IMPROVING BULK POWER SYSTEM RESILIENCE BY RANKING CRITICAL NODES IN THE VULNERABILITY GRAPH Md Ariful Haque Department of Modeling, Simulation & Visualization Engineering Old Dominion University 5115 Hampton Blvd Norfolk, VA, USA mhaqu001@odu.edu Sachin Shetty Virginia Modeling Analysis and Simulation Center Old Dominion University 1030 University Blvd Suffolk, VA, USA sshetty@odu.edu Gael Kamdem Virginia Modeling Analysis and Simulation Center Old Dominion University 1030 University Blvd Suffolk, VA, USA gdeteyou@odu.edu SpringSim-ANSS, 2018 April 15-18, Baltimore, Maryland, USA; ©2018 Society for Modeling & Simulation International (SCS) ABSTRACT This paper focuses on the resilience quantification and critical node identification which can be applicable to Bulk Power System (BPS). The Industrial Control System (ICS) is an integral part of the BPS. The ICS itself is not vulnerable because of its proprietary technology. But when the control network and the corporate network need to have communications to ICS for performance measurements and reporting, the ICS become vulnerable to cyberattacks. Considering the need for developing an algorithm to improve the resilience of a target network, we are proposing an MADM (Multiple Attribute Decision Making) based ranking algorithm using a multi-layered directed acyclic graph (DAG) model. The node ranking process can facilitate to harden the network from vulnerabilities and threats by ranking the critical nodes in the network. Our proposed MVNRank (Multiple Vulnerability Node Rank) algorithm takes into account asset value of the network nodes. Some of the other factors that are being considered for the formulation of the algorithm are exploit scores and impact scores of vulnerabilities as quantified by CVSS (Common Vulnerability Scoring System), the total number of vulnerabilities that a host may have and severity level of each vulnerability. The algorithm also takes into account the degree centrality of the nodes and attacker’s distance from the target node in the vulnerability graph. Simulation results show that the ranking can be used to identify the critical network elements which can contribute to resilience improvement process of the BPS. Keywords: Bulk Power System, Node Ranking Algorithm, Vulnerability Graph, Cyberattack Author copy. Accepted for publication. Do not distribute.