Authors :
Bruce Byamungu; Moses Mupeta
Volume/Issue :
Volume 11 - 2026, Issue 6 - June
Google Scholar :
https://tinyurl.com/5dy5pnrb
Scribd :
https://tinyurl.com/4n88ycej
DOI :
https://doi.org/10.38124/ijisrt/26jun263
Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.
Abstract :
The critical infrastructures cybersecurity must be guaranteed as Zambia's adoption of Smart Grid technology
progresses. While improving the efficiency and dependability of electricity distribution smart grids also make the power
grid more vulnerable to cyberattacks on communication protocols like Modbus. In this paper, a virtualized Smart Grid
environment based on the Zambian Grid is used to simulate and analyze Modbus protocol cyberattacks. A variety of
cyberattacks were launched using a virtualized infrastructure to mimic possible threats and the corresponding grid
responses were tracked. According to the findings, the Modbus protocol is vulnerable, and strong cybersecurity measures
are required to safeguard the availability and integrity of Smart Grids. We validate the proposed testbed architecture by
performing and analyzing a representative cyberattack in the developed environment, thus showing the principles for the
analysis of other possible cybernetic attacks. The findings suggest future work for improving cybersecurity in Smart Grid
implementations and offer a framework for bolstering cyber defense tactics in Zambian power systems.
Keywords :
Smart Grid, Cyber-Attacks, Modbus Protocol, Virtual Environment, Zambian Grid, Cybersecurity, Supervisory Control and Data Acquisition (SCADA), Denial of Service (DoS), Man-in-the-Middle (MitM).
References :
- Abdelkader, S., Amissah, J., Kinga, S., Mugerwa, G., Emmanuel, E., Mansour, D.E.A., Bajaj, M., Blazek, V. and Prokop, L. 2024. Securing modern power systems: Implementing comprehensive strategies to enhance resilience and reliability against cyber-attacks. Results in Engineering. 23, p.102647.
- Aboah Boateng, E. and Bruce, J.W. 2022. Unsupervised Machine Learning Techniques for Detecting PLC Process Control Anomalies. Journal of Cybersecurity and Privacy. 2(2), pp.220–244.
- Admass, W.S., Munaye, Y.Y. and Diro, A.A. 2024. Cyber security: State of the art, challenges and future directions. Cyber Security and Applications. 2, p.100031.
- Alawida, M., Omolara, A.E., Abiodun, O.I. and Al-Rajab, M. 2022. A deeper look into cybersecurity issues in the wake of Covid-19: A survey. Journal of King Saud University - Computer and Information Sciences. 34(10), pp.8176–8206.
- Alghamdi, M.I. 2021. Impact of Cyber Attack on Saudi Aramco. Journal of Cybersecurity and Information Management (JCIM). 7(1), pp.13–21.
- Ametov, F.R., Bekirov, E.A. and Asanov, M.M. 2021. Organization of Secure Communication between Programmable Logic Controllers Using the Open Platform Communications Protocol. Journal of Physics: Conference Series. 2096(1), p.012125.
- Anon n.d. Africa GreenCo Granted Electricity Trading And Import/Export Licenses in South Africa – Africa GreenCo. [Accessed 1 February 2025a]. Available from: https://africagreenco.com/africa-greenco-granted-electricity-trading-and-import-export-licenses-in-south-africa/.
- Anon 2024. Attacks on Ukraine’s Electric Grid: Insights for U.S. Infrastructure Security and Resilience.
- Anon n.d. Beyond the Grid Fund for Africa signs its first projects with off-grid energy service companies in Zambia - BGFA. [Accessed 1 February 2025b]. Available from: https://beyondthegrid.africa/news/beyond-the-grid-fund-for-africa-signs-its-first-projects-with-off-grid-energy-service-companies-in-zambia/.
- Anon n.d. Compromise of U.S. Water Treatment Facility | CISA. [Accessed 8 February 2025c]. Available from: https://www.cisa.gov/news-events/cybersecurity-advisories/aa21-042a.
- Anon n.d. Energy Sector – Ministry of Energy. [Accessed 1 February 2025d]. Available from: https://www.moe.gov.zm/?page_id=2198.
- Anon n.d. Internet of Things Device - an overview | ScienceDirect Topics. [Accessed 1 February 2025e]. Available from: https://www.sciencedirect.com/topics/computer-science/internet-of-things-device.
- Anon n.d. MINISTRY OF ENERGY LAUNCHES 2023 NATIONAL ENERGY ACCESS SURVEY REPORT – Ministry of Energy. [Accessed 1 February 2025f]. Available from: https://www.moe.gov.zm/?p=3813.
- Anon n.d. Modbus - an overview | ScienceDirect Topics. [Accessed 22 March 2025g]. Available from: https://www.sciencedirect.com/topics/computer-science/modbus.
- Anon n.d. Northwestern Energy Corporation Ltd | Electricity | Zambia. [Accessed 1 February 2025h]. Available from: https://www.northwesternenergycorp.com/.
- Anon n.d. Simulation Software - MATLAB & Simulink. [Accessed 8 February 2025i]. Available from: https://www.mathworks.com/discovery/simulation-software.html.
- Anon n.d. Smart infrastructure solution transforming Zambia’s grid - Iskraemeco Corpo. [Accessed 26 October 2024j]. Available from: https://iskraemeco.com/news/smart-infrastructure-solution-transforming-zambias-grid/.
- Anon n.d. Stuxnet - an overview | ScienceDirect Topics. [Accessed 5 February 2025k]. Available from: https://www.sciencedirect.com/topics/computer-science/stuxnet.
- Anon n.d. Supervisory Control and Data Acquisition System - an overview | ScienceDirect Topics. [Accessed 1 February 2025l]. Available from: https://www.sciencedirect.com/topics/engineering/supervisory-control-and-data-acquisition-system.
- Bashendy, M., Eltanbouly, S., Tantawy, A. and Erradi, A. 2021. Design and Implementation of Cyber-Physical Attacks on Modbus/TCP Protocol. , pp.38–45.
- Bayliss, K. and Pollen, G. 2021. The power paradigm in practice: A critical review of developments in the Zambian electricity sector. World Development. 140, p.105358.
- Bhajekar, A. and Gupta, Dr.S. 2024. CYBER SECURITY FOR POWER GRIDS: THREATS, MITIGATION, AND FUTURE OUTLOOK. INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT. 08(09), pp.1–4.
- Chitandula1, A., Abuzayed, A., Nyoni, K.J., Solà Vilalta, A., Maliye5, R., Kabala6, E. and Cheelo7, C. n.d. STATUS QUO OF THE ENERGY SYSTEM AND CONSUMPTION IN ZAMBIA PART ONE OF A THREE PART SERIES FOR THE GoPRO-ZAMBIA RESEARCH PROJECT STATUS QUO OF THE ENERGY SYSTEM AND CONSUMPTION IN ZAMBIA Zambia Report Series STATUS QUO OF THE ENERGY SYSTEM AND CONSUMPTION IN ZAMBIA.
- Cremer, F., Sheehan, B., Fortmann, M., Kia, A.N., Mullins, M., Murphy, F. and Materne, S. 2022. Cyber risk and cybersecurity: a systematic review of data availability. The Geneva Papers on Risk and Insurance. Issues and Practice. 47(3), p.698.
- Entwisle, B., Grieshop, A.P., Lloyd, S., Radin, M., Saparapa, R., Scott, S. and Sinai, C. n.d. ENERGY ACCESS EPPSA TEAM Energy Poverty PIRE in Southern Africa • STATE OF KNOWLEDGE ENERGY ACCESS IN ZAMBIA.
- Figueroa-Lorenzo, S. 2019. A Role-Based Access Control Model in Modbus SCADA Systems. A Centralized Model Approach.
- Ghanbari, H., Koskinen, K. and Wei, Y. 2024. From SolarWinds to Kaseya: The rise of supply chain attacks in a digital world. Journal of Information Technology Teaching Cases.
- Gopal, S.B., Poongodi, C. and Nanthiya, D. 2022. Blockchain-based secured payment in IoE. Smart Energy and Electric Power Systems: Current Trends and New Intelligent Perspectives., pp.185–200.
- Huitsing, P., Chandia, R., Papa, M. and Shenoi, S. 2008. Attack taxonomies for the Modbus protocols. Int. J. Crit. Infrastructure Prot. 1, pp.37–44.
- Jahid, A., Alsharif, M.H. and Hall, T.J. 2023. The convergence of blockchain, IoT and 6G: Potential, opportunities, challenges and research roadmap. Journal of Network and Computer Applications. 217.
- Khalid, M. 2024. Smart grids and renewable energy systems: Perspectives and grid integration challenges. Energy Strategy Reviews. 51, p.101299.
- Knapp, E.D. and Langill, J.T. 2015. Hacking Industrial Control Systems. Industrial Network Security., pp.171–207.
- Li, S.C., Huang, Y., Tai, B.C. and Lin, C.T. 2017. Using Data Mining Methods to Detect Simulated Intrusions on a Modbus Network. Proceedings - 2017 IEEE 7th International Symposium on Cloud and Service Computing, SC2 2017. 2018-January, pp.143–148.
- Lukumba Phiri, by 2023. A framework for cyber security risk modeling and mitigation in smart grid communication and control systems.
- Luswata, J., Zavarsky, P., Swar, B. and Zvabva, D. 2018. Analysis of SCADA Security Using Penetration Testing: A Case Study on Modbus TCP Protocol. 29th Biennial Symposium on Communications, BSC 2018.
- McLaughlin, K., Friedberg, I., Kang, B.J., Maynard, P., Sezer, S. and McWilliams, G. 2015. Secure Communications in Smart Grid: Networking and Protocols. Smart Grid Security: Innovative Solutions for a Modernized Grid., pp.113–148.
- Moghaddass, R. and Wang, J. 2018. A Hierarchical Framework for Smart Grid Anomaly Detection Using Large-Scale Smart Meter Data. IEEE Transactions on Smart Grid. 9(6), pp.5820–5830.
- Mouha, R.A. and Mouha, R.A. 2021. Internet of Things (IoT). Journal of Data Analysis and Information Processing. 9(2), pp.77–101.
- Parian, C., Guldimann, T. and Bhatia, S. 2020. Fooling the Master: Exploiting Weaknesses in the Modbus Protocol. Procedia Computer Science. 171, pp.2453–2458.
- Paul, B., Sarker, A., Abhi, S.H., Das, S.K., Ali, Md.F., Islam, M.M., Islam, Md.R., Moyeen, S.I., Rahman Badal, Md.F., Ahamed, Md.H., Sarker, S.K., Das, P., Hasan, Md.M. and Saqib, N. 2024. Potential smart grid vulnerabilities to cyber attacks: Current threats and existing mitigation strategies. Heliyon. 10(19), p.e37980.
- Phiri, L. and Tembo, S. 2022. Evaluating the Security Posture and Protection of Critical Assets of Industrial Control Systems in Zambia International Journal of Advances in Scientific Research and Engineering (ijasre) Evaluating the Security Posture and Protection of Critical Assets of Industrial Control Systems in Zambia. Article in International Journal of Advances in Scientific Research and Engineering.
- Pollard, M. n.d. Pepperdine Policy Review Pepperdine Policy Review A Case Study of Russian Cyber-Attacks on the Ukrainian Power A Case Study of Russian Cyber-Attacks on the Ukrainian Power Grid: Implications and Best Practices for the United States Grid: Implications and Best Practices for the United States. Pepperdine Policy Review. 16, pp.4–23.
- Pospisil, O., Blazek, P., Kuchar, K., Fujdiak, R. and Misurec, J. 2021. Application Perspective on Cybersecurity Testbed for Industrial Control Systems. Sensors (Basel, Switzerland). 21(23).
- Radoglou-Grammatikis, P., Siniosoglou, I., Liatifis, T., Kourouniadis, A., Rompolos, K. and Sarigiannidis, P. n.d. Implementation and Detection of Modbus Cyberattacks.
- Radoglou-Grammatikis, P.I. and Sarigiannidis, P.G. 2019. Securing the Smart Grid: A Comprehensive Compilation of Intrusion Detection and Prevention Systems. IEEE Access. 7, pp.46595–46620.
- Teixeira, M.A., Salman, T., Zolanvari, M., Jain, R., Meskin, N. and Samaka, M. 2018. SCADA System Testbed for Cybersecurity Research Using Machine Learning Approach. Future Internet. 10(8), pp.1–15.
- Thornton, J.Z. 2015. A virtualized SCADA laboratory for research and teaching.
- Upadhyay, D., Ghosh, S., Ohno, H., Zaman, M. and Sampalli, S. 2024. Securing industrial control systems: Developing a SCADA/IoT test bench and evaluating lightweight cipher performance on hardware simulator. International Journal of Critical Infrastructure Protection. 47, p.100705.
- Voyiatzis, A.G., Katsigiannis, K. and Koubias, S. 2015. A Modbus/TCP Fuzzer for testing internetworked industrial systems. IEEE International Conference on Emerging Technologies and Factory Automation, ETFA. 2015-October.
- Wang, P.H., Liao, I.E., Kao, K.F. and Huang, J.Y. 2018. An intrusion detection method based on log sequence clustering of honeypot for Modbus TCP protocol. International Conference on Applied System Innovation., pp.255–258.
- Zhang, F. and Coble, J.B. 2020. Robust localized cyber-attack detection for key equipment in nuclear power plants. Progress in Nuclear Energy. 128.
- Zhang, F., Kodituwakku, H.A.D.E., Hines, J.W. and Coble, J. 2019. Multilayer Data-Driven Cyber-Attack Detection System for Industrial Control Systems Based on Network, System, and Process Data. IEEE Transactions on Industrial Informatics. 15(7), pp.4362–4369.
The critical infrastructures cybersecurity must be guaranteed as Zambia's adoption of Smart Grid technology
progresses. While improving the efficiency and dependability of electricity distribution smart grids also make the power
grid more vulnerable to cyberattacks on communication protocols like Modbus. In this paper, a virtualized Smart Grid
environment based on the Zambian Grid is used to simulate and analyze Modbus protocol cyberattacks. A variety of
cyberattacks were launched using a virtualized infrastructure to mimic possible threats and the corresponding grid
responses were tracked. According to the findings, the Modbus protocol is vulnerable, and strong cybersecurity measures
are required to safeguard the availability and integrity of Smart Grids. We validate the proposed testbed architecture by
performing and analyzing a representative cyberattack in the developed environment, thus showing the principles for the
analysis of other possible cybernetic attacks. The findings suggest future work for improving cybersecurity in Smart Grid
implementations and offer a framework for bolstering cyber defense tactics in Zambian power systems.
Keywords :
Smart Grid, Cyber-Attacks, Modbus Protocol, Virtual Environment, Zambian Grid, Cybersecurity, Supervisory Control and Data Acquisition (SCADA), Denial of Service (DoS), Man-in-the-Middle (MitM).