A socio-technical framework for cyber-resilience in hybrid oil-renewable energy grids
摘要
Combining traditional oil infrastructure with distributed renewable energy resources (DERs), including critical grid-edge assets like electric vehicle (EV) charging infrastructure that link transportation and power systems, has created hybrid energy systems that are more connected and digitally complex. These systems integrate legacy operational technologies (OT), such as SCADA, with decentralized, IoT-enabled assets that often rely on cloud-based analytics and remote connectivity. This conjunction introduces cybersecurity risks by linking historically isolated OT environments to modern, internet-exposed components, creating more entry points, inconsistent security baselines, and new attack surfaces. The resulting vulnerabilities extend beyond traditional IT-centric threat models. Conventional cybersecurity strategies, which prioritize technical controls in isolation, often fail to address systemic risks stemming from institutional fragmentation, regulatory gaps, and third-party dependencies. This study introduces a Socio-Technical Resilience Framework grounded in the Systems-Theoretic Accident Model and Processes (STAMP) and Socio-Technical Systems (STS) theory to access and mitigate cyber risks in hybrid grids. Through comparative case studies of the Colonial Pipeline ransomware event and cyber disruptions in European DER infrastructure, the paper finds that fragmented coordination, isolated threat intelligence, and weak human-system integration significantly amplify cyber impacts that undermine static, perimeter-based defense models. The study contributes a layered framework for cyber resilience that operates across three domains: (1) technical (via zero-trust architecture and distributed anomaly detection), (2) organizational (through shared situational awareness and cognitive decision-support tools), and (3) governance (by leveraging federated threat intelligence and regulatory harmonization). This multi-domain approach enhances both operational flexibility and long-term sustainability. Ultimately, the paper demonstrates that enduring cyber resilience in hybrid energy systems requires more than patching vulnerabilities. It demands a systemic rethinking of control, coordination, and design. The framework and findings offer a forward-looking roadmap for securing the energy sector against evolving threats in an era of distributed complexity.