Date of Award
2026
Document Type
Open Access Master's Thesis
Degree Name
Master of Science in Cybersecurity (MS)
Administrative Home Department
Department of Computer Science
Advisor 1
Bo Chen
Advisor 2
Chee-Wooi Ten
Committee Member 1
Yu Cai
Abstract
Over the past two decades, cybersecurity compliance frameworks such as the North American Electric Reliability Corporation Critical Infrastructure Protection (CIP) have introduced prescriptive measures for protecting power system networks, emphasizing restricted access, segmentation, and minimizing routable exposure. While effective for baseline cyber hygiene, these approaches do not capture system-level risks or adversarial propagation across interconnected infrastructure. In contrast, Cyber-Informed Engineering (CIE), advanced by Idaho National Laboratory, embeds security in system design by considering threat vectors and physical constraints.
Despite CIP guidance, many deployments rely on IP-routable, bidirectional communication that enables handshaking, allowing adversaries to infer reachable targets. This work presents a discrete-event simulation framework using Generalized Stochastic Petri Nets to model intrusion on substation control systems, comparing firewall-based protection with hardware-enforced unidirectional gateways that impose physical restrictions via a laser-enforced one-way channel. Results show that while firewalls conditionally filter traffic, unidirectional gateways eliminate bidirectional attack vectors, aligning with CIE principles.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.
Recommended Citation
Dilworth, Lawrence M., "Characterizing Cyber Intrusions in Critical Infrastructure Networks Using Discrete-Event Simulation", Open Access Master's Thesis, Michigan Technological University, 2026.