Cybersecurity Framework for IoT-Integrated Electric Power Information Systems

Abstract

The integration of Internet of Things (IoT) devices in electric power information systems has introduced unprecedented cybersecurity challenges. This study develops and evaluates a comprehensive cybersecurity framework tailored for IoT-integrated power grids, addressing the unique vulnerabilities and complexities of these critical systems. A multi-layered security approach was designed, incorporating device authentication, encrypted communication, and machine learning-based anomaly detection. The framework underwent extensive testing across six distinct attack types (unauthorized access, man-in-the-middle, DDoS, malicious command injection, firmware tampering, and data exfiltration), with over 10,000 simulated attack scenarios conducted in a testbed environment mimicking a regional power grid with up to 10,000 IoT devices. The framework demonstrated high effectiveness, with average threat detection rates of 97.9% and prevention rates of 97.1% across all attack vectors. Performance testing revealed sub-linear CPU utilization growth as IoT devices scaled from 100 to 10,000, with only a 2.3% increase in network latency at the 1,000-device scale. The system maintained 98.7-99.8% availability during attacks and achieved 94-98% compliance with key industry standards. These findings demonstrate the framework's robust capabilities in securing IoT-integrated power systems while highlighting areas for future research in extreme scalability scenarios and real-world implementation challenges.