Safety and Security Dependencies for Gridshield: Qualitative and Quantitative Analysis

Authors

  • Reza Soltani Department of Electrical Engineering, Mathematics and Computer Science, University of Twente, The Netherlands https://orcid.org/0000-0003-4585-1602
  • Baver Ozceylan Department of Electrical Engineering, Mathematics and Computer Science, University of Twente, The Netherlands https://orcid.org/0000-0003-4907-9015
  • Milan Lopuhaä-Zwakenberg Department of Electrical Engineering, Mathematics and Computer Science, University of Twente, The Netherlands https://orcid.org/0000-0001-5687-854X
  • Christina Kolb Department of Behavioural, Management and Social Sciences, University of Twente, The Netherlands https://orcid.org/0000-0002-4108-6395
  • Gerwin Hoogsteen Department of Electrical Engineering, Mathematics and Computer Science, University of Twente, The Netherlands https://orcid.org/0000-0002-5396-3682

DOI:

https://doi.org/10.59490/pss.2.2026.8020

Keywords:

Cyber-physical systems, Fault trees, Attack trees, Defenses, Risk mitigation, Protection schemes

Abstract

Present-day cyber-physical systems, such as the Smart Grid, lead to the integration of multiple sub-systems into one single intertwined system. Such systems are characterized by many inter-dependencies between these sub-systems. This makes it complex to correctly assess the impact of new defense mechanisms with respect to the safety and security of the system as a whole. Existing formalisms, such as fault and attack trees, cannot describe the full system complexity.

This paper presents a novel integrated model, namely the Attack-Fault-Defense Tree (AFDT), and tools to analyze such cyber-physical systems. The presented visual representation allows experts from various disciplines to discuss system dependencies together. In addition, we also present how minimum cut sets can be derived to formally quantify how the safety and security of the overall system is enhanced with the implementation of new defenses. We furthermore extend this to quantitative analysis by assigning safety and security metrics to these minimal cut sets. The presented AFDT is applied to the Gridshield concept, a novel defense mechanism to prevent grid overloading in power grids due to simultaneous charging of electric vehicles.

One sentence summary: We introduce Attack-Fault-Defense Trees (AFDTs) and apply qualitative and approximate quantitative analysis to the Gridshield smart-grid defense mechanism.

References

Budde, C. E., Kolb, C., & Stoelinga, M. (2021). Attack trees vs. fault trees: Two sides of the same coin from different currencies. In A. Abate & A. Marin (Eds.), Quantitative evaluation of systems: 18th International Conference, QEST 2021, proceedings (Vol. 12846, pp. 457–467). Springer. https://doi.org/10.1007/978-3-030-85172-9_24

Kabir, S. (2017). An overview of fault tree analysis and its application in model based dependability analysis. Expert Systems with Applications, 77, 114–135. https://doi.org/10.1016/j.eswa.2017.01.058

Kordy, B., Mauw, S., Radomirović, S., & Schweitzer, P. (2011). Foundations of attack-defense trees. In P. Degano, S. Etalle, & J. Guttman (Eds.), Formal aspects in security and trust: 7th International Workshop, FAST 2010, revised selected papers (Vol. 6561, pp. 80–95). Springer. https://doi.org/10.1007/978-3-642-19751-2_6

Kordy, B., Mauw, S., Radomirović, S., & Schweitzer, P. (2014). Attack-defense trees. Journal of Logic and Computation, 24(1), 55–87. https://doi.org/10.1093/logcom/exs029

Lopuhaä-Zwakenberg, M., & Stoelinga, M. (2023). Cost-damage analysis of attack trees. In 2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) (pp. 545–558). IEEE. https://doi.org/10.1109/DSN58367.2023.00057

Mauw, S., & Oostdijk, M. (2006). Foundations of attack trees. In D. Won & S. Kim (Eds.), Information security and cryptology – ICISC 2005: 8th International Conference, Seoul, Korea, December 1–2, 2005, revised selected papers (Vol. 3935, pp. 186–198). Springer. https://doi.org/10.1007/11734727_17

Menzel, V., Arias, N. B., Hurink, J. L., & Remke, A. (2023). Securing smart grids locally using a power flow-based intrusion detection system. In 2023 IEEE Belgrade PowerTech (pp. 1–9). IEEE. https://doi.org/10.1109/PowerTech55446.2023.10202762

Nicoletti, S. M., Peppelman, M., Kolb, C., & Stoelinga, M. (2023). Model-based joint analysis of safety and security: Survey and identification of gaps. Computer Science Review, 50, Article 100597. https://doi.org/10.1016/j.cosrev.2023.100597

Ruijters, E., & Stoelinga, M. (2015). Fault tree analysis: A survey of the state-of-the-art in modeling, analysis and tools. Computer Science Review, 15–16, 29–62. https://doi.org/10.1016/j.cosrev.2015.03.001

Soltani, R., Kang, E.-Y., & Heredia Mena, J. E. (2021a). Towards energy-aware cyber-physical systems verification and optimization. In M. Ganzha, L. Maciaszek, M. Paprzycki, & D. Ślęzak (Eds.), Position and communication papers of the 16th Conference on Computer Science and Intelligence Systems (Vol. 26, pp. 205–210). Polish Information Processing Society. https://doi.org/10.15439/2021F125

Soltani, R., Kang, E.-Y., & Heredia Mena, J. E. (2021b). Verification and optimization of cyber-physical systems: Preprint for FedCSIS [Preprint]. arXiv. https://doi.org/10.48550/arXiv.2109.01574

Soltani, R., Lopuhaä-Zwakenberg, M., & Stoelinga, M. (2024a). Safety-security analysis via attack-fault-defense trees: Semantics and cut set metrics. In A. Ceccarelli, M. Trapp, A. Bondavalli, & F. Bitsch (Eds.), Computer safety, reliability, and security: 43rd International Conference, SAFECOMP 2024, proceedings (Vol. 14988, pp. 218–232). Springer. https://doi.org/10.1007/978-3-031-68606-1_14

Soltani, R., Özceylan, B., Lopuhaä-Zwakenberg, M., Kolb, C., & Hoogsteen, G. (2024b). Safety and security dependencies for Gridshield. In2024 IEEE PES Innovative Smart Grid Technologies Europe (ISGT Europe) (pp. 1–6). IEEE. https://doi.org/10.1109/ISGTEUROPE62998.2024.10863084

Tangerding, F., Varenhorst, I. A. M., Hoogsteen, G., Gerards, M. E. T., & Hurink, J. L. (2022). GridShield: A robust fall-back control mechanism for congestion management in distribution grids. In 2022 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe) (pp. 1–5). IEEE. https://doi.org/10.1109/ISGT-Europe54678.2022.9960301

Tsakalidis, G., Vergidis, K., Madas, M., & Vlachopoulou, M. (2018). Cybersecurity threats: A proposed system for assessing threat severity. In F. Dargam, P. Delias, I. Linden, & B. Mareschal (Eds.), Decision support systems VIII: Sustainable data-driven and evidence-based decision support (pp. 284–291). Springer.

van Sambeek, H. L., Zweistra, M., Hoogsteen, G., Varenhorst, I. A. M., & Janssen, S. (2023). GridShield—Optimizing the use of grid capacity during increased EV adoption. World Electric Vehicle Journal, 14(3), Article 68. https://doi.org/10.3390/wevj14030068

Yadav, S. A., Kumar, S. R., Sharma, S., & Singh, A. (2016). A review of possibilities and solutions of cyber attacks in smart grids. In 2016 International Conference on Innovation and Challenges in Cyber Security (ICICCS-INBUSH) (pp. 60–63). IEEE. https://doi.org/10.1109/ICICCS.2016.7542359

Downloads

Published

2026-06-16

How to Cite

Soltani, R., Ozceylan, B., Lopuhaä-Zwakenberg, M., Kolb, C., & Hoogsteen, G. (2026). Safety and Security Dependencies for Gridshield: Qualitative and Quantitative Analysis. Journal of Progress in Safety & Security, 2. https://doi.org/10.59490/pss.2.2026.8020

Issue

Vol. 2 (2026)

Section

Research articles

License

Copyright (c) 2026 Reza Soltani, Baver Ozceylan, Milan Lopuhaä-Zwakenberg, Christina Kolb, Gerwin Hoogsteen

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.