Mitigating Cyberattack Risks in Digital Substations Using a Cybersecurity Model

The increasing digitalization of electrical substations, driven by IEC 61850-based architectures, has introduced new operational efficiencies but also expanded the cyber-attack surface. This paper presents a standards-based cybersecurity risk mitigation model designed to protect critical assets in digital substations against representative cyber threats. The proposed model integrates preventive, detective, and segmentation controls aligned with NIST SP 800-82r3, IEC 62443, and ISO/IEC 27019, and is validated in a controlled laboratory environment simulating process bus and station bus communication.