Securing SCADA Communications Over OPGW And ADSS Fiber In U.S. Bulk Electric Systems: A NERC CIP-Aligned Engineering Framework

Abstract

This study addresses the growing problem of securing SCADA communications transmitted over Optical Ground Wire and All-Dielectric Self-Supporting fiber in U.S. Bulk Electric Systems, where technically robust fiber links still remain exposed to cyber, physical, and operational vulnerabilities that can affect visibility, command integrity, and system resilience. The purpose of the research was to develop and empirically test a NERC CIP-aligned engineering framework for improving SCADA communication security and resilience by examining the influence of Engineering Security Controls, Communication Path Protection, Access Control Measures, Monitoring and Detection Capability, and NERC CIP Alignment on SCADA Communication Security and Resilience. The study adopted a quantitative, cross-sectional, case-based design and collected data from 220 valid professional responses drawn from cloud-connected and enterprise utility operational cases after screening 250 distributed questionnaires, yielding an 88.0% usable response rate. Respondents represented SCADA and OT engineers, utility communication engineers, cybersecurity professionals, protection and control engineers, substation automation specialists, and compliance personnel. Analysis was conducted using descriptive statistics, Cronbach’s alpha, correlation, and multiple regression in SPSS. The findings showed a strong overall security posture, with SCADA Communication Security and Resilience recording a mean of 4.08, Engineering Security Controls 4.21, Monitoring and Detection Capability 4.18, Communication Path Protection 4.11, Access Control Measures 4.05, and NERC CIP Alignment 3.97. Reliability was strong across all constructs, with Cronbach’s alpha values ranging from 0.81 to 0.89 and an overall instrument reliability of 0.87. Correlation results indicated significant positive relationships between SCADA Communication Security and Resilience and Monitoring and Detection Capability (r = 0.74), Engineering Security Controls (r = 0.71), NERC CIP Alignment (r = 0.68), Communication Path Protection (r = 0.66), and Access Control Measures (r = 0.62), all at p < .001. Regression analysis confirmed that the model was statistically significant, F(5,214) = 52.84, p < .001, explaining 55.2% of the variance (R² = 0.552), with Monitoring and Detection Capability emerging as the strongest predictor (β = 0.29). The study also found that ADSS environments were perceived as more vulnerable than OPGW environments, with mean vulnerability scores of 3.88 and 3.54 respectively, implying the need for medium-specific protective strategies and stronger integration of engineering, monitoring, and compliance functions in critical utility communication security.