MPLS-TP and SONET Security Hardening for Utility SCADA Networks: Threat Modeling and Mitigation Strategies for Energy Fiber Infrastructure

Abstract

This study addresses the problem that utility SCADA communication backbones using MPLS-TP, SONET, and hybrid transport environments remain highly critical to grid operations, yet transport-layer security is often assessed less rigorously than broader SCADA cybersecurity despite exposure to unauthorized access, misconfiguration, weak IT/OT segmentation, denial-of-service, insider misuse, and physical fiber threats. The purpose of the study was to examine how threat modeling, security hardening controls, and mitigation strategies influence security performance and resilience in utility energy fiber infrastructures through a quantitative, cross-sectional, case-based design grounded in cloud and enterprise style utility communication cases. Data were collected through a structured five-point Likert questionnaire from professionals involved in SCADA operations, utility telecom, OT security, and infrastructure management. Of 150 distributed questionnaires, 132 were returned and 126 usable responses were analyzed, yielding an 84.0% usable response rate. The sample included respondents from MPLS-TP-only cases (22.2%), SONET-only cases (19.0%), and hybrid MPLS-TP/SONET cases (58.7%). Key variables were threat modeling practices, security hardening controls, mitigation strategies, and security and resilience outcomes. Analysis was conducted using descriptive statistics, Cronbach’s alpha, Pearson correlation, and multiple regression. Reliability was strong across constructs, with alpha values ranging from 0.86 to 0.90. Descriptive findings showed high mean scores for threat modeling (M = 4.08, SD = 0.62), security hardening (M = 4.21, SD = 0.57), mitigation strategies (M = 4.16, SD = 0.60), and security outcomes (M = 4.19, SD = 0.55). Correlation results indicated significant positive relationships with security outcomes for threat modeling (r = 0.61), security hardening (r = 0.74), and mitigation strategies (r = 0.68), all at p < .01. Regression results showed that the model was significant, F = 41.87, p < .001, explaining 50.7% of the variance in security and resilience outcomes (R² = 0.507), with security hardening as the strongest predictor (β = 0.41), followed by mitigation strategies (β = 0.29) and threat modeling (β = 0.24). The study implies that utility operators should prioritize protocol-aware hardening, especially in hybrid environments, to strengthen resilience, continuity, and infrastructure protection.