; Phan, K.; Kunz, M.; Pratt, R.; et al. Cybersecurity for Electric Vehicle Charging Infrastructure; No. SAND2022-9315; Sandia National Lab. (SNL-NM): Albuquerque, NM, USA, 2022. [Google Scholar]
  44. Bai, Y.; Sun, H.; Zhang, L.; Wu, H. Hybrid CNN–Transformer Network for Electricity Theft Detection in Smart Grids. Sensors 2023, 23, 8405. [Google Scholar] [CrossRef]
  45. Musleh, A.S.; Ahmed, J.; Ahmed, N.; Xu, H.; Chen, G.; Kerr, S.; Jha, S. Experimental Cybersecurity Evaluation of Distributed Solar Inverters: Vulnerabilities and Impacts on the Australian Grid. IEEE Trans. Smart Grid 2024, 15, 5139–5150. [Google Scholar] [CrossRef]
  46. Erkek, İ.; Irmak, E. Enhancing Cybersecurity of a Hydroelectric Power Plant Using Its Digital Twin Model. In Proceedings of the 2024 12th International Conference on Smart Grid (icSmartGrid), Setubal, Portugal, 27–29 May 2024; pp. 372–377. [Google Scholar]
  47. Ismail, M.; Shaaban, M.F.; Naidu, M.; Serpedin, E. Deep learning detection of electricity theft cyber-attacks in renewable distributed generation. IEEE Trans. Smart Grid 2020, 11, 3428–3437. [Google Scholar] [CrossRef]
  48. Takiddin, A.; Ismail, M.; Zafar, U.; Serpedin, E. Variational auto-encoder-based detection of electricity stealth cyber-attacks in AMI networks. In Proceedings of the 2020 28th European Signal Processing Conference (EUSIPCO), Amsterdam, The Netherlands, 18–21 January 2021; pp. 1590–1594. [Google Scholar]
  49. Takiddin, A.; Ismail, M.; Nabil, M.; Mahmoud, M.M.; Serpedin, E. Detecting electricity theft cyber-attacks in AMI networks using deep vector embeddings. IEEE Syst. J. 2020, 15, 4189–4198. [Google Scholar] [CrossRef]
  50. Tang, D.; Fang, Y.P.; Zio, E. Vulnerability analysis of demand-response with renewable energy integration in smart grids to cyber-attacks and online detection methods. Reliab. Eng. Syst. Saf. 2023, 235, 109212. [Google Scholar] [CrossRef]
  51. Heymann, F.; Henry, S.; Galus, M. Cybersecurity and resilience in the swiss electricity sector: Status and policy options. Util. Policy 2022, 79, 101432. [Google Scholar] [CrossRef]
  52. Ge, P.; Chen, B.; Teng, F. Cyber-Resilient Self-Triggered Distributed Control of Networked Microgrids Against Multi-Layer DoS Attacks. IEEE Trans. Smart Grid 2023, 14, 3114–3124. [Google Scholar] [CrossRef]
  53. Liu, M.; Teng, F.; Zhang, Z.; Ge, P.; Sun, M.; Deng, R.; Cheng, P.; Chen, J. Enhancing Cyber-Resiliency of DER-Based Smart Grid: A Survey. IEEE Trans. Smart Grid 2024, 15, 4998–5030. [Google Scholar] [CrossRef]
  54. Nafees, M.N.; Saxena, N.; Cardenas, A.; Grijalva, S.; Burnap, P. Smart Grid Cyber-Physical Situational Awareness of Complex Operational Technology Attacks: A Review. ACM Comput. Surv. 2023, 55, 215. [Google Scholar] [CrossRef]
  55. Zhang, Z.; Liu, M.; Sun, M.; Deng, R.; Cheng, P.; Niyato, D.; Chow, M.Y.; Chen, J. Vulnerability of Machine Learning Approaches Applied in IoT-Based Smart Grid: A Review. IEEE Internet Things J. 2024, 11, 18951–18975. [Google Scholar] [CrossRef]
  56. Inayat, U.; Zia, M.F.; Mahmood, S.; Berghout, T.; Benbouzid, M. Cybersecurity Enhancement of Smart Grid: Attacks, Methods, and Prospects. Electronics 2022, 11, 3854. [Google Scholar] [CrossRef]
  57. Ayodeji, A.; Mohamed, M.; Li, L.; Di Buono, A.; Pierce, I.; Ahmed, H. Cyber security in the nuclear industry: A closer look at digital control systems, networks and human factors. Prog. Nucl. Energy 2023, 161, 104738. [Google Scholar] [CrossRef]
  58. Greiman, V. Nuclear Cyber Attacks: A Study of Sabotage and Regulation of Critical Infrastructure. In Proceedings of the International Conference on Cyber Warfare and Security, Towson, MD, USA, 9–10 March 2023; Volume 18, pp. 103–110. [Google Scholar]
  59. Falowo, O.I.; Kropczynski, J.; Li, C. Protecting Critical Infrastructure: Strategies for Managing Cybersecurity Risks in Nuclear Fusion Facilities. In Proceedings of the 2023 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom), Wuhan, China, 21–24 December 2023; pp. 1050–1061. [Google Scholar]
  60. Jung, D.; Shin, J.; Lee, C.; Kwon, K.; Seo, J.T. Cyber security controls in nuclear power plant by technical assessment methodology. IEEE Access 2023, 11, 15229–15241. [Google Scholar] [CrossRef]
  61. Yockey, P.; Erickson, A.; Spirito, C. Cyber threat assessment of machine learning driven autonomous control systems of nuclear power plants. Prog. Nucl. Energy 2023, 166, 104960. [Google Scholar] [CrossRef]
  62. Morstyn, T.; Hredzak, B.; Agelidis, V.G. Control strategies for microgrids with distributed energy storage systems: An overview. IEEE Trans. Smart Grid 2016, 9, 3652–3666. [Google Scholar] [CrossRef]
  63. Blaabjerg, F.; Teodorescu, R.; Liserre, M.; Timbus, A.V. Overview of control and grid synchronization for distributed power generation systems. IEEE Trans. Ind. Electron. 2006, 53, 1398–1409. [Google Scholar] [CrossRef]
  64. Khan, S.; Madnick, S.; Moulton, A. Cybersafety Analysis of Industrial Control System for Gas Turbines; Cybersecurity Interdisciplinary Systems Laboratory (CISL): Cambridge, MA, USA, 2018. [Google Scholar]
  65. Coakley, D.; Raftery, P.; Keane, M. A review of methods to match building energy simulation models to measured data. Renew. Sustain. Energy Rev. 2014, 37, 123–141. [Google Scholar] [CrossRef]
  66. Bhattarai, B.P.; Paudyal, S.; Luo, Y.; Mohanpurkar, M.; Cheung, K.; Tonkoski, R.; Zhang, X. Big data analytics in smart grids: State-of-the-art, challenges, opportunities, and future directions. IET Smart Grid 2019, 2, 141–154. [Google Scholar] [CrossRef]
  67. vom Scheidt, F.; Medinová, H.; Ludwig, N.; Richter, B.; Staudt, P.; Weinhardt, C. Data analytics in the electricity sector–A quantitative and qualitative literature review. Energy AI 2020, 1, 100009. [Google Scholar] [CrossRef]
  68. Available online: https://www.ieee.org/ (accessed on 20 June 2024).
  69. Available online: https://www.acm.org/ (accessed on 20 June 2024).
  70. Fernandez, E.B.; Brazhuk, A. A critical analysis of Zero Trust Architecture (ZTA). Comput. Stand. Interfaces 2024, 89, 103832. [Google Scholar] [CrossRef]
  71. Lombardi, F.; Fanton, A. From DevOps to DevSecOps is not enough. CyberDevOps: An extreme shifting-left architecture to bring cybersecurity within software security lifecycle pipeline. Softw. Qual. J. 2023, 31, 619–654. [Google Scholar] [CrossRef]
  72. Nygård, A.R.; Katsikas, S.K. Ethical hardware reverse engineering for securing the digital supply chain in critical infrastructure. Inf. Comput. Secur. 2024, 32, 365–377. [Google Scholar] [CrossRef]
  73. Al Obaidan, F.; Saeed, S. Digital transformation and cybersecurity challenges: A study of malware detection using machine learning techniques. In Handbook of Research on Advancing Cybersecurity for Digital Transformation; IGI Global: Hershey, PA, USA, 2021; pp. 203–226. [Google Scholar]
  74. Alohali, M.A.; Alasmari, N.; Maashi, M.; Nouri, A.M.; Rizwanullah, M.; Yaseen, I.; Alneil, A.A. Metaheuristics with deep learning driven phishing detection for sustainable and secure environment. Sustain. Energy Technol. Assess. 2023, 56, 103114. [Google Scholar]
  75. Georgiadou, A.; Michalitsi-Psarrou, A.; Askounis, D. A security awareness and competency evaluation in the energy sector. Comput. Secur. 2023, 129, 103199. [Google Scholar] [CrossRef]
  76. Sharma, A.; Gupta, B.B.; Singh, A.K.; Saraswat, V.K. Advanced persistent threats (apt): Evolution, anatomy, attribution and countermeasures. J. Ambient Intell. Humaniz. Comput. 2023, 14, 9355–9381. [Google Scholar] [CrossRef]
  77. Guo, Y. A review of Machine Learning-based zero-day attack detection: Challenges and future directions. Comput. Commun. 2023, 198, 175–185. [Google Scholar] [CrossRef] [PubMed]
  78. Alzaabi, F.R.; Mehmood, A. A review of recent advances, challenges, and opportunities in malicious insider threat detection using machine learning methods. IEEE Access 2024, 12, 30907–30927. [Google Scholar] [CrossRef]
  79. Kurii, Y.; Opirskyy, I. Analysis and Comparison of the NIST SP 800-53 and ISO/IEC 27001: 2013. In Proceedings of the CPITS-2022: Cybersecurity Providing in Information and Telecommunication Systems, Kyiv, Ukraine, 13 October 2022. [Google Scholar]
  80. Kitsios, F.; Chatzidimitriou, E.; Kamariotou, M. The ISO/IEC 27001 information security management standard: How to extract value from data in the IT sector. Sustainability 2023, 15, 5828. [Google Scholar] [CrossRef]
  81. Heluany, J.B.; Galvão, R. IEC 62443 standard for hydro power plants. Energies 2023, 16, 1452. [Google Scholar] [CrossRef]
  82. Mortensen, B.O.G.; Hjerrild, L. Legal Overview of Latest Developments in the Energy Sector Regarding Data Protection and Cybersecurity. In Proceedings of the Energy Informatics Academy Conference, Kuta, Bali, Indonesia, 23–25 October 2024; Springer Nature: Cham, Switzerland, 2025; pp. 112–119. [Google Scholar]
  83. Avramidou, M.; Biasin, E.; Kamenjasevic, E.; Kun, E.; Nisevic, M. Cybersecurity and the NIS2 Directive: Regulatory aspects and sectoral perspectives. In Proceedings of the Second ECSCI Workshop on Critical Infrastructure Protection and Resilience, Online, 27–29 April 2022; Steinbeis-Edition: Stuttgart, Germany, 2023; pp. 91–92. [Google Scholar]
  84. Available online: https://www.energy.gov/ceser/presidential-policy-directive-21 (accessed on 25 July 2024).
  85. Khubrani, M.M.; Alam, S. Blockchain-based microgrid for safe and reliable power generation and distribution: A case study of Saudi Arabia. Energies 2023, 16, 5963. [Google Scholar] [CrossRef]
  86. Mangla, C.; Rani, S.; Qureshi NM, F.; Singh, A. Mitigating 5G security challenges for next-gen industry using quantum computing. J. King Saud Univ.-Comput. Inf. Sci. 2023, 35, 101334. [Google Scholar] [CrossRef]
  87. Siluk JC, M.; de Carvalho, P.S.; Thomasi, V.; Pappis CD, O.; Schaefer, J.L. Cloud-based energy management systems: Terminologies, concepts and definitions. Energy Res. Soc. Sci. 2023, 106, 103313. [Google Scholar] [CrossRef]
  88. Carreiro, A.; Silva, C.; Antunes, M. The use of gamification on cybersecurity awareness of healthcare professionals. Procedia Comput. Sci. 2024, 239, 526–533. [Google Scholar] [CrossRef]
  89. Saeed, S.; Suayyid, S.A.; Al-Ghamdi, M.S.; Al-Muhaisen, H.; Almuhaideb, A.M. A systematic literature review on cyber threat intelligence for organizational cybersecurity resilience. Sensors 2023, 23, 7273. [Google Scholar] [CrossRef] [PubMed]
  90. Mohammed, A. Detection and Mitigation Strategies for Cyber-Attacks in Offshore Oil and Gas Industrial Networks. Ph.D. Dissertation, Cardiff University, Cardiff, UK, 2024. [Google Scholar]
  91. Saeed, S. Digital Workplaces and Information Security Behavior of Business Employees: An Empirical Study of Saudi Arabia. Sustainability 2023, 15, 6019. [Google Scholar] [CrossRef]
  92. Ahmad, A.; Maynard, S.B.; Motahhir, S.; Anderson, A. Case-based learning in the management practice of information security: An innovative pedagogical instrument. Pers. Ubiquitous Comput. 2021, 25, 853–877. [Google Scholar] [CrossRef]
  93. Patterson, C.M.; Nurse, J.R.; Franqueira, V.N. “I don’t think we’re there yet”: The practices and challenges of organisational learning from cyber security incidents. Comput. Secur. 2024, 139, 103699. [Google Scholar] [CrossRef]
  94. Hussain, M. An Effective Cybersecurity Risk Assessment Framework for a Public Sector Gas Production/Distribution Company. Ph.D. Dissertation, National College of Ireland, Dublin, Ireland, 2023. [Google Scholar]
  95. Bergset, S.; Nyland, A.J. Ensuring Safe and Secure Operations in the Norwegian Petroleum Industry: A Study on Assessing Trends in Cyber Risk Levels. Master’s Thesis, NTNU, Trondheim, Norway, 2023. [Google Scholar]
  96. Leppäsalo, N. Enhancing Cybersecurity Considerations in Plant-Level Safety Design of Nuclear Power Plant. Master’s Thesis, Aalto University, Espoo, Finland, 2024. [Google Scholar]
  97. Lee, S.W.; Lee, J.H. Improving the Efficiency of Cybersecurity Risk Analysis Methods for Nuclear Power Plant Control Systems. J. Korea Inst. Inf. Secur. Cryptol. 2024, 34, 537–552. [Google Scholar]
  98. Fuller, C.R. Shortening the Skills Gap: An Exploratory Study of Cybersecurity Professional Experience. Ph.D. Thesis, Capella University, Minneapolis, MN, USA, 2016. [Google Scholar]
  99. Anderson, A.; Ahmad, A.; Chang, S. Case-Based Learning for Cybersecurity Leaders: A Systematic Review and Research Agenda. Inf. Manag. 2024, 61, 104015. [Google Scholar] [CrossRef]
  100. Saeed, S.; Bajwa, I.S.; Mahmood, Z. Human Factors in Software Development and Design; IGI Global: Hershey, PA, USA, 2014. [Google Scholar]
Information 15 00764 g001
Figure 1. Research Methodology for Our Review Paper.
Figure 1. Research Methodology for Our Review Paper.
Information 15 00764 g001
Information 15 00764 g002
Figure 2. Distribution of Publication Years of Selected Papers in Review.
Figure 2. Distribution of Publication Years of Selected Papers in Review.
Information 15 00764 g002
Information 15 00764 g003
Figure 3. Taxonomy of Cybersecurity Implications in the Energy Sector.
Figure 3. Taxonomy of Cybersecurity Implications in the Energy Sector.
Information 15 00764 g003
Information 15 00764 g004
Figure 4. Cybersecurity Challenges in the Energy Sector.
Figure 4. Cybersecurity Challenges in the Energy Sector.
Information 15 00764 g004
Table 1. Overview of Studies included in the Review.
Table 1. Overview of Studies included in the Review.
S. NoPublication YearMain ContributionTechnology/Method
[23]2023 Context and Problem: Highlighted that the global cyberattacks increased by 50% in 2021 as a result of the pandemic’s intensification in 2020. This scenario has been made worse by the conflict in Ukraine since 2022, especially in the oil and gas sector, which is considered essential infrastructure, confronts cybersecurity issues that necessitate a proactive strategy that combines technology and behavioral controls.
Solution and Result: Proposed a cybersecurity framework model that was assessed through implementation control and staff survey and showed 92.69% efficacy and 81.55% acceptance by staff. 		Derived from the Center for Internet Security Critical Security Controls (CIS CSC) and the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF).
[24]2023Context and Problem: Emphasized that the industrial control systems (ICS) and industrial automation and control systems, which have traditionally been protected from cyberspace, are at risk of cyberattack. They highlighted attacks such as the US Colonial Pipeline attack, Ukraine Grid Attack, and Norway Oil Platform attack.
Solution and Results: Proposed a context-based detection approach integrated with a knowledge-based approach to mitigate the effect of cyberattacks. Existing monitoring applications can be utilized to identify and differentiate between various cyberattack types. This shows that it is feasible to monitor the ICS system’s IT and control components in order to develop risk-based cybersecurity decision support systems.		Integrating, a process-sensitive threat assessment for attack response with a context-based detection approach.
[25]2023Context and Problem: Emphasized the significance of selecting suitable machine learning algorithms for intrusion detection systems (IDS) in the oil and gas industry. Four machine learning algorithms were evaluated in this context.
Solution and Results: Highlighted that the 1DCNN model achieved the highest performance with 96% accuracy.		Machine learning algorithms for intrusion detection in oil and gas industry using intrusion detection dataset.
[26]2024Context and Problem: Mentioned that the oil and gas industry is vulnerable to cyberattacks because of the digital transformation. They explored the degree of resilience by evaluating the oil and gas industry’s current cybersecurity procedures.
Solution and Results: Examined the empirical data by proposing a “resilience ABC” which takes into account a significant difference between resilience based on adaptive capacity and robustness.		Empirical study.
[27]2023Context and Problem: Highlighted the dangers of cyber-attack (such as DoS, DDoS and MitM) on process control network (PCN) of the oil and gas industry. The PCN is exposed by its incapacity to identify these dangerous cyberattacks, and a successful attack could have disastrous consequences.
Solution and Results: Performance evaluation of various machine learning techniques for detection of MitM attacks in a process control network in an oil and gas installation. Coarse tree algorithm showed high performance for identifying the MitM attack.		Machine learning techniques for detection of MitM attacks using real time dataset.
[28]2023Context and Problem: Underscored that the Egyptian oil and gas industry have gone through a digital transformation which led to several security breaches.
Solution and Results: Investigated the benefits of implementing ISO 27001 for reducing cyber threats in Egypt’s downstream oil and gas industry and also raised cybersecurity awareness in the oil and gas industry.		Empirical study.
[30]2021Context and Problem: Highlighted the offshore oil and gas industry is facing cyber threats because of digitization.
Solution and Results: Explored the risks to cyber security through a survey study and recommended organizational (such as cybersecurity awareness and training) and technical safeguards (such as real-time monitoring) that the oil and gas sector should implement. 		Empirical study/survey.
[31]2019Context and Problem: The oil and Gas industry is vulnerable to various high-profile cyberattacks because of its critical infrastructure. This may lead to heavy economic damage as well as a threat to people’s security and the environment.
Solution and Results: It outlines a comprehensive strategy to cybersecurity designed specifically for the oil and gas industry. This strategy addresses issues concerning technologies, people, and procedures, or the “three pillars” of cybersecurity. Moreover, devised cybersecurity strategy guidelines by integrating operational and organizational standpoint.		Proposed holistic framework and recommendations for cybersecurity resilience.
[32]2023Context and Problem: The oil and gas industry rely heavily on SCADA system which uses insecure communication protocols. It leads to several cyberattacks such as DoS.
Solution and Results: Presented a unique field flooding attack by conducting an experimental study and highlighted that the PLC often used in the oil and gas field are particularly susceptible, since a single erroneous packet caused a 59 min denial of service. This algorithm showed 99% accuracy.		Evaluation of Field flooding attack on the network based on 4 h of network capture traffic from three testbeds to formulae dataset.
[33]2024Context and Problem: Cyberattacks can destroy and damage critical infrastructures such as power, water, and gas because of the lack of real-world industrial control and automation systems.
Solution and Results: Assessed the effectiveness of cybersecurity techniques used in industrial control systems using real-time data and formed a combined dataset. Results showed that the dataset quality affects the model’s performance. 		Machine learning applications on three datasets of power system, freshwater tank, and gas pipeline.
[39]2020Context and Problem: Advanced metering infrastructure is vulnerable to cyberattacks because of digitization and can affect consumers.
Solution and Results: Introduced two-stage intrusion detection mechanisms for the cybersecurity of smart meters in power grids which effectively identified the cyberattacks in smart meters.		Two staged intrusion detection for smart meters.
[40]2021Context and Problem: Electricity units are at risk of cyberattack by malicious consumers who may change their data reading in smart meters leading to electricity theft.
Solution and Results: Focused on detecting electricity theft in photovoltaic (PV) generation using a data-driven method based on a regression tree. Performance of regression tree is compared with other models which showed better performance by regression tree.		Data-driven detection of cyberattacks in PV generation
[41]2022Context and Problem: The change and transit approach is very commonly used in smart metering systems, but it has brought challenges of vulnerability to cyberattacks which can lead to electricity theft, financial loss, and grid instability.
Solution and Results: Deep learning-based solutions for detecting electricity theft in Advanced Metering Infrastructure (AMI) systems which outperform the traditional methods.		Deep learning-based change and transmit detection techniques in AMI networks
[42]2021Context and Problem: Common challenges in digitizing the power grid include security threats such as false data injection, which diminish the predicted assimilation performance.
Solution and Results: Presented a user authentication approach to secure smart grid communications which improves the detection of false data injection more effectively.		Cybersecurity user authentication for smart grids.
[43]2022Context and Problem: Electric vehicle chargers when interacting with grid stations pose several cybersecurity vulnerabilities that can lead to financial loss and grid instability.
Solution and Results: Analyzed cybersecurity threats related to electric vehicle charging infrastructure and proposed measures for securing EV chargers from attack.		Cybersecurity measures for electric vehicle charging infrastructure.
[44]2023Context and Problem: Electricity theft is a major factor in power outages. In recent years, there has been rising recognition of using neural network models in electrical theft detection (ETD). However, conventional techniques have a limited ability to gather deep properties, making it difficult to spot abnormalities in power consumption data consistently.
Solution and Results: A model that aimed to enhance the precision of power theft detection using a transformer network with a Gaussian-weighted self-attention mechanism to capture global and temporal dependencies in electricity consumption data.		An experimental study using two datasets, including the State Grid Corporation of China (SGCC) and another dataset obtained from the Canadian Institute for Cybersecurity.
[45]2024Context and Problem: Combining solar distributed generation (DG) devices into the electricity grid adds complexity that might affect the grid’s dependability and security.
Solution and Results: Evaluation of cybersecurity vulnerabilities and impacts of distributed solar inverters on the Australian grid.		Experimental evidence of cybersecurity vulnerabilities of distributed commercial solar inverters
[46]2024Context and Problem: Hydroelectric power plants face cyberattacks because they integrate into digital systems.
Solution and Results: Enhancing cybersecurity of a hydroelectric power plant in Turkey using a digital twin model to detect and analyze attacks. Results showed that it improves threat detection.		Digital twin model.
[47]2020Context and Problem: The distributed generation domain is vulnerable to attack as malicious user can change the meeting readings, leading to electricity theft.
Solution and Results: Developed a deep learning–based system to detect electricity theft in renewable distributed generation (DG) using novel cyber-attack functions. The model has the highest detection rate (99.3%) and the fewest false alarms (0.22%).		Utilized deep feed forward, deep recurrent, and deep convolutional recurrent neural networks for detection. Created datasets from smart meter readings, meteorological (solar irradiance) data, and SCADA metering data, simulating an IEEE 123 bus test system.
[48]2020Context and Problem: AMI networks face cyberattacks because of the malicious data given to them. Traditional models are unable to deal with this issue and are unable to detect electricity theft.
Solution and Results: Detection of stealth cyber-attacks in AMI networks using variational auto-encoder-based techniques. Improve the detection rate by 11–15%, false alarm rate by 9–22%, and highest difference by 27–37% over existing detectors.		Variational auto-encoder.
[49]2020aContext and Problem: Electricity theft is difficult to identify because of false energy consumption data and the legacy ML models are unable to identify these thefts.
Solution and Results: Detection of electricity theft cyber-attacks in AMI networks using deep vector embeddings. The proposed model outperforms the shallow detectors showing high performance and accuracy.		Deep vector embeddings.
[50]2023Context and Problem: Integration of demand response programs in smart grids poses cyber security threats due to false data injection.
Solution and Results: Explored vulnerabilities in demand-response systems with renewable energy integration under cyberattacks and proposed an online detector for cyberattacks. Results showed that detectors helped in effectively mitigating the attacks.		Vulnerability analysis of demand-response in smart grids.
[51]2022Context and Problem: The Swiss electricity system is prone to cyberattacks because of digital transformation.
Solution and Results: Cybersecurity and resilience measures in the Swiss electricity sector, offering policy options for enhancement, which showed that the cybersecurity system needs improvement.		Participant feedback, cybersecurity, and resilience analysis.
[52]2023Context and Problem: Network microgrids face cyberattacks, especially from multi-layer DoS attacks.
Solution and Results: Construct an online self-adaptive strategy of the control parameters to fully use the most recent information of all data transmission channels, hence mitigating the conservativeness of offline design against the worst-case attack across all devices.		 Cyber-resilient self-triggered distributed control to mitigate multi-layer DoS attacks.
[60]2023Context and Problem: The nuclear industry is introduced to cybersecurity attacks because of digitization.
Solution and Results: Devised a methodology for cybersecurity controls assessment of nuclear powerplant which offers a comprehensive understanding of cyberattacks.		Cybersecurity assessment framework.
[61]2023Context and Problem: Nuclear power plants and energy plants are becoming vulnerable to cyberattacks
Solution and Results: Developed a cyber-physical testbed using digital twin technologies. The testbed included two plant-level and digital twins and two component-level digital twins for reactor malfunction/control action and component states/forecasting component input/output, respectively.		Digital twin, machine learning
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Saeed, S.; Gull, H.; Aldossary, M.M.; Altamimi, A.F.; Alshahrani, M.S.; Saqib, M.; Zafar Iqbal, S.; Almuhaideb, A.M. Digital Transformation in Energy Sector: Cybersecurity Challenges and Implications. Information 2024, 15, 764. https://doi.org/10.3390/info15120764

AMA Style

Saeed S, Gull H, Aldossary MM, Altamimi AF, Alshahrani MS, Saqib M, Zafar Iqbal S, Almuhaideb AM. Digital Transformation in Energy Sector: Cybersecurity Challenges and Implications. Information. 2024; 15(12):764. https://doi.org/10.3390/info15120764

Chicago/Turabian Style

Saeed, Saqib, Hina Gull, Muneera Mohammad Aldossary, Amal Furaih Altamimi, Mashael Saeed Alshahrani, Madeeha Saqib, Sardar Zafar Iqbal, and Abdullah M. Almuhaideb. 2024. "Digital Transformation in Energy Sector: Cybersecurity Challenges and Implications" Information 15, no. 12: 764. https://doi.org/10.3390/info15120764

APA Style

Saeed, S., Gull, H., Aldossary, M. M., Altamimi, A. F., Alshahrani, M. S., Saqib, M., Zafar Iqbal, S., & Almuhaideb, A. M. (2024). Digital Transformation in Energy Sector: Cybersecurity Challenges and Implications. Information, 15(12), 764. https://doi.org/10.3390/info15120764

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop